Open Internet, Closed Web

Posted on December 23, 2019

The Internet promised — and still promises — a revolution in democratic, decentralized, and open communications. And yet, we see today a tech world controlled by a few central players, as Elizabeth Warren promises to break them up and Congress summons Mark Zuckerberg to explain his company’s role in privacy-violating election-manipulating foreign conspiracies. But Presidential use of anti-trust laws and new Congressional regulations of social media won’t address the more fundamental issues: The Internet is now structured, on a technical and social level, so as to naturally encourage centralized monopolies.

To explain this, we’ll first have to explain some terms. In common parlance, the terms Web and Internet are used interchangeably, but technically they refer to different elements of what now looks like a single system. The Internet refers to the single global connected network, and technologies that allow any computer on it to connect to any other computer on it — but without saying much about what the connection looks like. The Web is but one way of communicating information over the Internet, where you use a browser to access “websites,” but other ones exist: for example online video games don’t generally use the web to sync data between players. Examples are easier to find as we go back in time: the stand-alone AOL instant messenger app did not use the web, and neither did old-fashioned e-mail clients like Outlook or Thunderbird, or Bittorrent and other torrent trackers.

What makes the web different, that it has eaten up these other services, that now we do our movie-watching, our chatting, and our e-mailing in the web browser?

The web started out as a way of posting content — you would enter your URL, which identified what server (or publically accessible computer) you wanted a webpage from, and what page you wanted. The browser would send a request to the server, and it would send you back the page at that URL, likely either an article, or a directory of articles. They would have text and possibly embedded images, and could link to each other, and specify another URL to go to. The original concept of the web would have included sites like magazines, and envisioned sites like Wikipedia, but would not have been able to support e-mail or a chat app or a social media platform like Facebook.

The web was just the “public content” protocol alongside other protocols, and similar to them. You could choose your own browser, Netscape or Internet Explorer, and access the same web pages, just like you could choose your own e-mail client, Outlook Express or Eudora, to access the same feed of e-mail. The software was installed on your computer, and what you accessed through it was content, and that content all was for you to read.

Gradually, however, this changed as the web became more flexible. CGI allowed forms on websites to connect to programs that would be run in response on the server. Java and Flash and ActiveX allowed you to embed programs in your website — programs that you would not download and run on their own, but that came with the page and acted as if they were part of the page. And gradually, Javascript, originally used to validate forms before they were submitted, or to do simple animations, became powerful, as browser vendors competed to make it run fast, and as it gained more capabilities.

When you go to Facebook, you are not reading a page that someone posted there; you’re not accessing “content” in the traditional sense. What you are doing is downloading, on the spot, a large application. Not only is the content sent over the wire — the statuses, the comments, the pictures, the lists of people who like it — but, inseparably from it, we are sent the software that is used to process the content, the application used to enter it and generate it, sent to run in the browser every time we type in “www.facebook.com”. It is only through the lens of that Javascript program that we can access the content itself.

Indeed, every time we go to a modern website, especially one by a major tech company, we load a fresh program into our browsers. No longer are browsers just renderers of pages stored on servers, they are platforms where programs run, where the programs are written not for Windows or Mac or Linux, but for the web browser, now typically for Google Chrome, which has become an operating system unto itself.

Why does this lend itself to monopolization and privacy problems? For one thing, the web lends itself to an integration of frontend or client code, which runs on your comptuer, and backend code, which runs on a server. With a non-web protocol, you can use many programs to access the content on a specific server: different e-mail clients for the same provider, different trackers for the same torrent. You can also combine multiple e-mail providers or torrents in a single window. With the web, you go to the server, and you are provided with the client program to access the services it provides. You can’t take the Facebook Javascript code and point it at Twitter, nor can you expect your own custom Facebook app to work.

Imagine how a social network like Facebook might work if it were conceived of outside of the web. There might be a standardized protocol (say SSP for Standard Social Protocol) and multiple packages of client and server software. A school or a church or another community stakeholder might run their own copy of the server software, and you might have accounts on multiple such servers. All the status updates could be aggregated together in a single feed, and you could configure settings to indicate which servers your posts went to. Perhaps you could have “friends” at a server you don’t subscribe to, and specify both their username and what server they use (with an at-sign, like eric.smith@cornell.edu), and the servers could sync with each other so that you could still see their posts.

Who would pay for all this software be written? The software would be sold to you like Outlook was, or perhaps open source packages like Thunderbird (Mozilla’s e-mail client) would arise. And who would pay for the servers? Your school, workplace, ISP, or community, and probably you could sign up for a public ad-supported or for-fee service.

And in this model, if you control your client social software, you could have any strategy for what statuses it shows you and what doesn’t, rather than Facebook’s algorithm deliberately designed to addict you. You would be able to pay for the service rather than be thrown into a huge advertising pool.

It’s also fundamentally less monopolistic. You could imagine that someone, instead of using a standardized protocol, released a single client and sold the server software. Other companies or open source communities would soon make compatible software, and since the network of interactions was already decentralized, using those compatible systems would not prevent you from interacting in the same community, as happens to alternatives to current social networks.

Of course, they could also try harder, and force you to use their server, and release a single client, like AOL Instant Messenger did. But then programs like Pidgin came to aggregate that and other messenger clients, so that you could talk to contacts on different messenging systems in the same app.

This type of social network, which is known as a federated social network isn’t an unachievable dream. E-mail used to work this way before GMail gobbled it up, and still does theoretically: that’s why there’s an @-sign in e-mail addresses, to indicate which of many compatible servers you have an account at. Social media used to work like this, too: You could be a member of many listservs or newsgroups, and it would be handled through a single e-mail and newsreader app. Messaging doesn’t work this way, even today, but there is a protocol out there that would work like that, called XMPP: It simply never caught on.

There even exists software, like Mastodon, and a protocol like our hypothetical SSP, called ActivityPub, that does exactly what I just described. But Facebook, Twitter, Reddit and similar sites have stolen all the actual user-base. A social network, of all things, needs a certain critical mass before anyone can really get good use out of it: Facebook is very useful when everyone in your college was socially obligated to have it, less so when you have a niche social network only used by open source enthusiasts.

Before we talk about how or even whether we can or should turn the tide on this, I’d like to point out a side issue: Mobile. On iOS and Android, you do download individual client apps. But most of the time, we use the same model: You use the Instagram app to connect to Instagram services, and you use no other app for those services. WhatsApp messages stay on WhatsApp servers. If it’s the technological layout of the web that makes for this business model, why has it carried over into mobile?

I remember being excited when mobile came out for the comeback of the standalone application. There are multiple Twitter apps available, all posting to the same service and accessing, differently, the same content. But it hasn’t led to a return to a more federated model for new software, or openness in general.

There’s a few reasons for this. One is, by the time mobile platforms started gaining steam, the web revolution had already mostly gone its course. We’d gotten used to that business model. The assumptions that are built in to how the web works — that you would get your client software from the company that also provides the only server it works with — those assumptions had become entrenched enough that a different technology landscape didn’t overcome them.

Another is the closed nature of both major mobile platforms. It is very annoying to put an app on the app store. It is annoying to write one — historically, it was a quite constrained platform. Apple can and will reject you arbitrarily. It increases the barrier to entry, so that established companies have a huge advantage.

But the biggest reason, in my opinion, is that the mobile world and the web world are too entwined. Not only do we expect to use many services from the phone on the computer as well, where the web dominates, but the platforms use the same servers and often, the same frontend code. It is relatively easy, and commonly done, to use some or all of the code that normally runs in a web browser, and instead run it in a browser engine embedded into a mobile app.

So the pattern set by the modern web is deeply entrenched. The end result is a computer as an endpoint for service. Rather than as a tool we control and use directly, it is an adaptable terminal that we use to enter into corporate-controlled environments, where people make their livelihoods and run their social lives, but the rules can change at the companies’ whim.

So how do we return to a locally controlled system again? Anti-trust and regulation isn’t enough — that’ll simply change what companies we do the interactions with. Getting rid of the web isn’t feasible and probably still wouldn’t be enough — we’ve thoroughly convinced ourselves by now that this is how computers are supposed to work.

We need to build an alternative. We need a complete suite of software that replaces all the needs that websites currently have, but which do not rely on the same level of centralization. This requires a lot of work, and while open source software can spontaneously and freely arise as collaboration between companies when technical concerns are at play (Linux, compilers, libraries), when it comes to polished and well-designed products, that usually requires more explicit funding.

So if I were someday, somehow elected president, I would not only carry out Elizabeth Warren’s noble anti-trust plan. I would also fund a government program to give grants to build open source software that could be used this way, with a mission of re-building a computer culture that doesn’t rely on the same level of centralization and corporatization. This would be an effective use of tax money, because what differentiates software from other products is that, once created, software can be duplicated and re-deployed without any natural cost.

And federated social networks would be a small, relatively unimportant part of it. What if craftspeople could easily sell directly to consumers, rather than listing on Etsy? What if cab drivers didn’t have to sign up for apps that take giant cuts for doing very little? What if we had time logging and vacation tracking software for our small companies that actually worked? What if someone didn’t feel like they had to buy an iPhone so they could Facetime their family, but could feel confident using whatever phone they wanted?