Getting the bottom of that asinine article about the CO2 footprint of email

I keep seeing people online talk about this piece in the Guardian.

I shared this thread when it first came out, as it made me pretty angry before, but I think I need to expand on it now, as it Just. Won’t. Die.

I’m miffed because this is the digital version of talking entirely about personal actions and shaming people for them, instead of taking a step back and also focussing on systemic problems, and there’s almost no analysis about how the story got published in the first place.

The problem is not email, the problem is journalism being complicit in poorly thought through marketing and PR stunts.

Look your inbox, then look at your sent messages in your email program.

Because email newletters are one the most reliable ways of reaching people, and because they’re a cornerstone of any comms campaign, you’re very likely to have received many more newsletters, often automated ones, than outbound emails sent by humans. What’s more, these email newsletters are often huge, to provide more chances to engage and click through for each call to action.

If you compare the impact of just the transmission of sending data, the impact of organisations sending hundreds of newsletters will dwarf the occasional reply by a human, and focussing on the individual is utterly stupid.

In fact, you can see this, because the journalist at least had the decency to link to the original Ovo Energy Press release talking about how green they are, and how responsible they are for bashing together an an email tracking chrome extension they call Carbon Capper. Here’s the specific bit from the press release:

To help combat the issue, OVO Energy has created the world’s first carbon reducing Chrome Extension – Carbon Capper. When downloaded, the extension identifies when the user has hit send on a potentially unnecessary email, sending a prompt to ensure more thoughtful email traffic. The Extension tracks word count, flagging emails under four words, and allows users to keep a close eye on their individual email carbon footprint.

Here’s a screenshot. It basically tells you not to hit reply to emails.

What you should do instead

If you care about the environmental impact of tech, worrying about email is not the place to spend your time and energy.

Worry instead about the big tech companies accelerating the extraction of fossil fuels, when we need to keep them in the ground. Read pieces like this from people who leave these companies, like this one by Bruce Hahne when he left Google:

If Google’s cloud and AI/ML technology can reduce the overall costs of finding, extracting, and processing oil and gas, and reduce the cost of oil and gas power plants by even 1% — and I certainly could believe that 1% is possible — the results for the planet will be dire. More large-scale investment dollars diverted to oil and gas, more oil and gas refineries built, more oil and gas extracted, while zero-carbon energy generation gets deployed more slowly, or simply not deployed at all because the capital investment is going into cheaper oil and gas. That’s how we die by fire – one cost-reducing Google cloud service at a time.


The harm that Google Cloud will do to the planet, if it reduces underlying costs of this industry by even a small percent, completely dwarfs the data center decarbonization work.

Bruce Hahne, in his resignation letter

Worry instead about consulting companies you admire doing the same, and helping the same oil and gas companies, but keeping quiet about doing so.

Worry about how blase we are about flying when it makes up a significant chunk of company emissions in many tech consultancies and enterprise sales teams.

Below are the figures from Accentures 2018 CSR report. The dark chunk is from flying in each year.

In Apple’s own CSR reports, once you have taken away emissions from making hardware, aviation makes up nearly half of the left over emissions, and the story is the same across many, many companies.

If you work in tech and want to speak to others about this.

I help organise, an online community, to create a space for people who identify as working in tech (you don’t need to be a programmer!), to talk about how to use the skills, influence and relatively high degrees of professional mobility we’re lucky enough to have to effect some change.

We do introductions each week, and you can join below.

Notes from the Future Ethics at UX Book club

I went to the first UX Book Club Berlin in a while last night, and it covered Cennyd Bowles’ book from 2018, Future Ethics.

Below are my notes. Apologies for the quality.

A set of notes for future reference

Peter’s Bihr’s writing is accessible and really interesting in this field. This whose work I referred to when talking about category errors in technology we use to fund digital products:

People doing interesting work in this field

Projects By IF – a UK technology studio, specialising in ethical and practical uses of data They blog openly, and maintain a pattern library for thinking through interactions in a more privacy friendly way:

Simply Secure
The closest thing to “Projects by” If in Berlin

SDFY – Stop design for yesteryear
They’re more focussed on climate, but the way they approach the issue from the setting of a brief, all through through to delivery is worth a look

DotEveryone – a think tank designing tools, and doing research for more responsible tech

Consequence scanning is likely the easiest event to fit into an agile development process. It’s well documented and easy to start.

The doteveryone tech workers’ view report
Required reading for attitudes amongst employees about responsible technology, and the impact it has on among other things employee retainment, and attitudes to coming regulation.

OMGDPR – I helped organise an unconference in Berlin in 2018- to create space to discuss the stuff

Creative and Climate
A normative campaign about creative agencies working with high carbon industries. If they can’t divest from working with these companies yet, they can at least disclose the work to create implicit pressure to stop working in these fields.

Why I spend time working on

I’ve been investing a bunch of time into, an online community since around August 2018.

I’ve seen it grow from a private slack group of about 100 people into something closer to 1600 people now, and I figured it would be worth writing down why I spend this time.

I’ve tried to work out what I am trying to do, and this think this is it.

Make climate action at work by tech professionals more effective

Let’s break this down – I’ll refer to each bit separately.

make climate action effective

This it the thing we care about making happen. We’re literally in a climate emergency.

at work

We can’t do it as a just side project. If we spend maybe one night a week on a side project, but 5 days a week in the same destructive default of the last 20 years, it doesn’t achieve much change.

So, it’s more about these

Giving employees arguments and information to argue for actions that have a measurable impact, and support for them.

I’m thinking of stuff like:

  • how we build and maintain things (products and services)
  • how we travel
  • how we’re set up to work

There are more people who work in companies than founders of said companies, and increasing the number of people working in companies who are able to make these arguments for change means it’s more likely that the message will get through.

I think this is better than only focussing on a small number of people, when in many cases, structurally, they’re incentivized to not advocate for these changes. An example might be A VC backed startup. I would argue that employee is more interested in doing their best work, in a stable, supportive environment.

A founder is sympathetic to this, but they are structurally incentivized to increase the valuation of the company, such that the investors will make a large enough exit to return the fund, and will have to choose this option over making more environmentally responsible decisions.

An investor is more interested in as many of their companies shooting for hypergrowth, to make up for the fact that most of them will fail. In fact, if a company in their portfolio implodes, it’s often preferable to it surviving but growing slowly, as it offers a chance to write it off as a tax loss. These do not sound like sound foundations for the kind of long term thinking needed when talking about climate.

So, a union?

You might think this sounds like a union of sorts.

I think many of the ideas of unions are relevant and useful, like collective bargaining, or providing a counterweight to the influence of owners of companies, but my problem with many unions right now, is that the decisions I see from them basically put the needs of a minority of people already working in fossil fuel industries over the needs of well… everyone else alive on earth.

I don’t see leadership from unions on this, and most of the leadership I see at management level seems unprepared to talk about the practices of other organisations.

Helping people understand where the biggest levers are if they choose to work on this full time.

Many founders do not have the domain expertise or background outside of the tech sector, and assume the approach that has worked for them in their existing career will work just fine elsewhere. I don’t think this is the case.

If we can help signpost useful information, or help manage expectations about how hard this will be, and what has gone before, and in general, create a body of domain expertise folk can tap into, I think we should.

Than these:

Demo marches

Marches as citizens are cool, but there are loads of existing organisations doing this really well. Personally, I think it’s better to partner with groups and take part in their activities, than try to organise our own ones.

Giving people side projects to donate time to, that don’t change how we work

These are fun, and working on them probably feels more comfortable to spend time on than having uncomfortable discussions at work.

But we need to have these uncomfortable discussions at work, because we spend most of our time at work, the scale of the challenge is so large, and the science demands that we learn to change our norms.

Otherwise the uncomfortable discussions with everyone younger than us will be much, much more uncomfortable than whatever we might experience in the next few years.

I’m not saying don’t work on side projects. Some of these do grow into larger things, and the learning they can provide is also something that can help professionally. But in 2020, I think that, if we only consider climate a secondary priority, we’ll default back to the same destructive patterns we’ve seen before.

I also think there’s are already a multitude of programmes to support the ‘heroic founder’ figure, and we’ll see more of them.

There are more people who work as employees, and without these folks getting better at expressing themselves, or pushing back against action that enriches a tiny minority at the expense of a wider group of people, we won’t see the change we need.

By tech professionals

Because of the way power and resources are currently allocated, pretty much company is either:

  • already a tech company
  • turning into a tech company
  • or being eaten by a tech company, and therefore losing influence.

Tech professionals is deliberately something of woolly term, and it might help to describge it in terms of deliberately targeting a group who have disproportionate amounts of influence, and agency right now, and relatively high amounts of professional mobility, but are not all that aware of it, or used to using it.

Okay, that’s my position now.

Quick notes from an EU Green Public Procurement Workshop for Cloud and IT in Brussels

As part of my work with the Green Web Foundation, I’ve ended up spending time in Brussels going to workshops, to feed into policy for greening the way we do digital. I’ve just finished the second workshop today which was about the sexy, sexy subject of public procurement. Why am I doing this? Because I think the way elected bodies spend money is a pretty decent lever for climate action, and it’s a way for me to have some influence as a citizen. Here are my take-aways.

What was this workshop about?

I’m struggling to find links to point to it, but the short version is:

  • the EU spends lots of money on IT, as in 45 bn each year
  • there are targets the EU has to at least make this somewhat efficient, and people are starting to realise that electricity, when not coming from renewable sources is a source of CO2 emissions
  • the EU also has some notion that digital technology, while a possible enabler for reducing CO2 emissions, can also be a source of emissions

So, the goal of the workshops has been to validate and add to some extra perspective to the research, and hopefully inform policy around Green Public Procurement from 2020 onwards, with a report in Feburary:

First of all, I’m glad that I am in a position where I can take a day away from billing for my time to attend a workshop like this.

Almost all the people in the workshop were from companies of more than a thousand people, and we had a minority of policy makers and academics. I think we had a couple of people from small businesses presenting, but they weren’t around for whole day, which meant that some of the exercises ended up with mainly us hearing the views of huge companies rather than small companies that make up at least half of the economy in Europe.

OK, what was discussed then?

The main thrust of the day, was about how we might make computing, datacentres and cloud more energy efficient, as a way to decouple economic growth from the corresponding growth in emissions when it’s clear global emissions are going in the wring direction.

Energy efficiency also seems to be one of the few ways we get to talk about climate, as it’s often a presented as as win win. Yes, this feels a bit weak-sauce in the face of scientists basically screaming at us to take the science seriously. But eh… I guess at least it’s a way we can start talking about carbon, and regulation and creating the incentives to make how we work in tech follow the science, right?

Key things I learned

  • We’re still not very good at talking about carbon. I looked, and despite the science being pretty clear, and the leaders of Europe declaring a climate emergency, and describing policy in terms of carbon emissions, and jeez, kids striking every Friday to remind us, it didn’t really come up anywhere near as much as I’d expect.
  • The certification schemes and codes of conduct have relatively low take up. There is a dizzying range of codes of conduct for datacentres, and different certification schemes like the Blue Angel in Germany, and among others. Despite the money pouring into them, they’re still comparitively niche.
  • Cloud and datacentres aren’t included in the published National Action Plans to reduce carbon emissions by countries in the Europe. For reasons I don’t quite understrand, cloud computing and datacentres don’t seem to factor when countries share their plans to reduce their emissions. This feels a bit like how aviation is treated in some places, but it’s much less eaiser to understand the reasoning – I mean, we know running servers normally will emit carbon, right?
  • There are a bunch of European research projects in this field already. There’s a veritable alphabet soup out there of projects to find some kind way to do greener computing, from CloudWatch2, to PICSE (Procurement Innovation For Cloud Services in Europe), ASCETiC (Adapting Service lifeCycle towards EfficienT Clouds), EURECA (EU Resource Efficiency Coordination Action), and Helix Nebula, among others.
  • There’s some draft public procurement for cloud and ICT, that’s been announced that might help, and it’s still being finished. There isn’t a clear url I can share but this looked pretty interesting – it’s essentially pre-written stuff to copy and paste language for use in procurement, to account for all kind of things like clear, fair selection criteria, for things that make a difference in Co2 emissions when you spend money on tech. They also include sample criteria for leaving contracts, if a supplier doesn’t get their shit together too. There’s already published guidance for a bunch of sectors, and there’s a newsletter sign up form on the European Commission site, which also as links to their helpdesk if you’re interested in the draft content. (see also – my snaps from the day)

The top recommendations from the day

It’s worth me sharing these recommendations online here, before I share a pic of which recommendations had the most interest:

The rankings of the recommendations listed above. Carbon tracking, and incentives to help move away from wasteful ways of doing things were higher up.

My take on the recommendations

There’s a big report coming in Feburary, but I had a few takeaways from the day beyond this.

At first glance it looks a kind of Green New Deal-ish, right, with carbon reductions, and incentives to help a just transition to better infrastructure. There’s few nods to the lack of transparency in this field – with the idea of a virtual smart meter to help people understand their own impact was popular.

I think the inclusion of investing in creating standards, while dull, sounds useful, as this is a field where it’s really hard to get reliable numbers.

However, I feel like in its current form there some problems.

Regulators and policy folks seem to be unable to see the similarities between cloud markets, and energy markets, and left to their own devices, I think these recommendations are likely to consolidate the lead of existing hyperscale providers.

This is because they already are more efficient than smaller operators, and already are further along in terms of tracking their own carbon (even if they don’t disclose it fully – like Amazon).

Personally, I think there’s a chance to be more daring here, and just like how decisions around the EnergieWende in Germany lead to the creation of an energy market with lots of small providers instead of a near oligopoly position elsewhere, I think something like a DigitalWende, to create something like a single, EU wide spot market for compute as a commodity would help – as right now, you only get to do this within one provider.

Combining that with work around low carbon orchestration and scheduling software like Aled James’s open source, load shifting low carbon Kubernetes scheduler, or projects to make use of under used capacity like how Helios’s Open Compute Cloud feels like it would support the creation of a much more vibrant European cloud market, than just delivering it all to a handful of American companies.


As ever, I’m happy to chat about this in more detail, and the ways you can contact me are listed on my contact page.

If this kind of wonkish climate and cloudfare interests you , you might also enjoy the Greening Digital Newsletter I write too.

How to rate limit punks with nginx

I do some ops work for the Green Web Foundation, and over the last few weeks we’ve been seeing nasty spikes

limit_req_zone $binary_remote_addr zone=nopunks:10m rate=10r/s;

What does this mean? We start by calling limit_req_zone, to tell nginx we want to set up a zone where we rate limit requests on our server, telling it to use $binary_remote_addr, or the binary representation of a connecting client’s IP address to tell one requesting client from another. We want to be able to refer to this rate limiting zone, so we give it a name, nopunks zone=nopunks:10m, and we site aside 10 megabytes of space to keep track of all the possible IP addresses connecting.

This means we can keep track of something how much our poor API is being hammed, from around 160,000 different IP addresses – useful!

Finally we set a rate of requests that seems fair with rate=10r/s. This means we want an upper limit of 10 requests per second to apply to this zone.

So, after writing this, we have a special zone, nopunks, that we can apply to any vhost or server we want with nginx.

Adding our zone to a site or API we want to protect

Now we have that, let’s apply this handy new nopunks zone, to a route in nginx.

location / {
      # apply the nopunks
      # allow a burst of up to 20 requests
      # in one go, with no delay
      limit_req zone=nopunks burst=20 nodelay;
      # tell the offending client they are being
      # rate limited - it's polite!
      # try to serve file directly, fallback to index.php
      try_files $uri /index.php$is_args$args;

What we’re doing here is applying the nopunks zone, and passing in a couple of extra incantations, to avoid a page loading too slowly. We use burst=20 to say:

we are cool with a burst of up to 20 requests, in one go before we stop accepting requests

Thing is, this leaves us with a backlog of 20 requests, each taking 0.1 seconds to be served, so the whole set of requests will take 2 seconds. That’s a pretty poor user experience. So, we can pass in nodelay – this adjusts our rate limiting to say this instead:

okay, you can send up to 20 requests, and we’ll even let you send them as fast as you like, but if you send any more than that, we’ll rate limit you

Finally, by default, with nginx, when a site is rate limited it serves a rather dramatic 503 error, as if something very wrong had happened. Instead limit_req_status=429 tells nginx to tell the connecting client to send a 429 too many requests status, so ideally, the person programming the offending HTTP client gets the message, and stops hammering the your API so hard.

So there you have it

This is a message mainly to my future self, next time I am looking after a server under attack. But with some luck, it’ll make being DOS’d (unintentional or not) a less stressful experience for another soul on the internet.

Further reading

The nginx documentation is pretty clear if you need to do this, with lots of helpful examples, and the guide on rate limiting on the Nginx website also was a godsend when I had do this today.

In praise of sea otters

Sea otters are awesome. I have a bunch of tabs open, and I wanted to drop some content here before I close them.

Sea otters are great in particular if you care about climate change, because they eat sea urchins, which in turn really, really like eating kelp, a giant seaweed that forms huge, beautiful kelp forests, that sequester (i.e. draw down) loads of CO2.

The sad thing is that we almost hunted sea otters to extinction in the early 20th century, and their reduced numbers have meant that loads of kelp forests have been decimated by marauding sea urchins that would have otherwise been eaten by them.

These sea urchins have worked little aquatic lumberjacks, gnawing through seaweed, and killing it, releasing CO2.

If I end up starting a project with a sea otter as a mascot, this is why.

Sea otters. Cute, climate heroes

More links

Two things I wish existed, and would want to make if had lawyer super powers

A friend of mine, Ed asked me this in a private Whatsapp group before tagging me on twitter with this message:

Two things I wished existed

A “Green Oak” Software License

Anything to discourage the use of open source software and services to support the extraction of fossil fuels would be good.

We’ve seen previously that one of the key things stopping fuel and natural gas so far has been the difficulty in raising finance, or getting insurance on new fossil fuel projects. See this thread for more:

So, I think we should make it riskier and more expensive to use open source software to support fossil fuel extraction.

Maybe a thing like a “Green Oak License” – i.e. along the lines of the Blue Oak Model License, but with explicit language about use in the extraction of fossil fuels being forbidden.

If this exists in a sensible form, then it becomes possible to have a conversation about what people building software are comfortable with it being used for, and ideally, for us, as grown up professionals, take more responsibility in how the things we might make are used.

As tech grows up, so must we, and if we say software is eating the world, then maybe this new world should have a different aesthetic, where it’s just not cool to have anything to do with extracting fossil fuels, when the science if so overwhelming, and when we need investment that is going into fossil fuels to go into things like drawing down carbon, or transitioning our economy away from them.

Model policy language for procurement for purchasing to be in-line with net-zero targets

The second thing would be some model language to use in procurement, to basically say:

“this big purchase we make needs to be inline with net-zero targets”

I don’t know what it might be, but creating an incentive that people either can’t complain about being non-competitive, or that people can use to force a conversation in places where a climate emergency has been declared to give these declarations some teeth would be helpful in my view.

Maybe it’s a specific thing to ask for to show this, like a verifiable commitment, the way the WCAG guidelines forced accessibility to be a thing in public sector. You can see precedents set where NYC public schools forced Amazon kindle to be more accessible, which has now ended up creating norms for private sector too, like in the case where a blind man has successfully sued Domino’s Pizza for building an inaccessible site.

Why I think this would help

I say this because I understand more than 50% of UK councils to have declared a climate emergency now.

But without any mechanism to act upon this declaration, I worry that it’s just a feel good gesture, and any momentum from doing it will be lost.

If there’s some legal basis to back up the science, which we all seem be ignoring, at least it can lead to a conversation along the lines of:

“OK, what does acting as if there was a climate emergency look like?”.

The goal here isn’t to penalise people for declaring a climate emergency, but instead to create the legal mechanism to allow the people pushing for it, to push for action, rather than being fobbed off with a response like “we already declared it, we’re done!”.

The people campaigning for things like emergency declarations shouldn’t need to be policy experts or technocrats, but their reasonable wishes of keeping a world safe for their and their friends children should be respected.

I’ve been working with a friend, James Gardner to sketch out some ideas along the lines of a “ten tonne rule”. I’m hoping these two sentences on how to use will outline the idea behind the ten tonne rule:

If any spend will cause more than 10 tonnes of CO2 emissions, rank bids by CO2 emitted over length of the contract.

Suppliers show the workings for their CO2 figures in bids. Favour the lowest.

James has written some more on his site.