I think we’re really at a place where it’s hard to predict the future, where governments haven’t fully realized just how much power is falling into their laps, nor have people realized how much power they stand to lose.
“Today’s Internet is not the only way to build a network,” Jonathan Zittrain writes in the first chapter of his book, The Future of the Internet and How to Stop It. The open-access, public Internet was developed by “government researchers and computer scientists who had no CEO, no master business plan, no paying subscribers, no investment in content, and no financial interest in accumulating subscribers,” and largely because of this, it was able to develop “quietly and organically,” ultimately “crushing” the proprietary networks, like AOL, that were developed and deployed at the same time. The smart money was on the proprietary networks, and the smart money lost.
But that wasn’t inevitable, and Zittrain argues that the open Internet is on the path to being effectively closed down — taking with it the technical and cultural innovation and freedom online that we have come to take for granted. The popularity of proprietary platforms like Facebook and Twitter, and “tethered” devices like the Kindle and the iPhone — which can’t be easily modified by the user, can often be controlled remotely, and sometimes have even been used for surveillance — are threatening the dominance of “generative” devices and platforms, like PCs and Wikipedia, which are general-purpose and encourage unexpected innovation and use.
As Professor of Law at Harvard Law School, and a faculty co-director at the Berkman Center for Internet & Society at Harvard University (which he helped found), Zittrain is a pioneer in the field of “Internet law” or “cyber law.” In addition to the issues described above, his research interests also include the battles over control of digital content, cryptography, electronic privacy, online civility, and the creation of online communities.
Catie Disabato recently interviewed Mr. Zittrain about these subjects, and we are pleased to present it as the third installment of this series. –JH
The Rumpus: What’s the terminology you use to describe the kind of law you practice? Do you call it Internet law or cyber law?
Jonathan Zittrain: I’m not that orthodox about the terminology. A lot of the time, the type of law I practice can simply address any questions that arise involving the internet or the part of the law involving the internet. A lot of people also take it much more broadly. It can mean all of the questions that can shape people’s behavior, and the opportunities that they have, and the restrictions that they face, online.
Rumpus: What are your thoughts on politeness and kindness in the ways people interact on the Internet?
Zittrain: I’ve been pretty amazed at the ways in which certain projects online rely on cooperation and kindness to succeed. And they get those things. They just trust that if they fall backwards, generally, there’s someone there to catch them, or there are more people wanting to catch them than wanting to see them fall. And that’s pretty amazing. This is certainly true for the way in which the Internet generally works and the way in which it was begun.
For example, the way internet routing works, in part, depends on so-called “peers” that will be there to get your data the rest of the way to its destination. There might be ten or fifteen intermediate hops to get the data to its destination, and it all comes together. It’s a model that’s much less nailed down than, say, the simplicity of a FedEx package going from somewhere to somewhere, where you pay FedEx money and then it’s the job of FedEx to get it there. It’s interesting to see the ways in which Internet routing requires certain kinds of cooperation that most other network formats don’t.
And then you see the replication of that in other forms. On Wikipedia, there are more people out there obsessed with eliminating vandalism, than there are people determined to be vandals. Which is pretty incredible. There are people out there who just want the articles to look nice.
Rumpus: I guess the general stereotype about “people nowadays” is that we’re isolated and unkind and closed off. Why do you think this kind of neighborly friendliness appears on something as ostensibly dissociated as the Internet?
Zittrain: I think that there can be a real power to habit and tradition. Traditions start off in backwater websites, among people that know each other, or who are already more trusting of each other because they’re in a backwater. They share that security in common, the way that joggers nod heads at each other at six in the morning, because the crooks don’t get up that early. There are traditions, like Halloween and Trick-or-Treating, where you allow strangers to fill your bag with candy, and despite the stories you hear — the impossible story of the razor blade in the apple — you more or less trust them, and with good reason. There was a time when hitchhiking worked that way.
So once people discover a site like Wikipedia, and it’s already working a certain way, it continues with those traditions. There’s somebody here in San Francisco who does something called Cupcake Camp, where people make, exhibit, and share cupcakes with each other. There are cupcakes everywhere, and so far there is no worry about food security. Once health concerns start to gnaw at you, it can unravel the whole enterprise, but the force of habit can also keep it going.
I also think that there’s a certain feeling that you can get if you’re part of a larger project. You see a project, and you give a little bit to it, and you see it get better, and others you know are giving to it, and it becomes a community. That is a very powerful force to contemplate, once it gets going. It’s too bad that many people, when they think of online message boards and communities, they only think of the ones that are the most under their noses, which are the comments section after an article on a major news site. Which are pretty much, you know, set up to fail.
Rumpus: One would argue that those are not really communities.
Zittrain: Right, I think that they’re not. It’s not a sense of identity. Nobody would say: I’m a CNN dot com commenter, that’s who I am. Whereas there are plenty of people who, in fact, say: I am a Wikipedian. Not just, I am a volunteer for this organization called Wikipedia. They say I am a Wikipedian. Wikipedia and I are one.
The Rumpus: I grew up with LiveJournal, and the culture of the communities there was: you don’t break the rules, and if you do break the rules, you get kicked out.
Zittrain: I think for any of these communities, as they get more popular, and as the technologies that depend on communities get more popular, at some point you face this question about what to do about bad apples. Once the village strikes gold or gets on the map as a tourist destination, the big pockets start to arrive, and you can’t just keep singing kumbaya louder. That’s why I actually see one of the central questions of cyber law as being, how can we design technologies that facilitate communities that have a certain immunity to bad apples?
Rumpus: Could you expand on the difference between a “tethered” device and a “generative” device?
Zittrain: For the past thirty years we’ve had a generative device in front of us, the PC, whether it’s at home or at work or the library or at school. We’ve had a device that can be programmed for any purpose. And it’s been connected to a network that hasn’t had any gatekeeping either; you can visit any website you want, and those websites can give you an experience that represents the software. I think, because it’s been such a dominant feature of the landscape, we take it for granted, but that’s a totally radical technology configuration. It was not destined to be that way, it has advanced to be that way. There were proprietary networks in the 80s and 90s, where to do things with them you needed the permission of the proprietor.
I believe that the past 30 years has been an incredible time for innovation, incredibly disruptive in a way. As the Internet has gone mainstream, and as more and more bad apples have shown up (particularly malware authors), a reasonable craving for stability has arisen. One way to achieve that stability is to create technology environments that are more locked down, where the proprietor determines how it will work and how it won’t work. And that’s true of a new range of digital devices that are in front of us.
That method works, but it has a lot of drawbacks. Our work computer, more often than not, is locked down by the IT manager; you can’t just run any code on it. At home, you might find yourself playing a video game on a box that also connects to the Internet, but the software on it requires a licensing agreement between the software maker and the box maker, and you can’t just directly go to the software maker and get it running.
The iPhone is, of course, a good example of this too. It started out as completely just Apple, 100 percent, and then a year later they introduced third party applications, just like a PC — except that Apple vets them. There are good reasons why that’s a functioning business model, but there are also reasons why it positions Apple to control what’s going on for their subscribers in a way that is kind of unprecedented.
Not only does this mean that the proprietors of the devices have more options than they did to prevent their devices from being hacked in ways that don’t always benefit the users — it also means the government suddenly has a new means of regulating. If the issue at hand is file sharing, and a company like Apple approves an app that enables that somehow, they can go to that company and say: “we don’t like this app you approved, and we order you to kill it.” Whereas with a PC, nobody ever talks to a Microsoft and orders them to kill a third-party program, because Microsoft has no control over either third-party programs or what people do with PCs. If what you don’t like is peer-to-peer file sharing, this is a happy occasion: no more Wild West, or a lot less of it. But if it remains unbalanced, if you see the possibilities for government control as giving them a little too much power, then there’s something to worry about.
The Rumpus: I want to ask you a question based on something you wrote in an op-ed for the New York Times, where you worried that our increasing reliance on cloud computing — where our data and applications are kept online, on company servers — has the potential to compromise our ability to innovate, our personal privacy, and opens up vast potential for surveillance. You concluded: “we’ve only just begun to measure this problem, even as we fly directly into the cloud. That’s not a reason to turn around. But we must make sure the cloud does not hinder the creation of revolutionary software that, like the Web itself, can seem esoteric at first but utterly necessary later.” However, the rest of your op-ed, and the title of your book, The Future of the Internet and How to Stop It, seems to contradict the idea of “not turning around.”
Zittrain: It might well be that it’s sensible to have your data in the cloud rather than on your device, all else being equal. But when you start entrusting your data to a third party, it does raise a bunch of issues, and I think this is the time to fix it before things get too routine and habit takes over. There even are some emerging technologies that can make cloud computing privacy-enhanced and more secure. It’s just a question of whether people will know to ask for it.
The Rumpus: What are those technologies?
Zittrain: It includes things like having your data automatically encrypted online so that the cloud computing provider, if told by the government that it is has to turn over everything in your space on their cloud, they would say: here it is, but good luck getting anything out of it because it’s all encrypted. That’s just a small example, but it’s an example of a way to make cloud computing more privacy-enhanced. For a cloud computing provider, they’re not exactly that excited about that. That’s in part because if you want to search all of your Yahoo mail for the past month, it has to be unencrypted for Yahoo computers to be able to scan it and tell you what they find.
But it turns out that some technologies that are starting to emerge, make it possible for your data to be encrypted and still searchable. I would like to see people find ways to reconcile the genuine values of privacy and the autonomy of people, with the convenience of having their stuff in the cloud.
Rumpus: Do you think that sort of thing could, or would, catch on? Or do you think the powers-that-be are using this opportunity to get rid of some of the expectations of privacy?
Zittrain: I think it’s up in the air right now. I think many governments have seen the value of the Internet and don’t want to kill the goose that laid the golden egg. Some governments are farther ahead than others in seeing and exploiting the opportunities for surveillance and control. The government of China, famously, uses a lot of filtering on the Internet, and it has a whole structure in place that gets intermediaries and gatekeepers to self-filter. If you host a chat service in China, you’ll have monitors in the chat rooms who throw people out if they say anything subversive.
There’s a certain value to coming up with ways to allow people to get around that, to have a fabric of technology that prevents a single regulator from taking control with a single order. I think we’re really at a place where it’s hard to predict the future, where governments haven’t fully realized just how much power is falling into their laps, nor have people realized how much power they stand to lose.
The Rumpus: If we don’t use these emerging technologies to protect the individual user’s privacy on the Internet, do you think the Internet will become a more dangerous place?
Zittrain: There are a lot of variables and a lot of equations. I think it could become a less secure place if you are an outlier in any way. I think a lot of people depend for their privacy on just being another grain of sand on the beach. But if you are supportive of an opposition candidate, it can be very tempting for the government, the incumbent — in the name of national security and prevention of subversion — to try to figure out who’s with them and who’s against them. The fact is, you can go from a fairly tolerant rights-respecting state to one that just isn’t. Think of Richard Nixon, and what power he might have had if he could just call up the FBI and say, I need you to do this, that, and the other thing. He’d have a lot more power today. That’s something that I just try to structurally protect against.
Rumpus: I’ve started to believe that people don’t expect the Internet to be a private place; what I’ve been taught is that if you don’t want someone to read it, don’t put it on the Internet.
Zittrain: I think when you ask people flat out, they would agree with you, but then they don’t seem very regretful of their actions online. It just shows that it’s hard to bear that in mind at all times. As to keeping things off the net, well — in a way, that’s a rule of paranoia so flat that you have to ignore it. It’s like saying, if you don’t want to be surveilled you better go live in a cabin in rural Montana. Well, is that really my choice? In a way, that level of caution is really just a prescription for complacency because the flip side to it is: nothing I can do will make a difference.