|
As the operator of the registry for the .CA top-level domain and the domain name system (DNS) infrastructure that supports it, I am uncomfortable, though not surprised, with the knowledge that a government is monitoring the activities of Internet users.
And while recent reports about the National Security Agency’s top-secret PRISM program actively monitoring Internet users in the United States and (by default) citizens of other countries—Canada included—are on the front page of newspapers around the world, Internet surveillance is not exactly new. It has been happening in one form or another since the early days of the commercial Internet in the mid-1990s.
However, the fact that online surveillance isn’t new does not: a) make it right, or b) mean that we shouldn’t do our best to make sure it doesn’t happen.
The Internet is far too important for us to become complacent. No other technological invention of the past millennium has had the social and economic effect that the Internet has had.
That said, for all of its complexity, the Internet is really driven by a series of transactions—either the exchange of information in personal communications or the exchange of technological/informational communications at the DNS level (watch this primer video on how the DNS works). Those transactions work because there is a high degree of trust among the parties that operate the Internet.
Trust is the very foundation of the Internet.
Having an unknown, unauthorized party access to what is essentially private communications erodes that trust, and with it, the very foundation of what makes the Internet work. I believe eroding that trust—and with it the tremendous social and economic benefit the Internet brings—is too high a price to pay for national security.
It reminds me of this quote from Benjamin Franklin: “Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.”
There is one way to protect ourselves, to some degree, from having our data fall under the jurisdiction of a foreign country. We must ensure more of it travels to its destination via Canadian routes.
Many Canadians may not realize that much of Canada’s domestic Internet traffic flows outside of the country. This is simply the way the Internet works. For example, a single email can be broken down into thousands of data packets, and each packet will take the fastest and most efficient route to its destination where that email will be reassembled. The majority of the time, that route involves travel through another country.
In our case, this often means our confidential data travels through the U.S., and is subject to any surveillance and laws in that jurisdiction.
Historically, it was often more economical for Canadian Internet Service Providers to move domestic traffic over established international links. Canada’s Internet is therefore heavily reliant on foreign infrastructure, and as a result, much of our Internet traffic flows through other countries.
In light of programs like the NSA’s PRISM, I do not believe this is acceptable any longer. It is time for Canada to repatriate its Internet traffic to the best extent possible, given the distributed nature of the DNS.
In my informed opinion, to do this will require more Internet Exchange Points, or IXPs, in Canada. IXPs are large data switches that allow Internet users in the same geographic area to connect directly with each other. An IXP allows local network traffic to take shorter, faster paths between member networks, ensuring more of that traffic remains local. Canada currently has fewer than five IXPs, well below the numbers our international counterparts have (the U.S., for example, has more than 80).
By building a robust Canadian Internet infrastructure, including a nation-wide fabric of IXPs, we can ensure more Canadian traffic stays in Canada, and is therefore only subject to Canadian law. We will also ensure that the trust that underlies the Internet in Canada remains strong, and we can continue to reap the benefits the Internet offers.
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix