The Internet is part of cyberspace and there is a lot more to cyberspace than just the Internet. Different nations view cyberspace differently. A few nations see it only as a network of devices. Most see it as a place where information lives, and where it is used, accessed, manipulated and updated trillions of times a day by billions of people using more devices than there are users. A few nations see cyberspace as the total electronic environment in which society lives, works and is governed, particularly through use of the media.
Agreeing what we all mean when we talk about cyberspace is a challenge. Here are two definitions of cyberspace that have been agreed and are in use:
- Cyberspace is an electronic medium through which information is created, transmitted, received, stored, processed, and deleted. [Russia-US Bilateral on Cybersecurity – Critical Terminology Foundations, Issue 1, April 2011, Page 20]
- Cyberspace is a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. [U.S. JP 1-02: Department of Defense Dictionary of Military and Associated Terms, 08 November 2012 (as Amended through 15 Jul 2012), Pages 79-80].
As most see cyberspace as information-centric, so a major challenge is how to enable information discovery (on the one hand) and also enable information protection (on the other). The answer, if there is one, is “it depends”. It depends on lots of things, but first we need to understand some more basics on what the Internet is rather than how it is used.
We have to appreciate that at the macro level, there is an apparent international and boundary-less flow of information, but that at the micro level there are networks and servers sitting in data centres, owned and operated by organisations in countries that are subject to laws. How do we reconcile the macro and micro views? How important is this? The arguments of a consumer, a commercial organisation or a government will differ. National views will differ, particularly when governments face uncertainty e.g. Arab Spring.
Within cyberspace, the Internet is a global network of networks based on the Internet Protocol suite (TCP/IP). It comprises 3 major components:
- The Surface Web, which is the normal, Internet as we know it, which search engines can reach and index pages of information;
- The much bigger Deep Web, where normal search engines cannot reach for various reasons, such as pages that are too dynamic;
- The Dark Web, which is part of the Deep Web, where networks, such as TOR guarantee anonymity. Such anonymity enables beneficial uses e.g. dissidents in oppressive regimes being able to communicate. However anonymity also enables criminal, illegal and abusive activities, including large scale exploitation of the vulnerable. [TOR is the acronym for The Onion Router.]
This top-down view is complemented by a bottom-up view where many developing nations are leapfrogging traditional approaches for implementing ICT infrastructures. Adopting mobile infrastructures has enabled a rapid growth in user adoption and consumer behaviour. However, such nations have yet to develop the governance and management capabilities, and the legal frameworks to ensure compliant and beneficial use. They are vulnerable to normal systemic IT problems as well as corruption and organised crime. Misuse of the Internet in the developing world harms the developing and the developed worlds. So, as the Internet is a global village of sorts, the developed nations need to do more to help the developing nations. The Internet is only as strong as its weakest link.
Looking forward, the Internet is set to grow – more users, more devices, much more information, more complexity, more risk and more opportunities for good and bad. Some governments will seek greater control of the Internet, or their part of it, if Internet governance doesn’t change and adapt. The base problem is that the Internet cannot be all things to all people, all of the time. The Internet has to find ways to accommodate difference – legally, technically, policy, jurisdictionally and operationally. This leads to two key questions about the Internet of the future:
- Will a single TCP/IP address be logically unique in the Internet in the future? IPV4 doesn’t have the capacity to support the current population. IPV6 has the capacity but adoption is slow, partly because internet service providers have clever ways to re-use an IP address but still retain user uniqueness. Nevertheless, an IP address in today’s Internet is logically unique, so I can theoretically route to anywhere in the Internet. If I can’t do this in the future, then there will be two or more Internets. The consequences of 2+ internets would be mostly negative and largely unthinkable and unaffordable. It is not what most of us want. So the assumption remains that the Internet of the future will have IP addresses that are logically unique, and it will be possible to continue to route across a single Internet.
- If networks are not physically separated, how will separation or segregation of information be achieved, to prevent unwanted information proliferation? The core two issues are:
- Who gets access to what information under what circumstances?
- What can they do with it?
And these will be the topic of my next blog…