Cyberattacks, Internet shutdowns, online bullying, and other types of behavior threaten the rights of citizens. Sir Tim Berners-Lee, who created the World Wide Web, offers a contract to regulate Internet norms.
Last year, local U.S. governments dealt with an “unprecedented” number of cyberattacks. A recent Pew Research Center survey found that 41 percent of its sample of Americans had experienced a form of online harassment, and about two-thirds had witnessed such harassment. And in 2019, Internet shutdowns initiated by African, Asian, and South American governments had a negative economic impact in the billions.
Such events and many others inspired Sir Tim Berners-Lee, inventor of the World Wide Web application, to spearhead the Contract for the Web. The contract, according to its website, involved input from 80 people and represents a “global plan of action” that aims to ensure that “our online world is safe, empowering and genuinely for everyone.”
Specifically, the contract involves nine principles for a better online world. These principles are meant to inspire action from three groups: governments, companies and citizens. To date, the contract has been endorsed by well more than 1,000 individuals and organizations, ranging from the French government to Microsoft.
Emily Sharpe, World Wide Web Foundation policy director, said Berners-Lee believes a “tipping point” has been reached when it comes to the future of the Web, given how malicious and other negative behavior online has continued to grow over the last several years. The time for regulation and norm setting is now.
“The Contract for the Web is the first time experts from across different countries, across different sectors, have come together to create a unified vision,” Sharpe said. “The contract deals with a whole plethora of issues that otherwise have been dealt with in a slightly more siloed way. So that’s why it is unique from some of the previous attempts at setting norms in the digital space.”
The first priority, according to Sharpe, is to make sure as many people as possible can get online. Although there is some debate about whether a government should be able to shut off access to the Internet while responding to a cyberattack, she said generally Internet shutdowns are “never permissible” because they contradict human rights, such as freedom of expression and freedom of association. A lack of Internet access could also interfere with someone’s livelihood, making it more difficult for someone to run a business — or worse.
“If you are unable to access Web services or the Internet to receive emergency services and that impacts your ability to get emergency help, that could impair your right to life… The same rights and responsibilities should be replicated online as if they are offline,” Sharpe said.
The contract also argues that governments need to regulate online behavior and hold companies to account when different standards, such as privacy standards, are not upheld. She cited the European Union’s General Data Protection Regulation (GDPR) as a great starting point for protecting privacy.
To their credit, Facebook, Microsoft, Google and other companies have endorsed the Contract for the Web, including its principles about privacy. Such public endorsements can lead to another form of accountability.
“If they don’t actually give people the right to access their data, correct it, et cetera, in the U.S. or anywhere else, we can point back to them and say, ‘But guys, you endorsed the Contract for the Web, you said you were going to do this,’ and if we need to call them out, then we will call them out,” Sharpe said.
The Contract for the Web doesn’t represent the first time that an expert on the level of Berners-Lee has called for action in regard to the state of the Internet. In a 2019 L.A. Times editorial, Leonard Kleinrock, known as one of the fathers of the Internet, opined that the virtual world had gone mad: “An online community that had once been convivial transformed into one of competition, antagonism and extremism.”
Similarly, Vint Cerf, another father of the Internet, co-founded in 2015 the People-Centered Internet, a nonprofit group that has focused on, among other projects, helping indigenous communities gain Internet access.
Neither Kleinrock nor Cerf disagree with the general thrust of the Contract for the Web, but they have their own perspectives on a number of related topics.
When it comes to changing the online world, Kleinrock believes the most important group of stakeholders is the citizen users. He said the citizen user has been too passive and needs to hold websites accountable for their “opaque” and disparate policies.
Cerf, who serves as vice president and chief Internet evangelist for Google, pointed out that the challenge to improving the online world is figuring out what to do and how to do it. The Contract for the Web’s intentions might be great, but people should be aware of how hard it is to pin down who is doing what online. He offered the example of CAPTCHA to illustrate the larger point.
“[There] are computer algorithms for distinguishing people from computers, but they’re damned annoying, and sometimes you can’t do them, and sometimes you can’t figure out what it was they intended, and that’s about when you throw your laptop through your window,” Cerf said. “I raise this only to say that trying to achieve a response to some of the problems we have on the Web is difficult. Would we like to have less bullying? Would we like to have less misinformation? Are we worried about deepfakes? Absolutely. But attribution turns out to be very difficult.”
Kleinrock wants to see users and companies negotiate more clearly about data usage through understandable and graphical elements. He added that each company has their own set of standards, which seems “preposterous” and “not on your side.”
“If the provider violates this negotiation contract, the government should adjudicate and establish penalties,” Kleinrock said.
While Cerf agrees that transparency between users and companies is essential, he discussed the complications of the issue. In order to offer map services, for instance, Google must know where the user is. Differences in opinion arise when one asks how long GPS data should be kept. While many users may say Google doesn’t need to store information collected at a particular point in time, other users will have different views on the matter.
“If you’re looking for customizable, then you add complexity,” Cerf said, adding that Google included new settings for automated data deletion in 2019. “Scaling is an issue here. We have billions of customers. Literally.”