In December 2002 I gave the Cybersalon/New Media Knowledge Christmas lecture at the Institute of Contemporary Arts in London. Fifteen years, on, it seems worth reposting. Thanks to Richard Barbrook for the invitation, those many years ago.

Is Big Business Killing the Net?

Duh! Of course it is — at least, it’s killing one way of building a public network, the one that is inherent in the Transmission Control Protocol and the Internet Protocol, the one I grew up with. The one I value.

Thank you, suckers

But let’s not forget that we’d be nowhere without business, without the commercialisation of the academic Internet. By 1990, when work started to turn what was still a university research network into something that could be used by business and even individuals, the original Net had run out of steam.

We tend to forget this, but at the time it was only being used by a few hundred thousand people around the world to exchange email, copy data files and experiment with distributed processing projects. We were talking about how networks would change the world, but the Net itself was not really seen as the long term future of networking or the basis for the ‘information superhighway’.

The telcos had their own network services, called VANS (for Value Added Network Services) based around the X.25 protocol; governments and major corporations had signed up to OSI, the Open Systems Interoperability network protocols, a heavyweight architecture for serious networking. Nobody expected TCP/IP — more properly called the Internet Protocol Suite — to depose all comers and establish itself as the glue for the network world.

Even as late as 1994 we were debating whether the Internet would be able to evolve into a network for the world or whether it made more sense to start with something new and implement Al Gore’s vision from scratch.

If it hadn’t been for the greed of the first few commercial Internet Service Providers, who realised that they could get hold of leased lines from telcos, put a router at each end, get a class C address for free and start offering TCP/IP service a lot faster and cheaper than X.25, OSI or any of the others, then none of this would have happened.

At the time I was working for a Cambridge-based ISP called PIPEX — the Public IP Exchange — and although it was selling lots of connections customers often didn’t know what they were supposed to do with them.

Then the first dialup providers found they could take a quick and dirty implementation of TCP/IP — Demon users may remember K9Q, WinSock was the first I used — a bank of modems and a Sun box and offer a halfway acceptable service to home users. They could even make money out of it.

And in late 1993 the World Wide Web got the <IMG> tag, the Mosaic browser became moderately stable, and the whole thing exploded.

Commercialisation in the early 1990’s turned the Net into a viable global system. And four years later the stupidity, greed and technical illiteracy of the venture capital community, coupled with the duplicitousness of the banks and financial institutions who channelled billions of dollars from private investors to dotcom startups, fuelled the explosion in Internet infrastructure that we see around us today.

When we look at the scale, complexity and sheer beauty of today’s Internet, one of the most complex machines we have ever constructed, we should thank the people who spent so much on it all -and think of the millions who made so little in return.

Far from ‘killing’ the net, I think we should acknowledge just how much we owe big business. If the people behind the large corporations had had a little more sense, if they hadn’t been duped by the cheerleaders of the dotcom revolution, and fallen for the flawed analyses of the marketistas, then we would not have today’s Network.

I think we should say thank you to them all — and especially to George Gilder and Nicholas Negroponte, the two men whose mistakes made it all possible. Thank you, guys — and thank you, suckers, for the infrastructure your money built.

This is not to claim that the Net is perfect, or that it’s evolution is guaranteed to take us to the sun-filled uplands of the information society. Far from it: the network today faces major threats from many sides, and is close to falling apart under the weight of its own contradictions. Unless, like capitalism, it can reinvent itself.

IP vs. IP

The network we built with the foolish people’s money has an architecture which expresses certain liberal values, to do with lack of centralised control, support for freedom of speech, openness to innovation, and resistance to monopoly — either cultural, economic or technological.

These values are implicit in TCP/IP and the way the net’s protocols interact — anyone can write an application that uses IP datagrams to communicate across the Internet, and the stack has no way of knowing or caring what application is creating or assembling the packets it moves from node to node. This is what the end-to-end principle really means: it is not an abstract philosophical issue but a case of what facilities are available to programmers.

Now this is not, in itself, enough to guarantee that the Net will be a force for social good. After all, the lack of any real control over content or applications makes today’s Net extremely porous, and subject to colonisation by a dominant culture. US hegemony over the Net is clear today, and is most apparent in the blind acceptance of what Richard Barbrook terms the ‘California ideology’ in almost any discussion of network regulation or politics.

I don’t accept that ideology; I don’t accept US hegemony. But the real problem facing the Net today is not caused by the assertion of US cultural value over an essentially open network — it is caused by the concerted efforts of governments, corporations and communities to take the open network away and leave us with something which has those same values hard-wired into the network architecture.

This is possible because what programmers have built, programmers can take away. The businesses who want to make use of the network which they — or their now bankrupt former competitors — so expensively built have realised that they would like more control than this architecture allows, and they are putting the technologies in place to make this possible.

The military-entertainment complex that currently dominates US policy making and drives the government’s agenda has realised that the operation of the Internet Protocol — my favourite form of IP — is potentially very damaging to its ability to control its own favourite IP — intellectual property.

The result is that the network is being redesigned to allow greater control, with such innovations as trusted computers, signed code and content, digital rights management and protected systems.

There are good reasons for building trusted systems — I’ll come to them later — but there are also bad ones. An architecture of control is only as good as those who implement it, and the people who want to be in charge of tomorrow’s network are not interested in freedom, truth or justice.

Yet these people are asserting control over technology and legislation. In the USA and Europe laws are being written (or have already been passed) to provide a degree of protection for the control mechanisms implemented on top of these technologies, and the freedoms which IP once offered are being stripped away.

The driving force behind this is not an attempt to make the Net safer or more secure for users — for the five and a half billion people who have yet to use the Net. It is an attempt to assert control.

We are seeing the beginning of a clampdown on how we use the Net that resembles the restrictions on freedom of movement last seen in this country during the1939–45 war — only this time the restrictions are being imposed in the interests of Disney, AOL Time Warner, Sony, BMG and the rest of the entertainment companies.

We are seeing the dot.commons being destroyed as our freedom to play, experiment, share and seek inspiration from the creative works of others is impeded so that large companies can lock our culture down.

We are seeing the destruction of the public spaces defined by the Net

As often happens, common goals create unlikely alliances. Monroe Price, in his recent book Media and Sovereignty argues that the Western countries are looking with interest at the way the Net is regulated and controlled in China, Singapore and other undemocratic regimes. Not because they oppose their actions, but because they are looking for inspiration

This is a tragedy for those of us who operate in those public spaces. It is the equivalent of the enclosure of common land in the 18th century, depriving the people of space to graze their animals and grow food crops

I fought the law

We must fight back

The starting point is a restatement of the principle that copyright is not an inalienable property right as claimed by the music, movie and publishing industry.

While moral rights are — or should be — absolute, so that no-one has the right to change my work, publish it without attribution or force me to publish it, the monopoly on commercial exploitation of the work is a state-granted license intended to promote creativity.

It can — and should — be modified if it ceases to serve the public good. We have allowed the entertainment cartel to seize control of the means of reproduction: it is time to take them back into our hands.

This means fighting for fair use, for the right to take bits of other people’s work and use it creatively, to comment on it, and to build on it. It means resisting the Digital Millennium Copyright Act and the European Union Copyright Directive and the precedence they give to technological copy protection measures over copyright as a bargain between the creator and the public.

Fortunately those of us who believe in these freedoms have some powerful friends. The IT industry is vastly larger than the music and movie industries put together, and it does not want to see systems crippled by the need to build in limitations on their use. Not being able to play CDs in a computer may be an irritation at home, but having to get AOL Time Warner’s permission to burn a DVD of an advert you’re creating for a client, or get Microsoft to sign the code you’re writing for a mission-critical accounts system is just unacceptable.

The entertainment industry has had decades in which to establish its influence over US and EU politicians — and they are the ones who matter most because they give the lead to the rest of the world. The IT industry has not tried so hard, because by and large it has not been regulated or legislated for separately from other large industries. There is no Federal Software Commission or OfSoft, no British Hardware Corporation or Public Processing Service.

Once the laws start to have an impact then the IT industry will fight back, and its pockets are deep and its voice will be loud. I do not think we need to worry about the entertainment industry and its copyright theft nearly as much as we have been worrying, because the gains they have made in the last five years are temporary and will be rolled back by Apple, Sun, Intel, AMD and even — yes, even — Microsoft and Sony, who will prefer the money to made in the real world to the small change of the content business.

What will that do to movie-making, music production and writing? I have absolutely no idea, but I do know that we seem to want to create stuff, and that making money out has rarely been the motivation for great art. If the world never saw another Arnold Schwarzenegger movie, Tom Clancy novel or Robbie Williams album I really don’t think we’d be missing much — do you?

So I don’t think we should worry about attempts to introduce digital rights management, or be paranoid about every trusted computing initiative. I want secure processors, trustworthy system and signed code — and I don’t think it has to be resisted just because of our exaggerated fears of the copyright cabal.

More Than Copyright

Being able to use, copy and adapt other people’s work — within limits, of course — is vital. But there is more to freedom online than just being able to rip CDs, exchange MP3s or cut and paste from ebooks.

We also need to ensure that we have the same rights to freedom of expression online as we do offline. I’ve been criticised in the past for saying that regulation of the Net is not only inevitable but desirable — but that does not mean we should accept harsher controls over what we say or do online than we would expect in the street or in our homes.

I want us to think differently about the Internet, to acknowledge that it has to be regulated and controlled if it is to serve the interests of the many rather than the few; that freedom from viruses and worms and spam is important too. We need a new settlement for the online sphere, one that acknowledges the needs of all users and not just the cyberlibertarians and the netheads. We need compromise, and recognition that the net is not just an online extension of a particular anti-government US approach to personal liberty.

A regulated network does not have to be some sort of online police state: the tools of repression exist in this country already but we are resisting their deployment in the real world. I have campaigned and demonstrated and resisted for almost a quarter of a century — I may not have done much good, but I fought for what I believed in, and I was willing to break bad laws to do that.

We do not need to naively claim that government always gets it right. Things do go wrong — look at the damage done to civil liberties and the constitutional settlement by the President and Congress of the United States in the USA PATRIOT Act. However I do think we should retain a belief in government and the power of the state to do good as well as harm.

Against Reification

A big problem for anyone who proposes changes to the way we think about the Net is that it is too easy to see it as a new world, a separate space, a place where old ways do not apply. There is a great temptation to take the idea of ‘cyberspace’ — William Gibson’s word for the space defined by all the connected computers in the world — and treat it as if it was really there.

But it isn’t. It is an abstract concept, a useful catchall for describing all the many ways we interact with each other over the Network, a concise and valuable way of thinking about the whole range of activities which we carry out online.

It is not real. In philosophy we call this process of taking something abstract and treating is as real ‘reification’. We must not reify cyberspace the way many mathematicians reify numbers, treating them as if they exist in some separate Platonic world of ideas, waiting our patient efforts to uncover their mysteries.

Treating the Internet as a place — as Clay Shirky argues we should — rather than just a communications channel is a useful way of conceptualising it. Acting as if it is a separate universe is just foolish: the space defined by the Net is an extension of our real world, and it inherits many characteristics from that real world.

It is also dangerous to fall for the idea that the Net has any essential qualities. Again, this is a common philosophical position, and not one I have very much sympathy with. Essentialism is attractive — we all think we know what makes something a table, or what counts as human.

But once you look closely you find that none of the supposedly ‘essential’ qualities is really necessary: a comatose victim of a road accident lacks consciousness (and perhaps even a cortex) but we do not therefore treat them as we do other animals; a step can be a table for someone picnicking in town.

Lawrence Lessig and I agree that networks have no essential qualities and can be reshaped in whatever ways we, their creators and regulators, choose.

I suppose in my more romantic periods I would like to reserve the word ‘Internet’ for the network that existed between January 1st 1983 and next month — the twenty years of the free network — and find another word to describe the corporately controlled, monitored, surveilled, regulated, bordered, signed and certified network that we are now building.

Perhaps we need to do a search and replace on the Web and USENET on January 1st -

:g/Internet/s//?????

what? What should we call it? Neal Stephenson named it the Spew, and the space it defined the Metaverse, but neither of these captures the spirit of control that defines it now. In Terminator we had SkyNet, but that was not doing the same thing at all — looking after nuclear missiles is not the same as censoring Websites. I think we should look elsewhere, to Orwell and Big Brother, Zamyatin and his glass houses, Bentham and his Panopticon. Perhaps we should just call it The Matrix.

Working for the Clampdown

But whatever we call it — I am open to suggestions here, so get texting — we need to recognise its qualities and work with them. And the fundamental quality of tomorrow’s network will be that it is regulable and controllable in ways that the old Internet was not.

Pentium processors, WinXP, MacOS, Linux, IPv4 and the current generation of routers do not allow the control that the Net needs if it is to become embedded in our lives. At the moment most of us think this is a good thing, because it does not allow corporate control, government interference or excessive regulation. Anonymity is possible, even if it is hard to achieve. Obfuscation is easy.

We need to accept that this unregulated network is going to disappear over the next five years. It will be killed by business, by government and by the freely made choices of millions of people who will select ‘trustworthy’ systems over promiscuous ones, regulated ISPs over libertarian ones and ‘safe’ applications over ones that can be compromised.

There will always be ways to break the security of even the most secure processor as long as Ross Anderson can get his hands on a tunnelling electron microscope.

There will always be ways to subvert the code signing protocol and get unlicensed code running on your secure processor.

There will always be people who play with the technologies and do stuff that is unethical, illegal and cool.

But most of the people, most of the time will be using systems that are secured, signed and regulated. And they will be happy to do so because the benefits will be great: they will have online access to government services, banks, shops, schools and other facilities. They will be able to block spam, viruses and content they find disagreeable. They will feel safe letting their children surf.

We should not be so arrogant as to dismiss these many benefits or to despise those who don’t care about running their own code, having secret correspondence or changing the world. It is the mistake that revolutionaries on the left have made for generations — it is not one that we should make now.

Complete Control

However, if we are going to have a regulated network then we need to ask one major question now: who rules? Will the network be run by the corporations or by governments.

However imperfect governments may be, I know which I’d rather have.

If we want to see how bad things could get if we let the corporations run the show, then we have a very recent example: the failed revolution that is P2P.

When Shawn Fanning wrote Napster he took a step backwards and started people thinking again about ideas that were common currency in 1990, ideas that would have been widespread had it not been for the computer science disaster that was the World Wide Web.

People had been working in distributed systems, object-based programming with communicating services and peered network topologies for many years before Tim Berners-Lee came along with his stateless protocols and brain-damaged markup language and destroyed the dream.

Organisations with strange names and acronyms like ANSA, CORBA, and the ill-fated OSF were working on ways to have build peer to peer networks in which nodes would advertise services and make them available to other nodes, each capable of being both supplier and user of these services.

But it took ten years — a decade of wasted opportunities — and a 19 year old kid who was fed up having to look so hard for ripped off content on his college network to make the whole thing sexy enough for his peer group to use and public enough for the lawyers to pay attention and shut it down.

It was about time. Anyone who has ever tried to get their Website to work with user sessions will know just how restricted HTTP is, and while Tim may argue that it was the simplicity of the protocol that allowed the Web to develop, I still feel that we lost more than we could have gained if we’d had proper distributed processing for the last ten years.

For one thing we’d have lost Microsoft along the way: they were incapable of keeping up with the real work going on in 1992 in computer companies like Sun, IBM, HP and DEC and only managed to take over the Web because it was stupid enough for them to understand and based on standards so broken that nobody really minded if you extended them.

The Web was lost when Eric Bina and Marc Andreesen added the <IMG> tag and NCSA released the early source code of Mosaic. It’s been downhill all the way since then for anyone who knows or cares anything about computing.

Still, when Napster exploded over the Net it looked like the fight back had begun. Unfortunately Gnutella was the highpoint: an open source, properly engineered, infinitely subversible attempt to build a proper distributed environment on top of the existing net — and it even used HTTP’s port 80 to get through corporate firewalls. My, how we laughed.

It was a mistake: we laughed too soon. Within months, and notwithstanding the sterling efforts of Tim O’Reilly to be Engels to Fanning’s Marx and keep the revolution on track, it was lost — derailed by the lawyers (Napster) and corporate accountants (Gnutella) and then sold by the rentier class of net advertisers and spammers who bundled spyware and adware with every application (Gator), snuck their own commercial P2P software into the package (KaZaA and Alter.net) and generally tried to screw money out of anyone and anything associated with P2P.

The worthwhile stuff got buried, the cool stuff got written up on NTK and then disappeared, and the real potential of the system got lost. They didn’t even bother to steal our revolution — they just stole the clickstreams and eyeballs and that was enough.

Now, like Marat in the bath, P2P lies bleeding on the floor thanks to the greed of stupid Americans and gullible users and we must look elsewhere for our salvation. P2P died in the killing zone between the free market radicals who wanted to spam the world with ads for penis enlargement and get-rich-quick schemes and the established players who wanted to keep making money from their shiny silver discs.

If a government had stepped in — any government, anywhere — and introduced compulsory licensing of music product, full compliance with data protection laws and full disclosure of installed software, then who knows where we’d be now. Because markets don’t work: regulated markets work, and this market was left to the spammers and the entertainment industry, two of the smallest-brained dinosaur species in the entire network ecosystem.

Building the Hidden City

But there is hope.

To Orwell, in Nineteen Eighty-Four, hope lay with the proles. To me it lies with the coders. Like the diggers in the seventeenth century, these are the people who, with keyboards in their hands, will shape the land to serve the interests of the many.

These are the people who weild the only weapon that matters — running code. Like Neo in the Matrix, but without the cool leather coats and guns (apart from Eric Raymond, natch) these are the people who will seize the network and give it back to the people.

Perhaps.

I’ve spoken in favour of a regulated, controlled and zoned network. I still believe that such a network is desirable, and that putting control in the hands of democratically elected governments is far better than putting it in the hands of corporations. But not all governments are good; not all governments are wise and sensible; and not all governments listen to reason.

It is therefore necessary to ensure that, whatever the architectures of control on tomorrow’s network, there is space for subversion, for activism, for stuff that is not approved, not countenanced by the state, not strictly legal.

And even if we accept that trusted processors, Palladium-style operating systems, signed code and authorised content will define the online experience for most people, most of the time — and that they will accept and even benefit from that — there needs to be more.

If the Net is a city then let it have its office blocks, children’s parks, schools, tourist areas and suburbia. But I want seedy dives, places to buy recreational drugs, smoky meeting rooms in which to plot the overthrow of the state, and hotels that rent rooms by the hour too.

Let me end my jaunt through the history of tomorrow’s network by telling you how we can have them.

On tomorrow’s network every processor will have a hardware security function that allows it to check the digital signature on every piece of code it runs.

Every signed application will enforce a system of control that permits it to check the digital identifier on every piece of content it is given.

Every physical device will advertise its real-world location.

Every router will filter traffic according to type, content and jurisdiction.

This network will have borders and boundaries. It will be controllable — and controlled. It will benefit billions of people by giving them simple, safe access to services, content and tools that will help them live longer, healthier and happier lives. It will support filtering, censorship and regulation just as the printing industry or broadcasting supports it.

It will be subject to political control — and will suffer as a function of that control. In repressive regimes like China, Saudi Arabia and the United States of America it will be monitored and subject to state interference. In the liberal states of Europe then government surveillance will be limited by statute, freedom of speech will be protected and personal privacy guaranteed.

It will not be today’s network, but inside it we can, if we wish, construct another net, one which looks and acts like today’s Internet.

Because any sufficiently complicated system can be subverted.

For example, my ISP is NTL — I have a cable modem — and I am not allowed to run a server from my network as it uses their precious bandwidth.

However a friend with a corporate leased line for his small business will let me use his network, and I can run a Linux box at home which uses SSH to tunnel IP over my cable modem to one of his routers and out onto the network.

Suppose that all code that runs on trusted processors has to be signed. Why not write a program which does for Linux what the Java Virtual Machine does for Java programs — creates a safe and restricted execution environment for the code.

This Linux Virtual Machine (LVM) would be certified and safe: it would have limited and controlled access to the hardware, storage and network interface of the system running it.

It would read and write only from ‘files’ of the registered type ‘Linux File System’.

It would have access to the display through a terminal window or through an X server.

It would talk to the network but only be able to send traffic via a specified port to other machines which were willing to accept incoming traffic on that port.

And when it ran it would read a specified LFS file — and then treat that file as a Linux filesystem, look for a kernel, load it and execute it. It would be Linux within a sandbox.

Communications across the ‘approved’ channel would be to other sandboxed Linux systems, and the traffic sent would be IP datagrams, tunnelled over whatever text-based protocol was deemed safest or simplest.

The result would be that all the currently executing LVM-hosted systems would form a virtual network, hosted within the trusted, controlled and regulated network but outside the sphere of control.

Within this network there would be the same freedoms we see on today’s Internet — it would be using IPv4, our existing routing protocols and our existing tools and applications.

The network would be open, and even if it initially required a degree of technical sophistication to get an LVM running and register it with the virtual DNS which ran on the newNet, it would not take long before the tools became simpler and usable by non-geeks.

The community would be open to all. Of course, the agents of the state would be there too, but they would find it remarkably hard to monitor, control or close down — and unless particularly draconian laws on the use of the network were passed by an authoritarian government, it would not be illegal.

It would be a hidden city, created in the gaps between the packets on the corporate network.

And Finally

If we want a networked future, and we want the network to serve the interests of the whole world and not just one class or other — neither the geeks or the corporations — then we have to embrace the regulated net and abandon today’s Internet.

Unless we recognise this and start thinking about how we will exert democratic control over that new network then we will, by default, leave it to the corporations. Because the new network will not be a self-organising system, it will not be some anarchist paradise or even a libertarian cyberstate. If we do not ensure that the new network is properly incorporated into existing political systems of control, so that our governments can pass laws which are effective online and we can use our strength as citizens to fight for good laws, then we will give up control to the corporations.

We have an opportunity now that is rarely given: we can see the future, see the shape of the network in 2010, and start now to build political structures and even laws that will ensure that the coming network preserves the principles that we value and is able to serve the real interests of the world’s six billion people. Surely that is worth fighting for?

Bill Thompson

Cambridge. December 2002.