It never occurred to us when we built the net that people would want to wreck it, says the architect of the internet.
Cerf, along with colleague Bob Kahn, in 1973 invented the Internet Protocol (IP) and Transmission Control Protocol (TCP) which underpin the workings of the internet. It is thanks to Cerf and Kahn that your computer has an IP address that keeps you connected to the net.
When Sir Tim Berners Lee came along 16 years later and developed the world wide web, the pieces fell into place for one of the biggest revolutions in history, one that gave us websites and search engines, cat videos and viral fake news stories.
Cerf admits to being surprised at the rise of the web.
“I didn't anticipate how much people wanted to share what they knew. This avalanche of content, even though it was not driven by profit motive for the most part,” says Cerf.
“It still isn't, remarkably. A lot of people just want to share what they know and have the satisfaction that it was helpful to somebody else.”
But it has also become big business, and Cerf was surprised at the extent of the bad behaviour that emerged as the internet went public.
“So you get spam and malware and disinformation and misinformation. All these harmful abuses occur,” laments Cerf.
“When we were designing and building the net, we were just a bunch of engineers trying to make it work. It didn't even occur to us that anybody would want to wreck it. It was hard enough to get it to work at all, let alone mess it up.”
The original cloud
Today the internet is more entrenched in our lives than ever but faces myriad challenges - from making enough addresses available to accommodate the proliferation of the Internet of Things devices that seek an internet connection, to cyber attacks and efforts by some governments to try to control internet access and censor the content it delivers.
But those issues were far from Cerf’s mind in the early 1970s when he was an assistant professor at Stanford University working with Kahn on protocols to underpin a computing network for the US Department of Defense.
At the heart of the early internet was ARPANET, which was initially conceived to aid military command and control against nuclear threats. But other networks were emerging that needed to connect to ARPANET.
Cerf springs to his feet in the boardroom of the National Library in Wellington, where he has been meeting with archivists and librarians four floors below, and moves to a whiteboard in the corner.
He proceeds to draw the early internet, a network of networks with ARPANET at its centre. The early diagrams looked like a series of clouds. The name has stuck, giving us cloud computing.
“We would draw the networks as if they were little clouds,” says Cerf.
“We didn't care what was inside or how it worked. Those data centres were just at the edge of what is effectively the internet.”
Since 2005, after stints in academia, public service and the private and not-for-profit sectors, Cerf has been a Google employee, its “chief internet evangelist”. He has for some time now been in the pay of one of the most powerful internet companies in the world, which has data centres spanning the globe.
Cerf estimates that Google’s own ‘B4’ internet backbone, which connects dozens of countries, probably carries more traffic than the public internet itself, due to the need to shift around and replicate masses of data across multiple data warehouses.
Amazon and Microsoft have similar networks, the three of them together responsible for the lion’s share of the world’s burgeoning cloud computing business. At least some of your data likely sits in one of their air-conditioned warehouses. But has it led to too much concentration of power?
Cerf, unsurprisingly, doesn’t think so. The economics of the cloud computing business naturally improve as it scales up and the cost of computing power is spread across more and more customers.
“There still is substantial competition for systems like this and an economy that drives scale,” he says.
“Look at how many car manufacturers there were in the early 1900s. There were scores of them and eventually it boiled down to three big ones."
The big break-up
While the big tech companies face more scrutiny than ever before over the incredible power they wield in the digital realm, Cerf says there could be unintended consequences in forcing Google or Amazon to split up their businesses.
“If you consider concentration to be a problem, the solution to that is not necessarily to break everything up. We saw how ineffective that was with the attempted break-up of AT&T.”
The US telecoms company was the biggest American corporation in 1984 when it voluntarily divested 70 per cent of its business to avoid looming regulation that would have forced its break-up. A number of “baby bells” emerged which initially stimulated competition. But over time, the babies merged and became giants again, seeking the economies of scale that make providing internet, phone and pay TV services over large areas viable.
“They almost got the Terminator back together again,” says Cerf, a reference to the shapeshifting T-1000 robot in the movie Terminator 2, which managed to reassemble itself after being frozen in liquid nitrogen and shattered to pieces by a bullet fired by a robotic Arnold Schwarzenegger.
Big is not necessarily bad then. But Cerf’s friend Sir Tim Berners Lee sees major problems with the market dynamics that have emerged on the internet. Earlier this year he unveiled Solid, a plan for a decentralised web, which would give internet users more control over the use and storage of their data. Cerf sees it as problematic for the same economic reasons.
“What Tim seems to want to do is to spread things out into people's private computers and somehow redistribute the web,” he says.
“The trouble is that even if he has the technology to do that, I don't think he has the same incentives to maintain it. There isn't the same technical ability and motivation to manage this kind of distribution.”
The answer, Cerf says, is appropriate regulation and oversight of the big players. But there, things get political fast. The concept of net neutrality, which dictates that all internet traffic is treated equally regardless of who is sending or receiving it, was a founding principle of the internet.
But it is under threat in the US, where under the Trump administration, the Federal Communications Commission has reversed Obama-era net neutrality regulations. It means that big internet operators which own the pipes that deliver the internet could legally grant preferential access for those who are willing to pay more. They’d just have to let everyone know they are doing it.
“We are not in a good place,” admits Cerf who favours dedicated regulation to focus on net neutrality and protecting against anti-competitive behaviour.
“In the most recent election, the House is now on the Democrat side so it is conceivable that there will be the possibility of new legislation. But it will still have to be agreed by both the Senate and the House and the President will have to sign it.”
Chances of President Trump agreeing to new provisions protecting net neutrality are slim. At the same time, US lawmakers backed by Trump are drafting legislation that could force companies like Google, Facebook and Microsoft to make their services interception-capable. A worst-case scenario would see them have to build backdoors into the encryption services that keep our data safe from prying eyes so that law enforcement agencies can access it.
“This is a bad solution to an important problem,” says Cerf. Just look what happened when the National Security Agency’s hacking tools were released, he argues.
“Those tools were clearly and without question used to attack various and sundry sources in the US and elsewhere by those who got access to them because someone spilled them.”
But there’s no denying the fact that nefarious operators are using the anonymity of the internet to commit crimes on a global scale, a problem compounded by the fact that the internet doesn’t recognise international boundaries. That was a virtue of the internet when it was created.
“We did that on purpose, partly because we were building a command and control system for the defense department that would support that. It had to work everywhere in the world without permission of any particular entity,” Cerf explains.
The result, however, is that a hacker in Russia, hiding behind an onion router in Thailand, can launch an attack on the servers of the US Department of Homeland Security and there’s often relatively little that can be done to track down the real culprit.
Cerf has a proposal to combat that. He calls it ‘differential traceability’. There are already points of information that can be gathered to help identify people on the internet - domain names, IP addresses, email addresses, and public cryptography keys among them. More identifiers may be needed to be created to more accurately trace a person and discover their true identity, says Cerf.
“It’s like the licence plates on your car. It looks like gibberish to most of us, but to some people, there's the ability to associate the gibberish with the owner of the car,” says Cerf whose own licence plate reads a fairly identifiable “CerfsUp”.
“We grant certain authorities to pierce through the vale of pseudonymity. But we do that for good purpose. I think that maybe on the internet, because we know abuses occur across international boundaries, there is going to have to be some differential traceability that we cooperate on to effect for the purposes of catching people who cause harm on the net.”
It could mean the end of anonymity on the internet. But it wouldn’t require encryption to be broken wholesale, risking the privacy and security of billions of innocent internet users in the process.
The answer to addressing bad behaviour on the internet more generally, from cyberbullying to spreading of fake news stories, is even more complicated.
“Technical means will not suffice alone, we will need legal constraints.”
Interpol, he says, is able to work effectively across international borders on criminal matters. We need to find common ground to better police the internet too.
“Then there is moral suasion,” he adds.
“Although it sounds pretty wimpy, an observation about social dynamic is that if you have a society in which it is agreed that certain behaviours are unacceptable, societal norms, that can be quite a powerful influencer of behaviour.”
“It’s like gravity is the weakest force in the universe but if you have enough mass, it's pretty strong, just like the Sun keeps Earth in orbit.”
Digital dark age
Another concern of Cerf’s, and the reason for his attendance at the International Internet Preservation Consortium General Assembly in Wellington this week, is digital obsolescence.
Just because data is in digital form doesn’t mean that it will always be there. Platforms and standards change, data hosts go out of business. How do we preserve all of the archives of data and tools and operating systems used to access them, what Cerf calls digital objects?
It is a bigger job than you might think will little standardisation globally.
“We need a lot more cooperation in order to make progress. In particular, I'm increasingly concerned that the places that we choose to save this material have enough commonality so that we that we get protection out of having multiple parties involved,” says Cerf.
Google may not be around in 100 years time, but we want all of that data to still be accessible. Then there are intellectual property issues to wrangle - who owns the digital objects and are libraries and archivists authorised to keep copies of it? It is an issue that, like most of those created by the rise of the information age, that will require technical and legislative solutions.
Next month Cerf will help lead a meeting in San Jose celebrating the 70th anniversary of the United Nations Universal Declaration of Human Rights that will consider how those rights can be applied to our digital lives lived on the internet.
Into his twilight years then and nearly 50 years on from the development of TCP/IP, the mission to network the world continues. Only these days, there’s more emphasis on safeguarding his creation from abuse and misuse.
Says Cerf: “All I can say as a technologist is that I feel very dedicated to trying to find ways of inhibiting some of those bad behaviours.”