Open Internet Standards 8 October 2012

Address Delivered to the Budapest Conference on Cyberspace

Markus Kummer, Vice-President for Public Policy, Internet Society

Mr. Chairman, Excellencies, Ladies and gentlemen.

It is a privilege and an honour to be part of this distinguished panel. I am stepping in for our CEO and President, Ms Lynn St Amour, who had to cancel her participation for unforeseen personal reasons and sends her best wishes for a successful meeting.

It is a great honour for the Internet Society to be invited to the top table of this important gathering. We take it as a sign of recognition of our work, to be recognized as source of information on Internet-related issues and our role as an actor with a very focused mission: “the Internet is for everyone”. We have made huge progress since we were set up by some of the founding fathers of the Internet back in 1992. Today we have two billion Internet users – there are four more billions to come before we can consider our mission accomplished.

Trust, Security, Freedom and Prosperity are the four key words of the Budapest Conference on Cyberspace. These are indeed key notions. Freedom, prosperity and trust are organically linked to each other – the Internet is based on trust and it has spread democratic values and freedom; it has also driven innovation and economic growth.

Allow me to start with the basics, the key characteristics of the Internet as a network of networks, its architecture and its governance.

From its beginnings in the early 1970s to its massive worldwide expansion in the past 20 years, the Internet has evolved from a research project to a central communication, social and economic hub for more than two billion people.

The Internet as a network of networks has changed societies and the way people interact with one another. Beyond its societal impact, it has political consequences. Human history has shown that ideas can be powerful agents of evolution and transitions. The Internet unquestionably played a significant role in the Arab Spring which clearly demonstrated a shared desire for freedom of expression, self-determination and peoples’ rights.

The Internet’s organic relationship with freedom of expression and freedom of association is not the mere product of chance, but rather the result of specific design choices and considerations that emerged from the development of the technology and the associated protocols. For example, the end-to-end decentralized nature of the network is a fundamental characteristic, which focuses on the edges rather than the centre of the architecture. The Internet, by design, empowers users on the margins and acts as a democratic conduit. It also fosters economic growth through innovation. The core of the network is dumb and all the intelligence is at the edges, allowing for innovations such as the world wide web, VOIP, video streaming or social media. We like to call “innovation without permission” a key characteristic of the Internet. Or looking at it from another angle: would we really be able to benefit from these innovations had the Tim Berners-Lees of this world had to ask governments for permission first, before inventing the world wide web?

These architectural principles are reflected in the way the technical coordination of the Internet works. Nobody is in control, many organizations work together in a distributed, collaborative effort, based on confidence and trust. Trust is indeed a key ingredient of Internet collaboration – it is the oil that makes the Internet’s wheels go round.

What about security? Security was not part of the Internet’s DNA. I heard Bob Kahn once say (he and Vint Cerf are the co-inventors of the Internet’s underlying protocol – the TCP/IP – and at the same time we also take pride in counting them among the founders of the Internet Society back in 1992) – Bob Kahn said “… the Internet was not built to be secure, but to be open”. This is a perspective we should not loose out of sight.

It is not that the Internet Community does not take security seriously – quite the opposite. There are constant efforts underway to develop standards that improve the stability, resilience and security of the Internet. DNSSEC is but one measure that deserves to be highlighted as a significant improvement of Internet security. Clearly, there is a need for more collaboration, for more exchange of information and sharing of best practices. However, all efforts to improve  security ought to build on the Internet model of open, transparent and inclusive policy development processes that involve all stakeholders: governments, business, civil society and the Internet technical community. No stakeholder group can do it alone – not governments, not business, not civil society nor the Internet technical community. They all need to work together.

Whatever we do, we ought to keep in mind the Internet’s key characteristics:

  • its global reach and integrity
  • its open and interoperable standards
  • its ability to allow for innovation without permission
  • the accessibility of the Internet and the ability of users to contribute content
  • the spirit of bottom-up collaboration, based on trust, involving all stakeholders.

Solutions to improve cyber-security ought to be based on these core characteristics. They should not impose national borders on the Internet, nor should they stifle innovation or suppress freedom of expression.

However, we realize that we cannot take the Internet for granted. A few years ago, the Internet Society engaged in a scenario planning exercise to reveal plausible courses of events that could impact the health of the Internet in the future. I have been asked to give a short presentation of this exercise. While obviously not intended to be a definitive overview of the landscape or all potential issues, we believe the results are interesting and we hope that they will inspire our thinking about what kind of Internet we want.

Scenarios always start from a question about the future. In this case, the focal question for the exercise was: “Will the world embrace or resist the open Internet model?” with a second-level question to narrow the field: “What model will be more successful? Command and control? Or, distributed and decentralized?”

These two questions defined four quadrants, with a horizontal axis ranging from a command and control to a decentralized and distributed model, while a vertical axis goes from a reductive to a generative model. The key words describing the generative model are innovation, competition and trust while for the reductive model they are security, risk mitigation and control through rules. The key characteristics for the command and control scenario are exclusive standards and heavy regulation, whereas the decentralized model is based on light regulation and open standards.

This led to four very different stories about how the Internet might develop over the next eight to ten years.

  • The Common Pool scenario is based on interoperability, open access, open standards and light regulation. It is decentralized, distributed and highly generative, allowing for innovation and competition, based on trust.
  • The Boutique Networks Scenario is also generative and allows for innovation and competition, but it is based on exclusive standards and heavy regulation. Its key characteristics are closed devices, client capture and sticky services and it tends towards a command and control approach.
  • The Moats and Drawbridges Scenario falls also under the command and control approach, with exclusive standards and heavy regulation. It is a reductive model with a focus on security, risk mitigation and control through rules. Its key characteristics are tight regulation, censorship and content contro.
  • The Porous Garden Scenario, finally, is a decentralized and distributed model, based on open standards and light regulation. However, at the same time it is reductive with an emphasis on security, risk mitigation and control through rules. Its key characteristics are fragmentation, no consensus and multiple roots.

All of these stories contain some elements of the Internet that exists today. And the Internet of tomorrow will almost certainly not look exactly like any of the stories. But each of the four scenario stories presents a different and plausible direction that the Internet might evolve towards. The Internet of the future may contain some of the characteristics of all four stories. It goes without saying that we try to ensure that the Internet of the future will look most like the “common pool” scenario.

Changes will happen. The future billions of Internet users will come from the developing world; they will speak different languages and will have different cultural and societal values. They will contribute to shaping the future of the Internet. While change is inevitable, our mission is to defend the essential characteristics of the Internet:

  • its open architecture; and
  • its open  and bottom-up collaborative governance model, based on multi-stakeholder cooperation.

These key characteristics have contributed to the success of the Internet; they also contribute to human empowerment, social development and economic growth.

Related resources

Internet Way of Networking 9 December 2020

Remarks at the 35th Anniversary of the NSFNET

Remarks from Internet Society President and CEO Andrew Sullivan at the NSFNET 35th Anniversary Celebratory Virtual Event 8 December...

Growing the Internet 17 June 2020

“The Internet is a deeply human technology”

Andrew Sullivan's remarks at the launch of the U.N. Secretary-General’s report Roadmap for Digital Cooperation

Internet's Future 25 February 2019

Up and Down the Stack Through a Nerd’s Eyes: Making The Internet Better the Internet Way

Andrew Sullivan's Keynote Speech at APRICOT 2019