There’s been a lot of rage across the internet and related companies about a US bill called the Stop Online Piracy Act, abbreviated as SOPA. You can look to Wikipedia for what the whole thing is about and why people are upset. In short, it greatly contracts internet freedom and may inflict damage on the core structure. That is not the part I am writing about. If anything, it’s amazing that things took so long to get to this point. We’re seeing the beginning of a war that was always inevitable, and I fear that if we continue to try to solve it at a policy level, freedom will lose as it always does.
Money and power are and always have been centered around a singular point: control. In order to protect an oppressive government, or an oppressive business model, you must control the basic pathways and communication channels. The methods have changed over the course of centuries but the ideas have not. The Internet and the Web represent largely uncontrolled systems of communication. As a result, it’s been a continued thorn in the side of governments and corporations for many years. From Napster to PirateBay and WikiLeaks, and far more reprehensible things (eg child porn), there’s been a constant struggle between freedom and control. That struggle has been largely random and without direction, because nobody really knew how to police the internet. The system was designed to be resilient, and there are many, many ways in which blocks by oppressive regimes have proven ineffective.
Now we’re seeing the next phase, which is to target the gate-keepers. The internet is resilient, but it is not resilient enough. Search engines and link accumulators were targeted first. Coupled with DMCA provisions, sites are vanished from Google and Bing and once that happens the site may as well not exist. Discovery becomes nearly impossible. This has been done to protect “copyright holders” and “intellectual property”, but that is merely a proxy for ANY information that any party or any government (primarily the US) does not want in the wild. You only need to observe Universal’s assault on the MegaUpload video to understand that. Making somebody invisible, even temporarily, is an enormously powerful ability.
The next target, possibly the crucial one, is the Domain Name System (DNS). DNS is responsible for translating a domain name like “google.com” into an IP like “10.11.12.13″. The US Department of Homeland Security has gleefully pursued sites by revoking their domain names without anything resembling due process and without available recourse. And without actual authority, for that matter. The results were predictable: a technical workaround which got the government mad, and a bogus seizure that made the whole program look corrupt, which it is.
The last gatekeeper is the ISP, the guys who hold the actual physical connection between us and the internet. They are under assault too. It’s the same story over and over again, but in the end the ISPs will cave because it will be difficult or illegal for them to hold out.
SOPA might be the greatest ever attack on Internet freedom, but it’s also a dead-on logical expansion of a war that has unfolded continuously over the past decade or more. It’s possible that this particular measure will be defeated. The trouble is that it doesn’t matter. There is far, far too much at stake for the corporations and governments to let this go so easily. They will learn from their mistakes here, tweak and tune the language and the pitch, and come back with armies of lobbyists time and again until the chaotic political winds line up in their favor. That WILL happen, and things will start to crumble for those who value freedom.
Ultimately Hollywood wants the same thing that the government wants: the ability to control and restrict what happens on the Internet and how. They are on the same side, and all the calls in the world to your Representative will only delay what’s coming. It’s useful to buy time, but at the end of it all there is only one choice that will work: the Internet and the World Wide Web must be made entirely immune to censorship at a fundamental technical level. It must be redesigned so that no amount of legal threat is capable of affecting it at all.
From a technical point of view, that means a few things. First, the DNS system must be secured against the whims of any government. There are two options for doing that. One is to secure the DNS system so that every country controls its own TLDs and cannot affect any others. I believe this is doable with a widespread rollout of DNSSEC. The US could still revoke domains, but only those hosted as COM/ORG/NET/US/etc which are ostensibly subject to their legal control anyway. Just pick a country where whatever you’re doing is legal and sign up with them. The other option is rather extreme, and involves replacing the DNS system entirely with a new naming system that is not under anybody’s control at all. There is work along these lines, but it’s difficult to see potential for mainstream adoption. (On the other hand, it could thrive in environments like P2P networks if the tech details are hacked out.)
Then there are the ISPs. There’s no point locking the overall system down if your personal uplink still says “hey, no PirateBay for you no matter how you’re trying to get there.” That requires end-to-end encryption of your sensitive traffic. We have a system for that called Tor, but it’s possibly extreme. The ability to perform encrypted DNS queries locally (this is different from DNSSEC), plus secure HTTPS connections, achieves nearly everything we need. The latter has already become commonplace on major sites, which only leaves us to solve encrypted DNS queries. Luckily we’ve got that too.
That leaves us with the visibility problem in search engines, social networks, and similar services controlled by a single entity. I’m less concerned about this, because the steps I’ve discussed so far open the door for somebody in a more open country to build systems that are not subject to government or corporate whims. There is work on a decentralized search engine that isn’t subject to any control at all, but it’s unclear whether such a system is actually workable. Similar efforts are underway to replace centralized services such as Facebook, Twitter, and even semi-centralized mechanisms like OpenID. There is a core belief here that any system that is centralized is necessarily a threat, and cannot be trusted. I don’t know if that’s the case, but the more research we have in building completely distributed tools the better.
To try and win true freedom for the Internet on political and policy grounds is an eternal battle which we will likely lose. There is too much at stake for the power players to give up what we are asking of them. If we’re lucky, Google and all the other internet companies will remember to sink millions of dollars into R&D into making the Internet unbreakable, instead of simply lobbying the government not to do it. Once we make it indestructible on a technical level, governments and corporations will be forced to adapt to the new order, instead of trying to stop it. That’s our only chance to preserve what we’ve built and earned in the last forty-odd years: a completely free communication system that is equal to everyone.