Open Cloud Services

Open Cloud Services are cloud services that provide the same openness and freedom to users and developers as open source software. They give you all the benefits of the cloud without compromising freedom and control.

Open Cloud Services are to cloud services what open source is to code – cloud services that are freely available, reusable, re-mixable and developed in the open.

Cloud services are more than just code – they consume and generate data and they are hosted on cloud infrastructure. If we extend the principles of openness to data, users gain control over their data. If we apply those principles to hosting, service operators gain independence from cloud providers and, if fully realized, services would be location-independent and decentralized.

Defining Open Cloud Services

A first step to getting a clear picture of what open cloud services would be to define “cloud services”. A practical definition might be: “an online service delivered on demand over the Internet without the user needing to use their own hardware”.

Now let’s define “open”: The Open Knowledge Foundation defines openness as:

Knowledge is open if anyone is free to access, use, modify, and share it — subject, at most, to measures that preserve provenance and openness.

If we apply this to cloud services, we get:

Knowledge A cloud service is open if anyone is free to access, use, modify, and share it — subject, at most, to measures that preserve provenance privacy and openness.

A related term is “free software”, which the Free Software Foundation defines as:

“Free software” means software that respects users’ freedom and community. Roughly, it means that the users have the freedom to run, copy, distribute, study, change and improve the software. [Emphasis theirs]

This focus on the user – “We call this free software because the user is free” – is particular relevant for us because cloud services aren’t solely about developers and source code; they explicitly involve the user. The free software definition codifies these rights into four essential freedoms (numbered 0 through 3) which we will gloss as the rights to Access, Modify, Share, and Remix (and redistribute) a program’s source code.

Requirements for Openness

We can uncover what requirements a cloud service needs to be fully open by considering what these four freedoms imply for the following basic aspects of cloud services:

‣ Code: Having the code of a cloud service be open source is foundational not because it is a basic right but also because it provides the transparency necessary to implement the other freedoms. We can think of these as freedoms for developers since they are the ones that exercise them.

‣ Data: All cloud services need data to function and for nearly all the data either is generated as users use the service or is contributed by the users of the service. In this way data freedoms are freedoms for the users.

‣ Hosting: Hosting refers to where and how a cloud service is run. A cloud service that is locked into a proprietary cloud provider and is dependent on proprietary services can not be considered fully free or open. These are freedoms for the operators of a cloud service because it gives them the freedom to choose how and where a service is run.

Open Code – freedoms for developers

The Free Software Foundation developed the four freedoms with code in mind, so for anyone familiar with open source code there shouldn’t be any surprises in the table below.

Open Data – freedoms for users

1. Access: For a user to be able to access their data, a cloud service has to provide at least Data portability with published schemas so they can be interpreted.
2. Modify: For data to be modifiable outside of the service, it needs to be defined with extensible formats and schemas so the modified data is still usable in new and old contexts.
3. Share: Public data needs to be released with an open data license and its users need to retain full control over their personal data.
4. Remix: To be able to remix data requires more than just open data, it also requires open apis so that different services can integrate your and update your data. Being able to request a static download of your data isn’t enough to provide this freedom.

Open Hosting – freedoms for service operators

1. Access/Run: If the configuration for a cloud service is private or it was setup manually or in one-off manner, there’s no guarantees the service can be installed elsewhere by others. For a service to be truly open for hosting, its installation and configuration processes needs to part of the open-source code. We’ll call this property reproducibility.
2. Modify: The service shouldn’t require any proprietary services for hosting, e.g. rely a proprietary cloud provider’s APIs for important functionality. After all, if that functionality is proprietary you won’t have the rights (or the source code) to modify it.
3. Share: The ability to share a service, so that more than one operator can host it in more than one location while maintaining the interoperability and integrity of the service means the service federation.
4. Remix: A service that can both be modified and shared and still interoperate requires some level of decentralization, for example an extensible agent-based protocol or a decentralized hosting platform. Decentralized is most often associated with p2p and blockchain protocols but there are alternative approaches for decentralization that may be more attainable for typical cloud-based applications.

These are freedoms as they apply to an individual service as it appears from the perspective a user interacting with it – not about the ability to create new copy of a service (that is already a given if its code and data are free). For example, the WordPress blogging platform doesn’t support open hosting as defined here: even though anyone can run their own WordPress instance, users have to create separate accounts and those sites will be perceived as separate services by its visitors. In contrast, the Mastodon micro-blogging platform is: user identities are shared and data is freely exchanged between instances.

These are freedoms granted to operators of a service but they also give users the freedom to be an operator. And even if a user doesn’t choose to do that, these freedoms still redound onto the user, because from user’s point of view this gives them the freedom to choose who the service is operated by without locking the user into one particular operator or host.

Three Levels of Openness

Reviewing these requirements shows how challenging it can be for an open cloud service to be fully open. So let’s define levels of as a simple way to indicate how open a cloud service is. At the very least an open cloud service needs to be open source, so we can set that as the minimum level. And open hosting isn’t possible without open source and open data, so we can set that the final level. Putting that together we get:

Let’s consider some existing websites and cloud services and see where they fit in:

Level 1: Wordpress (but not wordpress.com, which is a proprietary service).

Level 2: Wikipedia releases both its source code and its data under open licenses so it is a Level 2 cloud service. But not level 3 since it does not support open hosting (nor would that necessarily be a good thing).

Level 3: Mastodon micro-blogging; Matrix chat; git is as a stand-alone service (but not gitlab.com, which is a proprietary service despite depending on git and the open source gitlab software).

Related work

When I first started thinking my initial assumption was that it was a fairly obvious idea and that I just needed to find the people and initiatives working to make this a reality.

After a fair bit of research and reflection it became clear that: One, there isn’t much out there; Two, nailing down a definition of “open cloud services” that is actually useful is surprisingly hard; Three, building one is even harder and lacks many of the incentives that drives most open source projects. This last point is probably why the ideas below have languished in relative obscurity.

Open Software Service Definition

The Open Knowledge Foundation defines an “open software service” as:

1. Whose data is open as defined by the Open Definition with the exception that where the data is personal in nature the data need only be made available to the user (i.e. the owner of that account).
2. Whose source code is:
   1. Free/Open Source Software
   2. Made available to the users of the service.

This is very similar to our definition except it doesn’t consider the hosting aspect. The Open Definition website doesn’t appear to link to this page anymore and it is unclear what the status of this is.

Free Service Definition

The Freedom Defined Wiki has a page for documenting ideas for defining “Free Services”:

“The core idea of the Free Service Definition (FSD) is to protect users’ freedom when they use services (eg gmail, flickr, todocue, mugshot) — to standardize Terms of Service/Privacy Policies so users know how a service will respect their freedom, privacy, and data.”

It doesn’t appear much progress after the initial creation of the page in 2007 and it’s interesting to note that nearly all of the examples of proprietary services cited above have been pretty much disappeared. A fully open cloud service never needs to be shutdown and both its code and content can be archived!

Google’s open cloud

Google touts the open cloud as a reason to choose their cloud platform. This is how they define openness:

“Open is about the power to pick up and move your app. An open cloud is grounded in a belief that being tied to a particular cloud shouldn’t get in the way of achieving your goals.”

Obviously this is a much more limited vision than what we are contemplating here – it is equivalent to the second freedom for open hosting. Nonetheless, this “openness enables faster innovation, tighter security, and offers freedom from vendor lock-in. Google believes openness matters more in the cloud than ever.” And so do we!