|
The impact of the recently revealed US government data collection practices may go well beyond the privacy ramifications outlined in the Internet Society’s statement: expect a chilling effect on global, resilient network architecture. As governments of other countries realize how much of their citizens’ traffic flows through the US, whether or not it is destined for any user or service there, expect to see moves to curtail connections to and through the US.
Let’s consider how it happens. The reality is that it may be cheaper, easier, and faster to send a packet from Vancouver (Canada) to Toronto (Canada) via Seattle (United States) than any all-Canadian route—but that makes the traffic subject to US inspection.
Or, many international connections out of Latin America terminate in Miami, because that provides the most direct link to all other continents. But, that means traffic from Santiago (Chile) to London (UK) may well pass through the US and be subjected to US government inspection/collection.
The first situation can be addressed by building more Internet exchange points (IXPs) to make it economically viable to keep Canadian Internet traffic in Canada. The second is a little harder to address without moving continents closer together, although it is reasonable to expect that some other, non-US location will emerge as a preferred nexus for Latin American inter-continental traffic.
But, before we conclude this is just a messy and expensive question of network operators changing their connections, it’s important to take a step back and think about what this means for a resilient, robust Internet.
The Internet was not designed to recognize national boundaries. It’s not being rude—it just wasn’t relevant. Resiliency1&2 is achieved through diversity of infrastructure. Having multiple connections and different routes between key points ensures that traffic can “route around” network problems—nodes that are off the air because of technical, physical, or political interference, for example. We’ve seen instances where countries are impacted by disaster but at least some of that country’s websites remain accessible: if the ccTLD has a mirror outside the impacted network, and if the websites are hosted/mirrored elsewhere, they’re still accessible. This can be incredibly important when a natural disaster occurs and there is a need to be able to get to local resources.
The more there is a push to retrofit the Internet to align with national borders for the sake of maintaining apparent control over all the resources (as opposed to considered network architectural reasons), the more we run the risk of undermining the diversity that gives the Internet the resiliency it has today. The Internet works through collaboration; making decisions on the assumption of territorial boundaries weakens it at every step.
For certain, there are legitimate concerns that policymakers have about security of their networks and privacy of their citizens. In developing policies to address these concerns, it’s important that policymakers bear in mind that resiliency is a key component of security, trust and interoperability. As one of those considerations, the impact on network resiliency should be properly weighed as a negative side effect when proposing the kind of broad scale tracking that the the US is apparently doing.
On the Internet, no nation is an island.
This blog post originally appeared on the Internet Society’s Internet Technology Matters blog: http://www.internetsociety.org/blog/tech-matters
1 https://wiki.ittc.ku.edu/resilinets_wiki/index.php/Definitions#Resilience
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byDNIB.com
You say, “On the Internet, no nation is an island.”
Perhaps. Unless they wish to be, temporarily or otherwise. Consider for example the temporary cases of Estonia (for self-defense) and others (responding - perhaps unwisely - to “domestic emergency”).
But consider for a moment the extraordinary efforts that private companies now take to faciliate national border enforcement. Why do they do it?
-Sometimes to comply with domestic laws as in the case of the BBC.
-Sometimes to help facilitate compliance with foreign and domestic laws, as in the case of Facebook.
-Sometimes in an effort to reduce losses from fraud, as with online retailers and others who take payments.
-And sometimes because they are ordered by a court to do so.
I know you are busy trying to close this barn door, but I regret to inform you that the horse departed a long time ago.
I don’t dispute your facts, but I reach a different conclusion.
That something happens a lot doesn’t necessarily make it an acceptable norm, or a desirable outcome. Just because everyone drives 10mph over the speed limit doesn’t mean speed limits are pointless, should be raised by 10mph, or that high speed collisions are any less deadly.
Sure, network architecture these days is very different than it was a decade ago, for a long list of reasons. However, I believe the open admission and blatant stance that the US has taken in this case may leave other governments in a position that they feel they must react: and there is a real danger when political reaction drives network change.
I freely acknowledge that danger that you are highlighting, and I agree that political backlash will probably create some negative consequences from the perspective of network engineering. I also like your speed limit (and compliance) metaphor. I often use this same metaphor to argue that while Internet Borders are not perfectly enforced (or perfectly enforceable), this does not detract from the fact that they are enforced to some degree. (In the same way that we see the speed limit is enforced - to some degree.) I suspect that the discomfort felt by most network engineers may be the result of the tension between the desires of network and protocol design on the one hand, and the international legal norm of borders and border enforcement on the other. Border enforcement (perhaps of necessity) introduces what might be considered "inefficiency" in network design and operation. The main conclusion I draw (based on the way that the human race has chosen to organise its international relations for three centuries) is that some degree of border enforcement activity is inevitable. I believe that the challenge to members of the network engineering community is to consider how to minimise the negative externalities produced by that result. Pretending that borders are not going to be enforced means losing this opportunity to minimise the (engineering) impact of what was already a well-developed and accelerating trend.