Excerpt
Table of Contents
1. Introduction
2. Method
3. Literature review
3.1 Cloud computing
3.1.1 Cloud computing and the issues arising from this new technology
3.1.2 Correlation of cloud computing and forced acceptance
3.1.3 Cloud computing and the issue of user trust
3.1.4 Cloud computing and the lack of an ethical perspective
3.2 The ethical responsibilities of users
3.3 The ethical responsibilities of the provider
4. Conclusion and discussion
Bibliography
Appendix
Abstract
Even though security issues when using cloud computing services have been looked at from a technical perspective, research has failed to explain why consumers use cloud services extensively despite of their distrust. Observations have been made that users are in a dilemma where they use a service, they are not comfortable with. Besides trust, the ethical perspective of all stakeholders in cloud computing has not been discussed or connected to the issue of trust.
The unease consumers feel when signing up for a cloud service could be transformed from a dilemma into an competitive advantage. Therefore, it is of high interest to cloud service providers to understand how they can gain competitive advantage over competitors by building consumer relationships based on trust and ethical norms. The results of this literature review show that making use of insights into cloud computing issues and awareness for trustful, ethical relationships with the customer, service providers can create competitive advantage. Following ethical norms and building trust with customers enables companies to gain first-mover-advantages in the field of cloud computing services. They can successfully distance themselves from competitors by promoting marketing campaigns that emphasize their high ethical standards and treatment of users.
This paper adds the dimension of ethics to the dilemma of mistrust in cloud computing, exploring whether this is a key influence on consumer trust, since there was a research gap discovered in researching a trustful provide-user relationship as well as an ethical perspective in cloud computing.
1. Introduction
Cloud computing has become the most influential IT development in the last century with impacts on our daily lives (Marston, et al., 2011). The following literature review on cloud computing services gives an overview of the current research situation considering the issues of ethics and trust. Due to cloud computing's advantage of offering any kind of service directly to the customer's computer, tablet or mobile device for little or even no money, user numbers increase (de Bruin & Floridi, 2016). The popularity of cloud computing can be exemplified through email services like Gmail, social media platforms like Twitter or Facebook, file storage like Dropbox or iCloud, and on-demand TV streaming like Netflix (Chou, 2013). However, the usage of cloud computing brings also potential risks with its usage such as privacy and data security issues. Several recent hacker attacks have shown the vulnerability of cloud computing services (Kovach, 2014), (Yadron, 2016).
Cloud computing services evolved faster, than legal regulations were able to protect users (Khan & Malluhi, 2010), creating scepticism and mistrust. Even though cloud computing services bring convenience and benefits (Ratten, Cloud computing: A social cognitive perspective of ethics, entrepreneurship, technology marketing, computer self-efficacy and outcome expectancy on behavioural intentions, 2013), researches have proven that the users are worried about the storage of their data and privacy concerns are increasing (Horvath & Agrawal, 2015). Another difficulty with cloud computing is that lack of alternatives. Users can find themselves in situations where they would prefer a different solution, but have no option than to chose cloud computing, such as in e.g. online banking. Kesan et al. (2016) discovered that the majority of cloud computing users published personal information, but regret this.
This study will discuss the ethical responsibilities of users and providers as well as deliver an overview of the current research situation with a literature review. Finally, it is suggested that companies can gain competitive advantage through building customer relationships based on trust and ethical norms.
Research has not looked into the ethical perspective cloud computing providers play in the provider-user relationship and how providers can create an advantage from this knowledge. There is little known about how companies treat their users according to ethical standards when they sign up for the services.
Following this introduction section, the next part will explain the Methodology of the literature review in detail. After that, the actual literature review of cloud computing, trust and ethics builds the main body of the paper. The last part of this paper offers a discussion and conclusion with a research gap and implications for future research.
2. Method
The aim of this research was to give an overview of the existing academic literature in the field of trust and ethical issues related to cloud computing services. For the literature search, two search tools were used namely Google Scholar and OneSearch. Here, the search settings assured that the search was only based on academic, peer-reviewed journals. The keywords being used for the literature review were cloud computing, trust in cloud computing, ethics in cloud computing, competitive advantage, and forced choice. The search settings being used were showing articles with all of the words from the keyword search, and not only showing articles with the exact phrase. Those settings assured to not miss any relevant article for the review. First, the search results were limited to publication from 2010 to 2016. However, the amount of relevant results was insufficient. Consequently, the limitation on publications by date was discarded in order to get more usable results. The selection of articles was done in several steps, beginning with a screening of headlines of each article. The articles, which were considered to be relevant, were then screened by evaluating the abstract. Table 1 illustrates the chosen articles and the journals they were published in. Articles which described cloud computing, trust and ethics related to a business to business (B2B) context were excluded. The focus of this review lies in the customer-service provider relationship. Furthermore, articles describing technical mechanisms to secure consumer trust were dismissed to shift the reviews core to social science aspects.
After having selected relevant articles in the above described two-step approach, the final choice of articles was analysed. Since the topic of cloud computing is related to information technology, but also legal regulations, many of the journals taking into consideration are from those areas with little focus on marketing.
Abbildung in dieser Leseprobe nicht enthalten
Table 1: List of articles and related journals
3. Literature review
3.1 Cloud computing
There is no commonly agreed definition of cloud computing, as cloud computing has a fluid nature and by that it’s definition will change over time (Michael, 2009). Vaquero et al. (2009) analysed cloud computing 22 definitions by their features, concluding that there is no comprehensive and exhaustive definition, yet. Some of the various definitions found in literature are presented in Table 2.
Abbildung in dieser Leseprobe nicht enthalten
Table 2: Definitions of cloud computing
Cloud computing is claimed to be an utility by Buyya et al. (2009) as well as Michael (2009). The authors describe utilities as a necessity to cope with daily routines, comparing cloud computing with commodities such as water and electricity. Cloud computing enables the use of various applications in one application software leading to multiple user accessibility and ways of usage (Ratten, 2013). This report will refer to the definition Buyya et al. (2009) made when talking about cloud computing to create common ground for the readers.
The idea of cloud computing can be traced back to the 1961 when John McCarthy proposed that calculations would be carried out publicly in the future (Arutyunov, 2012). However, cloud computing service as it is known today, an on demand service for shared computer processing, came into existence in the 2000. With the tremendous development of the internet since the early two thousands, cloud computing has emerged as a side development from this (Buyya et al., 2009).
In 2004 when Facebook was introduced, the software made it possible to share and store pictures, videos, etc. which are key features of cloud services. However, the intention of Facebook was not to offer a cloud service. Facebook’s services made cloud computing unintentionally a personal service. At the same time NASA started to research large scale open network solutions.
Amazon played a key role in the development and breakthrough of cloud computing (Jadeja & Modi, 2012). During peaks in Amazon’s business cycle, such as e.g. christmas season, it was in need for a solution that would allow users to access their webpage without it collapsing. Due to the volatility of performance peaks, Amazon looked into solutions which would offer enough flexibility to buffer user rates (Timmermans, Stahl, Ikonen, & Bozdag, 2010). They successfully developed a cloud hosting service. Other operators such as Google and Yahoo faced similar issues, which lead Amazon to the decision to offer their solution against remuneration on the market (Yang & Tate, 2012). It was not until 2006 Google’s CEO started using the term “cloud computing” (de Bruin & Floridi, 2016). Cloud computing appeared as a new tool for offering and delivering services with big opportunities over the internet, however the development of clouds is considered as emerging and many issues still need to be addressed (Zhang, Cheng, & Boutaba, 2010).
3.1.1 Cloud computing and the issues arising from this new technology
A lot of research has been conducted to uncover and analyse technical security gaps when it comes to cloud computing and the user's private data (Horvath & Agrawal, 2015). Yang and Tate (2012) analysed 88 articles about cloud computing. They evaluated how many peer-reviewed articles exist per technological cloud computing issues. Findings reveal that “security issues” ranks second and “data management” third, which implies that researchers have discussed these issues widely (Appendix 1).
The consumer’s mistrust when using cloud computing has been observed in research, too.
Yang and Tate (2012) evaluated the number of publications related to cloud computing by business issue. The total number of articles, relevant to describe business issues in their review is much lower (28 articles) than the number of articles described in research for technological issues (88 articles). Categorized as “business issues” were among others: “adoption”, “privacy”, “legal issues”, “trust” and “ethical issues”. The largest number of articles were found for privacy and legal issues (10 articles) whereas there is little research on trust (4 articles) and no significant research on ethical issues (2 articles) (Appendix 2). The authors imply that “ethical issues” is least researched, but an upcoming topic with high relevance. (Yang & Tate, 2012). Consequently there is a research gap, taking the trustful provider-user relationship as well as an ethical perspective into account.
3.1.2 Correlation of cloud computing and forced acceptance
Cloud computing changed the landscape of information technology (Marston, et al., 2011) and impacted consumers life. Nowadays many of the consumers daily routines shifted from physical services to online services. It has become the norm to shop online (Kim & Park, 2005), pay bills virtually (Hanafizadeh, Keating, & Khedmatgozar, 2014) and collaborate online to work together(de Bruin & Floridi, 2016). Many devices that once were necessary to master daily tasks such as a telephone or paper documents have been replaced by digital products(Chou, 2013). Cloud computing made it possible for consumers to get immediate responses and access when requesting a service or information without delays (Marston, et al., 2011). This development saved time for consumers (Fujitsu Limited, 2010) and lowered expenditures for businesses (Marston, et al., 2011). Firdhous et al. (2012) found that users are gripped by the amenities cloud computing offers.
Cloud computing and web-based services such as online banking or purchases over the internet, bring an efficiency that makes using such services the norm (Horvath & Agrawal, 2015). This can lead to exclusion from society of those who don’t adapt to the changing environment or high costs. One example is online banking. It is expected that each customer has online access to make use of the bank’s service offers. Elderly who have no internet connection have increasing difficulties to receive physical services (Fujitsu Limited, 2010). Consequently, cloud services are unavoidable and offer a level of convenience non-cloud-based services don’t.
Nevertheless, consumers are not only positive about these new developments. Many feel insecure about the complexity and intransparency of cloud computing systems (Horvath & Agrawal, 2015). Understanding cloud computing architecture requires deep technological knowledge, an average user do not poss. Consumers hand over the control of their data to the cloud service providers and have to rely on them to treat it confidentially (Khan & Malluhi, 2010)). This threat is further enhanced by cloud service providers acting globally, but laws and regulations imposed by governments apply locally only (Marston, et al., 2011), restricting the reach of legal consumer safeguarding. This leaves consumers in a state where they accept to use a service, they are skeptical about. Consumers are constantly in the position where they have to weigh their security issues against the service’s convenience.
The decision making process of using cloud computing services or not, is finalized by agreeing to the terms and conditions, required to use the service. Kesan, hayes and Bashir (2016) find that consumers usually accept data terms and conditions, they do not agree with since service benefits outweigh the disadvantages of data security. However, terms and conditions need to be accepted in order to use the cloud computing service. Dhar and Simonson (2003) describe that consumers can be forced into making a decision of one the available alternatives. The option to refrain from using the service can be a no-choice option due to the disadvantages that come with it (Dhar & Simonson, 2003). The formal step to sign a contract and enter into cloud computing services is a choice in the presence of lack of alternatives (Bradshaw, Millard, & Walden, 2011). This process of having no alternative, but to sign a service agreement is an example for forced acceptance.
Forced choices are correlated with questions through yes/no formats. In the establishment of cloud computing, any platform the user wants to enroll needs a confirmation of the terms and conditions. These sign ups allow no default option so consumers are asked to make a choice between ‘yes, I sign up’ and ‘no I don’t sign up’. (Putnam-Farr & Riis, 2016).
There are situations in which consumers are forced into using cloud computing services. Typical examples of those situations are that banks charge money for a regular bank account, whereas it is free of charge to use an online bank account. A smartphone producer requires to create an user account on its platform to be able to use the smartphone. Today active learning takes place digitally in discussion forums and on platforms for joint projects (Ratten, Cloud computing: A social cognitive perspective of ethics, entrepreneurship, technology marketing, computer self-efficacy and outcome expectancy on behavioural intentions, 2013) so that students are forced to sign up for a OneDrive or Google Drive account to be able to participate in group work.
Service providers offer options where the acceptance of terms and conditions is made as easy as possible with e.g. button's “I agree” or “I disagree” options. Putnam-Farr and Riis (2016) found that such kind of forced-choice settings lead to increased sign ups as opposed to a more standard opt-in response format; e.g “click here to sign up” (Putnam-Farr & Riis, 2016).
Firdhous, Ghazali, & Hassan (2012) found in their study of how trust can be build in the user-provider relationship, that terms and conditions are an essential part of trust management.
3.1.3 Cloud computing and the issue of user trust
According to Khan and Malluhi (2010), the adoption of cloud computing happened very fast and before solutions were developed to deal with the consequent challenges of trust issues associated to cloud computing. That created a big gap between adoption and innovation which is why cloud computing consumers don’t completely trust this new technology (Khan & Malluhi, 2010). A recent study showed that inadequate trust management is among the top obstacles to cloud computing adoption(Armbrust, et al., 2010), especially regarding privacy issues and data security (Chou, 2013).
Trust in regards to cloud computing has been researched to find technical solutions to build consumer trust in cloud systems. Some of the definitions of trust linked to cloud computing can be found in Table 3.
Abbildung in dieser Leseprobe nicht enthalten
Table 3: Definitions of trust
As defined by Khan and Malluhi (2016), security and control are essential parts of consumer trust when using cloud computing services. Cloud services’ highly dynamic, distribution and non transparent nature, makes establishing and managing trust among cloud service providers and consumers a significant challenge (Noor, Sheng, Maamar, & Zeadally, 2016).
In a study conducted by Horvath and Agrawal (2015), 90% of respondents used cloud-based email services. It is projected that in 2018 3,6 billion internet users will access cloud computing services, 1,2 billion more than in 2013 (Statista, 2016). This leads to the service providers being in access of large amounts of (confidential) data, which they can use in their liking and potentially unethical. Consumers are worried about storage of their data (Kanwal, Masood, Shibli, & Mumatz, 2015) and who has access to their data (Firdhous, Ghazali, & Hassan, 2012). The Fujitsu Research Institute conducted several studies on cloud computing, focusing on the users personal data. The researchers found that 88% of survey participants are worried about who has access to their data (Fujitsu Limited, 2010). The number of hacker attacks on cloud computing servers is increasing (Chou, 2013) and several incidents like the hacker attack on Apple’s iCloud online picture storage accessing celebrities private pictures (Kovach, 2014), the unfolding of more than 272 million email addresses and passwords from Google’s Gmail server (Yadron, 2016) or the latest attack on Yahoo’s server, where more than 500 million data sets including email addresses, passwords and phone numbers have been stolen (Barfield, 2016), have shown that cloud computing services are vulnerable and cannot insure data security of the customers data. Research indicates that consumers do not trust the cloud services and believe that the government is not able to protect their data (Horvath & Agrawal, 2015). In a study conducted by Kesan, Hayes, & Bashir (2016), 81% of participants said that they submitted information, they would have preferred to keep private. Using cloud computing requires the user to give up control over their own data and its storage, even though there is an unreliability of data protection, risks to release confidential data and lack of integrity (Khan & Malluhi, 2010). Consumers would prefer systems where they are in control of their own data (Horvath & Agrawal, 2015). The control of the users data is handed over to the service provider who cannot ensure to protect the data. Cloud computing systems are acting in a virtual room where law enforcement's reach is not very far (Ratten, Cloud computing: A social cognitive perspective of ethics, entrepreneurship, technology marketing, computer self-efficacy and outcome expectancy on behavioural intentions, 2013). Users have difficulties to trust cloud computing since it is intangible and not very transparent (Khan & Malluhi, 2010). Since cloud computing is a new and virtual technology, it makes it impossible to apply traditional trust and security measurements (Pearson & Benameur, 2010). Michael (2009) claims that it is very difficult to ask questions about trust due to cloud computing’s changing nature. Nevertheless, he poses the question whether the current architectures provide security, privacy and reliability which lead to consumer trust (Michael, 2009), putting pressure on service providers and governments to accept their duty to act. A table summarizing the literature review of trust related cloud computing articles can be found in appendix 3.
3.1.4 Cloud computing and the lack of an ethical perspective
The power imbalance of service provider holding the power and user being depended on the service, leads to the question whether this practice and relationship is ethical. Timmermans, Stahl, Ikonen, & Bozdag (2010) raise their concerns of a powershift with the service provider being in full control of service offerings and the need for an ethical perspective. Miller and Voas (2010) critically describe the current state of user-provider relationship in cloud computing as power centralization.
[...]