Rethinking the Internet: A New Foundation (Part 2)

Photo by Ryan Quintal on Unsplash

The first part in this series, A New Model: Unbreaking the Internet, highlights the current weaknesses of the primary business model supporting the US Consumer Internet. The post that follows analyzes the ways in which the Internet can be “re-built” from the ground up in a way that would create more options for business model innovation. The final part in this series will analyze applications aimed at improving the Internet user experience by enabling consumers to regain control over their time, attention, and data.

Re-Building it From the Ground Up

The Internet changed the world. It allowed for the sharing of information on an unprecedented scale, facilitated global communication, and all of it was built on open architecture. Our usage of technology and the Internet has evolved and morphed in ways that most of us were unable to anticipate at the time of the Internet’s creation. It was built without a native identity layer and the ability to integrate payments was an afterthought. It was saddled with an extractive business model (surveillance advertising) and the value it generates has ended up accruing to a select few platforms.

While the Internet started off as a place where people created communities, the surveillance advertising business model quickly turned these tight knit communities into sprawling networks. Along the way, a sense of belonging was replaced with near meaningless connections.

Our dependence on technology now resembles addiction, and that is by design. The growth of the mental health and wellness market partially indicates a realization among consumers that the current US Internet business model has created a hostile online environment and has resulted in dependent behavior. Egregious privacy violations and malicious exploitations of technology have resulted in a widespread degradation of trust.¹

Still, users remain on these platforms. A large part of that has been due to switching costs. If a user decides to stop using a platform, their data remains trapped within it, effectively erasing their digital identity (connections, posts, likes, and photos.) GDPR and its data portability clause should lower these switching costs, at least where the regulation is applicable. However, many users are still unaware of the extent to which their actions are being tracked and their behavior is being analyzed. Fewer still realize that this analysis is often used to manipulate their behavior (to drive conversion.) Prior to 2017, data privacy and tech dependence were not in the public discourse. Even now, European consumers and enterprises are much more aware of the significance of data privacy than their US counterparts. This is starting to change with CCPA regulation in California and discussion of federal data privacy regulation in the US. Still, user behavior is always difficult to change, and behavior that results from using products that are designed to elicit responses resembling addiction is even harder to change. This means consumers will need to continue interacting with applications in much the same way that they have been while the underlying infrastructure better protects their privacy and allows value to accrue back to them.

Let’s not disown the Internet, let’s redesign and rebuild it.

What Would a “New Internet” Look Like?

“The Web as I envisaged it, we have not seen it yet. The future is still so much bigger than the past.” — Sir Tim Berners-Lee²

It would have an identity layer: Since the Internet lacks a native identity layer, each Internet service provider is forced to conduct know your customer (KYC) procedures individually, building internal databases to house the supporting data. Consumers are therefore forced to share their personally identifying information (PII) with many different service providers in order to authenticate their identity online. These service providers are, in turn, required to store and safeguard this sensitive data. Duplication and replication of this data is inefficient and creates many points of vulnerability. The average cost globally per record containing sensitive and confidential information stolen by a third party is $161.³ The size of the breach is also positively correlated to the rate of customer churn. Abnormal churn following a security breach increased year-over- year from 3.2% to 3.4% globally in 2018.³ Enterprises don’t want this liability.

It also creates a negative user experience. When consumers have to provide the same PII to multiple service providers, it slows down on-boarding processes for new interactions and increases the time required to engage in existing relationships with service providers. Consumers on average have 27 distinct accounts online, according to a 2016 Intel Security Survey of 2,000 respondents. The same study found that 37% of respondents forget a password at least once a week. Valuable time is wasted retrieving and resetting these passwords. Furthermore, given the number of distinct accounts consumers maintain, they are likely to use the same passwords across accounts. This leaves consumers vulnerable to identity theft. 31 people in the US fall victim to identity fraud every minute — amounting to $16.8 billion in losses from 16.7 million U.S. consumers in 2017.⁴ Single-sign-on (SSO) attempts to solve this issue but instead results in an enormous accumulation of personal data by the authenticating party. “Sign-in with Apple” is a mild improvement over Facebook and Google’s SSO, in terms of data privacy, but still traps digital identity in the silo of a third party.

The technology now exists to improve upon this design, but it is nascent. Advancements in cryptography, such as zero-knowledge proofs, combined with blockchain technology allow for minimal disclosure of sensitive information, eliminating the need for enterprises to store sensitive information and reducing the points of vulnerability for consumers. Web-of-trust based identity and reputation systems, like that proposed by Glen Weyl, further reduce the ability of any one organization to become the purveyor of digital identity.

Via an open source project called Solid, Sir Tim Berners-Lee and others have been working to create web specifications that incorporate a native element of identity, among other functionality, into the web. Importantly, these specifications are 100% backwards compatible with existing W3C standards. When Sir Tim Berners-Lee invented the World Wide Web, there were two principles he considered key to unleashing the full power of the Internet: read-write functionality and managed data accessibility.⁵ Unfortunately, both were lost as the Internet evolved.

The first web browser was also an editor. The original intent was that everyone would be able to read content on the web while also helping to create it. However, the Mosaic browser (the infamous “killer app”) added multimedia but eliminated editing as it was viewed as too difficult a problem to solve. The issue with allowing for write access is that you need permissions (control over who can write what.) Permissions are tricky because they require a method of establishing identity online. Trustworthy digital identification has been “one of the main challenges facing the Internet ever since it was invented, because none of the traditional, offline means of verifying that someone is who they say they are apply.”⁶ Sir Tim Berners-Lee and others have been working for 15 years to solve these challenges in pursuit of a “read-write web.”

More specifically, Solid is a set of modular specifications, which build on and extend the founding technology of the World Wide Web (HTTP, REST, HTML.) These specs form the basis of Solid’s “Linked Data philosophy”, which “glues all of our data together, to create a complete Web Operating System.” In this system, data is stored in an user’s Solid POD, which is akin to a “”secure USB stick for the Web.” A Solid POD can be access from anywhere and can be located in a consumers’s house or workplace, or with an online Solid POD provider. Since the consumer owns their data, they’re free to move it at any time, without interruption of service. Consumers grant people and applications permission to read or write to parts of their Solid POD. That means consumers don’t have to fill out their details over and over again as they transact online. Instead, they are read from the user’s POD once permission is granted. A consumer never has to sync anything, because their data resides with them. The main enhancement is that the web becomes a collaborative read-write space, passing control from owners of a server, to the users of that system.⁷

It would support a native payments layer: While it seems the original creators of the Internet foresaw the need to incorporate digital payments, the 402 error code (“Payment Required”) is still “reserved for future use.” The creation of cryptocurrencies, and the associated concept of an Internet of Value, was the first step. Interesting applications of ILP (Interledger protocol) that leverage “streaming payments,” such as Coil, may be the next.

It would have native governance: We now live in a digital realm. Our lives have migrated online to the extent that the digital sphere has become our global, public sphere. For obvious reasons, public goods / public commons require governance. However, our digital world currently lacks built-in governance. While the efficacy of on-chain governance is still experimental, blockchain technology provides an opportunity to incorporate governance (ideally democracy and not plutocracy) into our digital world.

“Data structures are power structures.” Glen Weyl

It would be built atop privacy preserving infrastructure: The Internet needs to evolve from a system that relies on corporations that pledge not to be evil, to a system where they don’t have the ability to be evil in the first place. That requires a different type of infrastructure, a privacy-preserving infrastructure. Building applications that don’t require a change in consumer behavior but that are built on infrastructure that preserves their privacy is perhaps the easiest way to improve the Consumer Internet user experience.

Below are several examples:

• Elixxir: David Chaum, widely recognized as the inventor of digital cash, is developing a privacy-preserving messaging and payments application. Elixxir runs on a fullstack blockchain, operating on a mix network with quantum resistant security that supports messaging, payments, and decentralized applications (D’Apps), allowing for data transfer in a way that maintains metadata unlinkability. Elixxir is currently operating in Alphanet.
• Canopy: The company has built a discovery (search) app atop an architecture that combines on-device machine learning and differential privacy to provide personalization without personal data ever leaving a consumer’s device. Canopy is currently in a private iOS beta.
• PixonEye : A UK-based company that allows data analysis to take place on an end-user’s phone without uploading any personal data to the cloud. Via PixonEye, enterprise clients gain access to an anonymized and probabilistic profile of end users, which can then be used to personalize interactions. More specifically, PixonEye provides these clients with user profiles that consist of a series of probabilities indicating the likelihood that a consumer belongs in each of PixonEye’s categories. Analysis is stored on PixonEye’s servers, ring-fenced for each client, relieving the client of having to store sensitive data.
• Blockstack: Blockstack (a Dorm Room Fund community company) is a decentralized computing network that puts consumers in control of their data and login and that enables engineers to build secure, privacy-focused applications. Over 150 D’Apps have been built atop the Blockstack protocol.
• Oasis Labs, Enigma, Madana, and Cosmian also leverage privacy preserving architectures, but are focused on building Layer 1 protocols (base-layer blockchains), not applications, and target enterprise clients.

It would re-establish a sense of community: Generations tend to be shaped by large scale shared or catastrophic events.⁹ Millennials grew up under the assumption that surveillance was a form of protection, only to realize that it had infiltrated their digital lives in insidious ways, with isolating side effects. As a result, they are searching for a return to the original feeling of community on the Internet, for humane tech, for a way to incorporate emotional intelligence with artificial intelligence, and for a way to regain authenticity in their online interactions.

Gen Z has been shaped by a degradation of truth and a perceived destabilization of reality, in response to a world where reality is increasingly warped and augmented. Gen Z is comprised of digital natives, but they are also digital nomads,¹⁰ searching for a home in digital third spaces, a refuge in which they can define their own realities and where they can co-exist and co-create online. They are searching for a sense of stability in an increasingly unstable physical world. They are searching for tighter knit communities that allow for collective participation and shared group experiences (e.g. Squad, a First Round Capital community company.) They are abstracting their identities via filters, avatars, and anonymous communication in search of a reprieve from pressure, judgement, FOMO, cyber-bullying, and anxiety.

With new business models supported by this improved infrastructure, social interactions on the Internet could evolve in this direction. Vanity metrics could be discarded and interactions would no longer have to revolve around self-promotion and branding, allowing online interactions to once again be genuine. Identity would not have to be photo-realistic or constrained (one-to-one.)¹⁰ The medium could be more private and the messaging could be positive.

Freed from their existing business models and supported by improved infrastructure, social networks would be able to reincorporate the principals of social exchange theory, once again allowing for “reciprocity, fairness, and negotiated rules, with information, approval, respect, power, group gain and personal satisfaction among the rewards.”⁸

Once all of this infrastructure exists, the challenging part will be creating applications that leverage this technology in a way that allows consumers to regain control over their data, time, and attention without requiring a monumental shift in consumer behavior.

The first part in this series, A New Model: Unbreaking the Internet, highlights the current weaknesses of the primary business model supporting the US Consumer Internet. The final part in this series will analyze applications aimed at improving the Internet user experience by enabling consumers to regain control over their time, attention, and data.

References

1. https://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697
2. https://medium.com/@timberners_lee/one-small-step-for-the-web-87f92217d085
3. https://www.ibm.com/security/data-breach
4. https://www.javelinstrategy.com/coverage-area/2018-identity-fraud-fraud-enters-new-era-complexity
5. https://solid.mit.edu/
6. https://www.cafonline.org/about-us/blog-home/giving-thought/the-future-of-doing-good/self-sovereign-digital-identity-and-the-future-of-charity
7. https://solid.inrupt.com/docs/intro-to-solid-spec
8. http://start-thinking.com/sm-and-comm-theories
9. http://download.2164.net/PDF-newsletters/next20years.pdf
10. Ideas attributed to Reggie James