#ITUDOA — as if we didn’t already have enough to be worried about…
Depending on whom you listen to, the United Nations’ ITU group are either a diverse, representative group trying to wrest the internet away from American/Corporate hegemony, or a bunch of former phone-regulators coopted by Russia, China & other less-liberal governments, to bend the Internet to their whim. This one goes squarely into the second category.
[ 1 Nov 2016 — this post will be updated if/when news breaks; see footer; updates will be announced on Twitter at https://twitter.com/alecmuffett ]
What’s going down?
The DOA — the Digital Object Architecture — is going down, and with it the less-liberal Governments represented at the ITU are trying to take over the internet. Again.
And this time, this proposal, is doubly-bad because it (a) sounds like a reasonable idea, (b) originally came from an cuddly old techie guy that everybody respects, and (c) sounds really boring to journalists. Nobody is paying attention other than policy wonks and nerds.
What, really?
Yes, really. The traditional freedoms of communication and innovation on the internet are at stake. Strangely, the undesirability of the Digital Object Architecture was hinted-at pretty clearly in the Bible (Rev 13:16–17)
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
…and you know that there are conspiracy theories that UPC barcodes are the “mark of the beast” because the sync-pulses correspond to 666?
Well this one is real and it is worse, because this one is actually in line with the intention of controlling who gets to talk with whom.
What do you mean?
There’s this draft standard being discussed TODAY by the ITU in Tunisia:
X.1255 : Framework for discovery of identity management information
…and the concepts behind it sound innocuous enough:
Robert E Kahn is considered one of the key Internet pioneers. An engineer and computer scientist, who, along with Vint Cerf, invented the Transmission Control Protocol (TCP) and the Internet Protocol (IP), the fundamental communication protocols at the heart of the Internet.
His latest project is the Digital Object (DO) Architecture. A key feature of the DO Architecture is the unique persistent identifier associated with each digital object. Imagine a large document or blog post with a lot of embedded URLs. After a certain amount of time those URLs will most likely become non-operational. If you replace those URLs with unique persistent digital object identifiers then, if properly administered, the links will never be lost — because the identifier is now associated with a digital object rather than a port on a machine. That’s only part of the story though, DO Architecture is exciting technology, it also provides security features that can, for example, better enable transactions and rights management. Libraries and the film industry are among early adopters of this technology.
The proposal is to bring “identity” to documents, devices and connected network services by embedding within them unique identifiers — think of them as “cyber-serial-numbers” — to enable tracking and finding. Serial numbers are great, aren’t they? Books have ISBN numbers or Dewey-Decimal numbers in Libraries, most items have UPC barcodes or other identifiers like that. What could possibly go wrong?
Well…
- what if you were not allowed to publish a document on a website without first putting it into a “registry” and getting a “DO” cyberserialnumber for it?
- what if your “Internet of Things” home webserver would not publish documents which had not been registered and stamped as a “DO”?
- what if your “Internet of Things” devices would not be allowed to connect to the internet, unless they themselves had a “DO” stamp which was registered to you as an individual?
- what if you’re a developer or manufacturer and had to push the DOA stack into all your products before you were permitted to publish or sell?
- what if your Government does not like you and refuses to register hardware you buy, software you build or documents you write? Who will use or read your stuff? Answer: nobody.
- how much will they charge you, to register a DO?
- EDIT: also, as I should have noted originally: whomever controls the tools to search, map and index the DO registry, becomes the centralised gatekeeper(s) to all information and resources on the internet.
But this solves an important problem!
There are already solutions for fingerprinting documents and services — we have cryptography, we have message digests and certificates, and they are opt-in rather than presupposing the necessity of bookkeeping a document or device for the entirety of its lifecycle. Unless you have an scarily tidy mind, there is no need to register and every digital and network artefact before using it — and with this observation comes the conclusion that DOA should be at-best optional, and perhaps preferably drowned-at-birth.
Where can I read more?
The W3C — you know, the people who define standards for “the Web” — wrote the most terribly minimalist of notes and have posted it at:
…the tl;dr of which is “If you really think we haven’t already got this addressed, bitch, please tell us” — but frankly the issue of DOA goes a whole lot deeper, since it essentially impacts the cyber-equivalent of “freedom of assembly”.
For actual substance, you might like to try these blogposts:
…which recap the profound issues in a way that the W3C post simply cannot. See also this PDF that is linked from a posting at ISOC for technical overviews of how DOA is meant to work.
Where do we go from here?
I don’t know. I’ll update this post when I get more information, but my sources tell me that today (1 Nov 2016) the discussions at the ITU meeting in Tunis have “Shall we try to impose DOA upon the world?” hanging in the balance.
— updates —
- Relevant ITU conference hashtag is #ITUWTSA
- Added an extra observation to the list of bullets, re: control of DO registry and its impact upon search.
- Amended artwork
- Link supplied by Mark Buell at the Internet Society (ISOC) regarding how DOA is meant technically to work:
https://www.internetsociety.org/sites/default/files/ISOC-DOA-Overview-20161025-A4-3_0.pdf - Link at WSJ on “The Authoritarian Internet Power Grab”
http://www.wsj.com/articles/the-authoritarian-internet-power-grab-1477436573 - Added http://www.circleid.com/posts/20161025_selling_dona_snake_oil_at_the_itu/
- Added https://www.ibm.com/blogs/internet-of-things/the-internet-of-tigers/
— end —
