Source Code: Your daily look at what matters in tech.
To give you the best possible experience, this site uses cookies. If you continue browsing. you accept our use of cookies. You can review our privacy policy to find out more about the cookies we use.
enterprise| enterpriseauthorTom KrazitNoneAre you keeping up with the latest cloud developments? Get Tom Krazit and Joe Williams' newsletter every Monday and Thursday.d3d5b92349
January 21, 2021
Fed up with what he sees as unfair competition from AWS, Elastic CEO Shay Banon felt he had no choice but to restrict the way third parties can use two important open-source projects developed by his company. Yet much of enterprise tech thinks he just threw the baby out with the bathwater.
Last Thursday, Elastic published a blog post — curiously titled "Doubling down on open, Part II" — announcing that Elasticsearch and Kibana, two widely used open-source projects in enterprise tech, would no longer be available under the permissive Apache 2.0 license. Instead, all subsequent releases to those projects will only be available under either a controversial new license known as the SSPL, or the Elastic License, both of which were designed to make it difficult for cloud companies to sell managed versions of the open-source projects they're applied to.
Elastic has never tried to hide its disdain for AWS, a feud that dates back to the 2015 launch of Amazon Elasticsearch Service. The introduction of that AWS service, a managed version of the Elasticsearch open-source project, was arguably the low point in the strained history between enterprise tech companies based around open-source projects and AWS.
It is, of course, completely legal for AWS — or any company — to build its own service around any permissively licensed open-source project. In fact, AWS reacted to Elastic's decision Thursday afternoon by announcing plans to fork the two projects, or to take them in a new AWS-led direction, under the same permissive Apache 2.0 license.
But a generation of open-source enterprise companies (and their venture capitalist backers) see AWS as an anticompetitive gorilla stomping on their opportunity to monetize innovative software, and Elastic took particular offense to AWS' use of the Elasticsearch trademark.
"I don't know why this is surprising to people," Banon said in an interview with Protocol. "I'm making a stand here. I'm drawing a line and saying this is not OK."
However, critics argued Banon's decision paved the way for Amazon to turn its open-source distribution of the Elasticsearch project, the Open Distro for Elasticsearch, into a proper fork. The move had enormous potential to disappoint contributors to the Elasticsearch and Kibana projects who expected their work would be freely available to the community, only for that promise to be discarded once it was no longer economically comfortable for its corporate backer.
"Choosing to fork a project is not a decision to be taken lightly, but it can be the right path forward when the needs of a community diverge — as they have here. An important benefit of open-source software is that when something like this happens, developers already have all the rights they need to pick up the work themselves, if they are sufficiently motivated," AWS said in the post announcing its decision.
After AWS published its decision, Banon issued an additional statement: "When we announced the change, we sadly expected this. This what made it so hard. But I am also relieved. Relieved we are free to focus on products vs. battle abuse. Relieved that I can trust our community will see through this misinformation & confusion."
While legal experts believe Banon has a solid trademark case against AWS, the licensing changes clearly did not deter AWS, and they have no effect on companies like Microsoft and Google Cloud, which have signed deals with Elastic.
"They are aiming to hit Amazon, but what they are doing is throwing a boulder at Amazon floating peacefully in a pond of an ecosystem," said VM (Vicky) Brasseur, a corporate strategist and former vice president of the Open Source Initiative. "I don't think it's worth it. They are going to destroy their ecosystem."
Quite a stretch
Elasticsearch is an open-source search engine first released in 2010 by Banon, who would go on to co-found Elastic in 2012. It is often used alongside two other Elastic open-source projects, Logstash and Kibana, to form the "ELK stack," which is well known in enterprise tech circles among companies that want to build search capabilities for their websites while also using those search capabilities to pursue their system logs for events such as errors.
Customers can buy a managed version of this stack called Elastic Cloud, which runs on all three major U.S. cloud providers, or manage it themselves on either their own hardware or clouds. But there are also some companies and individual users that are happy to take on the burden of managing the open-source version.
The new licensing changes, however, mean that companies using this open-source version must now agree that they won't use Elasticsearch and Kibana as part of their own cloud service, and that has raised questions. The changes are directed at big cloud providers, but there are many small and medium businesses that could be using the open-source projects as part of their own software stack in a way that may or may not be infringing on the new licenses, depending on the quality of the lawyers involved in any dispute.
"If you're using them, please look at how they fit into your software supply chain, look at how this is going to impact your product and your projects. Don't just overlook it and assume it's nothing," Brasseur said.
Banon said "the vast majority" of Elasticsearch and Kibana users will not be affected by these licensing changes, but he acknowledged there will be valid concerns felt inside the Elasticsearch community.
"I'm very worried about [alienating community members]; this is why we didn't make this change lightly," Banon said. "Regardless of how much we try to relax our user base, some people will end up being alienated, and others, which I'm more worried about, might be fed by FUD," the tried-and-true "fear, uncertainty and doubt" campaigns that have been part of enterprise tech marketing for decades.
Brasseur agreed that the licensing move comes with significant risks to Elastic's goodwill inside its community of contributors.
"They're now taking these contributions, which were given by external contributors freely and openly with the assumption that their contributions would be freely and openly available, and now they're locking them up behind a non-open license," she said. "It's perfectly fine to do that. But you better be talking to your community up front and telling them how and why, and then I think it's probably wise for you to be then compensating people for the value that they have provided to your company. Otherwise, you're just using them."
Off the mark
The root cause of the dispute between Elastic and AWS mostly centers on the trademark issue, which prompted a lawsuit from Elastic in 2019 that continues to work its way through the court system.
The use of that trademark caused a great deal of confusion among Elastic's customers, according to Banon, who believed that the AWS service was the result of collaboration between the two companies when it was really just a repackaging of the open-source Elasticsearch project. A tweet from Amazon CTO Werner Vogels calling the new service a "partnership" certainly did not help.
"To modify Elastic's product and call it Amazon Elasticsearch is, in my view, a pretty clear trademark infringement," said Pamela Chestek, a trademark attorney and former intellectual property attorney at IBM's Red Hat.
But when AWS launched the Open Distro for Elasticsearch in 2019, the trademark dispute also turned into a dispute over code.
AWS charged that Elastic was co-mingling open-source code with proprietary code, making it hard for users to know if they required a paid subscription or not to use certain features. The Open Distro was pitched as a way to get the benefits of open-source Elasticsearch with the features needed to make it work properly, and it was released under the Apache 2.0 license.
Elastic denied that it was trying to confuse its users, and alleged that AWS was using third-party code in that distribution that was a copy of its own work.
"Recently, we found more examples of what we consider to be ethically challenged behavior. We have differentiated with proprietary features, and now we see these feature designs serving as 'inspiration' for Amazon, telling us their behavior continues and is more brazen," Banon said in a blog post Tuesday.
License to print money
As with all disputes in enterprise software, this one really comes down to money. Elastic doesn't make money when people use the open-source versions of its software, and all things considered, would prefer they pay for the licensed versions.
From the outside it's hard to pinpoint exactly how much money AWS has made from its Elasticsearch services, but it's a non-zero amount: AWS likely recorded more than $12 billion in overall cloud revenue during the fourth quarter of 2020. At the same time, Elastic's own cloud services are growing quite strongly as the world shifts to cloud-based software.
Elastic revenue rose 43% in its most recent quarter, with SaaS subscription revenue for Elastic Cloud driving much of that growth. Over the course of 2020, Banon wasn't worried enough about the competitive threat from AWS to mention it during the quarterly conversations with the financial community.
In fact, in answering a question about competition with the cloud providers from a financial analyst during Elastic's December earnings conference, Banon said: "We feel like we're ahead of the pack on all three when it comes to the maturity and the future readiness of our products, and that's reflected, I think, by the usage of it." Elastic's stock has more than doubled in the last 12 months.
"We're doing well as a business, and I'm not going to sit here and apologize for it," Banon said. "It's not about doing well or not doing well as a business, it's about doing what's right."
In the aftermath of the licensing changes, however, what's "right" for Elasticsearch users, open-source contributors, and Elastic shareholders takes on different meanings, depending on where you sit.
"I would have been a lot more sympathetic to Elastic if they said, 'look, these choices we made when we were very young, they aren't working out for us anymore. They aren't working out with our business plan,'" Chestek said. "A lot of people would be unhappy with that, but it would be honest."
Update: This article was updated at 3:45 p.m. PT to include a statement from Elastic following the release of AWS' blog post.
Tom Krazit
Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET and paidContent, and served as executive editor of Gigaom and Structure.
People
Making the economy work for Black entrepreneurs
Funding for Black-owned startups needs to grow. That's just the start.
"There is no quick fix to close the racial wealth and opportunity gaps, but there are many ways companies can help," said Mastercard's Michael Froman.
Photo: DigitalVision/Getty Images
February 26, 2021
Michael Froman serves as vice chairman and president, Strategic Growth for Mastercard. He and his team drive inclusive growth efforts and partner across public and private sectors to address major societal and economic issues. From 2013 to 2017, Mike served as the U.S. trade representative, President Barack Obama’s principal adviser and negotiator on international trade and investment issues. He is a distinguished fellow of the Council on Foreign Relations and a member of the board of directors of The Walt Disney Company.
February 26, 2021
Michael Froman is the vice chairman and president of Strategic Growth for Mastercard.
When Tanya Van Court's daughter shared her 9th birthday wish list — a bike and an investment account — Tanya had a moment of inspiration. She wondered whether helping more kids get excited about saving for goals and learning simple financial principles could help them build a pathway to financial security. With a goal of reaching every kid in America, she founded Goalsetter, a savings and financial literacy app for kids. Last month, Tanya brought in backers including NBA stars Kevin Durant and Chris Paul, raising $3.9 million in seed funding.
<p>
Reaching this milestone is a testament to Tanya's perseverance and resilience as she, like many other Black women founders, struggle to find institutional investors. Our financial system is simply not set up to help Black entrepreneurs launch a business. Most new businesses are initially funded from savings and home equity, but the persistent racial wealth gap in our country places Black would-be entrepreneurs at a dramatic disadvantage since many don't have those assets available. On top of that, of the approximately $625 billion in venture capital invested since 2015, only around $15 billion went to Black and Latinx founders; that's just 2.4% of funding. For Black women founders specifically, the numbers plunge to 0.27% of funding over the past <a href="https://www.projectdiane.com/" rel="noopener noreferrer" target="_blank">two years</a>.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>
This is not an issue that will resolve itself; we need to be deliberate about opening doors and bringing down barriers, not just to solve for one Black or minority-owned business at a time, but to rebuild a system that gives everyone a chance. Capitalism has lifted millions of people out of poverty and improved their quality of life, but it has also left many behind. As we now rebuild our national economy, we need to ensure future growth is inclusive, and that small businesses — the backbone of our economy — recover in a way that lifts up promising Black-owned startups at every point in their journey.
</p><p>
There is no quick fix to close the racial wealth and opportunity gaps, but there are many ways companies can help. Here are four insights we've learned from years of working with startups and community organizations.
</p><p>
<strong>Invest in the network.</strong> Startups like Oakland-based <a href="https://www.mycnote.com/" rel="noopener noreferrer" target="_blank">CNote</a> are working to channel capital to underserved micro and small businesses through a vast network of Black-owned banks, minority credit unions and community development financial institutions that have direct access to many local communities. However, these market innovators are hampered by complex governance requirements that Fortune 200 companies have to put in place before they will do business. We need to make it easier for new players like CNote to pass procurement hurdles and get into the pipeline so they can grow. By helping them on the back end, it opens them up to partnering with large corporates from all across the country.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>
<strong>Open up access to markets.</strong> For those Black-owned businesses that do secure a first round of funding, their growth trajectory often slows when it comes to entering new markets. A startup's ability to scale increases exponentially when larger companies with trusted relationships not only make introductions to its partners but also offer the startup's services as part of a proposed solution to customers. This is an approach that has helped <a href="https://mocafi.com/about/" rel="noopener noreferrer" target="_blank">MoCaFi</a>, a New York-based, Black-owned startup that offers banking services to lower- and moderate-income communities, to start working with local city leaders in new markets. This work can be mutually beneficial for corporations: The ability to deliver effective support to underserved communities increases when the right partners with the right solutions are brought to the table.
</p><p>
<strong>Digitizing access to capital.</strong> Black entrepreneurs are being denied or given smaller bank loans nearly <a href="https://www.federalreserve.gov/publications/2017-september-availability-of-credit-to-small-businesses.htm" rel="noopener noreferrer" target="_blank">twice the rate of</a> their white peers — 54% compared to 30%, respectively. Microfinance institutions and CDFIs have stepped in to fill this void, supporting applications for those previously denied loans. However, the demand exceeds the resources and tools available, and getting funds to those who need it urgently can be challenging. New digital tools can be transformative in this situation if we could accelerate access for these organizations. Many rely on slow paper-based processes, but through the digitization of both applications and distribution of loans, CDFIs like the <a href="https://crfusa.com/" rel="noopener noreferrer" target="_blank">Community Reinvestment Fund</a> and micro-finance institutions like <a href="https://www.grameenamerica.org/" rel="noopener noreferrer" target="_blank">Grameen America</a> have been able to process requests faster, more securely and for more businesses, throughout the pandemic.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>
<strong>Going all in. </strong>Finally, one of the most important lessons we've learned is that the programs and partnerships used to tackle these issues can't be just for a moment in time or a single intervention. For maximum impact, companies need to be all in with the full breadth of their assets — funding, product pilots, supplier practices, consulting services, data insights — as this is how to drive a catalytic impact and create a more sustainable, inclusive digital economy.
</p><p>
As more businesses, CEOs, corporate treasurers and venture capitalists join in this effort, we can collectively help bridge that wealth and opportunity gap. Startups can't scale up if they aren't given that first chance.
</p><p>
As we are reminded during this Black History Month, the problems of racial economic disparity have existed for too long, and although the challenge seems daunting, we are confident that with perseverance we can successfully build a more just and equitable economy. Our early progress matters, and we should make every effort to build on the first steps by coming together across sectors and organizations so that amazing ideas like Tanya's are embraced from the outset.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p>
Keep Reading
Show less
Michael Froman serves as vice chairman and president, Strategic Growth for Mastercard. He and his team drive inclusive growth efforts and partner across public and private sectors to address major societal and economic issues. From 2013 to 2017, Mike served as the U.S. trade representative, President Barack Obama’s principal adviser and negotiator on international trade and investment issues. He is a distinguished fellow of the Council on Foreign Relations and a member of the board of directors of The Walt Disney Company.
Sponsored Content
Building better relationships in the age of all-remote work
How Stripe, Xero and ModSquad work with external partners and customers in Slack channels to build stronger, lasting relationships.
Image: Original by Damian Zaleski
February 21, 2021
February 8, 2021
Every business leader knows you can learn the most about your customers and partners by meeting them face-to-face. But in the wake of Covid-19, the kinds of conversations that were taking place over coffee, meals and in company halls are now relegated to video conferences—which can be less effective for nurturing relationships—and email.
Email inboxes, with hard-to-search threads and siloed messages, not only slow down communication but are also an easy target for scammers. Earlier this year, Google reported more than 18 million daily malware and phishing emails related to Covid-19 scams in just one week and more than 240 million daily spam messages.
<p>To keep the lines of communication wide open in this new reality, organizations are adopting new cloud solutions at a rate CIOs expected to see years from now. In fact, 79% of CIOs agree that the pandemic will force their organizations to digitally transform faster than planned, according to <a href="https://slack.com/blog/transformation/people-partners-systems-slack" rel="noopener noreferrer" target="_blank">J.P. Morgan</a>. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>But executive leaders know it takes more than just adopting a communication platform or software bundle to build relationships remotely. You have to find the <em>right</em> solution that meets both your internal and external collaboration needs. That's why competitive businesses today are turning to Slack, the <a href="https://slack.com/features/channels" rel="noopener noreferrer" target="_blank">channel-based messaging platform, </a>to close communication gaps with partners and customers in the age of remote work. Companies can securely collaborate with external parties using <a href="https://slack.com/help/articles/360017938993-What-is-a-channel" rel="noopener noreferrer" target="_blank">Slack channels</a>, a single place to share files and messages, in the same <a href="https://slack.com/resources/using-slack/setting-up-a-shared-channel" rel="noopener noreferrer" target="_blank">Slack workspace</a> through <a href="http://slack.com/connect" rel="noopener noreferrer" target="_blank">Slack Connect</a>.</p><p>With Slack Connect, organizations can build stronger customer and partner relationships through real-time communication. And unlike email—which leaves users open to the risk of spam and phishing—companies and external parties receive communications only from <a href="https://slackhq.com/introducing-new-layers-of-enterprise-grade-security" rel="noopener noreferrer" target="_blank">verified members in Slack channels</a>. Plus, Slack workspace administrators can maintain control over data and monitor external access. </p><p>Here's a closer look at how teams at Stripe, Xero and ModSquad are using Slack Connect to engage customers, prospects and partners in real-time and close deals faster. </p><h4>Stripe: Expediting sales deals while building lasting relationships with customers</h4><p><a href="https://stripe.com/" rel="noopener noreferrer" target="_blank">Stripe</a> is an online payment provider with a mission to support e-commerce. The Stripe sales team works with early-stage startups all the way through global Fortune 500 companies, and uses Slack Connect to engage with customers, keep communication organized and teams in sync, and jump on sales opportunities.</p><p>Jeanne DeWitt Grosser, head of Americas revenue and growth at Stripe, says communicating with prospective customers in Slack has been instrumental in maintaining engagement and closing deals.</p><p class="pull-quote">"Historically, the gold standard of a deep relationship in sales was getting the person on text," says DeWitt Grosser. "Now the gold standard is getting them into a Slack channel."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Usually at the beginning of a sale, DeWitt Grosser explains, reps used to double down on communication using the "law of 2x." Essentially, you start with a meeting and then follow up a week later. But this strategy no longer makes the cut: A lot could change in a week, and Slack is more in line with the tempo of the digital workplace. </p><p>"In Slack channels, the dialogue with the prospect happens in real time, as opposed to the next time you align your schedules," DeWitt Grosser says. "This kind of personal, persistent connection grows customer loyalty and retention."</p><p>Often sales reps have to communicate with a variety of departments to seal the deal. Instead of emailing them separately and creating silos, Stripe's account executives and solution architects set up a Slack channel with key customer stakeholders, like developers, the head of payments and a finance representative. </p><p>"When you need to move quickly, email is not the right format: It's more formal and responses take longer," says James Dyett, Stripe's head of global product sales and payments optimizations. "Slack has super powers. It's a much better experience." </p><h4>Xero: Working with external partners like they're on the same team</h4><p>If the pandemic has taught us one thing, it's that relationships matter. Whether it's launching a marketing campaign with a partner or hiring contractors to complete a specific project, we can't—and shouldn't—try to do everything ourselves. <br><br>When it comes to nurturing partnerships in the midst of the pandemic, <a href="https://www.xero.com/" rel="noopener noreferrer" target="_blank">Xero</a>, a cloud-based accounting software company, affirms that working in Slack Connect has been a game changer. Justine Wallendorf, New Zealand partner marketing manager at Xero, says Slack Connect helped her team launch a joint online marketing campaign with partners, <a href="https://www.figured.com/en-us/figured-xero" rel="noopener noreferrer" target="_blank">Figured</a> and <a href="http://paysauce" rel="noopener noreferrer" target="_blank">Paysauce</a>. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>The three companies were offering a complete software solution for farmers looking to manage their business digitally. By coming together in one Slack channel, #xero-partners, the sales and marketing teams across all three businesses could connect and ensure alignment on: </p><ul class="ee-ul"><li>Immediate universal access to all campaign details</li><li>Consistent messaging across sales enablement deliverables, such as one pagers and slide decks</li><li>Quick feedback and turnaround times for deliverables</li><li>Clear leadership signoffs</li></ul><p class="pull-quote">"Working in Slack Connect guaranteed that everyone was beating the same drum and speaking the same language, positioning our partnership as best as possible in the market," Wallendorf says.</p><h4>ModSquad: Winning customer loyalty with exceptional customer support</h4><p>With so much uncertainty in the world, efficient and reliable customer support is akin to a safe harbor in a storm. That's why Slack customer, <a href="https://modsquad.com/" rel="noopener noreferrer" target="_blank">ModSquad</a> has its support teams troubleshoot customer issues in real time with Slack Connect.</p><p>As a customer experience outsourcer, ModSquad knows good customer service. Each day, ModSquad's global crew of experts—the Mods—help their customers engage with their audiences online through customer support, content moderation, community management and social media. </p><p>ModSquad works with its clients in Slack Connect to set up service level agreements and incorporate support dashboards. With the <a href="https://slack.com/apps/A0108APQFQC-geckoboard" rel="noopener noreferrer" target="_blank">Geckoboard Slack integration</a>, ModSquad monitors clients' incoming calls and chats—without ever leaving Slack. Whenever the team sees an uptick in activity or service impacting issues, they can quickly alert clients and internal teams for quick resolution. The team also relies on a <a href="https://slack.com/apps/A9WFQ3M0B-zendesk" rel="noopener noreferrer" target="_blank">Zendesk Slack integration</a> to track service desk tickets, troubleshoot and resolve issues.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>According to Steve Henry, senior vice president, client services at ModSquad, Slack channels also help build a culture of transparent communication and trust with clients.</p><p>"Establishing trust with our clients is very important, and Slack provides a crucial component for all of our efforts" Henry says. "With Slack, we can provide world-class support solutions and improvements for our clients, driving efficiencies while growing their business in the process."</p><h4>In an all-remote world, Slack Connect builds strong partnerships</h4><p>Slack Connect is available for <a href="https://slack.com/pricing/paid-vs-free" rel="noopener noreferrer" target="_blank">all paid plans</a>. If you're already a customer but new to Slack Connect, feel free to <a href="http://slack.com/contact" rel="noopener noreferrer" target="_blank">reach out</a> or learn more on <a href="https://slack.com/resources/using-slack/setting-up-a-shared-channel" rel="noopener noreferrer" target="_blank">how to get started</a>. And if you want to see how others are using Slack Connect to work with external partners, check out a few of our recent <a href="https://slack.com/blog/collections/slack-connect-shared-channels-shared-success" rel="noopener noreferrer" target="_blank">customer stories</a>. </p>
Keep Reading
Show less
Protocol | Fintech
IBM’s huge bet on building a cloud for banks
Howard Boville left his post as Bank of America's CTO to lead Big Blue's bold cloud offensive. Can he make it work?
IBM is embarking on an ambitious bid to build a cloud banking platform.
Image: Scott Eells/Getty Images
February 17, 2021
Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.
February 16, 2021
Moving to the cloud can be burdensome for a bank: If you don't know exactly how and where your company's data is being stored, meeting regulations that control it can be almost impossible. Howard Boville is betting he can solve that problem.
Last spring, Boville left his post as chief technology officer at Bank of America to lead IBM's ambitious bid to build a cloud banking platform. The concept: that any bank or fintech would automatically be following the rules in any part of the world it operates, as soon as it started using the platform.
<p>"I saw a big gap in the marketplace," Boville told Protocol. "How do you have the right compliance controls built into a cloud, so that you could satisfy regulators and also the risk posture you have as a financial institution?" </p><p>The cloud he envisioned would have "all these little railway sets with different gauge tracks," he added. "The big idea was to set a series of standards on those controls that the industry could consume. Then on a global basis, you could ride on those rails to carry the analogy of the railway set, and all of the gauges met and de-risk the whole financial services industry."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>While IBM has long been a major provider of hardware and software used to run the in-house data centers of major banks and other institutions in the financial services industry, that business has been under fire as banks slowly started to migrate to the cloud.</p><p>"You cannot be in the technology business and not be serving financial services, because you're missing one of the largest areas of spend in technology," Sonny Singh, executive vice president of Oracle's financial services business, told Protocol. </p><p>That's why the financial services cloud is a major offensive for Big Blue — and a chance for Boville to prove his idea works. </p><h3><strong>'Compliant out of the box'</strong></h3><p>Boville was still CTO of Bank of America when he began developing with IBM the concept of a financial services cloud that would be "compliant out of the box." The idea was to build a platform geared to a heavily-regulated industry known for a web of regulations meant to protect the interests of consumers and businesses, and to guard against fraud and criminal activity.</p><p>The rules are typically extensive and complex, Falk Rieker, SAP's global head of banking, said. "I have here on my desk the outsourcing guidelines from the European Banking Authority," he told Protocol. "It's 20 pages and goes down into hundreds of details that banks have to keep in mind when they outsource their operations." </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Yobie Benjamin, who served as the global chief technology officer of Citi's global transactions group and is co-founder of the fintech infrastructure startup Token, noted that banking rules often take a long time to change and pointed to strict regulations for record-keeping: "In the banking system, we can't throw shit away. … Technology changes at the speed of light. Regulations move at the speed of molasses. … Regulatory burden is not trivial."</p><p>It's a burden not just for the big banks, but also for vendors that sell them software and services, especially fintech startups. Boville himself had to deal with this issue at Bank of America: "We had to do vendor risk assessments on software companies that we consume technology from." It's no problem for bigger vendors that could afford to go through the process, which could take up to two years, "but the fintechs are too small." </p><p>"That's a problem for the industry, because it meant that we couldn't consume innovation at the pace that we wanted to because we had to go through all these various checks. If you're a small fintech, you haven't got the capacity to have that overhead," he said. "It's a very long checklist to check that the vendor is not going to introduce risk into the financial system. And for smaller companies, that's just too much of an overhead, particularly when every bank will ask you to do the same thing but in a slightly different way."</p>
<p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTYzNDYzMi9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYyMjE3ODg3OH0.Ws6WJmPh-qmidbEBVzYpG4yOZPXwj76DGdv1VjXGnVE/img.jpg?width=980" target="_blank"><img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTYzNDYzMi9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYyMjE3ODg3OH0.Ws6WJmPh-qmidbEBVzYpG4yOZPXwj76DGdv1VjXGnVE/img.jpg?width=980" id="021cc" class="rm-shortcode" data-rm-shortcode-id="af6c9dee9bbb14f3da702e2d36c74b3b" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">Howard Boville, head of IBM hybrid cloud</small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">
IBM</small>
</p><p>Boville had worked closely on the financial services cloud project with Arvind Krishna, who took over as IBM CEO last year. By the time IBM launched the platform in late 2019, Boville said he was looking to return to his technology roots. </p><p>He had started out as a database programmer in England and ended up working in the telecommunications industry, including a stint with Comcast in the 1990s when he "started to figure out that the internet might be a thing." He subsequently spent nearly 14 years with BT Global Services before joining Bank of America in 2012. </p><p>He said he told IBM about his plan to move on. "That's when the conversation with Arvind arose," he said, adding that Krishna told him, "Come here and continue the incredible work that you're doing." Boville said he "was humbled by the opportunity. It was just such an easy decision to make."</p><h3>A way to win trust</h3><p>The IBM cloud provides "a comfy bubble" where banks and fintech startups have access to tools that would ensure that they're doing everything right when it comes to such matters as encrypting their data properly or handling and storing them properly, Hillery Hunter, chief technology officer of the IBM financial services cloud, said. It is also set up to prevent "people from doing the wrong thing and leaving things vulnerable" and to "send an alert if anything was left vulnerable" by developers or engineers who work for the bank or a third-party software vendor, including fintechs.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>In fact, one of IBM's key goals is to attract fintechs. The platform aims to make it easier for a startup with a hot new technology to convince a bank or a financial services company that it is safe to work with them. "We have heard story after story after story of startups that got positive affirmation from financial institutions about what they were trying to do, but the banks were unwilling to move into production," Hunter told Protocol. She said a typical response startups get from a bank is: "You know, your functionality is great, but I don't trust you with my clients' data."</p><p>IBM is building the financial services cloud after falling behind in the cloud more generally — the most dominant trend in enterprise tech dominated by Amazon, Microsoft and Google. IBM has recently struggled with sliding revenue as a result: The company last month reported <a href="https://www.ibm.com/investor/att/pdf/IBM-4Q20-Earnings-Press-Release.pdf" rel="noopener noreferrer" target="_blank">fiscal 2020 revenue of roughly $74 billion</a>, down 4.6% year-over-year, and continuing a streak of annual revenue declines.</p><p>IBM does not break out revenues for its financial services business, but the overall revenue drops are hitting at a time when IT spending in the banking and securities industries has actually been rising: It's projected to reach roughly $589 billion in 2022, up 14% from 2018, according to Gartner. That would be about 14% of total enterprise IT spending of $4.1 trillion.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>The problem is most of that spend is shifting to the cloud. Jerry Silva, IDC's vice president of financial insights, said banks and financial services companies have been allocating bigger chunks of their IT budget on the cloud based on a yearly survey of banks worldwide. In 2018, most banks said they were spending roughly 20% of their budgets on cloud related expenses. By 2020, that figure was up to 33%. On the other hand, the share of IT budgets for in-house data centers dropped from 44% in 2018 to only 13% in 2020, Silva said.</p><p>Singh said IBM "has been pretty solidly positioned in financial services traditionally," but "a lot of that presence was under threat from aging of the systems that they were serving up on those mainframes." </p><p>Silva said he had mixed reactions when IBM shared its plan for the financial services cloud. "I think it will resonate with the industry because you're taking the workload off the bank," he said.</p><p>But it is such an enormous undertaking that he wondered if IBM, even with a market cap of roughly $108 billion and a massive technology arsenal, could pull it off. "If you just look at the U.S., sometimes the [regulations] get down to the county," he said. "It's going to take enormous resources from IBM to do this. … I think it will be a longer rollout when they talk about global ability. It's not a trivial thing to do."</p><h3>Up to the job?</h3><p>IBM hopes to meet this challenge with the help of cutting-edge technology like AI and the capabilities it acquired when it bought <a href="https://www.americanbanker.com/news/ibms-ceo-explains-why-the-computing-giant-bought-promontory" rel="noopener noreferrer" target="_blank">Promontory Financial Group</a>, a consulting company that specializes in regulatory compliance, in 2017. IBM is building the cloud in a way that ensures "continuous monitoring of all regulatory obligations," including potential rules that are not yet on the books, Hunter said.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="6">
</div>
</div></p><p>"There are some common trends and themes and other things like that that you can start to see emerging, and having those headlights [shining on] what's happening, for example, in the U.K. or in Singapore, helps us develop better technology and be proactive and stay ahead when those obligations then begin to become required in other countries," she said.</p><p>It's a capability that would make life easier for fintechs, said Sandeep Tandon, chief technology officer of digital banking technology company Intellect Design Arena, an IBM cloud client. "We don't have to be concerned whether we are deploying for a European Bank or for a North America bank or an Asian bank," he told Protocol. "There may be different requirements and IBM should have taken care of those beforehand."</p><p>So far, IBM cloud's partners include Bank of America, Luminor (the third largest bank in the Baltics and Estonia), and around 50 software vendors and fintech startups, including payments platform Ripe Hub and Zafin, a product and pricing platform for banks.</p><p>Silva said IBM's financial services cloud "does seem to be unique." He added: "Let me put it this way, it's much more than marketing-speak at this point ... assuming they can deliver on the promise."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="7">
</div>
</div></p><p>And IBM is a force to reckon with in financial services, SAP's Rieker said. "They have the footprint in the banks … They're still in most of the large banks. They have a wide understanding of the infrastructure and the landscape banks are running. I think that this is something IBM can bring to the table, which the other providers cannot do to the same extent," he said. "We all know they are the 800-pound gorilla."</p>
From Your Site Articles
- IBM accused Airbnb of patent violations. - Protocol — The people ... ›
- IBM's plan to dominate the quantum computer industry comes into ... ›
- IBM Food Trust: Who's using blockchain to track supply chain ... ›
- Banking-as-a-service is a boon to fintech - Protocol — The people, power and politics of tech ›
Keep Reading
Show less
Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.
Transforming 2021
Blockchain, QR codes and your phone: the race to build vaccine passports
Digital verification systems could give people the freedom to work and travel. Here's how they could actually happen.
One day, you might not need to carry that physical passport around, either.
Photo: CommonPass
February 23, 2021
Mike Murphy ( @mcwm) is the director of special projects at Protocol, focusing on the industries being rapidly upended by technology and the companies disrupting incumbents. Previously, Mike was the technology editor at Quartz, where he frequently wrote on robotics, artificial intelligence, and consumer electronics.
February 23, 2021
There will come a time, hopefully in the near future, when you'll feel comfortable getting on a plane again. You might even stop at the lounge at the airport, head to the regional office when you land and maybe even see a concert that evening. This seemingly distant reality will depend upon vaccine rollouts continuing on schedule, an open-sourced digital verification system and, amazingly, the blockchain.
Several countries around the world have begun to prepare for what comes after vaccinations. Swaths of the population will be vaccinated before others, but that hasn't stopped industries decimated by the pandemic from pioneering ways to get some people back to work and play. One of the most promising efforts is the idea of a "vaccine passport," which would allow individuals to show proof that they've been vaccinated against COVID-19 in a way that could be verified by businesses to allow them to travel, work or relax in public without a great fear of spreading the virus.
<p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>But building a system that everyone agrees with — and can access — is no small task. There are several companies working on competing projects to verify vaccinations. But beyond that, there are more than a few hurdles that could prevent vaccine passports from succeeding, from antiquated medical records systems to interoperability issues and privacy concerns. Here's how they could actually succeed. </p><h3>Competing projects, similar standards</h3><p>Pretty much since the first blockchain white paper, people have been looking for perfect examples of where a distributed, immutable ledger could be valuable. There's obviously the push to use it for currencies, and companies have tried to use it for things like tracking <a href="https://www.protocol.com/ibm-blockchain-supply-produce-coffee" target="_self">food production</a> and <a href="https://www.govtech.com/products/Blockchain-Voting-Debate-Heats-Up-After-Historic-Election.html" rel="noopener noreferrer" target="_blank">voting</a>, but there are few use cases that have truly taken off, at least so far. "We've been working on this since 2014; we never thought that health care would be the kind of the use case that we take this mainstream," Jamie Smith, the senior director of business development at Evernym, a company focused on using the blockchain as a basis for verifying identities, told Protocol. </p><p>Smith said Evernym had been discussing its concepts with automakers, retailers, telcos, governments, loyalty companies and banks prior to the pandemic. One of those companies was IAG, the airline group that owns British Airways, which had been interested in the idea of contactless travel based on a single identity credential that follows you from the airport check-in to your gate. With the pandemic, that morphed into thinking about ways to verify that passengers have had negative COVID tests, and eventually, that they've received a vaccine. "From our perspective, it was a really easy lift to see," Smith said. "We're doing contactless travel, and we just added verifiable credentials for test results."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>It's a similar genesis for IBM's Digital Health Pass initiative, which leader Eric Piscini said started about two years ago as a way to store people's entire health records in a safe, accessible platform. It also relies on the blockchain for its immutable record of proof, and both Evernym and IBM are part of an open-standards group called the Good Health Pass Collaborative, which aims to bring private credentialed vaccine records to business and people around the world. Companies are working on their own implementations of the standards, but Evernym's Smith said the data is meant to be portable from one passport to another. </p><p>Most of the companies working on passports say their systems are private by design, especially given that they're mainly working off the same open standards. In most cases, the health information only ever remains on a user's phone, but where it asks to verify that the user's information meets a system's standards — such as whether this person has had two COVID vaccines and should be allowed into an office — that information is recorded on a blockchain. "You can, using blockchain technologies, verify that someone has been tested recently, without having access to the underlying data," Piscini said. "I don't know any other technology where you can do that."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>Similarly, the nonprofit Commons Project's CommonPass, backed by the likes of Oracle, Microsoft and Salesforce, started out as a project to bring an analog to Apple Health for Android. JP Pollak, a senior researcher at Cornell and founder of the Commons Project, first launched CommonHealth to bring the sort of data and insights that Apple Health offers to iPhone owners to Android users. Last summer, the group started building an app that could take health data and privately share it with others — in that case, it was to help truckers stuck at the borders in <a href="https://www.newtimes.co.rw/opinions/digital-technology-re-opening-africa" rel="noopener noreferrer" target="_blank">East African countries</a> who couldn't easily prove they'd taken COVID tests. This morphed into vaccine credentialing, with the group now working to pull together the various data streams needed to get a project like this off the ground. </p><p>"Health care institutions, EMR vendors, retail pharmacies, state vaccine registries, all issuing people a digital verifiable credential of their vaccination record that they could then use in the app of their choice, to be able to get access to various kinds of services," Pollak said. CommonPass is also working with the Mayo Clinic, as well as Epic Systems and Cerner, two of the largest EMR vendors. </p><h3>Something for everyone </h3><p>With so many competing efforts to become the world's digital vaccine passport, it might seem that the country is heading for some sort of VHS versus Betamax format war for proving everyone has had COVID vaccines. But given that so many of the efforts are using the same standards, and in many cases, looking to embed their tech in someone else's app rather than their own, the race might be less about the best tech winning, and more about various approaches working in different situations. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>"The intent is not to be the only company; we don't want to be the proprietary platform that everybody has to use because they have no choice," IBM's Piscini said. "That's not who we are right now: That's the IBM from 30 years ago, not the IBM of today."</p><p>For IBM, though, the selling point is that the company already works with so many other massive companies. Why look elsewhere for a vaccine passport solution if your airline booking system is already powered by IBM? "We believe our network is going to be more valuable than any other because of our scale and our ability to integrate the platform with CRM systems, building systems or stadium systems — we can do that every day," Piscini said.</p><p class="shortcode-media shortcode-media-rebelmouse-image">
<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTY2NTc3NS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYyMTM1MjYyM30._ykxxCyx3_wDbZrYgCcmK0QT2Ue1tZFdP5pf60kOmPU/img.jpg?width=980" id="c81c9" class="rm-shortcode" data-rm-shortcode-id="3967636652192acfdaad341861263bc8" data-rm-shortcode-name="rebelmouse-image">
<small class="image-media media-caption" placeholder="Add Photo Caption...">IATA's digital passport app.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: IATA</small></p><p>For other companies, it's about securing new partnerships with major players in the hopes of finding that scale. Evernym, for example, is working with International Air Transport Association, the airline industry's trade association, on an air travel-specific app called Travel Pass. IATA is working with airlines and local governments to ensure it has the latest requirements to feed the app's rules engine. "It will say, 'Hey, you're flying JFK to Heathrow, you need a PCR test 48 hours in advance before you can land,'" Evernym's Smith said. "And of course, those policy changes are changing every day." Qatar, Emirates and Etihad Airways are all <a href="https://simpleflying.com/qatar-iata-travel-pass-launch/" rel="noopener noreferrer" target="_blank">expected</a> to start trialing the app in the next few weeks.<br></p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>In other instances, the technology will live inside other companies' existing apps; why make someone download yet another app and add another hurdle to compliance? Instead, the experience will be rather like adding a loyalty account or TSA PreCheck number when booking a flight. Airlines and other venues restricting access will require uploading negative test results or vaccine records using one of these services. "You're going to be using the United or the Delta app, and they'll be using our solution or somebody else's, but you will do it via their app," IATA's Travel Pass lead, Alan Murray Hayden, told Protocol.</p><p>The World Health Organization is also working on its own offering, and recently convened the <a href="https://www.who.int/groups/smart-vaccination-certificate-working-group" rel="noopener noreferrer" target="_blank">Smart Vaccination Certificate Working Group</a>. It's built upon the WHO's nearly century-old notion of the "yellow card" vaccination record, which first was used to document that travelers had been inoculated against diseases such as cholera and yellow fever. Evernym Chief Trust Officer Drummond Reed is part of the working group; he said there should be more to share in the coming months. </p><h3>What could go wrong?</h3><p>It's entirely possible that as more people start to get vaccinated, vaccine passports start to become the norm. You walk to work — still masked, of course — scan a QR code reader in the lobby, and are let in. You go out for lunch, and your loyalty card app has a discount for in-store shoppers verifying they're vaccinated. Your concert ticket is also tied to health pass information that you shared earlier in the day with Ticketmaster. But there are more than a few hurdles ahead of the companies rushing to turn these concepts into realities. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="6">
</div>
</div></p><p>First off, there's the … reality … of the real world that any digital system has to contend with. For anyone without access to the internet, digital vaccine credentials will prove difficult to acquire, though all the companies Protocol spoke with said they would offer a paper-based QR code for people who don't have smartphones. But there's also the issue of having to corral so many different stakeholders into one system, especially when some health care providers are still reliant on antiquated database systems or <a href="https://www.protocol.com/manuals/health-care-revolution/electronic-health-records-after-coronavirus" target="_self">even paper records</a>. "The amount of inefficiency in the system is tremendous," IBM's Piscini said. </p><p>But in the U.S. at least, all vaccinators are required to report COVID-19 vaccines to their state. Piscini said that even for people who just received a paper copy of their vaccine records, systems like IBM's can likely link up to the state's immunization registry and allow people to import records to a vaccine passport.</p><p class="shortcode-media shortcode-media-rebelmouse-image">
<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTY2NTc4My9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTYzNzg3MTM2M30.RZtqR7F_FuXK1S24V6jVaqUZ0xOSG-gCwj00xU3fxcM/img.png?width=980" id="b0bd3" class="rm-shortcode" data-rm-shortcode-id="11d8002d92c0cd6ef39b12fc7b8dccf8" data-rm-shortcode-name="rebelmouse-image">
<small class="image-media media-caption" placeholder="Add Photo Caption...">How CommonPass's app shows your records. </small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Image: CommonPass</small></p><p>And states are willing to help out, Pollak said, adding that CommonPass has started working with Hawaii to roll out its offering for would-be tourists. "We're seeing a lot of state governments stepping up and doing a really good job with this," Pollak said. "It would be surprising if there wasn't a coordinated federal effort very soon." That being said, while <a href="https://www.cbc.ca/news/canada/north/iceland-covid-passports-canada-1.5904828" rel="noopener noreferrer" target="_blank">many countries around</a> the world are committing to working on vaccine passports, getting a straight answer out of the U.S. government on what it's doing has proven difficult. The State Department, which maintains America's traditional, analogue passports, referred me to Homeland Security, which referred me to the White House. The acting director and chief of staff of the White House's Office of Science and Technology Policy, Kei Koizumi, told Protocol that "OSTP can't discuss projects we are working on before they are publicly announced."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="7">
</div>
</div></p><p>But even with systems in place at a federal level, there's still a fair amount of education that needs to happen before people will trust systems like these. "There's a substantial gap in understanding and knowledge of how these systems work, and people's views, in terms of who should get access to which data," Pollak said. </p><p>"We assume there's a Facebook Borg in the sky, monitoring every interaction," Smith said. "The emergence of verifiable credentials breaks down that mental model, where actually it becomes more like decentralized bits of paper that I can carry around, and no one's to know that I've been sharing this information."</p><p>"Our belief is that if you do the right thing, from a platform point of view, protecting your privacy, and giving you control and access to the platform to everybody who wants to use it," Piscini said. "I think those are very basic things that allow the core of the platform that we build to generate adoption by the individuals."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="8">
</div>
</div></p><p>Even with a system that works, there may still be holdouts to this potential new normal. "Some people are saying, 'I will never get vaccinated,'" Piscini said, "and I don't know if the airlines are going to say, 'Well, maybe you will never fly again.'"</p>
Keep Reading
Show less
Mike Murphy ( @mcwm) is the director of special projects at Protocol, focusing on the industries being rapidly upended by technology and the companies disrupting incumbents. Previously, Mike was the technology editor at Quartz, where he frequently wrote on robotics, artificial intelligence, and consumer electronics.
Protocol | Enterprise
AWS has avoided antitrust scrutiny. That could change soon.
Legislators and regulators are looking closely for evidence of contract pricing, self-preferencing and whether lock-in is hurting customers.
AWS, Microsoft and Google Cloud have all invested billions of dollars in cloud infrastructure.
Image: NurPhoto/Getty Images
February 12, 2021
Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET and paidContent, and served as executive editor of Gigaom and Structure.
February 12, 2021
The days of AWS flying under the antitrust radar are over.
Cloud computing has grown at a dizzying speed since 2006, when AWS launched its first cloud service. A generation of tech companies found themselves more than willing to pay handsomely to outsource their hardware and networking needs — as well as an ever-growing percentage of their software development tools — to the company.
<p>
AWS, Microsoft and Google Cloud have all invested billions of dollars in cloud infrastructure, demonstrating that big business can run over the internet. But by most metrics, AWS is by far considered the leader when it comes to selling that infrastructure as a service, controlling as much as 45% of that market according to some estimates.
</p><p>
The ins and outs of business-to-business tech markets such as the cloud industry aren't immediately accessible to most legislators, who are still trying (with varying degrees of success) to wrap their heads around consumer tech markets. But as the stakes grow larger, it's hard to overlook the competitive dynamics at play in the market for enterprise software, which runs the world.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>
"Short answer is: If it is a platform, then it has antitrust issues," <a href="https://law.scu.edu/faculty/profile/polden-donald/" target="_blank">Donald Polden</a>, dean emeritus and professor of law at Santa Clara University, told Protocol.
</p><p>
Last October, the House Judiciary Committee included cloud computing in a report entitled "
<a href="https://judiciary.house.gov/uploadedfiles/competition_in_digital_markets.pdf" rel="noopener noreferrer" target="_blank">Investigation of Competition in Digital Markets</a>." While that report focused much more on advertising and AWS' corporate parent than it did the cloud, it also echoed a number of concerns about AWS that have been sweeping through the market for years: the treasure trove of data inside its network that's both difficult and expensive to move elsewhere, the rate at which some AWS customers found the company competing with them and <a href="https://www.protocol.com/enterprise/about/aws-targeted-by-elastic" target="_self">more of the usual self-serving grumbling</a> from enterprise companies built around open-source projects that somebody else is also using the same permissively-licensed code to make money.
</p><p>
Any actual antitrust case against AWS would require much more of a smoking gun than was produced by the Committee's report, according to antitrust experts. That means legislators and regulators looking to build such a case will be looking for evidence around three main issues: contract pricing, self-preferencing and the degree to which lock-in is a necessary evil of enterprise software.
</p><h3>A highly concentrated market
</h3><p>
At the end of 2020,
<a href="https://www.srgresearch.com/articles/cloud-market-ends-2020-high-while-microsoft-continues-gain-ground-amazon" rel="noopener noreferrer" target="_blank">AWS controlled about 34% of the cloud infrastructure service market</a>, according to Synergy Research group. Other estimates suggest its dominance in cloud infrastructure could be even greater. <a href="https://www.gartner.com/en/newsroom/press-releases/2020-08-10-gartner-says-worldwide-iaas-public-cloud-services-market-grew-37-point-3-percent-in-2019" rel="noopener noreferrer" target="_blank">Gartner's research</a>, which doesn't involve what Synergy calls "hosted private cloud," put AWS's market share closer to 45%. (There are many other ways to <a href="https://www.protocol.com/newsletters/protocol-enterprise/cloud-earnings-aws-google-microsoft" target="_self">measure the concentration of power in cloud infrastructure</a>, but for the purposes of this discussion, market share is what we'll focus on.)
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>
Even 45% is not a dominant share of the market. But the cloud infrastructure market is considered a "highly concentrated market," according to Polden, in that only a small number of companies currently participate and that number is unlikely to change given the exorbitant cost of operating a global cloud service.
</p><p>
"Because the barriers to entry here are so high, I don't think we can assume that a new entrant is going to come in and make things more competitive," said <a href="https://www.publicknowledge.org/about-us/staff/#charlotte-slaiman" target="_blank">Charlotte Slaiman</a>, competition policy director at Public Knowledge. "So it does sort of up the stakes of everything that's going on in this market."
</p><p>
AWS earned this market share organically, moving much faster than Microsoft and Google to establish a market for enterprise cloud services as traditional enterprise tech companies such as IBM, Oracle, Dell Technologies and HPE failed to translate their leadership position from the first 15 years of the internet to the modern day. But it started small, encouraging developers to whip out their credit cards and pay for a modest level of services as they experimented with the new technology.
</p><p>
These days, AWS likes to sign three-year to five-year deals with big enterprise companies, and this is where pricing details can start to get tricky. AWS and its partners usually agree to certain levels of spending per year of the contract in exchange for pricing concessions compared to the
<a href="https://aws.amazon.com/ec2/pricing/" rel="noopener noreferrer" target="_blank">per-unit pricing on the rate card</a>. (<a href="https://www.sec.gov/Archives/edgar/data/1576914/000162828017007056/exhibit421-mixawsaddenduma.htm" rel="noopener noreferrer" target="_blank">Here's an example from 2017 that spells out how a typical contract works</a>.)
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>
<a href="https://www.cnet.com/news/intel-to-pay-amd-1-25-billion-in-antitrust-settlement/" rel="noopener noreferrer" target="_blank">Intel got into antitrust trouble</a> in a more "highly concentrated market" years ago for tying certain amounts of spending — such as, 100% of a customer's needs — on Intel chips to pricing discounts. Dell refused to entertain the notion of adopting a more-superior chip from AMD in its servers during those years <a href="https://money.cnn.com/2010/07/23/technology/dell_intel/index.htm" rel="noopener noreferrer" target="_blank">in part because its gross margins</a> depended on Intel's pricing concessions.
</p><p>
If AWS were to
<em>require</em> customers to buy all or most of their cloud computing needs from it in exchange for steep discounts, that would be likely to get a court's attention. There are companies that have decided to go all-in on AWS for their cloud needs, but at least publicly there are a variety of benign reasons why companies make that decision.
</p><h3>Competing with customers
</h3><p>
Enterprise software companies —
<a href="https://www.geekwire.com/2019/looming-end-support-deadline-windows-server-2008-everyone-excited-huge-cloud-migration-opportunity/" rel="noopener noreferrer" target="_blank">even Microsoft</a> — have no choice but to offer their services on AWS, thanks to its market power, and they're not shy about complaining about it. In some ways, this is similar to online advertisers: No major brand can afford to overlook Google and Facebook as advertising vehicles, because that's where the people are.
</p><p>
One salient point referenced in the Judiciary Committee's report was the
<a href="https://aws.amazon.com/marketplace" rel="noopener noreferrer" target="_blank">AWS Marketplace</a>, home to lots of third-party software that will run on the platform. This marketplace has allowed countless software companies to take advantage of AWS' platform to sell cloud software they couldn't afford to host on their own: But there's a catch.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>
The AWS Marketplace is not the first thing you see when you log into AWS. Instead, the AWS Management Console is the home page for the cloud platform, and the overwhelming majority of options listed in the console are first-party AWS services.
</p><p>
There are some companies that have cut commercial deals to list their services inside the AWS Console, which also makes the billing process easier for the end user. But companies have to strike those deals with AWS on their own, and companies like
<a href="https://www.geekwire.com/2019/google-cloud-makes-big-open-source-move-managed-databases-redis-labs-mongodb-elastic-coming-soon/" rel="noopener noreferrer" target="_blank">Google have been much more aggressive in striking those deals</a> in recent years.
</p><p>
Competing with your customers is a tricky balance, and experts watching this aspect of the company's operations will be looking for self-preferencing tendencies, a common area of concern for modern antitrust regulators looking at tech companies.
</p><p>
Self-preferencing can take on several forms. Data is one: AWS has an enormous amount of data on how its customers are using both its own and third-party cloud services on its platform, and critics have charged that it can use that data to launch competing services.
</p><p>
This is unavoidable to some extent, as knowing that AWS customers are using, for instance,
<a href="https://www.protocol.com/snowflake-ipo" target="_self">a lot of Snowflake's data services</a> allows it to provide better services to both Snowflake and those customers, namely by assigning significant amounts of computing resources to the machines running those services. But there's also an information imbalance here, and there's no question that companies that do well on AWS — including <a href="https://www.protocol.com/enterprise/mongodb-open-source-database" target="_self">MongoDB</a> and <a href="https://www.protocol.com/enterprise/about/aws-targeted-by-elastic" target="_self">Elastic</a> — have seen it launch competitive services.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>
Another form of self-preferencing is more direct. If AWS
<em>required</em> customers of EC2 or S3 — the flagship compute and storage products in its arsenal — to use higher-level AWS data services as opposed to, say, a third-party product like Snowflake's data warehousing tool, it could also run into trouble, Slaiman said.
</p><p>
"The simple version is [if] you can't get X product at any price unless you are also buying Y product," she said. AWS could also promise better performance for Product X if customers agree to use Product Y, preventing outside competitors from competing directly against Product Y.
</p><p>
"If in order to compete in some particular enterprise software market Amazon is able to make it so difficult that you have to also enter the incredibly expensive infrastructure market, I think that would be really concerning," Slaiman said.
</p><p>
Experts believe AWS has been careful enough at this stage of cloud-computing's development to avoid making that kind of high-profile mistake. But as the growth rate of the market slows, deals for cloud services are only expected to get more competitive over the next decade, which could increase the chances of a sales misstep.
</p><h3>Check-out any time you like
</h3><p>
Hewlett Packard Enterprise CEO Antonio Neri articulated the third major concern about AWS rather well
<a href="https://www.protocol.com/enterprise/hpe-cloud-computing-hotel-california" target="_self">in an interview with Protocol last year</a>.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="6">
</div>
</div></p><p>
"When you check in to the public cloud, it is like checking in to Hotel California: You check in and never check out, because that cost is ginormous," he said. AWS makes it extremely easy to get application and user data into its cloud;
<a href="https://techcrunch.com/2016/11/30/amazon-will-truck-your-massive-piles-of-data-to-the-cloud-with-an-18-wheeler/" rel="noopener noreferrer" target="_blank">it will even send a semi-truck to your data center</a> to upload the data to rugged hard drives and actually drive that data back to its own facilities.
</p><p>
Getting that data out is much harder. Once it lands somewhere, data tends to stay put, which is one of the reasons that large multinational corporations that have been operating IT for decades have been so slow to move to the cloud. AWS (and all cloud providers, for that matter) also charge egress fees for that data, which can be quite prohibitive at scale.
</p><p>
This data is also a concern that regulators have about AWS as the most profitable arm of Amazon the retailer: that Amazon is using AWS data to inform its business strategy. That's a concern that might grow even stronger when
<a href="https://www.protocol.com/andy-jassy-amazon-ceo-aws" target="_self">AWS CEO Andy Jassy takes over as Amazon CEO</a> later this year.
</p><p>
"So it may have a stronger position, not only armed with the data, but also in terms of self-preferencing," Polden said. "Armed with information gained from AWS, Amazon might be able to be an even stronger competitor."
</p><p>
Given that so far most cloud customers have been happy to move their data into the new services provided by the Big Three, complaints about egress fees mainly come from companies that want to use more than one cloud provider. A growing number of companies have expressed interest in tools that help them manage applications across multiple clouds, and
<a href="https://www.protocol.com/aws-multicloud-era" target="_self">after years of resistance AWS finally introduced a service</a> that allows just that in December at its annual re:Invent conference.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="7">
</div>
</div></p><p>
But companies that want to implement multicloud strategies also suffer from the fact that each cloud provider has a slightly different way of doing things, and
<a href="https://www.protocol.com/newsletters/protocol-enterprise/more-clouds-more-problems" target="_self">there can be quite a learning curve</a> when an AWS shop tries to get up and running on Microsoft Azure, and vice versa.
</p><p>
Interoperability requirements are under consideration as possible remedies for social media companies, Slaiman said.
</p><p>
"Social media companies just sort of came up in a way that was not interoperable with one another. But we now see that there would be major competitive benefits in this really important industry, where we don't have sufficient competition, to imposing interoperability requirements," she said.
</p><p>
Imposing such requirements on cloud computing could have the potential to do more harm than good for market participants and end users, especially in a growing market where Microsoft and Google are gaining share at AWS' expense through differentiated strategies and services. But some regulators, comfortable with their hammers, aren't inclined to look for other tools, and resulting remedies may not necessarily be what customers actually want.
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="8">
</div>
</div></p><p>
"This is still a pretty fluid market," Polden said. "Who's to say that AWS has demonstrable market power because the method that they have for their customers is designed to exclude their competitors from getting access to their customers? It's a different approach, it's a different way of doing this."
</p><p>
And there's one wild card that could change everything with respect to how AWS, its customers and its partners interoperate: the outcome of the Oracle vs. Google case, said
<a href="https://www.rstreet.org/team/charles-duan/" rel="noopener noreferrer" target="_blank">Charles Duan</a>, a senior fellow at R Street. The <a href="https://www.protocol.com/google-oracle-supreme-court-software-api" target="_self">U.S. Supreme Court is considering Google's appeal</a> of two lower-court rulings that upheld Oracle's position that APIs are subject to copyright, which could dramatically alter the software-development landscape.
</p><p>
"If that litigation goes in Oracle's favor, Amazon potentially has a very powerful way of stopping competitors from making compatible APIs," Duan said, referring to how several companies (
<a href="https://arstechnica.com/tech-policy/2020/01/oracle-copied-amazons-api-was-that-copyright-infringement/" target="_blank">including Oracle</a>) have reimplemented the API for the widely used S3 storage service. "I think the case just sort of exposes this longstanding question of, we've just sort of assumed we live in a world where we don't have to worry about people asserting rights over all these sorts of things."
</p><h3>Stuck in the Wild West
</h3><p>
With the cloud market growing at a 34% clip year-over-year, according to Synergy Research, it's hard to see anticompetitive behavior holding back fellow cloud providers like Microsoft and Google.
</p><p>
"It has taken just nine quarters for the market to double in size," Synergy wrote in its most recent report. "While Amazon and Microsoft continue to account for over half of the worldwide market, Microsoft once again gained ground on its larger rival and hit the milestone of achieving a 20% worldwide market share [in the fourth quarter of 2020]."
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="9">
</div>
</div></p><p>
That report doesn't even consider
<a href="https://www.protocol.com/newsletters/protocol-enterprise/microsoft-cloud-bezos-musk" target="_self">the astonishing growth of Microsoft's cloud tools</a> for office productivity and business analysis over the last several years, an area in which AWS has only a nominal presence. A broader analysis of the competitive landscape in cloud might conclude that Microsoft has the biggest wallet share in enterprise tech and therefore the biggest reach, although there are decades' worth of factors that play into where Microsoft finds itself in 2021.
</p><p>
For its part, Google appears to be more committed to the enterprise cloud market than ever, after years of waffling about its strategic importance to the larger Alphabet corporation. It is investing heavily in cloud-computing infrastructure to support the next several years, according to CFO Ruth Porat.
</p><p>
Regulators looking for disproportionate power in cloud infrastructure might have better luck examining how third-party software providers are faring against AWS. But again, there are signs that it's very possible to build a big business on the AWS platform, as the massive growth of Snowflake — built with proprietary code that AWS can't touch — has shown.
</p><p>
"One of the struggles in antitrust, and you see this in a number of U.S. Supreme Court cases dealing with Section Two of the Sherman Act, [is that] we want to encourage innovation and creation to develop the next best product and then we don't want to turn on them," Polden said. "Courts have been struggling in defining when it is that a firm that has lawfully acquired monopoly status suddenly becomes a pariah."
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="10">
</div>
</div></p><p>
Regulators will continue to look for evidence that AWS has crossed a bright line, relying on market participants to blow the whistle on any anticompetitive dealings. (A link to my email address is at the top of this report.)
</p><p>
But for now, cloud computing still appears very much entrenched in its Wild West phase, and will be so long as it continues to evolve very quickly.
</p><p>
"It doesn't mean that there can't be competitive concerns, but I do think that's an important difference between this market and some of the other markets [like social media] where folks are really concerned and ready to make big changes," Slaiman said.
</p>
Keep Reading
Show less
Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET and paidContent, and served as executive editor of Gigaom and Structure.
Latest Stories
See more
Most Popular
Bulletins
February 25, 2021 17:33 EST
February 24, 2021 18:59 EST
Get Source Code in your inbox
David Pierce's daily analysis of the tech news that matters.