Category Archives: public goods

State of Exception – Part Two: Assume Breach

Posted on by
Reply

In part one of this series, I proposed that Trump’s second term, which, as we’re seeing with the rush of executive orders, has, unlike his first, a coherent agenda (centered on the Heritage Foundation’s Project 2025 plan), would be a time of increased aggression against ostracized individuals and groups, a state of exception in which the pretence of bourgeois democracy melts away.

Because of this, we should change our relationship with the technologies we’re compelled to use; a naive belief in the good will or benign neglect of tech corporations and the state should be abandoned. The correct perspective is to assume breach.

In a April, 2023 published blog post for the network equipment company, F5, systems security expert Ken Arora, described the concept of assume breach: 

Plumbers, electricians, and other professionals who operate in the physical world have long internalized the true essence of “assume breach.” Because they are tasked with creating solutions that must be robust in tangible environments, they implicitly accept and incorporate the simple fact that failures occur within the scope of their work. They also understand that failures are not an indictment of their skills, nor a reason to forgo their services. Rather, it is only the most skilled who, understanding that their creations will eventually fail, incorporate learnings from past failures and are able to anticipate likely future failures.

[…]

For the purposes of this essay, the term, failure, is re-interpreted to mean the intrusion of hostile entities into the systems and devices you use. By adopting a technology praxis based on assumed breach, you can plan for intrusion by acknowledging the possibility that your systems have, or will be penetrated.

Primarily, there are five areas of concern:

  • Phones
  • Social Media
  • Personal computers
  • Workplace platforms, such as Microsoft 365 and Google’s G-Suite
  • Cloud’ platforms, such as Microsoft Azure, Amazon AWS and Google Cloud Platform

It’s reasonable to think that following security best practices for each technology (links in the references section) offers a degree of protection from intrusion. Although this may be true to some extent, when contending with non-state hostiles, such as black hat hackers, state entities have direct access to the ownership of these systems, giving them the ability to circumvent standard security measures via the exercise of political power.

Phones (and tablets)

Phones are surveillance devices. No communications that require security and which, if intercepted, could lead to state harassment or worse should be done via phones. This applies to iPhones, Android phones and even niche devices such as Linux phones. Phones are a threat in two ways:

  1.  Location tracking – phones connect to cellular networks and utilize unique identifiers that enable location and geospatial tracking. This data is used to create maps of activity and associations (a technique the IDF has used in its genocidal wars)
  2.  Data seizure – phones store data that, if seized by hostiles, can be used against you and your organization. Social media account data, notes, contacts and other information

Phone use must be avoided for secure communications. If you must use a phone for your activist work, consider adopting a secure Linux-based phone such as GrapheneOS which may be more resistant to cracking if seized but not to communication interception. As an alternative, consider using old school methods, such as paper messages conveyed via trusted courier within your group. This sounds extreme and may turn out to be unnecessary depending on how conditions mutate. It is best however, to be prepared should it become necessary.

Social Media

Social media platforms such as Twitter/X, Bluesky, Mastodon, Facebook/Meta and even less public systems such as Discord, which enables the creation of privately managed servers, should not be used for secure communication. Not only because of posts, but because direct messages are vulnerable to surveillance and can be used to obtain pattern and association data. A comparatively secure (though not foolproof) alternative is the use of the Signal messaging platform.  (Scratch that: Yasha Levine provides a full explantation of Signal as a government op here).

Personal Computers

Like phones, personal computers -laptops and Desktops – should not be considered secure. There are several sub-categories of vulnerability:

  • Vulnerabilities caused by security flaws in the operating system (for example, issues with Microsoft Windows or Apple MacOS)
  • Vulnerabilities designed into the operating systems by the companies developing, deploying and selling them for profit objectives (Windows CoPilot, is a known threat vector, for example)
  • Vulnerabilities exploited by state actors such as intelligence and law enforcement agencies (deliberate backdoors)
  • Data exposure if a computer is seized

Operating systems are the main threat vector – that is, opening to your data – when using a computer. In part one of this series, I suggested abandoning the use of Microsoft Windows, Google Chrome OS and Apple’s Mac OS for computer usage that requires security and using secure Debian Linux instead. This is covered in detail in part one.

Workplace Platforms such as Google G-Suite and Microsoft 365 and other ‘cloud’ platforms such Microsoft Azure and Amazon Web Services

Although convenient, and, in the case of Software as a Service offerings such as Google G-Suite and Microsoft 365, less technically demanding to manage than on-premises hosting, ‘cloud’ platforms should not be considered trustworthy for secure data storage or communications.

This is true, even when platform-specific security best practices are followed because such measures will be circumvented by the corporations that own these platforms when it suits their purposes – such as cooperating with state mandates to release customer data.

The challenge for organizations who’re concerned about state sanctioned breach is finding the equipment, technical talent, will and organizational skill (project management) to move away from these ‘cloud’ systems to on-premises platforms. This is not trivial and has so many complexities that it deserves a separate essay, which will be part three of this series.

The primary challenges are:

  • Inventorying the applications you use
  • Assessing where the organisation’s data is stored and the types of data
  • Assessing the types of communications and the levels of vulnerability (for example, how is email used? What about collaboration services such as SharePoint?)
  • Crafting an achievable strategy for moving applications, services and data off the vulnerable cloud service
  • Encrypting and deleting data

In part three of this series, I will describe moving your organisation’s data and applications off of cloud platforms: what are the challenges? What are the methods? What skills are required? I’ll talk about this and more.

References

Assume Breach

Project 2025

Security Best Practices – Google Workspace

Microsoft 365 Security Best Practices

Questions and Answers: Israeli Military’s Use of Digital Tools in Gaza

UK police raid home, seize devices of EI’s Asa Winstanley

Cellphone surveillance

GrapheneOS

Meta-provided Facebook chats led a woman to plead guilty to abortion-related charges

State of Exception: Part One

Posted on by
Reply

In his 2005 published book, State of Exception, Italian philosopher Giorgio Agamben (who, I feel moved to say, was an idiot on the topic of Covid 19, declaring the virus to be nonexistent) wrote:

The state of exception is the political point at which the juridical stops, and a sovereign unaccountability begins; it is where the dam of individual liberties breaks and a society is flooded with the sovereign power of the state.”

The (apparently, merely delayed by four years) re-election of Donald Trump is certain to usher in a sustained period of domestic emergency in the United States, a state of exception when even the pretense of bourgeois democracy is dropped and state power is exercised with few restraints.

What does this mean for information technology usage by activist groups or really, anyone?

In Feb of 2024, I published the essay, Information Technology for Activists – What is To Be Done? In this essay, I provided an overview of the current information technology landscape, with the needs and requirements of activist groups in mind. When conditions change, our understanding should keep pace. As we enter the state of exception, the information technology practices of groups who can expect harassment, or worse, from the US state should be radically updated for a more aggressively defensive posture.

Abandon Cloud

The computer and software technology industry is the command and control apparatus of corporate and state entities. As such, its products and services should be considered enemy territory. Under the capitalist system, we are compelled to operate on this territory to live. This harsh necessity should not be confused with acceptance and is certainly not a reason to celebrate, like dupes, the system that is killing the world. 

The use of operating systems and platforms from the tech industry’s primary powers – Microsoft, Amazon, Google, Meta, X/Twitter, Apple, Oracle – and lesser known entities, creates a threat vector through which identities, data and activities can be tracked and recorded. Moving off these platforms will be very difficult but is essential. What are the alternatives? 

There are three main areas of concern:

  • Services and platforms such as social media, cloud and related services
  • Personal computers (for example, laptops)
  • Phones

In this essay, cloud and computer usage are the focus.

By ‘cloud’, I’m referring to the platforms owned by Microsoft (Azure), Amazon (Amazon Web Services or, AWS) and Google (Google Cloud Platform or GCP) and services such as Microsoft 365 and Google’s G Suite. These services are not secure for the purposes of activist groups and individuals who can expect heightened surveillance and harassment from the state.  There are technical reasons (Azure, for example, is known for various vulnerabilities) but these are of a distant, secondary concern to the fact that, regardless of each platform’s infrastructural qualities or deficits, the corporations owning them are elements of the state apparatus.

Your data and communications are not secure. If you are using these platforms, your top priority should be abandoning usage and moving your computational resources to what are called on-premises facilities and use the Linux operating system, rather than MacOS or Microsoft Windows.  

On Computers

In brief, operating systems are a specialized type of software that makes computers useful. When you open Microsoft Excel on your computer, it’s the Microsoft Windows operating system that enables the Excel program to utilize computer hardware, such as memory and storage. You can learn more about operating systems by reading this Wikipedia article. This relationship – between software and computing machinery – applies to all the systems you use: whether it’s Windows, Mac or others.

Microsoft Windows (particularly the newest versions which include the insecure by design ‘Co-pilot plus PC’ feature) and Apple’s MacOS should be abandoned. Why? The tech industry, as outlined in Yasha Levine’s book, Surveillance Valley, works hand in glove with the surveillance state (and has done so since the industry’s infancy). If you or your organization are using computers for work that challenges the US state – for example, pro-Palestinian activism or indeed, work in support of any marginalized community, there is a possibility vital information will be compromised – either through seizure, or remote access that takes advantage of backdoors and vulnerabilities.

This was always a possibility (and for some, a harsh experience) but as the state’s apparatus is directed towards coordinated, targeted suppression, vague possibility turns into high probability (see, for example, UK police raid home, seize devices of EI’s Asa Winstanley).

The Linux operating system should be used instead, specifically, the Debian distribution, well known for its secure design. Secure by design does not mean invulnerable to attack; best practices such as those described in the article, Securing Debian Manual 3.19, on the Debian website, must be followed to make a machine a harder target.

Switching and Migration

Switching from Microsoft Windows to Debian Linux can be done in stages as described in the document ‘From Windows to Debian’. Replacing MacOS with Debian on Mac Pro computers is described in the document, ‘Macbook Pro’ on the Debian website. More recent Mac hardware (M1 Silicon) is being addressed via Debian’s Project Banana.

On software

If you’re using Microsoft Windows, it’s likely you’re also using the MS Office suite. You may also be using Microsoft’s cloud ‘productivity’ platform, Microsoft 365. Perhaps you’re using Google’s Workspace platform instead or in addition to Microsoft 365. In the section on ‘Services and Platforms’, I discuss the problems of these products from a security perspective. For now, let’s review replacements for commercial ‘productivity’ suites that are used to create documents, spreadsheets and other types of work files.

In the second installment of this essay series I will provide greater detail regarding each of the topics discussed and guidance about the use of phones which are spy devices and social media, which is insecure by design.

For My Sins, The Gods Made Me A Technology Consultant

Posted on by
Reply

Cutting to the chase, if your activist organization needs technical advisory I’m offering my expertise, built over decades and still in play. The Internet is enemy territory so I won’t post an email in the wild, so to speak, for every poorly adjusted fool to use but if you follow me on Twitter, Bluesky or Mastodon reach out or direct your friends and colleagues to this post.

What’s being offered?

In a previous essay, I thought aloud – worked through, perhaps we could say – how an activist organization which lacks the deep pockets of NGOs (and certainly of a multinational) and which wants to minimize the vulnerabilities and ethical issues that arise from using the usual corporate platforms (hyperscalers such as AWS and Azure and ‘productivity’ platforms like Microsoft 365) might navigate available options and create a method for the effective use of computation.

This received some notice but I think the plot was lost; the point wasn’t Yet Another Debate but an offer to contribute.

This is a variation, I’m imagining, of what I’ve done for massive corporations for many years to pay the bills but tailored to the needs and requirements of activist organizations. 

That’s enough preamble, let’s discuss specifics.

Consultation

To corporate technology departments, consultation is marketed as a way to achieve a goal (let’s say, ‘cloud modernization’ a popular buzz term before ‘AI’ was ushered onstage half dressed and without a script) using the skills of people who are specialists. There are other forms of consulting, such as the management advisory work of McKinsey, a firm so sinister, Lucifer himself might think twice about hiring them. Technical consultation, though as full of politics and prejudices as any other aspect of this life, is usually centered around getting something done.

The consultation I’m offering (I think of it as an open statement of work, to use another term of art from the field) is to help your organization sort through options to hopefully, make the best possible technology choices in a world of artificially constrained possibilities (certainly fewer than existed a decade or so ago). Do you have questions about email systems, collaboration tools, databases, storage the ins and outs of so-called ‘cloud’ and how to coherently knit this and more together? I’m your guy; maybe. Let’s get into the maybe part next.

Who will I Help?

Sure, I moved to Europe, drink scotch, wear cool boots and smoke the occasional cigar like a Bond villain but I’m from Philadelphia and, like most of my city kin, believe in speaking directly and plainly, this is why the language and point of view of Film Noir appeals to me. I’m not interested in helping left media types who bloviate on Youtube (a plague of opinions) or groups of leftoids who argue about obscure aspects of the 18th Brumaire. Dante, were he resurrected, would include all this in a level of Hades.

I’m making myself available to publishers and organizations who are focused on and peopled by marginalized and indigenous folk. We are at war and you need a tech savvy wartime consigliere.

Closer

Well, that’s it. I’m here, the door is open. Reach out via the means I mentioned above if you have the need and fit the profile. Of course, I’ll share email and Discord server details with any serious takers. Ciao.

Twitter – Agonistes

Posted on by

There’s a temptation, if you are, or were, a Twitter user (and perhaps, even if you aren’t since we all must comment on everything, everywhere all the time now) to have an opinion about that platform and its current state.

For some, it’s a tale of paradise lost, of all yesterday’s parasocial parties, ruined by the jarring arrival of an off-putting, racist weirdo who, while lacking nearly all social skills, demands everyone’s attention. For others, there’s a deeper sense of impending loss; of online communities that were built against the odds and against the objections of a hostile world. And so, we have the agonies and ecstasies of Black Twitter and Philosophy Twitter and Literary Twitter and Trans Twitter and a universe of other groupings which came together (while also remaining open to other communities) as it all seems to be burning down.

Of course, I have my own Twitter story to tell which involves gaining some small degree of notice for my efforts dissecting the tech industry’s dangerous fantasies from a materialist, and indeed, Marxist perspective. For me, however, the larger concern, or really, observation, is that all of it – the good, the bad and the ugly of Twitter was built, like so many modern beliefs, upon a foundation of unreality.

What do I mean by unreality, what am I driving at? Here, we must take a detour to the past, borrowing a moment from Edward Gibbon´s Decline and Fall of the Roman Empire, (1782):

“To resume, in a few words, the system of the Imperial government; as it was instituted by Augustus, and maintained by those princes who understood their own interest and that of the people, it may be defined an absolute monarchy disguised by the forms of a commonwealth. The masters of the Roman world surrounded their throne with darkness, concealed their irresistible strength, and humbly professed themselves the accountable ministers of the senate, whose supreme decrees they dictated and obeyed.”

This fascinates me – the use of democratic forms to obscure tyranny; an “absolute monarchy disguised by the forms of a commonwealth.” When I think of the tech industry which, until very, very recently, was almost universally hailed as a sun kissed road to ‘The Future’, that vaguely defined territory, always just over the horizon, this potent phrase comes to mind.

When Elon Musk took command of Twitter, arriving at the company’s San Francisco office carrying a sink in a typically poor attempt at humor, we recoiled in keyboard-conveyed horror, waiting for the bad times to come. We all know what happened next: the mass firings of key people in moderation, compliance, software and data center infrastructure, and also, anyone who knows what to do with a bathroom fixture. This sort of anti-worker action, common in most other sectors (though not always quite so haphazardly) came as a shock to those in, and observers of, that shiny Mordor, the tech sector’s Silicon Valley heartland (particularly those who forgot, or weren’t around for the dot com crash of 2000).

As Musk smashed his way through a complex system and tweeted like the synthesis of an angrily divorced uncle and a 14 year old manifesto writer, revealing in near real time his unsuitability for the role of CEO (or even to lead a bake sale) some of us thought: if only another, more competent and nicer person took the reigns; if only the terrible billionaire with his Saudi funders and sweaty style of presentation, could be replaced by that most hallowed of modern types, a professional, a good CEO who cared about Twitter as a ‘town square.’

Given the severe limitations of our barbarous era, a time in which we’re told that it’s easier to imagine the end of the world than the end of capitalism, it’s not surprising that our most commonly proposed solution to the problem of bad, even destructive management of a social media platform is its replacement by good management – still within the framework of privately owned companies – that is, a capitalist solution to a capitalist problem.

At the heart of the Musk problem (and the Dorsey problem before it, and the Google problem, and on and on) is the reality these platforms are not subject to democratic control and not answerable – except in a crude market feedback sense – to the needs of the people using them. We cry out for a better CEO, a better billionaire because the actual solution, that these platforms not be private at all but public utilities we control as citizens, not as consumers, has been purged from our minds as a possibility, let alone a goal (we’ll talk about Mastodon another time).

We have been trained, to borrow once again from Gibbon, to accept “absolute monarchy disguised by the forms of a commonwealth”. The ‘commonwealth’ disguise in this case, being the idea of a tech industry which, alone amongst capitalist sectors, somehow has our best interest at heart because… well, one isn’t sure; perhaps all the nice words about inclusion, expensive t-shirts, and California sunshine, shining down on the forgotten bones of the murdered indigenous population, oil rigs and hidden industrial waste.

Public Cloud as a Public Good

Posted on by

This post presents the notes and arguments I used during my interview with hosts Ned and Ethan for the Day Two Cloud podcast (https://daytwocloud.io/). The subject is the need for a public cloud that’s owned by governments as an alternative to the private Cloud Solution Providers – CSPs – (not a replacement for those services, but an alternative as a public service).

The primary example of why this is needed is provided by an analysis of Amazon which owns both AWS and Amazon retail. My position is that we have abundant evidence that individuals, plus small and medium sized businesses need:

  1. A computing utility that can be publicly held to account for data mining, 
  2. Will not be used for competitive advantage
  3. Is an example of zero carbon compute and expands access.

Podcast Link

Listen to the interview here.

Main assertions:

Criticality

IPCC on climate change: https://www.ipcc.ch/

We have entered a critical phase of our history when computing power is broadly needed for both commercial and non-commercial purposes (climate change is the main driver of this urgency but there are other factors). A computing fabric offered as a common utility would empower more individuals and organizations to truly innovate, creating solutions presently out-of-reach due to the unequal access to computing power.

Inequality

Public cloud and emergent technologies such as serverless and cloud hosted machine learning have, in some sense, ‘democratized’ access to capabilities previously only available to deep-pocketed multinationals (if they were available at all). However, the direction and priorities of cloud solution provider platforms such as AWS, Azure and GCP, although perhaps ‘customer driven’ typically do not reflect the longer term needs of the wider societies these businesses operate in. For example, operating at scale on any of these platforms becomes cost prohibitive for capital deprived people and orgs. This situation is only likely to get worse.

Washington Post on Coronavirus’ Impact on Communities without Internet access as example: https://www.washingtonpost.com/technology/2020/03/16/schools-internet-inequality-coronavirus/

The Myth of Private Innovation as Superior to Government Efforts

In the United States (and to varying extent elsewhere) there’s a belief that governments cannot perform the sort of work necessary to create a robust, well-maintained cloud infrastructure (or much of anything, really). This notion persists, even though all the elements of the cloud platforms we use started as government initiatives (ARPAnet into Internet, microprocessor development, etc.) My argument is that this is a fallacy that must be challenged, and which only serves the hagiography of business leaders such as Jobs and Musk and prevents us from supporting our interests.

Mariana Mazzucato ably dissects this in her book, ‘THE ENTREPRENEURIAL STATE

https://marianamazzucato.com/entrepreneurial-state/

As an example, Mazzucato diagrams the government sources of the iPhone’s success:

iPhone sources

Additional evidence of the dependence of supposed ‘innovators’ on government can be found in the histories of Tesla and Oracle.

Monopoly Power

The House Hearings on Monopoly Power in the tech industry concluded that, among assessments of other firms (Facebook, Google, Apple) Amazon used the combination of its market position and the computational power of AWS to muscle even the smallest competitors out of their respective markets.  The story of Diapers.com was used as an object lesson.  Below, I map out the points from the report using a Wardley map:

AMZ Market Dominance Map

Ethics

Although technologists typically focus on the instrumental aspects of a technology (note, for example the circular debates about Kubernetes vs. Serverless without the context of purpose) there are always ethical considerations.  One of the most acute examples of this is the field of AI and the sub-category of machine learning; algorithms with impacts on people’s lives are being brought online without full regard for the consequences.

This leads to a question: can private firms which stand to obtain profit from deploying and promoting the use of powerful technologies (such as Sagemaker on AWS and Azure ML Studio) be trusted to – alone – seriously and consistently over time build with ethics foremost in mind.

A publicly accountable technology stack would truly democratize this by placing oversight into public hands and make oversight a central part of any platform.

Note the still-unfolding story of AI Ethics researcher Dr. Timnit Gebru’s firing from Google, covered in the story below:

Standing with Dr. Timnit Gebru — #ISupportTimnit #BelieveBlackWomen

https://googlewalkout.medium.com/standing-with-dr-timnit-gebru-isupporttimnit-believeblackwomen-6dadc300d382

The circumstances of Dr. Gebru’s firing begs the question: would she have been fired if Google was truly dedicated to AI Ethics and, if there was a publicly accountable platform the Dr. could have worked on that was as dynamic, would there be any debate over the need for ethics (i.e., would there have been a tension between the goal of building an ethical tech and profit)?

Ethan’s Questions and My Answers

Why should there be such a thing?

The primary benefit of public cloud is its ability to provide computing (and related) resources as a utility. To-date, this has been viewed as a benefit to business (governments are also seen as customers – note the JEDI contract but the business advantage is the primary driver).

This shapes the priorities and structure of the public cloud (for example, the current focus on hybrid workloads primarily speaks to the concerns of enterprises).

What’s missing are platforms that meet societal needs for the advantages of a computing utility. Imagine, for example, a team of researchers studying the effects of climate change on their local community. Access to a public service cloud computing platform would accelerate the pace of such vital work. 

For whom would this offering exist?

The offering would exist to serve the requirements of individuals, non-profits, small communities and others who have a need for computing power but do not have the deep pockets of corporations and who want to use a platform whose priorities are democratically determined rather than being driven by profit incentives.

What are the typical adoption drivers for organizations who might like this idea?

Lower runtime cost, public accountability, and stability would be among the primary adoption drivers (no doubt there are others not yet thought of). Consider, for example, the needs of a community college or a low-income community that wants to provide computational resources to students and under-served communities, a public utility cloud could serve these needs.

Does the ridiculous pace of so-called innovation at AWS, et. al. make a presumably slower-moving public cloud a non-starter?

The ‘innovation’ we see from the major cloud solution providers is a function of the unified APIs upon which their services are built. The recently announced AWS SageMaker Pipelines for example, is possible because new services such as CI/CD pipelines to a machine learning fabric is a latent capability that only needs to be engineered for realization (this doesn’t minimize the effort required to create new features).

These innovations are created to address the needs of large-scale business (for example, IoT for manufacturing and cloud-scale machine learning for the hydrocarbon industry). 

It is debatable however, whether many of these innovations are important from a broader point of view. In the second decade of the 21st century, we can consider computational power to be a firmly established need of a complex society. But a rapid pace of change in private entities that isn’t tied to a larger catalog of needs has no effect on the usefulness of a public computational fabric.

Also, there’s an assumption that a government managed service would be inferior to private services. My argument is that this isn’t based on evidence but on a bias that’s been woven into our discourse which has only served the interests of private power (for example, we praise SpaceX but fail to celebrate NASA’s decades of achievements).

What am I getting in a publicly owned utility cloud that I would not get from a commercial offering?

  • Public control of priorities
  • Public control of the pricing models
  • The broader distribution of computing power to under-served communities and organizations
  • A counter-weight to private power which should not be able to operate unchecked

How should it be funded?

We can imagine a dual funding model of taxation (a dirty word to many, and yet how do we have roads?) and direct pricing. A community college, to return to that example, would both benefit from the public financing of a platform and pay a nominal and scaled run rate for access to services.

Governance model. You mentioned NIST in the [Twitter] thread, but I can see an argument of interested consumers wanting to have input as well. Lots of angles to come at this from that could quickly get unwieldy.

In this model, we move away from the idea of ‘consumers’ (which barely existed in its present form only a few decades ago) and back to that of citizens with a collective interest in a public good.  As with other public goods, such as road systems, the fact of public participation does not automatically mean chaos. There are lessons to be learned from effective school boards and consensus based governance. Consider a scenario: Susan has created a cost benefit analysis showing the value of changing the emphasis of her municipality’s computing grid towards serverless. Although techies often pride themselves on how complex and opaque their areas of expertise are, the truth is that if value cannot be clearly stated, the fault is with us.  We should have faith that a plurality of people who see a direct benefit from the investment will act in the public interest.

Where would the metal reside? Would existing commercial interests become providers, i.e. adding capacity as demand grows? And how does that align with HIPAA, GDPR, etc.?

Many cities and towns host appropriate locations that are under-utilized or not utilized at all. There are many empty warehouses, former malls, etc that could serve the purpose. There should be no conflict between the requirements of regulatory requirements such as HIPAA and GDPR, which are built upon the idea of guarding privacy, and the hosting of solutions built on a public computing utility. In fact, one could argue that these regulations are more likely to be strictly adhered to by public servants rather than private orgs which seek ways to use data for advertising purposes.

CSPs might be participating service providers but they would have to strictly adhere to regulatory and contractual obligations that would last for decades (longer than the interest horizon of the average business). This would probably act as a disincentive.

If this would be regional, would there be an interconnection of global public clouds beyond simply the Internet? I raise this as Google Cloud, Azure, and AWS all have their global networks.

We can foresee the creation of a standard kit for compute, database and storage with a zero carbon power infrastructure (imagine an abandoned mall retrofitted as a DC, powered by solar and wind according to a common template). These municipal ‘cubes’ could form the basis of a national and then international super-structure. The National Science Foundation Network provides one model that can be updated.

American vs. European perspectives on the government being in the middle of things.

The primary difference between US and European perspectives is that, in the US, many people believe, often without evidence or with anecdotal evidence such as bad experiences at the DMV, that private orgs are better at this sort of ambitious initiative than governments. Many US-ians genuinely believe that Twitter is a cutting edge tech that could only have been produced by a ‘visionary’ leader. This is a fallacy and one that, while it exists in Europe, is not as deeply entrenched (due to people demanding more of their governments and expecting to receive services in return for taxation).