machine is registered — licensed, approved, verified. Only members of the university community can register their machines. Once registered, all interactions with the network are monitored and identified to a particular machine. To join the network, users have to “sign” a user agreement. The agreement acknowledges this pervasive practice of monitoring. Anonymous speech on this network is not permitted — it is against the rules. Access can be controlled based on who you are, and interactions can be traced based on what you did.
This design also arose from the decision of an administrator, one less focused on the protections of the First Amendment. Control was the ideal at Harvard; access was the ideal at Chicago. Harvard chose technologies that made control possible; Chicago chose technologies that made access easy.
These two networks differ in at least two important ways. First and most obviously, they differ in the values they embrace.[5] That difference is by design. At the University of Chicago, First Amendment values determined network design; different values determined Harvard’s design.
But they differ in a second way as well. Because access is controlled at Harvard and identity is known, actions can be traced back to their root in the network. Because access is not controlled at Chicago, and identity is not known, actions cannot be traced back to their root in the network. Monitoring or tracking behavior at Chicago is harder than it is at Harvard. Behavior in the Harvard network is more controllable than in the University of Chicago network.
The networks thus differ in the extent to which they make behavior within each network regulable. This difference is simply a matter of code — a difference in the software and hardware that grants users access. Different code makes differently regulable networks. Regulability is thus a function of design.
These two networks are just two points on a spectrum of possible network designs. At one extreme we might place the Internet — a network defined by a suite of protocols that are open and nonproprietary and that require no personal identification to be accessed and used. At the other extreme are traditional closed, proprietary networks, which grant access only to those with express authorization; control, therefore, is tight. In between are networks that mix elements of both. These mixed networks add a layer of control to the otherwise uncontrolled Internet. They layer elements of control on top.
Thus the original — there have been some changes in the last years[6] — University of Chicago network was close to the norm for Internet access in the middle of the 1990s.[7] Let’s call it Net95. At the other extreme are closed networks that both predate the Internet and still exist today — for example, the ATM network, which makes it possible to get cash from your California bank at 2:00 a.m. while in Tblisi. And in the middle are Harvard-type networks — networks that add a layer of control on top of the suite of protocols that define “the Internet.” These protocols are called “TCP/IP.” I describe them more extensively in Chapter 4. But the essential feature of the Harvard network is that this suite was supplemented. You get access to the Internet only after you’ve passed through this layer of control.
All three designs are communication networks that are “like” the Internet. But their differences raise an obvious question: When people say that the Internet is “unregulable”, which network are they describing? And if they’re talking about an unregulable network, why is it unregulable? What features in its design make it unregulable? And could those features be different?
Consider three aspects of Net95’s design that make it hard for a regulator to control behavior there. From the perspective of an anonymity-loving user, these are “features” of Net95 — aspects that make that network more valuable. But from the perspective of the regulator, these features are “bugs” — imperfections that limit the data that the Net collects, either about the user or about the material he or she is using.
The first imperfection is information about users — who the someone is who is using the Internet. In the words of the famous New Yorker cartoon of two dogs sitting in front of a PC, “On the Internet, nobody knows you’re a dog.[8]” No one knows, because the Internet protocols don’t require that you credential who you are before you use the Internet. Again, the Internet protocol doesn’t require that credential; your local access point, like the Harvard network, might. But even then, the information that ties the individual to a certain network transaction is held by the access provider. It is not a part of your Internet transaction.
The second “imperfection” is information about geography — where the someone is who is using the Internet. As I will describe more in Chapter 4, although the Internet is constituted by addresses, those addresses were initially simply logical addresses. They didn’t map to any particular location in the physical world. Thus, when I receive a packet of data sent by you through the Internet, it is certainly possible for me to know the Internet address from which your packet comes, but I will not know the physical address.
And finally, the third “imperfection” is information about use — what is the data being sent across this network; what is its use? The Internet does not require any particular labeling system for data being sent across the Internet. Again, as we’ll see in more detail below, there are norms that say something, but no rule to assure data gets distributed just according to the norms. Nothing puts the bits into a context of meaning, at least not in a way that a machine can use. Net95 had no requirement that data be labeled. “Packets” of data are labeled, in the sense of having an address. But beyond that, the packets could contain anything at all.
These three “imperfections” tie together: Because there is no simple way to know who someone is, where they come from, and what they’re doing, there is no simple way to regulate how people behave on the Net. If you can’t discover who did what and where, you can’t easily impose rules that say “don’t do this, or at least, don’t do it there.” Put differently, what you can’t know determines what you can control.
Consider an example to make the point clearer. Let’s say the state of Pennsylvania wants to block kids from porn. It thus passes a rule that says “No kid in Pennsylvania can get access to porn.” To enforce that rule, Pennsylvania has got to know (1) whether someone is a kid, (2) where they come from (i.e., Pennsylvania or Maine), and (3) what they’re looking at (porn or marzipan). Net95, however, won’t be of much help to Pennsylvania as it tries to enforce this rule. People accessing content in Pennsylvania using Net95 need not reveal anything about who they are or where they come from, and nothing in the design of Net95 requires sites to describe what content they carry. These gaps in data make regulating hard. Thus from the perspective of the regulator, these are imperfections in the Net’s original design.
But the Harvard network suggests that it is at least possible for the “bugs” in Net95 to be eliminated. The Net could know the credentials of the user (identity and location) and the nature of the data being sent. That knowledge could be layered onto the Internet without destroying its functionality. The choice, in other words, is not between the Internet and no Internet, or between the Internet and a closed proprietary network. Harvard suggests a middle way. Architectures of control could be layered on top of the Net to “correct” or eliminate “imperfections.” And these architectures could, in other words, facilitate control.[9]
That is the first, very small, claim of this early chapter in a story about emerging control: Architectures of control are possible; they could be added to the Internet that we already know. If they were added, that would radically change the character of the network. Whether these architectures should be added depends upon what we want to use the network for.
