@CloudExpo Authors: Pat Romanski, Liz McMillan, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog

@CloudExpo: Blog Feed Post

The Ethics of Cloud Computing By @Skytap | @CloudExpo [#Cloud]

Cloud computing can only reach its full potential if a real, lasting trust is established between providers and customers

The Ethics of Cloud Computing - Part 3

​This is the final chapter in Seth Payne's three-part series. Click here to read Part One or Part Two.

Where Do These Ethical Principles Come From?

As I mentioned above, I find that understanding the "why" of moral and ethical behavior is just as important as knowing "what" moral behavior is expected.  For this reason, I will briefly outline the origins of the ethical principles I have outlined above.

Broadly speaking, ethical and moral philosophy is dominated by two schools of thought.  On the one hand sit deontologists.  Deontology is the idea that there are certain moral rules to be followed simply because of the nature of sentient life.  For example, a strict deontologist, like the great philosopher Immanuel Kant and even great thinkers in the East, argue that being honest at all times is a moral principle to be observed under any and all circumstances.  The basic reasoning here is that human beings have value in and of themselves; completely separate from whom they are, what they may do or how they act.  This is a recognition of the universal value of sentient life, especially human life,  and certain moral rules are established which insist that sentient life is never to be used as a means to an end because, life is an end it itself.  As I say, this type of thinking is common in both Western and Eastern moral philosophy.  Even ancient Greek "Virtue Ethics" are based on a deontological thinking.

Consequentialism, by contrast, is not based on any set of pre-defined moral rules.  Rather, the morality of any given action is based on the consequences that result from the action.  So, if I choose to do X and this produces positive consequences, I conclude that X is moral.  If, however, X produces negative consequences then I conclude X is immoral.  Of course, this type of analysis is done before an action is taken and moral judgments are made on the expected outcome.  The biggest proponents of consequentialist thinking have been John Stuart Mill (19th Century), Richard Hare, and contemporary moral philosopher Peter Singer of Princeton.

Philosophers and ethicists debate deontology and consequentialism ad nauseum.  Some deontologists have even admitted frustration because consequentialism seems to right, but they know it must be wrong! And indeed, I think there is a good point to be made here.  Unless consequentialism is taken to extremes, it seems to be a very a substantive basis for moral thinking.  I see the relationship between consequentialism and deontology as being similar to that of the relationship between Newtonian mechanics and Einstein's relativity.    When we look out into the cosmos, Newtonian mechanics break down.  But If I'm building a bridge, I use Newton, not Einstein.  It's all a matter of context.

Regardless of any philosophical debate, the reality is that we live in a world where both consequentialist and deontological thought are necessary.

Consider the issue of respective individual privacy.  From a deontological viewpoint, we must seek ensure privacy because IT users are human beings with value in themselves and to invade their privacy is an affront to that inherent value.  On the other hand, if an employee inadvertently sends sensitive customer data outside the firm via email, then we may consider the question in consequentialist terms.  If sensitive customer data is leaked, it could result in serious negative consequences for both the customer and the firm, and thus should be avoided/prevented.  Of course, by preventing data leaks we are also fulfilling a duty to customers that is, generally, a moral rule borne of deontology.

The same applies to the other ethical principles discussed above.  There are times when we must honor a duty to customers and yet other times when preventing potential harm - to either the firm or to its customers - must factor into moral decision-making.

I have observed that most of us default to consequentialist thinking without even realizing we have done so.  There is no harm in this, necessarily.  However, if a firm attempts to minimize its own negative consequences and places its own needs above the duty to customers moral conflict arises.  Moral conflict leads to unhappy customers and unhappy customers are not just bad for business, they often represent a breach of trust - be it large or small, perceived or real.

It is important to note that moral culture within an organization begins at the top.  A service provider without strong moral leadership cannot hope to act morally in the aggregate.  Regardless of the number of customer service, technical support, or account management employees who seek to do right by their customers, these employees can only work within a larger corporate culture.  Moral leaders create moral employees.  Moral employees create happy customers who feel respected and valued.

Cloud Computing Ethics in Practice
As mentioned above, the core ethical principles of IT remain unchanged with the advent of Cloud Computing.  However, as the saying goes, while the play remains the same, the players have changed.  And even though the governing ethics remain largely unchanged, it is important to reexamine them especially in light of the fact that so much of what used to be entirely internal considerations of operations and risk management, has been entrusted to providers and individuals who sit well outside direct organizational control.

Service providers must understand the operational risk they are assuming for their customers.  Providers become stewards of customer data, functional operation, and risk mitigation.  Fulfilling this duty as stewards requires the proper investment in technology and talent.  It also requires explicit and honest communication with customers.

Customers too have a responsibilities and duties as they are, most likely, providing services to customers of their own.  Consumers of cloud services must have a deep understanding of the technology being utilized and its accompanying risks.  The only way to meet this responsibility is to 1) perform due diligence when considering a 3rd party cloud services provider and 2) maintain consistent communication with the chosen provider to keep abreast of any changes that may impact their ability to meet the needs of their customers.

Ultimately it really comes down to some pretty simple ideas.  Be honest, be responsible and transparent, respect privacy, and treat both customers and vendors as we, ourselves, would like to be treated.

Cloud computing can only reach its full potential if a real, lasting trust is established between providers and customers.  This trust can only be built on strong, well-defined system of ethics borne of organizational cultures dedicated to long-term relationships and customer success.

Seth Payne is a Sr. Product Manager at Skytap. He received and MA in Religion & Ethics from Yale University and an MBA from New York University's Stern School of Business. Seth previously worked as a Technical Product Manager at the New York Stock Exchange and has 15+ years experience in high-tech.

Read the original blog entry...

More Stories By Skytap Blog

Author: Noel Wurst is the managing content editor at Skytap. Skytap provides SaaS-based dev/test environments to the enterprise. Skytap solution removes the inefficiencies and constraints that companies have within their software development lifecycle. As a result, customers release better software faster. In this blog, we publish engaging, thought provoking stories that revolve around agile enterprise applications and cloud-based development and testing.

CloudEXPO Stories
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by FTC, CUI/DFARS, EU-GDPR and the underlying National Cybersecurity Framework suggest the need for a ground-up re-thinking of security strategies and compliance actions. This session offers actionable advice based on case studies to demonstrate the impact of security and privacy attributes for the cloud-backed IoT and AI ecosystem.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chief Architect at Cedexis, covered strategies for orchestrating global traffic achieving the highest-quality end-user experience while spanning multiple clouds and data centers and reacting at the velocity of modern development teams.
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the technology industry and how do they see opportunities for other women in their area of expertise.
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in this new hybrid and dynamic environment.