Aside

Windows Azure: Costs and Legal

The two biggest questions of Customers about Windows Azure are: what about the costs and how about legal.

What about the costs?
The costs can be explained rather good and also calculated quickly. The only thing is, there is no “one to serve all” calculation rule. The costs depends on the specific implementation, the used components of the platform and the overall usage. The best part of Cloud is pay per usage. And this makes it more complex then we are used too. So every costs calculation should be made based on the customer case and the dynamic aspect of it should be explained very good. That is a different mindset then current standard datacenter use calculation. You (almost) never can translate the current servers directly to Web/WorkerRoles in the Cloud. Datacenters are always based on the expected peak usage. This does not tell anything about the operational daily demands. I once worked at a government institute en the capacity of the datacenters was calculated on the expected peak once a year. The normal flow did not require that much capacity.

How about Legal?
Many companies have to deal with Privacy and are afraid for the Patriot Act. I can not make this better, because I am not a lawyer. But you can question if those companies use hosting providers yet. The Cloud fears are almost equal to the fears you should have by using a Hosting provider. Certainly if the hosting provider belongs to an American company.

The rationale with the Patriot act is, it is going to be used in case terrorist activities are presume. Our clients don’t do that, so no problem. But if there is a presumation, the American Government can get to you data to proof you are quilty. They have to go to a higher power to get the permission, but they don’t need to tell you that. Although nobody really knows if they used the law and what the result was.

The Patriot act is not meant to gain advantage with the Dutch data. By the way the Dutch government has the same rights in the Netherlands to get to your data.

With the Patriot act there is also the Safe Harbour principal. Appointments with the Americans that some countries or places are trusted. The Windows Azure datacenters from Microsoft belong to this principal.

Microsoft by the way is the only Cloud supplier, admitting they have to obey to the Patriot Act. Other Cloud suppliers are less open about this. On the Windows Azure Trust Center (http://www.windowsazure.com/en-us/support/trust-center/) you can read more about it.

But then again, this does change the fact companies need to implement local laws like the privacy law and other standard laws about public websites. Companies are still responsible to protect there data to become unwanted public available.

I was searching for more about this on the internet and about ICT lawyers. In the Netherlands we have http://ictrecht.nl/, they are ICT-people but also lawyers. They made a booklet about Cloud and Legal (Dutch though), very interesting. During a twitter discussion it came clear the Cloud services are not very different from hosting services. Same rights and same problems. Other discussion(http://blog.iusmentis.com/2012/05/30/mag-de-nederlandse-overheid-in-clouddata-graaien) (Dutch again).

But again I am NOT a Lawyer, so for real legal assistance a real lawyer is needed (for example ICTRecht).