Книга: Code 2.0

Cyber-places: Harvard Versus Chicago

Cyber-places: Harvard Versus Chicago

The Internet was born at universities in the United States. Its first subscribers were researchers. But as a form of life, its birth was tied to university life. It swept students online, pulling them away from life in real space. The Net was one of many intoxicants on college campuses in the mid-1990s, and its significance only grew through time. As former New York Times columnist J. C. Herz wrote in her first book about cyberspace:

Yet not all universities adopted the Net in the same way. Or put differently, the access universities granted was not all the same. The rules were different. The freedoms allowed were different. One example of this difference comes from two places I knew quite well, though many other examples could make the same point.

In the middle 1990s at the University of Chicago, if you wanted access to the Internet, you simply connected your machine to Ethernet jacks located throughout the university.[4] Any machine with an Ethernet connection could be plugged into these jacks. Once connected, your machine had full access to the Internet — access, that is, that was complete, anonymous, and free.

The reason for this freedom was a decision by an administrator — the then-Provost, Geoffrey Stone, a former dean of the law school and a prominent free speech scholar. When the university was designing its net, the technicians asked Stone whether anonymous communication should be permitted. Stone, citing the principle that the rules regulating speech at the university should be as protective of free speech as the First Amendment, said yes: People should have the right to communicate at the university anonymously, because the First Amendment to the Constitution guarantees the same right vis-?-vis governments. From that policy decision flowed the architecture of the University of Chicago’s net.

At Harvard, the rules are different. If you plug your machine into an Ethernet jack at the Harvard Law School, you will not gain access to the Net. You cannot connect your machine to the Net at Harvard unless the machine is registered — licensed, approved, verified. Only members of the university community can register their machines. Once registered, all interactions with the network are monitored and identified to a particular machine. To join the network, users have to “sign” a user agreement. The agreement acknowledges this pervasive practice of monitoring. Anonymous speech on this network is not permitted — it is against the rules. Access can be controlled based on who you are, and interactions can be traced based on what you did.

This design also arose from the decision of an administrator, one less focused on the protections of the First Amendment. Control was the ideal at Harvard; access was the ideal at Chicago. Harvard chose technologies that made control possible; Chicago chose technologies that made access easy.

These two networks differ in at least two important ways. First and most obviously, they differ in the values they embrace.[5] That difference is by design. At the University of Chicago, First Amendment values determined network design; different values determined Harvard’s design.

But they differ in a second way as well. Because access is controlled at Harvard and identity is known, actions can be traced back to their root in the network. Because access is not controlled at Chicago, and identity is not known, actions cannot be traced back to their root in the network. Monitoring or tracking behavior at Chicago is harder than it is at Harvard. Behavior in the Harvard network is more controllable than in the University of Chicago network.

The networks thus differ in the extent to which they make behavior within each network regulable. This difference is simply a matter of code — a difference in the software and hardware that grants users access. Different code makes differently regulable networks. Regulability is thus a function of design.

These two networks are just two points on a spectrum of possible network designs. At one extreme we might place the Internet — a network defined by a suite of protocols that are open and nonproprietary and that require no personal identification to be accessed and used. At the other extreme are traditional closed, proprietary networks, which grant access only to those with express authorization; control, therefore, is tight. In between are networks that mix elements of both. These mixed networks add a layer of control to the otherwise uncontrolled Internet. They layer elements of control on top.

Thus the original — there have been some changes in the last years[6] — University of Chicago network was close to the norm for Internet access in the middle of the 1990s.[7] Let’s call it Net95. At the other extreme are closed networks that both predate the Internet and still exist today — for example, the ATM network, which makes it possible to get cash from your California bank at 2:00 a.m. while in Tblisi. And in the middle are Harvard-type networks — networks that add a layer of control on top of the suite of protocols that define “the Internet.” These protocols are called “TCP/IP.” I describe them more extensively in Chapter 4. But the essential feature of the Harvard network is that this suite was supplemented. You get access to the Internet only after you’ve passed through this layer of control.

All three designs are communication networks that are “like” the Internet. But their differences raise an obvious question: When people say that the Internet is “unregulable”, which network are they describing? And if they’re talking about an unregulable network, why is it unregulable? What features in its design make it unregulable? And could those features be different?

Consider three aspects of Net95’s design that make it hard for a regulator to control behavior there. From the perspective of an anonymity-loving user, these are “features” of Net95 — aspects that make that network more valuable. But from the perspective of the regulator, these features are “bugs” — imperfections that limit the data that the Net collects, either about the user or about the material he or she is using.

The first imperfection is information about users — who the someone is who is using the Internet. In the words of the famous New Yorker cartoon of two dogs sitting in front of a PC, “On the Internet, nobody knows you’re a dog.[8]” No one knows, because the Internet protocols don’t require that you credential who you are before you use the Internet. Again, the Internet protocol doesn’t require that credential; your local access point, like the Harvard network, might. But even then, the information that ties the individual to a certain network transaction is held by the access provider. It is not a part of your Internet transaction.

The second “imperfection” is information about geography — where the someone is who is using the Internet. As I will describe more in Chapter 4, although the Internet is constituted by addresses, those addresses were initially simply logical addresses. They didn’t map to any particular location in the physical world. Thus, when I receive a packet of data sent by you through the Internet, it is certainly possible for me to know the Internet address from which your packet comes, but I will not know the physical address.

And finally, the third “imperfection” is information about use — what is the data being sent across this network; what is its use? The Internet does not require any particular labeling system for data being sent across the Internet. Again, as we’ll see in more detail below, there are norms that say something, but no rule to assure data gets distributed just according to the norms. Nothing puts the bits into a context of meaning, at least not in a way that a machine can use. Net95 had no requirement that data be labeled. “Packets” of data are labeled, in the sense of having an address. But beyond that, the packets could contain anything at all.

These three “imperfections” tie together: Because there is no simple way to know who someone is, where they come from, and what they’re doing, there is no simple way to regulate how people behave on the Net. If you can’t discover who did what and where, you can’t easily impose rules that say “don’t do this, or at least, don’t do it there.” Put differently, what you can’t know determines what you can control.

Consider an example to make the point clearer. Let’s say the state of Pennsylvania wants to block kids from porn. It thus passes a rule that says “No kid in Pennsylvania can get access to porn.” To enforce that rule, Pennsylvania has got to know (1) whether someone is a kid, (2) where they come from (i.e., Pennsylvania or Maine), and (3) what they’re looking at (porn or marzipan). Net95, however, won’t be of much help to Pennsylvania as it tries to enforce this rule. People accessing content in Pennsylvania using Net95 need not reveal anything about who they are or where they come from, and nothing in the design of Net95 requires sites to describe what content they carry. These gaps in data make regulating hard. Thus from the perspective of the regulator, these are imperfections in the Net’s original design.

But the Harvard network suggests that it is at least possible for the “bugs” in Net95 to be eliminated. The Net could know the credentials of the user (identity and location) and the nature of the data being sent. That knowledge could be layered onto the Internet without destroying its functionality. The choice, in other words, is not between the Internet and no Internet, or between the Internet and a closed proprietary network. Harvard suggests a middle way. Architectures of control could be layered on top of the Net to “correct” or eliminate “imperfections.” And these architectures could, in other words, facilitate control.[9]

That is the first, very small, claim of this early chapter in a story about emerging control: Architectures of control are possible; they could be added to the Internet that we already know. If they were added, that would radically change the character of the network. Whether these architectures should be added depends upon what we want to use the network for.

I say this is a small claim because, while it is important, it is the sort of point that one recognizes as obvious even if one didn’t see it originally. More than obvious, the point should be pedestrian. We see it in lots of contexts. Think, for example, of the post office. When I was growing up, the Post Office was a haven for anonymous speech. The job of the Post Office was simply to deliver packages. Like Net95, it didn’t worry about who a piece of mail was from, or what was in the envelope or package. There was no enforced requirement that you register before you send a letter. There was no enforced requirement that the letter have a return address or that the return address be correct. If you were careful to avoid fingerprints, you could use this government subsidized facility to send perfectly anonymous messages.

Obviously, the Post Office could be architected differently. The service could require, for example, a return address. It could require that you verify that the return address was correct (for example, by checking your ID before it accepted a package). It could even require inspection before it shipped a particular package or envelope. All of these changes in the procedures for the post would produce a world in which mail was more easily monitored and tracked. The government makes that choice when it designs the Post Office as it does. If monitoring becomes important, the government can change the system to facilitate it. If not, they can leave the postal system as it (largely) is. But if it does change the system to make monitoring more simple, that will reflect changes in values that inform the design of that network.

The claim of this book is that there are sufficient interests to move the Net95 from a default of anonymity to a default of identification. But nothing I’ve said yet shows how. What would get us from the relatively unregulable libertarian Net to a highly regulable Net of control?

This is the question for the balance of Part I. I move in two steps. In Chapter 4, my claim is that even without the government’s help, we will see the Net move to an architecture of control. In Chapter 5, I sketch how government might help. The trends promise a highly regulable Net — not the libertarian’s utopia, not the Net your father (or more likely your daughter or son) knew, but a Net whose essence is the character of control.

An Internet, in other words, that flips the Internet as it was.

Оглавление книги