How to Build A Safe Internet

Imagine living in a sci-fi society with no police, no criminal laws, no courts, and no jails. You’d carry a weapon at all times. Your house would have bars on the windows, security video systems, double-bolt locks, and metal doors. It would be very expensive, and you’d still suffer break-ins and robberies on a routine basis.

Suppose that one day, sick of yet another break-in, you approach your neighbors with a novel idea: “What if we pool our resources to set up community security? We could hire some armed guards to patrol the neighborhood at all times.” Your neighbors, I’m sure, would quickly agree that this would be a cheaper and more effective way to reduce crime. Perhaps the idea would snowball, with other neighborhoods joining your program, and pretty soon the whole city has a complete program for fighting crime. Congratulations! You just invented the police force.

This story sounds ridiculous, I’m sure. No society would be so stupid as to operate without any criminal laws or police, dumping the whole problem of security onto individual victims, at enormous cost. Right?

Wrong! Right now, you are part of such a society: the Internet. There’s nobody to protect you. You must install your own virus protection software on your computer. You must be careful about visiting the wrong websites or opening attachments to your emails or installing firewalls. If you are a commercial operation with a website, you are responsible for protecting it from hackers. If you’re a big operation like Facebook or YouTube, you must hire thousands of online guards to protect the integrity of your operation.

This is really stupid! A communal security system would be immensely superior to the current system, both in terms of cost and effectiveness. So why haven’t we built such a system?

The answer takes us back to the inception of the Internet. Its fundamental design specification was that it had to continue to provide reliable communications in the event of a nuclear war. This meant that there could not be any central hub; every node had to be a hub. No central hub meant that there was no central target, but it also meant that there was no central control.

That specification is obsolete; the Internet is used for completely different purposes than it was designed for. It’s time to redesign the Internet for modern needs. Alas! The Internet is not like any other technology because we can’t replace it. We can’t throw it away and replace it with the sexy new Internet 2.0. It’s not like cars, operating systems, computers, or smartphones. We’ve got to live with the Internet we have.

There is one strategy available: we can build a new Internet on top of the existing Internet. This Safe Internet would operate in conjunction with the old Internet, as an adjunct rather than a replacement. Here’s how I imagine it functioning:

A new non-profit organization would be created by the existing Internet governance organizations, charged with organizing and funding the Safe Internet. Since everything associated with the Internet must have an acronym, we’ll call it SIC: the Safe Internet Corporation. It is charged with setting up the Safe Internet layer that rides on top of the Old Wild West Internet (the OWWI, pronounced “owwie”).

SIC will have no problem getting gobs of funding from all the corporations that are spending billions on security. Remember: collective security is a lot cheaper and more effective than individual security. They use this funding to set up a smart gateway; only certified parties can pass through the gateway into the lush gardens of the Safe Internet.

By “smart gateway”, I mean something far more rigorous than a password or even a multi-factor authentication system. I propose something immensely more complex and correspondingly more reliable: an online reputation.

Here I run afoul of one of the most cherished benefits of the Internet: anonymity. The anarchist in each of us treasures the notion that our presence on the Internet is anonymous. I can troll to my heart’s content, insulting people left and right, behaving like a six-year old without a care in the world.

That’s wrong. In the real world we don’t permit people to act anonymously because too many people use anonymity to engage in socially vicious behavior. Internet trolls can get away with their atrocious behavior because they are shielded by anonymity. Hackers can get away with their crimes because they are anonymous. Yes, anonymity can grant each of us a little harmless fun, but it also grants amoral people the power to perpetrate much evil. For our safety, we must banish anonymity from the Safe Internet.

An individual’s account would also have to be tied to physical factors, such as bank accounts, credit cards, and mobile phones. It’s possible to spoof some of these things separately, but spoofing the entire collection of physical connections to Internet accounts is a big job.

Yes, these days privacy is becoming ever more important. We need to take stronger measures to protect our privacy. But let’s think about this clearly. Let’s clearly differentiate the public world from the private world. You don’t deserve the privacy to punch people in the face anonymously. You do deserve the privacy to wear a Darth Vader mask while making love (assuming your partner tolerates this).

The Internet is, for the most part, a public place. Posting revenge porn about your ex-girlfriend on the Internet is a public act. Calling somebody a stupid poopy-head in a discussion board is a public act. You should not be able to do these public acts anonymously.

There are, of course, plenty of actions on the Internet that are intended to be private, and they should permit anonymity, but such anonymity should be specific to that particular Internet location, not a default condition for all Internet activity, and such anonymity can be provided by the site owner.

Render unto the public world what is public and unto the private world what is private. Gee, that’s a catchy line.

We don’t need to invent weird new concepts, because society has long since solved the problem of anti-social behavior with a concept we call ‘reputation’. One’s reputation is the collective perception of one’s character. Reputation opens doors, or slams them shut. A good reputation yields all manner of social benefits; a bad reputation shuts you out of many social benefits. You need a good reputation to be allowed into the best places. The Safe Internet will be one of those ‘best places’; we need a system for establishing a digital reputation.

We can use the same methods society uses to establish reputation: everybody is born with a basically good reputation. During the course of your life, you can elevate your reputation with exceptionally virtuous acts, but more often, your reputation is tarnished by your sins. We can use the same system with the Safe Internet: everybody starts with a good reputation and is allowed through the gateway, but you can ruin your reputation by bad behavior and get thrown out. Remember, reputation lasts forever; if you get thrown out, you NEVER get back in. So you damn well better keep your nose clean.

The primary basis of your digital reputation would be lawful behavior. If you’re caught hacking, you’re out. Remember, successful hacking requires many, many trials and experiments. No hacker ever broke into a system on his first try. Hackers on the OWWI could make as many attempts as they wanted, because each attempt was anonymous. But on the Safe Internet, your first attempt to hack a site that triggers an alarm results in permanent banishment from the Safe Internet. It’s too great a risk.

We could also have protections against trollery, but these would have to be lenient; even the most patient of us occasionally gets frustrated at the ignorant morons who waste perfectly good electrons with their stupidity, and we write things that we later regret. You’d have to collect a big pile of Troll Reports to get ostracized, and those reports would have to come from a lot of different people, all of whom themselves have good reputations.

In the real world, one’s reputation can be ruined by false gossip. This would not be a problem in the Safe Internet, because all of your actions are part of the public record. Troll Reports from people who themselves have a bunch of Troll Reports wouldn’t count for much. Indeed, we could well compile different measures of public approval (‘likes’, ‘claps’, etc) into an overall reputation. That way, anybody seeing something written by Chris Crawford could easily see that Chris Crawford is universally regarded as the greatest promulgator of truth, justice, and the American way. (I was going to insert an emoji here, but then realized that emojis are like canned laughter: they serve to tell you when to laugh.)

Most of the management of reputation would be handled by AI, not referees. AI can keep track of everything you do inside the Safe Internet. The AI could have a great many rules for improving or degrading your reputation, but final decisions on denying entry into the Safe Internet would have to be made by human referees. They would of course consult the reasoning used by the AI before acting, but they would serve more as a debugging system for the AI; when a referee overrules the AI’s recommendation, the reasoning the referee uses would be incorporated into the AI.

By relying on AI as the main line of defense, we gain many benefits. First, AI is a lot cheaper than human referees. Second, it’s a lot faster. Third, it does provide a certain degree of anonymity. If I purchase some perverted sex paraphernalia from Amazon, no human will know what a pervert I am.

There would of course be many schemes for foiling the protections of the Safe Internet. Hackers could recruit naive youngsters to provide cover for their entry into the Safe Internet. They could pay poor people to establish an account. These particular examples are readily defeated, but there will always be a running battle between the guardians of the Safe Internet and the barbarians. Police, courts, and jails do not eliminate crime, but they greatly reduce the damages crime does to society.

What would be on the Safe Internet that wouldn’t be on the OWWI? Eventually, just about everything. At first, there would be a repeat of the problem that television faced in the 1960s with color television. Consumers saw no reason to purchase the expensive new color televisions until there was plenty of color programming, and the networks saw no reason to shoot programs in color (it was expensive) until lots of consumers bought color televisions. So every week we all went to the house of the friend whose parents had a color TV when Star Trek was on. Why do you think they called the security sacrificial lambs “Red Shirts”?

The major Internet platforms will eagerly leap onto the Safe Internet, although they’ll retain their old presence on the OWWI until the user population of the Safe Internet is large enough. Google, Facebook, Amazon, and Netflix will all see just how much better their lives will be when most people are on the Safe Internet, so they’ll have no problems justifying the jump. In effect, all they need do is create clones of their OWWI selves to live on the Safe Internet, and then leave their OWWI selves to wither away as users abandon them.

There are a great many other ideas and objections to be considered here, but I’ve already gone too long for most readers. My purpose here is not to present a complete proposal, but only to demonstrate that the idea is feasible. The Internet is playing an ever-larger role in our lives, and its gross problems with security are growing more serious with the passage of time. I fear that we’ll have to wait until some catastrophe takes place before we take this idea, or other ideas for communal security, seriously. But the OWWI is already obsolete; sooner or later, we’ll have to move on to Internet 2.0. I suggest that sooner is preferable to later.

Master of Science, Physics, 1975. Computer Game Designer. Interactive Storytelling.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store