The Future of the Internet and How to Stop It by Jonathan Zittrain, Yale University Press, 352 pages, $30.00
The delirium and delusions that surrounded computing and the Internet in the 1990s have given way to a sentiment just as dangerous--complacency. It's not just that yesterday's wonders have so quickly become routine; most of us also take for granted the basic workings of the digital environment, including the freedom for experimentation that it affords. Countries like China may control the Internet, but in our society don't the free market and the open, untamed wilds of cyberspace make it nearly impossible to clamp down on innovation?
If that's what you think, you need to read Jonathan Zittrain's new book, The Future of the Internet and How to Stop It. A professor of law and Internet governance and regulation at Oxford, Zittrain is one of a group of technically literate legal scholars who have clarified what's at stake politically, economically, and culturally in choices about the architecture of the new media. The role of this group--others include Stanford's Lawrence Lessig and Harvard's Yochai Benkler--is itself noteworthy. They have become an important source of intellectual renewal in contemporary liberalism, showing how to translate constitutional principles and democratic values into the emerging digital world.
Zittrain's work neatly complements Lessig's and Benkler's. In his 1999 book, Code and Other Laws of Cyberspace, Lessig warned that the Internet might evolve from a technology of freedom into a technology of control, and in a recent second edition, Code Version 2.0, he points to Zittrain's work as spelling out how that could happen. Benkler's 2006 magnum opus, The Wealth of Networks, argues that the networked information economy and public sphere offer improved possibilities for realizing such liberal values as personal autonomy, democratic participation, and a critical culture. The tenor of Zittrain's work is more pessimistic, but like Benkler, Zittrain favors approaches that "go light on law" and rely instead on the new technology's capacity for facilitating voluntary social coordination on an unprecedented scale.
For Zittrain, the very qualities that make the personal computer and the Internet so valuable are the source of their vulnerability and possible undoing. At the core of his thinking is a distinction between what he calls "generative" and "sterile" technologies. Generative technologies allow anyone to build upon them without permission, whereas sterile technologies are controlled by their manufacturer or owner. The generative/sterile distinction isn't exactly the same as the one between open-source and proprietary software. Microsoft's operating systems are proprietary, but in Zittrain's terms they're nonetheless generative because they can be built upon without Microsoft's approval.
"The PC revolution was launched with PCs that invited innovation by others. So too with the Internet," he writes. "Both were designed to accept any contribution that followed a basic set of rules (either coded for a particular operating system, or respecting the protocols of the Internet). Both overwhelmed their respective proprietary, non-generative competitors, such as the makers of stand-alone word processors and proprietary online services like CompuServe and AOL."
Zittrain's analysis illuminates why the triumph of the Internet over its well-financed proprietary rivals was so significant for creativity and innovation in the world. As he explains, the proprietary networks were not "user-programmable"; a computer connecting to CompuServe, for example, was configured as a dumb terminal and could exchange only data, not programs. That made the proprietary networks more secure but also slow to evolve--they had only the features that their owners decided would be profitable.
In contrast, the Internet has been open to innovation at every level, from its physical infrastructure to its logical layer (software), to its higher levels of content and social organization. Many contributions have come seemingly out of nowhere, from people without credentials or investors. For example, Trumpet Winsock, the original program that allowed PCs running Microsoft Windows to connect to the dial-up servers of Internet service providers, came from a hobbyist in Tasmania, Peter Tattam, who distributed the program as shareware. When the computer scientist Tim Berners-Lee created the html markup language that generated the Web, no network authority had chosen him to do it or gave its approval. These and other innovations were not planned; they were made independently and just spread. From its beginnings, the Internet was designed to permit computers to send and receive programs and to be run by other computers from a distance. This has been one source of both its versatility and its vulnerability. "On the Internet," Zittrain points out, "the channels of communication are also the channels of control."
The result has been, in Zittrain's phrase, a "generative trade-off." On the one hand, the combination of generative PCs linked together in a generative network has unleashed innovation and enabled the Internet to evolve new capacities and resources at an astonishing rate. The explosion of social media--blogs, wikis, social news sites like Digg, Facebook and other social-networking sites, Flickr, YouTube, and so on--is just the latest wave in this process. On the other hand, a generative network of generative PCs has also been a fertile environment for new pathologies such as spam, viruses, and "malware."
Zittrain warns that this downside now threatens the entire generative system. Internet security incidents have been growing at a geometric rate, millions of poorly protected computers are connected by broadband in an always-on state, and computers can be infected merely by surfing a compromised Web site. Moreover, the early days of relatively innocent hacking are over; today there is "a business model" for malware. The creators of bots--software robots that spread virally over the Net--can seize control of PCs and, unbeknownst to their owners, turn them into "zombies" awaiting further instructions. Millions of PCs, perhaps yours, are already acting as e-mail spammers, and the same techniques can be put to more serious purposes, such as coordinated attacks on commercial Web sites to extort money. As a result, skillfully designed viruses have become "valuable properties."
Zittrain writes that these proliferating troubles could well lead more people "to prefer security to generativity." The shift in sentiment could come through a gradual deterioration of confidence in the Internet (for example, through increased incidents of identity theft) or as a result of a catastrophic breakdown. To protect themselves, instead of buying devices with open platforms for unpremeditated uses, many people would increasingly opt for safe "information appliances," that is, devices like the iPhone whose software is centrally controlled and therefore more effectively guarded. And computers themselves may increasingly get locked down, as they already are in many companies, universities, and other organizations where network administrators control the programs that can be loaded on individual machines.
This shift could occur even if people don't make a conscious choice for greater security. The more people rely on cell phones rather than PCs as the platform for online communication, the more they will likely move from a generative to a sterile technological environment. And "cloud computing"--that is, using the PC essentially as a dumb terminal and relying on programs residing on giant servers run by companies such as Google--would also be a big step in this direction.
Besides inhibiting innovation, a sterile technological environment creates another risk for freedom. Even if the control remains in private hands, the more individual activity depends on programs controlled from a central point, the more amenable that system becomes to government surveillance and regulation.
The thrust of Zittrain's book is that the shift back toward sterile technology cannot be entirely avoided, though the dangers can be mitigated. Instead of relying wholly on formal governance institutions or commercial security vendors to make the Net secure, Zittrain has specific proposals and initiatives already under way to use generativity to solve the problems of generativity--"to empower rank-and-file users to contribute, rather than to impose security models that count on a handful of trusted people for control." For example, StopBadware.org, a project based at Harvard and Oxford, aggregates information about Web sites and programs that violate privacy and security guidelines (Google's search engine now throws up an alert about sites identified by StopBadware before someone clicks through). What's needed, Zittrain contends, is the equivalent of a Manhattan Project, but this time on a decentralized basis that engages people as participants, in the way that Wikipedia does.
Whether that's a practical cure, I don't know--and if there's a truly catastrophic event that spreads online, all bets are off. Richard Clarke, the anti-terrorism expert, refers to the potential for a "digital Pearl Harbor." Zittrain conjures up visions of malware changing the numbers around in spreadsheets, turning text files to gibberish, erasing hard drives, and producing major breakdowns in transportation, finance, and other realms. If such things happen on a massive scale, we will all prefer information appliances.
In the digital environment as in other areas, a framework of security is a prerequisite for freedom, but we also have to avoid getting stampeded by fear and alarmism into compromising freedoms that needn't be in danger. Zittrain wants us to understand that the freedom the Internet affords is far more precarious than we may have realized and that if we want to keep that freedom, we're going to need to evolve new social capacities. It's a wake-up call (the bots are coming!) for a kind of civilian defense--part community watch, part high-tech volunteer militia. Ignore Zittrain's warnings, and we may prove his forecast right.