top of page
Search

CAP Conjecture for SaaS

  • Writer: Robert Glenn
    Robert Glenn
  • 2 days ago
  • 6 min read

Background


According to Wikipedia:


…the CAP theorem, also named Brewer’s theorem after computer scientist Eric Brewer, states that any distributed data store can provide only two of the following three guarantees: Consistency — Every read receives the most recent write or an error… Availability — Every request received by a non-failing node in the system must result in a response… Partition tolerance — The system continues to operate despite an arbitrary number of messages being dropped (or delayed) by the network between nodes.

This is a foundational property of all distributed databases and storage solutions, and requires careful evaluation of the trade offs associated with forgoing one of the three guarantees. Anyone who works with cloud storage and data solutions should be aware of this property, and data specialists make tool recommendations based on which guarantees need to be addressed, and how they are addressed. This leads to a variety of implementation details such as shards, clusters, partitions, replications, etc.


It’s also an easy way to remember a profound idea and a common way to self-identify with other professionals. Most importantly, it is useful to assert a sage-like sense of wisdom over the uninitiated. Why do we impose a short delay on the “real time” sales numbers? CAP theorem. Why don’t we allow simultaneous device login? CAP theorem. Why do we have a single virtual machine in Oregon with nearly two thousand cores and all of our data? Well, the workloads weren’t re-architected for the cloud, they were just lift-and-shift’ed…oh, and CAP theorem.


Conjecture


I submit there is an analogous balance to be found in Software as a Service (SaaS) products and propose the following conjecture:

Any functional, consistent, and continuing SaaS product can provide only two of the following three guarantees: Convenience — Operations have minimal friction and maximal usefulness; Accessibility — Services are essentially unrestricted across localities, hardware platforms, and language/assistance barriers; Privacy — Minimal sensitive data is recorded and end-user entities have full authority over their own data.


I believe this is already generally well understood by many, so I don’t know that this is an especially groundbreaking assertion (assuming this is indeed found to be accurate). It also hinges upon the assumption that such a product is commercially viable (and not some contrived, yet effective, solution graciously gifted to the general population). In other words, I’m not suggesting that the three guarantees have hard, mathematical limitations that are verifiably not possible in totality. However, I do believe by considering SaaS products in these terms, and by respecting this hypothetical property, it simplifies certain technology selection decisions. Before I get to how one would use this property, I will present some (admittedly suggestive) evidence supporting the conjecture.


Evidence


Convenience and Accessibility


Consider a free service that is globally available across languages and assists users as necessary (Accessible), and that doesn’t regularly make you jump through hoops and moreover provides near seamless access to countless third-party tools (Convenient). How does this service continue to remain available? Who builds this service and how are they compensated for their efforts? In other words, what is the business value of such a service? The answer of course is the value comes from the actual usage of the product: the user activity, and the behavior, beliefs, and tastes inferred from that activity. Thus the billion dollar industry that is targeted digital marketing and the big tech companies’ continuous campaign to entrench everyone and everything into their platform.


Accessibility and Privacy


Now consider a service with the aforementioned accessibility (free and universally available) and with an approach that explicitly avoids the collection and preservation of sensitive information (Privacy). Certainly, there are a multitude of ways one might approach privacy: from data loss prevention mechanisms to fully air gapped solutions. Almost by design, this has very few integrations by default, considerably deteriorating the convenience of using said service — at least without considerable additional investment of effort or capital which would essentially trade convenience for accessibility and thereby invalidate the premise.


Convenience and Privacy


Finally, consider a service with the previously described convenience (easy and useful to the extreme) and the privacy as also described previously (effectively air-gapped). It is very wholly improbable that such a solution will be especially accessible to the masses. Most likely, it will have significant overhead associated with it, either through enterprise subscriptions or platform development. Any mitigation of these costs will likely jeopardize convenience or privacy, as vendors attempt to squeeze their quality, reliability, and maintenance budgets to conserve their cost of conversion.


Implications


If we subscribe to the above, it allows customers in all walks of life, from individual consumers making personal decisions to architects and directors dictating long-lasting and sweeping commitments, to make decisions about technology selection: whichever guarantee that is deemed least important can be forgone with the assurance that it isn’t possible to achieve all three. It’s not a matter of laziness or ignorance, it’s basically a matter of Game Theory: success and self-preservation dictate the “winning” strategies (i.e. remaining profitable).


It also offers a way to cut through marketing BS that suggests all three aspects are guaranteed, especially for “free” (or at suspiciously economical price point), in a capitalist society. No longer would customers risk being mesmerized by the dazzling showmanship of a sales rep, only later to be dissatisfied after trial, tribulation, and/or fine print. Instead, they would know, up front, what they are willing to sacrifice, and can frame vendor conversations with that in mind.

It even benefits the SaaS vendors — again, assuming it’s true and, in this case, that it’s well known — as it allows them to focus on whichever two features they do best, and not to have to try and spin their way into contracts that ultimately risk hurting their brand.


Image elements generated with Midjourney


Confession Time


This idea came to me while commenting on another piece. The piece was about privacy and, despite having a dubious premise and conclusion, highlighted some interesting happenings in the consumer technology space. As I stated there, I recognize I am going out on a limb making this claim. I will also reiterate that this is highly dependent on the assumption that there is an expectation of profit (or at least revenue) from such a product, and that I’m in no way suggesting there is some theoretical limitation preventing all three properties from existing in the same product (perhaps the real conjecture would be “CAPP” with the second P as profitability and the limit now three guarantees of the four).


I also recognize that the argument breaks down to some degree when the properties aren’t taken to the extremes that I used in the examples: there is almost certainly room for some convenience in a product that is both highly accessible and delivers best-in-class privacy. But we do live in a world where every SaaS vendor claims to be “the #1 solution for” their respective problem space, despite pretty much everyone in the industry knowing how numbers work. This is an attempt to pull back the curtain and reveal the false nature of such wizardry, but it admittedly has more entertainment value than it does rigor.


Conclusion


It’s always valuable to take familiar concepts and map them to new problems to see where there might be parallels. While the analogies rarely match perfectly, they give a quick way to consider intangible concepts and perform the proverbial “thought experiment”. In this case, I obviously mimic the structure of The CAP Theorem, but heavily rely on the mercurial “science” of economics. Nonetheless, I stand by the perspective that this serves as a quick mnemonic for making product assessments.

Nearly every SaaS product will miss out on at least one of best in class convenience, accessibility, or privacy, at least as these concepts are described (and to the degree at which they are presented) here. Surely there are simple services that could be argued to supply all three, just as there are certainly open source products hosted by non-profits and services donated by exceedingly “generous” (or both optics- and tax-conscious) corporations, but I would contend these exceptions are intentionally excluded. Don’t be fooled next time a vendor tries to sell you a product that purports to deliver all three. Every “no cost add-on” is “no cost” for a reason, and every available privacy setting comes at some price.


Try the hypothesis out for yourself and see if it holds true for you!


This article was originally published on Medium on 03/04/2025

 
 
 

Recent Posts

See All
Mind the Overlap

Dealing with Clashing CIDRs Note — I am not by trade a “networking guy”. However, I’ve seen my fair share of network designs. Take this with a grain of salt, but also ignore this at your own risk. Som

 
 
 
jacket-smile_edited.jpg

Written by

Robert Glenn

  • X
  • LinkedIn
glennium (6).png
  • LinkedIn
  • X

310-740-3776

info@glennium.com

Austin, TX 

Privacy Policy

Accessibility Statement

Get in touch

 

© 2025 by glennium, LLC. Powered and secured by Wix 

 

bottom of page