The Open Internet on the Brink: Origins and Evolution

Key Points

The economic and social value generated by the internet is based on core technical and governance principles: interoperability, permission-less innovation, security, resilience and physical infrastructure that is unaware about the content being communicated (known as “dumb pipes”).
Several countries, companies and multilateral governance institutions shape the development of the internet. The US has been historically dominant but in time this will shift.
Led by China, more restrictive internet models are gaining ground on the open, liberal, Western internet model.

The internet is often referred to by a series of immaterial metaphors – “cloud”, “web”, “cyberspace” or even “information superhighway” – but little about how it really works is made visible. This grounding is important: understanding how the different physical and virtual layers of the internet combine is necessary to reveal who has control over the internet, where that power comes from and why it matters.

Chapter 1

How Does the Internet Operate?

The internet is often illustrated as a vertical “stack” of physical and virtual layers. The Open Systems Interconnection (OSI) conceptual model breaks this down into seven layers while the TCP/IP model, which describes how these layers practically combine in today’s internet, contains four layers:

Figure 1

Figure 1 – Layers of the internet stack

OSI Conceptual Model		Explanation	TCP/IP Model
Application	Application	Provides user interface, e.g. Facebook or BBC News	Application
Application	Presentation	Formats data packets into application-ready text or audio/visual formats, and vice versa
Logical	Session	Controls connections between devices and rest of network, creating and terminating connection sessions
	Transport	Co-ordinates transfer of data packets between devices and the network, e.g. using protocols such as TCP	Transport
	Network	Defines how data is routed around a network, e.g. using IP addresses	Internet
Infrastructural	Data Link	Translates binary data (electrical pulses) into signals	Network Access
Infrastructural	Physical	Hardware layer, e.g. undersea data cables	Network Access

Source: Adapted from Article 19

Several features of the original vision behind the internet have contributed to its enormous social and economic importance today:

The internet’s architecture was built to commonly agreed standards that enable interoperability and communication between different devices and networks with minimal friction. This interconnectedness is the foundation upon which a single, global internet and economy is enabled.
Open protocols mean that anyone can build tools and services based on these standards without needing permission. This paves the way for massive experimentation and innovation.
Each layer of the internet stack was intended to be independent from others, limiting the ability for any single political or corporate actor to control the entire system. This ensures the rules that govern the internet cannot change without consensus, and this stability promotes investment and innovation.
The global internet is, ultimately, a network of networks, each of which is designed to be relatively autonomous and resilient, and also ensuring that power is distributed throughout the network.
At the bottom of the stack, data is transferred via physical and virtual networks that transport packets of information without being aware of their content. This model of dumb pipes limits preferential transporting and censorship.

While these conceptual layers of the internet mostly still hold today, the technologies and business models of internet companies have evolved significantly. This shift is often referred to as a transition between three eras:

Figure 2

Figure 2 – Internet paradigms

	Web 1.0	Web 2.0	Web 3.0
Period	1969–2004	2004–ongoing	2019–ongoing
Key characteristics	Open, permission-less protocols	Closed platforms and services	Decentralised applications (e.g. built on blockchain)
Economic value captured by innovators	No	Yes	Yes
Barriers to entry for new users	High	Low	High, but becoming much easier
Examples	TCP/IP, HTML, SMTP/IMAP	Facebook, Twitter, Google, Adobe	Ethereum, Bitcoin

Source: TBI

Chapter 2

Who Controls the Internet?

The original vision of the internet was built on a patchwork of norms, policies and technical standards that were designed to avoid centralised control. While much of this architecture has remained distributed, some nation-states, technology companies and multilateral organisations have increased their roles in shaping the future of the internet. Smaller companies, emerging economies and the global internet community are often left out.

Countries

Europe, China and India are growing players in internet geopolitics but the US, in particular, has immense jurisdictional power by setting the regulatory environment for many of the internet’s largest companies. Despite only 7.1 per cent of the world’s internet users being based in the US, it is home to some of the most influential consumer tech companies and, on average, houses over 60 per cent of core infrastructure services for the global internet. This includes data centres – which store content for websites, databases and applications – and DNS servers – which tell your browser to convert URLs like en.wikipedia.org into an IP address like 208.80.154.224.

Source: Nick Merrill, The Internet Atlas Project, accessed 17 September 2021

Note: *(DNS servers, web hosting, data centres, SSL certificates, top-level domains, server locations, proxy services) - May 2021

Companies

As the web has developed – reducing costly friction and allowing innovators to capture some of the economic value they generate – many companies have also grown to extend significant influence over different aspects of the global internet. Many of these are large, well-known firms. For example, Apple and Google set privacy standards for a Covid-19 contact-tracing API; Facebook created a new “supreme court” to oversee its moderation decisions; and Twitter explored a new protocol to decentralise social media. All these decisions challenge nation-states’ historical monopoly over global policy. These companies also wield significant economic power, such as when setting rules that govern how other companies can monetise services through app stores or by implementing proprietary technologies that become de facto standards for all.

Beyond user-facing services, however, are a set of infrastructure companies that are increasingly coming under scrutiny. In one recent example, a failure at Fastly – a content delivery network (CDN) that physically stores content closer to where users are based globally, to speed up load times – affected access in some geographies to popular websites including the Guardian, GOV.UK and Amazon. As sociologist Susan L Star wrote, this exemplifies how infrastructure often only “becomes visible upon breakdown”. While it may be tempting to bemoan the single points of failure that lead to these breakdowns, the reality is that the costs of building in the redundancy required to avoid these issues, by contracting with multiple companies simultaneously, are often more than a short period of downtime.

Beyond accidental failures, some infrastructure companies also have taken deliberate actions that illustrate their power. For example Cloudflare, another CDN, has denied service to websites 8Chan and The Daily Stormer – which had repeatedly failed to remove or moderate far-right, abusive, violent content – making it difficult for those sites to operate. While these decisions broke with a general precedent that content moderation should primarily happen at the application layer by user-facing services, these user-facing websites had failed to moderate so Cloudflare took action at the infrastructure layer.

Content neutrality remains an important default principle for services further down the stack. However, with other infrastructure services including payments, web hosting and search companies under pressure to act on abusive content, these firms are increasingly left to evaluate their responsibilities with little legal guidance or regulatory support. For example, Cloudflare has recently launched extra cybersecurity support for at-risk public interest groups and state elections. While the power of infrastructure companies is clear, it is a lack of due process and internet infrastructure policy frameworks that is the primary issue.

Decentralised Web 3.0 Organisations

The transition from Web 2.0 platforms to Web 3.0 protocols will also challenge incumbent gatekeepers. For example, while traditional currencies require a single authority, such as a bank or government, to maintain a record of transactions and prevent double spending, transactions of decentralised digital currencies like Bitcoin are verified computationally by consensus mechanisms such as proof of work or proof of stake, with no need for central authorities. Ethereum, another decentralised currency, is also a protocol incorporating programmable contracts whereby payments are automatically made on the basis of some condition being fulfilled. At scale, this could enable entire organisations to be managed autonomously in code, rather than by individuals in a bricks-and-mortar office.

While nation-states retain some levers to control Web 3.0 applications – for example, so-called on-ramps, such as cryptocurrency exchange platform Coinbase, are regulated financial entities – they have limited ability to regulate the underlying protocols except by participating directly in their development, which in turn could devalue any individual protocol’s appeal to the wider crypto community. While we are only at the beginning of the Web 3.0 era, as it matures it promises to disrupt what is already an unstable power dynamic between states, technology companies and the global internet community.

Global Institutions

Finally, there is a group of multilateral, multi-stakeholder, international governance bodies that collectively maintain and develop the global internet. While these organisations have been fundamental in the formation of the internet, they have also struggled to keep pace with its evolution and now their role is being challenged.

Figure 3

Figure 4 – Internet governance institutions

Acronym	Full Name	Focus	Origin	Type
IGF	Internet Governance Forum	Internet policy	2005. IGF set up as forum for discussion re: internet policy and governance	UN multi-stakeholder forum and regional dialogues
ITU	International Telecommunications Union	Internet infrastructure and technical standards (incl. radio, satellites, other ICTs)	1865. Set up to connect international telegraph networks. Became UN agency in 1949	UN agency
W3C	World Wide Web (W3) Consortium	Develops web standards	1994. Founded by Tim Berners-Lee to develop web protocols and guidelines	Voluntary standards body, funded by members
IETF	Internet Engineering Task Force	Develops and promotes internet standards, incl. TCP/IP	1986. Originally supported by US federal govt, but since 1993 funded by Internet Society	Voluntary standards body
ISOC	Internet Society	Advocacy re: internet standards, access, skills and policy, incl. funding for IETF	1992. Set up by Vint Cerf and Bob Kahn. In 2002, ICANN gave ISOC Public Interest Registry (PIR) to generate revenue from .ORG domains	Non-profit / charity. Funded by .ORG profits. Sale of PIR to private equity in 2019, to create an endowment, was aborted
ICANN	Internet Corporation for Assigned Names and Numbers	Manages IP addresses and DNS / domain names	1998. Technical maintenance for IP address and DNS root	Non-profit / charity
UNICODE	Unicode Consortium	Maintains and develops the Unicode Standard, which ensures text can be shared between languages and borders without corruption, including approving new emoji	1991. Established to create and maintain a standard for multilingual text representation	Non-profit, funded by membership fees and donations. Voting members include Adobe; Apple; Facebook; Google; Microsoft; Netflix; SAP; Salesforce; University of California, Berkeley; Bangladesh Computer Council; Emojipedia; Tamil Virtual Academy; and Yat Labs
GIFCT	Global Internet Forum to Counter Terrorism	Information sharing for countering online terrorism	2017. Founded by Facebook, Microsoft, Twitter and YouTube	Tech-industry funded initiative
IWF & NCMEC	Internet Watch Foundation (UK) National Center for Missing & Exploited Children (US)	Child safety and protection; hashing databases for spotting CESA content. IWF and NCMEC entered data-sharing agreement in 2019	1996 (IWF). ISPs + London Internet Exchange initiative to provide URL database to enable CESA content blocking. Now includes a broad membership of tech companies and education providers 1981 (NCMEC). Missing children’s charity funded by US Department of Justice	Non-profit / charity
Five Eyes	Five Eyes	Intelligence sharing	1940s. Set up to counter Russia’s growing sphere of influence pre- and during Cold War	UK, US, Australia, Canada, New Zealand alliance
DN	Digital Nations	Digital government collaborative network	2014. Initially D5: UK, Estonia, Israel, NZ, Korea	Diplomatic network

Source: TBI

Chapter 3

Openness Versus Authoritarianism

The foundations of today’s internet are based on openness, permission-less innovation, security, stability and global interoperability. These features, and the limited friction and intervention they entail, have enabled the internet to grow and act as one of the world’s most important economic and social infrastructures.

However, as the internet has grown in importance, regulations have followed. Some restrictions are clearly necessary – a libertarian “state of nature” would do little to ensure privacy or safety while the meme of an unregulated “wild west” is misleading. But nation-states are looking to reimpose their authority. Even governments in free societies are considering increasingly interventionist steps on internet architecture – be it bans on encryption or anonymity, data localisation laws, censorship or full internet shutdowns. At the most extreme end, China’s internet model is the archetypal authoritarian approach, given its extensive domestic and international censorship as well as requirements on foreign companies to create local subsidiaries and store data in the country to enable surveillance.

However, many other jurisdictions, including the EU, are also considering data-localisation laws as part of a growing global trend towards policies that promote the idea of digital sovereignty. It is not unreasonable to require data to be stored in a jurisdiction where countries have a stake in its governance. Yet for some smaller countries in particular, this comes with trade-offs. Putting up new digital borders could impede access to the global internet economy, while data-localisation laws could also cut countries off from hyperscale data centres and technical services – and their immense economic and technical benefits – if they are located outside their borders.

Leaders must beware a death by a thousand cuts: the stability, openness and interoperability of the global internet are a public good – generating prosperity and opportunity for the long-term – and they are increasingly at risk.

Article Tags

Internet Policy