From Digital Sovereignty to the Web of Nations

Henry Story
Cyber Security Southampton
19 min readMay 16, 2018

This blog post follows up on Epistemology in the Cloud — on Fake News and Digital Sovereignty presented at The Web Conference 2018 in Lyon. Here we explore the institutional web: institutions such as schools, companies, local authorities, etc, form social networks and they live inside larger institutions known as nations. These in turn are members of institutions such as the European Union or the United Nations.
We will start by describing a couple of recent events of interest: starting with the French debate on Digital Sovereignty, we look at how the debate on Britain’s Brexit having ignored that dimension lead in the end to digital sovereignty being on every body’s mind, even if rarely getting a mention as such. We will then show how Nations can be sovereign and respect the sovereignty of others in cyberspace by linking together on the semantic web so as to form a society of nations visible to Navigators. This will allow individual citizens browsing the web to become conscious of the legal space in which the owners of websites have tied themselves, thus anchoring trust through the legal institutions. This new found trust can help level the playing field in the commercial areas as well as increase security by reducing the spread of all kinds of fakery.

Digital Sovereignty

The article I presented at The Web Conf 2018 entitled Epistemology in the Cloud starts by considering the internet as an information transfer systems, raising the question as to how to interpret information and tell if it is true or false, thus entering the field of epistemology: what is knowledge, and what is it to know? To know that one knows in a world of externalised memory and global networks of information exchange, it was argued, we need to be able to

  • control the hardware we store our information on,
  • verify the integrity of the Operating System that controls the hardware,
  • inspect the data and programs running on it,
  • cooperate easily with others expected to have the same requirements

It is on all these points that most current social platforms are failing: by building platforms whose data is not under the control of the agents using it, that furthermore don’t link up together. A social web must not require all data to be centralised to function but to the contrary allow it to be linked together across servers owned by institutions and individuals around the world, just the way the web allows pages to be linked globally. This leads us to describe the web as a hyper-data platform for cooperation, which we call a co-operating system.

The co-operating systems stack

The importance of externalised memory is even more crucial for institutions such as companies, schools, nations, states and such. Larger institutions could only arise with the externalisation of memory, if only to allow laws to be written down and be used later in courts of law. In the Athens of Ancient Greece, where alphabetical writing first became deeply embedded in the political process, the laws that had been voted by the assembly of free citizens were carved in the stone walls of the city. This made surreptitious changes to the law nearly impossible. Controlling the wall was then not just a physical security measure, but also expressed in contemporary language, a cyber-security one. It is also where Philosophy came to be: Socrates was often to be found walking along the wall of Athens asking passers-by about the meaning of key concepts such as knowledge.

This thinking regarding the importance of externalised memory and the ease with which it can be altered and manipulated in the cloud, lead France to attempt to build a sovereign cloud. The debate was then enlarged when Sky Rock founder Pierre Bellanger published in 2014 the book Souveraineté Numerique [Digital Sovereignty]. The seriousness of the questions raised there, lead in January 2016 to an amendment being added to the Digital Republic Bill requesting a report to be written as to the feasibility of creating an office for Digital Sovereignty reporting back to the Prime Minister. This amendment was adopted and lead in October 2016 to a recorded seminar at the University of Nice on the subject. It took a little over one year before in January 2018 the book “La Souveraineté Numérique — Le Concept, Les Enjeux” was published.

The Limits of Digital Sovereignty

From the many excellent talks there (such as the passionate presentation by General Watin Augouard) I wish to bounce off the more analytic intervention by Prof. Jean-Philippe Derosier, Legal scholar and blogger on the serious french newspaper Le Monde, where he writes on constitutional matters in the section La Constitution décodée. Helpfully for those who do not have the book, he has put a shorter version of his intervention online titled Les Limites du Concept de Souveraineté numérique [The Limits of the Concept of Digital Sovereignty], which being digital I had automatically translated by the Deep Learning based translator Deepl (it does a very good job). If you can understand spoken French you can also sit back and listen to his recorded intervention.

The article elaborates what could be thought of as a dilemma presented by the concept of digital sovereignty, which I will try to render here in condensed form. The internet is a space that escapes the sovereign for the simple reason that it is a communication protocol, which allows citizens of different nations and so their sovereigns to communicate. Setting legal rules on that communication space would require a sovereign of sovereigns. But no such agent exists. There are coordination institutions such as the European Union or the United Nations, but these are not sovereigns: they could not exist without sovereign nations. So there is no way to have a sovereign internet unless it means a closing of the internet to the boundaries of a nation, which would then of course no longer be an inter-net.

The above reasoning is of course what lies behind John Perry Barlow’s famous 1996 Declaration of the Independence of Cyberspace, cited in the book, which starts with the following lines:

Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.

(It is not difficult reading this to see how John Perry Barlow came to be the lyricist for the world-renowned Californian band The Grateful Dead.)

The Limits of Supranational Bodies

Now I suppose for a British audience traumatised by Brexit, the above statement about the sovereignty of states and the non-sovereignty of the European Union stated baldly by a Frenchman, deserve some comment, which in the book version of the article they would get as the following footnote (translated by Deepl):

On this long and thorny subject, we refer the reader to the works published under the title ‘Les limites constitutionelles à l’intégration européenne’, [The constitutional limits to European Integration] LGDJ, Paris, coll. Constitutional and Political Science Library, 2015, especially the last chapter.

So I had a quick look at that, and found the following passages from the introduction by Prof Otto Pfersmann striking enough to be worth translating and quoting here. First on page VII of the introduction we read:

The conclusion of this research is clear: the internal constitutional law of the three Member States examined — Germany, France and Italy — absolutely prohibits them from merging into a European legal system with sovereign competence.

and on the next page:

These data clearly show that many eurosceptic anxieties, and equally euro-enthusiasms, are legally unfounded as long as the current framework is respected.

Not respecting the framework would constitute a legal revolution, with potentially pretty drastic consequences. This and much more is made clear in an interview of Derosier by Prof of Law at the University of Austin, Texas Richard Albert who also reviewed the book in the International Journal of Constitutional Law.

Derosier there makes clear that he is bridging constitutional law and Political Science. Indeed we find him agreeing with the position developed independently over the past years by Prof Emeritus of International Political Economy and The Shell Fellow in Economic Transformation, Jonathan Story who taught at the European business school INSEAD, (with a very extensive list of publications). In a number of blog posts over the past 3 years, he has argued that the UK could have followed Germany in reaffirming its sovereignty and thereby kill the Brexit debate in the egg. Most recently in February 2018, he wrote a summary of this up in You’re wrong, Matthew Parris: sovereignty is worth more than a sneer., and before the referendum in May 2016 in his book review of Robin Niblett, Britain, the EU and the Sovereignty Myth. Chatham House, 2016. where he wrote:

What Niblett does not appear to understand is that the EU, as the German Constitutional Court has stated, is an alliance of sovereign states, who all operate in their own way in the global society of states.

The historical very complex reasons for this widespread misunderstanding at the highest levels are developed in those articles. One interesting argument put forward recently by Will Hutton and Lord Adonis in their book “Saving Britain” (see my review) is that it is the over-centralisation of politics in England that lead people in the North to project that experience on the EU.

What is noteworthy for the purpose of this article is that the misunderstandings are perhaps not unlike the ones about digital sovereignty. International relations experts such as Lucas Kello in his recent book “The Virtual Weapon and International Order” like to remind us that nations live in a “political system of international anarchy” and yet there are agreements made between states, that with the growth in trade is ever deepening, bringing everyone closer together, turbocharged by institutions such as the EU designed to allow agreements to be reached even faster. These institutions are built on the self-interested desire of states to avoid destroying each other in war, thereby creating the illusion that there are higher sovereignties.

On Fake News

As Brexit sought the re-affirmation of the Sovereignty of the UK from the EU, and shortly after that Trump won the presidency with his America First, his “build the wall” mantra and his promise to extricate the US from its many international obligations, we discovered that sovereignty seemed to come with a digital shadow. Indeed the following non-stop talk of Fake News by the president, has raised epistemology from a philosophical discipline to one with reverberations at the level of international relations.

The calls by candidate Trump during the election for the Russians to find dirt on Clinton and the subsequent leaks of Clinton campaign emails gave a lot of reason to see foreign influence at hand in the election (see Lucas Kello’s The Virtual Weapon for a lot more on this). There is also strong evidence that east European teenagers completely made up “news” stories guided not by the truth but rather by the number of Google ads these stories sold. So in the process of the UK (then followed by the USA) trying to regain their never lost sovereignty, the World discovered the question of digital sovereignty. How can a nation have a debate on an important issue, if foreign entities can participate and move the debate to their advantage by producing fake evidence visible to just the vulnerable part of the population? Even those who used these systems to their advantage are now starting to notice the problem, as when Nigel Farage who steered the Brexit debate on the theme of national sovereignty, meekly asked Mark Zuckerberg of Facebook if right wing debates were not being throttled on the platform (see Wired article “Nigel Farage says Facebook is killing right-wing pages. He could have a point”).

For that matter how can you avoid your citizens getting scammed by fake websites located on foreign soil, which look very much like outlets they would trust? These need not just be news sites but could be any site pretending to look like a bank, or a shop, or a government agency. Moreover, since any site could be a fake, nobody can know any more for sure when they see the real thing, which is bad for commerce, bad for knowledge, and bad for security — skillfully used fake information can be weaponised as a recruitment ground for terrorists.

But someone may ask: Do TLS certificates not fulfil the role of authenticating websites? Well, minimally a TLS certificate tells the Navigator that it has reached the site named by the domain component of the https URL the user typed in or clicked on. However, the person typing the URL may have made a spelling mistake — there is an industry in working on buying and selling domain names that are a simple spelling mistake away from a valuable domain name. Furthermore most people do not type URLs, but instead, follow links others have typed. It just requires some good marketing for a fake website to reach someone not paying enough attention to the provenance of a story and so for that link to then be distributed across social networks. What is needed as we will see is for the website to be tied to a much wider system of institutions that can guarantee certain properties of the website owners, such as the legal regime they operate under. This can be tied into the TLS certification process, but it requires a lot more than what the Certification Authorities can and want to be held responsible for.

The Digital Sovereignty Dilemma

The Digital Sovereignty Dilemma could be stated simply like this: how can one be digitally sovereign, when this requires internet communication opening oneself to actors in other nations living under their Sovereign, potentially misbehaving? How does one legislate against foreign bad actors, without turning every act of thievery into a potential act of war?

So let us recapitulate: there is no sovereign of sovereigns, and therefore states can only come to agreements with others. But states are sovereign over their subjects. So Digital Sovereignty can only be a hierarchical relation between a sovereign and its subjects and a peer to peer relation between a sovereign and another sovereign.

This is not so different from me as a human being — who am also an organism composed of 37.2 trillion cells — making a promise to meet someone tomorrow. It is not one of my cells by itself that makes that decision but a substantive network of those trillion cells. Also, I would not be able to make the promise to another human being if there were not a public language convention that existed independent of me. Also, if I am going to abide by my promise then the 37.2 trillion cells or their future descendants that still compose me — some may have died and been expurgated — will have to come along to the meeting. I fulfill the promise only if all of me does. Legislating one’s behaviour through new years resolutions or laws passed in parliament, have logical consequences on which others can base their actions, yet there is a fundamental difference in the nature of the relation I hold to myself and the relation I have to others.

Since the body making a decision is going to be held responsible for it, it is up to it to ensure the decisions it makes are autonomous, that it is not as far as possible a puppet of some other agency. This requires the notion of an inside and an outside space for making decisions — the border can be more or less porous of course. In a world of externalised memory and mnemonic machines, this leads to epistemic requirements I developed in Epistemology in the Cloud — On Fake News and Digital Sovereignty: the individual needs to be able to control the hardware on which his important memories are placed, to verify the operating system which controls the hardware, and has to be able to set the access control rules on information he wants to share with others. This, of course, requires it to be able to identify others in some way, where those others also need to be in the same position following Kant’s second Categorical Imperative

Act only in accordance with that maxim through which you can at the same time will that it become a universal law.

(This imperative actually makes even more sense as an architectural design principle.)

Similarly then, a state can make laws for its citizens that will not apply to citizens of other states, and yet come to agreements with other states. What interests us particularly here are agreements about what types of institutions in other states are equivalent in one way or another if any to the institutions of the host state so that cyber-travelers can recognise in foreign lands where they are, and where they should go.

Since we think of cyberspace as a space in which travellers can travel at 1/3 of the speed of light to any other parts of the globe, this leads us to a view where a state needs to specify to its citizens online what the institutions it is composed of are, and link to similar descriptions provided by other states. It is up to the HyperText Navigator (as Browsers used to be called) to then present this information to the user of the hypertext application to let him know what type of institution or company (s)he is dealing with online.

How to Build the Web of Nations

Now imagine a world where a large enough number of states have agreed on a Linked Data ontology for describing institutions (schools, banks, businesses, armies, doctors, hospitals, … ) that browsers can use and furthermore that these states and their constituting institutions have published these descriptions in a decentralised way — as they have to since there is no super-sovereign. In the UK the CompaniesHouse web site lists all the registered companies, such as for example co-operating systems. They also make available the data in machine-readable JSON format at a different location, but it could easily be made available directly in one of the hyper-data formats (JSON-LD, Turtle, RDF/XML, RDFa,…) that are designed for linking data across institutions and so would make it possible for browsers to read these without them needing to be specially designed for the preferred syntax and ontology used by each country or even locality.

When a browser then retrieves a web page from a web server, say http://co-operating.systems/ it would be able to find a link to the official company page from the web site’s TLS certificate or the DNS-Sec record — which we depicted as the arrow 1a in the diagram below. The official page on CompaniesHouse would describe the company using the ontologies mentioned earlier: it would specify the type of company, link to official descriptions of the owners perhaps, mention when the company was founded, and importantly for us here include a list of URLs of the domains used by that company for its official pronouncements giving us the link 1b. If the browser can find this back link, then it will have with 1a and 1b the first verified link in the trust chain.

But how would the web browser know that https://companieshouse.gov.uk is itself a site that is trusted by the user of the browser to give out such information? Could it not be fake? Especially as the user of the browser may not even know of CompaniesHouse! The answer is that the browser has to find a chain of such back and forth links from this descriptive page all the way to the trust anchor.

Indeed, we could follow the pattern described previously and have companieshouse.gov.uk’s certificate or DNS-sec record link (2a) to a page on the higher level authority’s domain — lets make it short for this example — namely https://gov.uk, and that this in turn describe CompaniesHouse (2b) as being the UK index of human and machine readable companies information. This chain of two way link acts as a hyperlink verification chain for the browser to walk through.

How long it is reasonable for such a chain to be is an empirical matter to decide. I guess 10 hops or so hops may be ok, as browsers could keep caches of the top level documents to speed up search, and the checks can be done asynchronously to not slow down the user’s web experience.

This information could then be displayed in an improved browser Chrome (as the part of the browser that does not change is usually called) to help the user understand what type of website he had received information from, who the owners are, and what legal system they are liable to be tried under.

A browser set up for a UK citizen would stop verifying on reaching gov.uk. But browsers of citizens from other countries will need to continue checking the chain (if there is one at all that is, there is no obligation to tie into this trust network). This could be done by having gov.uk list the nations it considers its peers, by pointing to equivalent documents for France, Germany, Japan, China, … located on servers controlled by those countries (distributed across the embassies around the world perhaps for faster access) and these would return the favour of a link too. This would be just like social network friending but for states. A French citizen’s browser would then search for the link chain 3a and 3b, a top level country relation that the browser has very probably already cached to speed up verification times.

The existence of social relationships at the level of individuals, families institutions and nations is a good indicator that we have a platform that is scalable — or said a little differently, that the concepts we are using are scale-free. So we can see that Tim Berners-Lee’s SoLiD project at MIT — where SoLiD stands for (Secure) Social Linked Data — allows us to think at all the needed dimensions.

All of that data will be online, distributed across servers within and across countries, and some of it may be incomplete or even contradictory. One country may think of a company as a bank, the other may think of it as a casino or have no direct or indirect link to it. The database would be incoherent as a complete whole, but that is not a problem since a citizen has to anchor his trust in the root authority of his nation, and the view from that position has to be consistent enough for the citizens of that country to be able to go about their daily businesses. Some inconsistencies and errors will be rectifiable through legal means by the citizens themselves, others through embassies tied by international treaties, if goodwill and direct error reporting are not effective. The citizens of a country may be legally heard on topics such as “that shop never delivered the goods that I paid for” only if they were using the same trust anchor for the institutional web of trust that the judge is using. If you bought something from a website that your browser could in no way tie back to your sovereign’s trust anchor then it is your responsibility. You walked outside the protected path, and as with skiing that should only be done at the right skill level or with a guide. The problem is that at present there are no clear markers for where the pistes are and where the off pistes starts, other than what hugely expensive marketing machines have taught people: only do business with the GAFA (Google, Apple, Facebook, and Amazon) or the new upcoming ones (Uber, …). It is not surprising then that the distributed web has lead to monoliths of centralisation since the states have not yet built the necessary trust infrastructure to allow smaller players to emerge.

Hyper-Systems: A little excursion into maths

This type of system that allows for inconsistencies is known in Category Theory as a hyper-system. Indeed in J.J.M.M Rutten’s now classical work Universal coalgebra: a theory of systems, a Hyper-System is defined as a function of the form

S → 𝒫𝒫(S)

Where 𝒫(S) is known as the power set of S, i.e. the set of all subsets of S. The function above takes a state or world to a set of sets of those states (or worlds). Now usually a set of worlds or states is thought of as a proposition: the proposition that is true at just those worlds: e.g., I am in Paris is true in all those worlds where I am in Paris (at that time). One can, therefore, think of sets of propositions as just a database of statements, with no claim made about statements being true. This is what is known in the semantic web as a quad store, and is the foundation any serious Linked Data application that wants to keep track of who said what, and that I, therefore, called hyper-data in “Epistemology in the Cloud”. It is also known as giving us a modal logic with neighbourhood semantics, which is what counterfactuals are, see Eric Pacuit’s recent book Neighborhood Semantics for Modal Logic. Modal Logics with Neighborhood semantics are very good at describing different and incompatible points of views, which is what is needed in a system of states living in international anarchy. Now to the punchline, the Powerset of a set A can be also written as the space of functions from `A → 2`, also written `2^A` (read 2 to the power of A), each function specifying a subset of A by sending elements of A to true (1) or false (0). And so 𝒫𝒫(S) can also be written as `2^(2^S)` and so Prof. Jean-Philippe Derosier is astonishingly close to this breakthrough concept when he writes

Indeed, the (legal) concept of digital sovereignty raises difficulties as a “neogenerational” or “2.0” concept! (I), while its “two-dimensional” dimension (or 2.2?) reveals its subtleties.

Conclusion

So, in summary, the answer to the dilemma of Digital Sovereignty is for the states to bring the sovereign into the web, by building a web of institutional trust which Navigators can use in cyberspace. This will allow the state to not lose control over its lawmaking ability, to allow all its companies to participate in the cyber economy, to allow its knowledge institutions to become an indispensable part of the fabric of cyberspace, to empower its citizens, and so to extend its sovereign powers into cyberspace without denying that of other sovereigns too. Finally, this also makes it possible for individual actors to flourish and network without sovereign oversight — other than the potential requests which should be very rare of legal seizure of computing hardware under the oversight of a judge — thereby enabling an architecture of the web that is peer to peer and not one such as we have now with social networks that seem to be inspired by Bentham’s Panopticon. As the first article by Bernard Benhamou in the Book on Digital Sovereignty reminded me, Laurence Lessig had stated in his famous book that “Code is Law… and Architecture is Politics” . So let us move to a peer to peer architecture that helps the individual and makes use of the powers of the sovereign. All the general technical pieces are well understood to do this, it is just the political international will that is needed now: one needs to build an acceptable ontology, that allows browsers to efficiently work with it, and for this to be integrated into the browsers so as to be helpful to their users. It requires some leading states to publish this data about their institutions in the right way, and the rest will then follow.

Further Work

I followed up on this post with two more details articles. The first one that details how Phishing works and goes into more detail of how the Institutional Web of Trust functions.

The second post shows what can be done at the Browser User Interface level to incorporate this information to make it both interesting and useful to everyday browsing experience.

The PhD I am working on will go into the philosophy, logics and architectures needed to make the arguments developed above watertight.

Originally published at bblfish.net on May 16, 2018.

--

--

Henry Story
Cyber Security Southampton

is writing his PhD on http://co-operating.systems/ . A Social Web Architect, he develops in Scala ideas guided by Philosophy, and a little Category Theory.