“I am the head of IT and I have it on good authority that if you type ‘Google’ into Google, you can break the Internet. So please, no one try it, even for a joke. It’s not a laughing matter. You can break the Internet”
– Jen, The IT Crowd
For 15 years internet companies have been waging a war against any kind of laws that establish properties and permissions for digital things. Every attempt to do so has been bitterly fought. It’s the one constant in Silicon Valley’s battles against the copyright industries. The fight has crippled the traditional, historical partnership between technology and creators that benefited everyone. But it has also had an awful unintended consequence: it has weakened our ability to establish the clear property rights we need to protect our privacy.
When, in February, the EU tentatively suggested rules based on the principle that people own their own data, and this property right includes exclusivity (“the right to be forgotten”) – guess who was firing all guns against it? Facebook and Google… At Davos, Google chairman Eric Schmidt said the EU proposal would “break the internet”.
Just this week the UK government caused a huge privacy storm when it floated the idea of making internet companies keep a record of all personal communications on the the internet. While it argued that it wanted to store “traffic” data, not the contents of communications, little would be exempt: emails, blog comments, Tweets and Facebook Likes.
And more alarmingly, this trove of information would be casually available to busybodies. In 2010 alone, public authorities submitted 552,000 requests for communications data under RIPA. We’ve already seen how local councils, for example, initiate surveillance operations using the Act.
RIPA is intended to prevent “serious crimes”, requiring necessity and proportionality. But councils have used it to tackle “serious crimes” such as smoking, and putting recycling in the wrong bag. Some even boast about it. The new store of electronic communications would add to the data available to them. It’s a huge intrusion by the state into business that isn’t its own.
At the same time, Facebook and Google operate their own global data collection systems, hoarding huge amounts of personal data. And this is merely the start. The regression models that Facebook and Google use to predict consumer behaviour for advertisers are exactly what law enforcement agencies dream can be put to use to predict crime or ‘deviant’ behaviour. In a 2012 rewrite of Philip K Dick’s Minority Report, the “Pre Crime Division” will not require mutants floating in tanks – just software.
Privacy is not a luxury, or an optional extra – a world without privacy raises all kinds of ethical issues, and everyday judgements made about us.
So how can we halt this slide to Panopticon, where everything we do online is dipped into?
Well, no matter what law you pass, it won’t work unless there’s ownership attached to data, and you, as the individual, are the ultimate owner. From the basis of ownership, we can then agree what kind of rights are associated with the data – eg, the right to exclude people from it, the right to sell it or exchange it – and then build a permission-based world on top of that. None of this is possible without the fundamental recognition that it’s the individual – you or me – who ultimately owns it, and ultimately decides what’s then done with it, and by whom. Without properties and permissions on digital “things”, there will be no digital privacy.
I’ll illustrate this with a short story that you probably haven’t heard before – about this great phrase.
Breaking The Internet: an example
Dominic Young doesn’t describe himself as a techie, but he runs Linux at home (out of choice) and was one of the earliest users and evangelists for it in the UK (which puts him in the ‘fairly techie’ class in most people’s books). He doesn’t like not being able to do things but believes, as most people do, that if you offer an attractive product or service most people will hand over their money. I met him in 1995 when we were moderating a CompuServe forum – if you can remember that.
Young poses an interesting question. How could a network that was designed to be so robust it could withstand a nuclear attack actually be so fragile it “breaks” if one so much as breathes upon it? There are known points of failure, such as DNS (poisoning, causing temporary glitches in name to address translations, are not unknown). And there are edge cases where a node is overloaded and taken out. But overall, it’s a remarkably resilient beast – and a very difficult thing to “break”. The phrase “breaking the internet” is quite close to Young’s heart, since he was in the thick of a “breaking the internet” story.
Six years ago, the newspaper industry began to develop a protocol that would allocate permissions to documents. The idea wasn’t to block content, or wrap it in DRM, but to allow machines to read who owned a document. The protocol was the Automated Content Access Protocol, or ACAP. We described it here as “a system that governs how machines, not humans, handle content”, similar to the way that Creative Commons is a machine-readable system of permissions.
It’s important to stress that ownership and permissions allow social contracts, and institutions to be built on top of them. The GPL is an example of just such an institution. Libraries, it’s worth remembering, are another.
In the library system, the ownership of the work doesn’t change. The remarkable 1850 Libraries Act didn’t mention copyright – and didn’t change it at all – it merely gave local authorities the power to raise taxes to create public reading rooms. It didn’t enact a compulsory purchase order on author’s rights; it wasn’t necessary. Libraries and the GPL are both possible because of strong property rights.
According to Young, ACAP initially won a positive reception from Google, because it was “seen as a way of solving a sticky problem without having to legislate – and avoided lots of awkward issues like DRM.” ACAP was the kind of thing politicians like; it saves them from passing more laws.
Google then got on board and assigned a techie to help develop the syntax. HTML tags were the natural choice, but Google insisted otherwise.
Mark Bide, a veteran consultant who advises publishers on metadata and other technical issues, takes up the story.
“The Google engineer wanted to use an old 1990s format, Robots.txt, the Robots Exclusion Standard. He said if we didn’t work in this old format, no one would be able to comply with it,” Bide told me. “So rather against our instincts – because it’s an awkward syntax – we said we’ll work in that format.” Duly, version 1 of ACAP was published.
Then the team began to hear something odd: Google was briefing Whitehall. Google began to tell people terrible things would happen if permissions were attached to documents.
“It came from government officials, who told us that while they liked the idea of ACAP they had been told that it would ‘Break the Internet’,” Young remembers.
Bide recalls this message percolating down from civil servants: ACAP wasn’t allowed to arrange a three-way discussion to rebut Google’s whispering campaign.
“None of them wanted to go down in history as the person who unwittingly ‘Broke the Internet’, and none of them were geeky enough to ask even the simplest questions to explore the substance of this ludicrous claim, or willing to facilitate a conversation which might lead to an answer,” recalls Young.
Google CEO Eric Schmidt then raised a technical reason.
“At present it does not fit with the way our systems operate,” he said in 2008. Which is interesting, because it was Google that had insisted on ACAP being in robots.txt.
There are several possible reasons for Google’s briefings. Bide suspects that with Google’s ongoing skirmishes with newspaper publishers, it feared any co-operation on ACAP might be construed as an admission of liability.
“To accept that people could tell you not to do it was to accept that doing it without permission was not entirely legitimate.”
If that’s true, short-term arguments won out over long-term benefits of market building. If Google designed the protocol that created a global content marketplace for newspapers and magazines, it would be in the platform position it so craves. It may yet be, as the ACAP work continues; it’s not going away.
But the exhortation not to “break the internet” has become a rallying cry and a powerful propaganda tool to avoid property rights being attached to digital objects. It seems that any attempt to create ownership is catastrophic, at least in some people’s minds.
Bide also notes how the phrase “breaking the internet” is quite artfully constructed. It’s beautifully ambiguous. To us techies, who know how robust it is, breakage is a cataclysmic event – it implies something on the scale of a complete power out. But the phrase can be whispered to a non-techie with the meaning that the “the internet will change”. The non-techie doesn’t really know how robust the internet is, in reality, and so the warning becomes apocalyptic. Because Google managed to maintain a monopoly on policy-makers’ ears, it was able to carry off the deception. But that’s by the by – let’s see what this means for privacy.
“Imagine no possessions”
The absence of permissions on our personal data and the absence of permissions on digital copyright objects are two sides of the same coin. Economically and legally they’re an absence of property rights – and an insistence on preserving the internet as a childlike, utopian world, where nobody owns anything, or ever turns a request down. But as we’ve seen, you can build things like libraries with permissions too – and create new markets. Without a sophisticated, machine-readable world of documents, the internet economy still looks like the giant, mewling infant it did 15 years ago.
For Bide, privacy and content markets are just technical challenges that need to be addressed intelligently.
“You can take two views,” he told me. “One is that every piece of information flowing around a network is a good thing, and we should know everything about everybody, and have no constraints on access to it all.” People who believe this, he added, tend to be inflexible – there is no half-way house.
“The alternative view is that we can take the technology to make privacy and intellectual property work on the network. The function of copyright is to allow creators and people who invest in creation to define how it can be used. That’s the purpose of it.
“So which way do we want to do it?” he asks. “Do we want to throw up our hands and do nothing? The workings of a civilised society need both privacy and creator’s rights.”
But this a new way of thinking about things: it will be met with cognitive dissonance. Copyright activists who fight property rights on the internet and have never seen a copyright law they like, generally do like their privacy. They want to preserve it, and will support laws that do. But to succeed, they’ll need to argue for stronger property rights.
They have yet to realise that their opponents in the copyright wars have been arguing for those too, for years. Both sides of the copyright “fight” actually need the same thing.
This is odd, I said to Bide. How can he account for this irony?
“Ah,” says Bide. “Privacy and copyright are two things nobody cares about unless it’s their own privacy, and their own copyright.”
Originally published at The Register