An international information processing group warns the Web could be weakened unless people act
Do you believe that governments should be involved in regulating the Internet? Governments regulate almost everything else, but the Internet has evolved quite well without it. In December the International Federation for Information Processing (IFIP) issued a statement on intentional weakening of security and trust mechanisms in ICT and the Internet by government agencies and other major actors.
IFIP and represents IT Societies from 56 countries/regions. Its careful wording makes it clear they do not want to accuse everyone but that they see a definite danger. Some major actors are intentionally trying to erode the trust that is required for the internet to work. If people don’t trust the Internet, then its usefulness will decline and as less people use it there will be a smaller Internet. The alternative is proprietary networks that are specifically owned and operated by folks who decide what goes on them (censorship) and where they connect (controlled access). Who would benefit from this?
The obvious implication of the IFIP statement is that the governments and “other major actors” are the ones that would benefit. And so they are working in their own interest. It is important that we work just as hard on behalf of our own interests. To do this, we must decide what we believe would be the best way to run the Internet and the ICT industry. Do we want the governments involved?
In Canada, we believe in good government and often urge the government to look into “misdoings”. For example, in October 2013 IT World Canada ran a story about the ethics of Bell’s Data Grab. Regulators were urged to intervene.
As IT professionals, we are just beginning to think about what we stand for. There has been some research about what the values of IT should be. They talk about Computational Thinking being a universally applicable attitude.
Some have suggested values that include openness, reusability, generative (builds on previous ideas) and permissionless.
Openness is the value that we are discussing for the Internet. Moving back to proprietary networks would mean that our experiment in an open network did not work. As with all efforts to make things equal for all people, it is important to continue to protect that ability because there are always forces trying to make things unequal and better for some.
IFIP asks us to help protect the trust required to keep the internet working. They list six things we can work toward to help protect that trust:
A stop on government-sponsored measures that intentionally weaken the security mechanism of ICT and Internet technologies;
Open and frank descriptions, explanations, and discussions of current and future weaknesses, e.g. on the steps that have been taken to prevent illegitimate exploitation, and a pause, while the implications of the weaknesses become better understood;
An open trust infrastructure, that resists domination by major players;
Transparency of ICT and the related infrastructures and operation procedures, e.g. if the risk calculation employed says that the cost of the increase in fraud is worth the increase in security;
Implementation of protection mechanisms that users can really control;
An infrastructure of independent institutions to assess the security and reliability of complex ICT.
They ask that ICT manage this ourselves instead of leaving it to governments. Do you think we can do this? I think we should certainly try.