Future of the Internet Symposium: Do We Know the Future of the Internet?
The Future of the Internet rests on the combination of an empirical claim and a predictive claim. The empirical claim is about the characteristics of “open” versus “closed” systems: “Open” is better for us than “closed.” The predictive claim is that “the pieces are in place for a wholesale shift” from open to closed. The argument of the book is therefore about a coming future we want to avoid: Instead of allowing the shift from open to closed, we should work to ensure that we maintain an open system.
Is Zittrain right? My answer is to say something you’re not supposed to say on the Internet: I don’t know. Whether open or closed is better strikes me as a complicated empirical question. It may depend on the circumstances, and it certainly depends on your values. Either way, I’m not in a position to know in which circumstances each approach is likely to be helpful.
Similarly, I don’t know if we’re likely to see a wholesale shift in the balance between open and closed systems. I’m generally skeptical about Zittrain’s claim in Chapter 3 about the direction of cybersecurity — a claim that underlies Zittrain’s predictions about where we’re headed. My vague sense is that cybersecurity is generally improving over time, not getting worse. Of course, my impression is only anecdotal. But here are two anecdotes to give you an idea of why I’m skeptical that the problem is getting worse.
Back around 1995 to 2000, the Internet was regularly threatened by global viruses like the Melissa virus and the I Love You virus that threatened to shut down the Internet. We don’t generally see those same global threats today, however. By and large, virus threats have become an inconvenience dealt with through updating anti-virus software rather than the huge threat to the Net they were a decade ago. That’s a big shift. And it’s a shift towards better security rather than worse security.
Another sign is the annual CSI/FBI Computer Crime and Security Survey, which publishes information about how much of a security threat major companies are seeing online. From around 200o to 2005, the numbers went up every year — to a great deal of media attention and consternation. But since 2005, the numbers generally have dropped. Companies seem to be seeing less of a threat, and they’re reporting fewer losses than before. That doesn’t mean the problem is “solved” — no security problem is ever “solved” — but it does suggest that the cybersecurity picture is improving on the whole compared to where it was a few years ago.
Of course, none of this means Zittrain’s hypothesis is wrong. (And it’s a marvelously engaging and fun book either way.) Rather, I’m just unsure that the empirical and predictive claims are right. I don’t have enough of a sense of the empirical benefits of open and closed, or enough certainty about what the future holds, to really know.