Department of Information Services Director Tony Tortorice, a gentlemen and a scholar by any definition and a very sharp technical mind, has a bold vision for the use the proposed new state data center (that I continue to oppose): He wants the agency to create, host and manage a “public sector cloud” service, similar to commonly discussed private sector “cloud” services offered by Google, Microsoft, Amazon, soon IBM and others. Public versus private sector cloud computing services? It’s a legitimate debate.

One committee chair asked, "what's the cloud?" Here's the answer

Interestingly, you’ll see nothing about the “public cloud” from DIS until very, very recently. These older articles clearly show the excitement of the state agency to have a bright, shiny, new building.

Tony testified in Olympia last week before three committees–his first introduction to Olympia when legislators were in town–and he did a really good job. I was gentle when he presented to the Energy, Technology and Communications Committee. Besides, my chairman, Rep. John McCoy, doesn’t tolerate freshman putting on a show.

One glaring problem remains, however, that I simply can’t let pass without challenging. Tony’s vision of creating a ‘public cloud’ service offering is fundamentally based upon the notion that state government can provide the services at a better value than the private sector. The three criteria (in my view) are privacy, security and cost.

Let’s break them down.

Privacy: The argument that the state is inherently more protective of data than a private company is flawed not only because it’s arguably easier to break into a state facility than a private facility. But the privacy issue is really about the issue of who has access to your private data. Do you want a private company with access to confidential records of the public like medical information, foster care issues, social security numbers, etc.? The issue is political and highly sensitive–but it’s rarely discussed in technical terms. Can you get “privacy” with a private sector solution? Seems like the Obama Administration believes you can. Also, you’ll note that the private providers seem to be introducing new ‘product lines’ for the public sector data to prove the privacy of the content. The government has also introduced a standards group to work on this–take a look here. Still, let’s be cautious on this one regardless. Advantage? Public sector.

Security: It’s silly–even obnoxious–to assume the state can provide a more security environment than companies who guard their data with unmitigated rage. If Amazon loses a credit card number to theft from the mafia, the story hits the New York Times. The Russian mafia probably doesn’t try and bring down the state’s data too frequently. I bet the private sector is better at this one. Advantage? Private sector.

Cost: DIS’s argument is that the state has so much data that they would be trapped in paying more in the long-term under an agreement. Thus, the argument goes, it’s less expensive for the public sector to do it as a monopoly. The problem with this argument is obvious: There is little incentive for the state to radically, aggressively, consistently work to lower costs to be competitive on price. Even with providing a margin for profit, the price point that the private sector can provide for large amounts of data is almost inevitably going to be lower than the public sector price point. Quincy, Washington, home to data centers from the private sector giants….Advantage? Private sector.

At worst we have a 2 to 1 advantage for the private sector cloud services. 3-0 is you believe, like Obama certainly implies from all of his Administration’s initiatives, that privacy can be addressed in systematic technical ways. Debatable either way.

Yet, my central issue at this stage, remains that my friends at DIS do not plan to have a genuine business and financial plan to justify their desire to be the “public cloud” for all of state government and other public sector partners. In Tony’s defense, he strongly believes in the ‘carrot’ model of providing services to other state agencies not the ’stick’ of force. So he’s working to build relationships and strengthen partnerships with other agencies and not appear to them as using the blunt force to host their data. He says he wants to win in the marketplace. And I do believe him.

I’m not inherently opposed to the state providing “public cloud” services in competition with the private sector. (I suppose, somehow, it could make sense although I am pretty skeptical….hum). But I am strongly and passionately opposed to it without a strong, objective and thorough business and financial plan that passes more than the straight face test. It better be rock solid from top to bottom. So far–it doesn’t even exist. Tony insisted in response to my question that the economics of it works. We don’t know one way or the other. That’s the problem.

Still, more than anything, the decision of whether the state of Washington should create a “public cloud” service is a major policy decision. Even if DIS ultimately gets a shiny new data center, it’s not the agency’s decision of whether they are going to create a comprehensive public cloud computing service for all of state government. That’s not a small administrative tactic. That’s a bold and important strategic question. That decision needs to be vetted by the Legislature, not made unilaterally by the agency without even so much as a 23 year-old MBA student’s business and financial plan.

The business plan that was used to justify the state’s investment of $300 million for the state data center is a humiliating embarrassment and a joke. Fool me once, shame on you. Fool me twice, shame on me. No way.