The Trouble With the Internet

Commission seeks way forward in face of cyber crime, repression, and other ills
November 26, 2014 Updated: November 27, 2014

OTTAWA—The Internet is at a crossroads and someone needs to figure out how to deal with it.

That’s roughly the reality facing the Global Commission on Internet Governance that met in Ottawa this week.

The Internet’s early days of promise have given way to rampant cyber crime, national security risks, and a growing sense of unease over identity theft even as net-connected devices transform our lives.

“Fears about human security have moved from the physical world to the virtual world,” said Fen Hampson, co-director of the commission.

Hampson told reporters in Ottawa on Monday that “a gaping trust deficit” plagues the Internet as citizens around the world grow more fearful that their online identities and messages will be compromised by “those who operate in the dark recesses of the Internet.”

It’s just one of the problems facing the future of the Internet that the commission is working to address.

The commission is the offspring of the Waterloo, Ontario-based Centre for International Governance Innovation and Chatham House, the Royal Institute of International Affairs based in London, U.K.

It’s made up of an international mix of leading academics, business leaders, and former politicians, with several members having high-profile backgrounds in cyber security. It’s a temporary think-tank of sorts, a two-year project that aims at charting a course for Internet governance.

Headed by Carl Bildt, Sweden’s former prime minister, the commission has no actual authority, but its elite membership lends its voice a certain heft.

It comes into being just as the risks of a wired world start to seriously challenge the opportunities it offers and a new anxiety creeps into the modern psyche—cyber fear.

Hampson said that with stories of credit card information stolen from Home Depot and Target, fear builds.

“I think we all have that sense of unease in the background, you know ‘will it happen to me this time, because I’ve heard it happening to others.'”

Balkanizing the Internet

That fear is more distinct in the developing world where repressive regimes can imprison or even execute people for their online activities.

Toronto-based blogger Hossein Derakhshan spent six years in jail in Iran when he returned to his home country in 2008. He was imprisoned on propaganda charges related to his political blogging. He was released last week, an unexpected reduction of a sentence that was supposed to last 19 years. Prosecutors had requested the death penalty.

It’s a common scenario in countries like Iran and China, though relatively few such stories play out with a Canadian connection.

It’s a story that exemplifies how the Internet’s promise as a pathway to transparency and a panacea to censorship has been co-opted by repressive regimes bent on balkanizing the Internet. China started it, and Iran and other countries have followed suit, using technology—often developed by western companies—to cut their citizens off from the free flow of information and monitor usage.

It’s one of several systemic challenges facing the world’s most important infrastructure.

Those challenges proliferate, even as usage explodes and “The Internet of Things” brings us fridges that send food freshness info to our mobile phones—or spam email to unwitting victims, which actually happened.

Melissa Hathaway, another member of the commission, wrote about that topic in an essay published in July in the Georgetown Journal of International Affairs.

“Entire industries are now building connectable devices with little to no experience or history in building (secure, resilient, well-engineered) connectable devices. This combination of poor product testing and vendor inexperience is resulting in baby-monitors, cameras, and cars being exploitable.”

Tension in the System

There is now a tension between those who want to make use of the Internet to bring new devices or capabilities to the world and those who want regulations to better secure it, Hathaway told the Epoch Times.

“There’s this natural tension in the system between those who worry and those who don’t want to worry. And the same for [the question]: will the market heal itself, or does the market need intervention?”

The challenge for policy makers is putting a reasonable onus on companies to make secure products without overly restricting market.

Hathaway—who spearheaded cyber security initiatives under both President Barack Obama and George W. Bush—has some thougthts on how that can be done.

At an event at Ottawa’s prestigious Fairmont Château Laurier hotel on Tuesday, Hathaway said that in one sense the commission’s role is to translate between the geeks and the policy wonks. That way, those who make regulations for things like Internet fridges or cyber security understand the concerns of people working on the next Facebook.

Hathaway would like to see progress come from a number of different angles. For example, she’d offer market incentives for companies to meet the evolving cyber security threats, but also force public companies to disclose if they had been hacked. That would make cybersecurity an issue for stockholders and compel companies to be more proactive.

It’s a carrot and stick approach that could work in Western countries, though addressing the challenge posed by authoritarian regimes is another matter entirely.

The commission could have more influence, however, on democratic countries carrying out surveillance on their own citizens. The commission could chart out appropriate privacy laws that better balance the needs of security and civil liberties.

The commission is to deliver its recommendations by early 2016, with its overarching goal to preserve a free, unfettered Internet that can remain largely unregulated and decentralized.