Web 2.0. It’s a horrible, marketing-speak term that deserves the unending derision it is generally given by techs the world over, but nevertheless it’s stuck. Depending on who you ask, Web 2.0 either means the technology that make current darlings like Facebook and GMail work (such as AJAX), or the underlying principles of the regular users of websites having a more direct community involvement in the shaping of content they view. I guess it’s actually both. People have heralded this progression as a new renaissance for the Internet - personally I just see it as a natural incremental progression of technology and not the sea change that it is often sold as, there were pockets of the Internet doing this stuff long before the term was coined, it’s just more mainstream now.
However, there’s a trend that I’ve seen arise from Web 2.0 which I find a little disconcerting, and that’s an increasing centralisation of control and increasing reliance by the Internet-surfing public on a small number of technology players. On the one hand, we have personally hosted blogs, forums, comments etc where content is truly democratic / meritocratic; no-one controls what I say or do on this blog but me, and I expose precisely what I want to and no more. On the other hand, you have corporate players who provide hosted services, and increasingly this is what’s becoming what most ‘normal’ people associate with Web 2.0 - sites like Facebook, YouTube, Bebo, GMail are all controlled by corporations who make their money by attracting eyeballs. The content may be user-generated, but control over that content once posted is very much centralised and divested from the point of origin - convenient for sure, but what exactly are we giving up by being so dependent on them?
Freedom of speech has been one of the core tenets of the Internet from its inception. However, corporations have vested interests and potential exposure to litigation, so any service they host must be regulated, which is at odds with this principle. The result is of course censorship, often harsh and unilateral (particularly if Viacom took a dislike to you) and it has plagued most of the big names at one time or another. It’s because there’s a fundamental conflict of interest here - the corporations hosting these services make their money by hosting user content, but some of that content can get them into trouble, or ruffle feathers that it is not in their business interests to ruffle. Sure, these centralised sites can pretend to be the voice of the people, but they’re really not - they’re just corporations who have figured out how to make money by being a conduit for people’s Internet behaviour. In the end, despite the rethoric they’re ultimately not there for the individuals, or to make the world a better place, they’re there to make money - and individuals and content that isn’t compatible with that model can and will be excluded.
There are other issues too, probably the most important one being privacy. Protection of personal data from corporate exploitation has always been a serious issue in the UK (let’s ignore for a second privacy from our own governments which has gone backwards in recent years) but increasingly people are giving away their personal information to companies hosted in regions which have little or no such protection. Sure, a site may have a privacy policy, and perhaps give you supposed control over who you’re exposing the information to, but if they’re negligent and allow your data to slip into the wrong hands, there’s really very little statutory recourse, meaning data protection can never truly be a top priority for these companies, not compared to shoehorning in new features to beat the competition or to find ways of generating revenue. With identity theft on the rise, it’s alarming that so many people are willing to risk entrusting their personal information to third parties in juristictions with flimsy protections, and to companies who can sometimes pay lip service to privacy.
My opinion on this is that these problems are inherent to using third parties to act as hosts for our information, or rather allowing those third parties to control how the information is stored and regulated (and if you think that interface on your Facebook profile is true control, think again - at the end of the day your data is sitting unencrypted in a datacenter somewhere and is far from secure). They’re never going to care as much about our information as we do - with millions of users and a business to run, how could they? Maybe you don’t care that much since you’re just using these sites for personal photos and simple information, but I think this is a slippery slope. Do you know where the dividing line is between facts you’d be happy to be accidentally exposed by a server breach, and those you would not? Perhaps it isn’t a line, maybe it’s more of a grey area, since it’s increasingly possible to take a bunch of disparate information and piece together a greater profile from that? And can you deny that more and more of your life is transitioning to the internet, and that at some point you might look at everything you’ve given to the likes of Facebook and wish you hadn’t? And, what if you find that you can’t delete it?
Web 2.0 and the current vision of what ‘the cloud’ should be tends to revolve around technology companies holding repositories of information which we all must feed in order to form these rich online information exchanges. However, I really don’t believe this is necessary. Yes, there is a need for ‘hubs’ in the Internet, focal points where people can discover each other and connections. However, there’s really no reason why all our potentially private data needs to be centralised, under someone elses control. Right now it’s the only way for most people, because rolling your own hosting requires more technical knowledge and resources than most people have at their disposal, and ‘connecting the dots’ can only currently be done on centralised sites. I think we should be working towards developing technologies that make it easier for individuals to be in charge of their own information, not to give it away to third parties, and to form and be in control of their own connections - directly, not just via some centralised site which provides a mere illusion of control.
Personally, I see the current situation as a step on the path, and that the eventual goal should be to ‘re-democratise’ the Internet, where users are once again in full control of their data, exposing and exchanging only what they want to, directly with their trusted contacts and not via an untrusted middle man. Every Internet user has an ISP, and that ISP generally provides them with additional services like a mailbox and some variable amount of web hosting. All these technologies are based on standardised protocols and well-known principles, and generally are delivered via open source software. They’re true commodities - and what’s surprising is that this base feature set has barely changed in over a decade, and yet the way people use the Internet has changed almost beyond recognition. Imagine this - what if, as part of your ISP service, you were provided not just with simple web hosting, but a local version of Facebook? One where all the data you post is held locally on the ISP’s server (with appropriate quotas, but hey, disks are cheap), and preferably encrypted. Let’s now say that you can syndicate / exchange elements of that information to third parties that you trust over standardised protocols - exchanged over a secure channel if desired and the source / destination verified using digital signatures or common authentication systems like OpenID. All those updates you usually post to a central site can easily be desemminated directly in an ad-hoc fashion to your friends in a push model, or in a pull model for new joiners. But, you may ask, even with the automated syndication / synchronisation, how do you find your friends in the first place without a central system? Well, via the search engines we’ve all used for years - you will obviously need a regular public profile web page for unvalidated users to land on, and automated search engine submission; there’s no reason why specialist networking providers like Facebook couldn’t still act as hubs for just the public information to allow this discovery to happen, without having to hold sensitive or personal data.
In a nutshell the advantages of this approach over current centralised services include:
- Control of personal data remains in your own hands; you can choose what to give out, control encryption etc
- No censorship
- No need to maintain multiple profiles in many different systems
- No dependence on third parties, they are a value-add, not an inherent requirement
- Security based on open standards, transparency and trust are key
Much of the technology required to do this already exists, and has done for years, what’s needed is the vision and development effort to pull it all together and make it truly usable for the mass-market. If something like this is to fly, it has to be as easy to use as Facebook even though the underlying tech to make it happen is a lot more complex (as any decentralised system is). I think it’s an effort worth making though; personally I strongly believe that we’re setting ourselves up for a fall by entrusting too much of our data to third parties, and that in years to come, as people look to put more and more of their personal and business lives up on the Internet, eventually people will be crying out for a way to wrench control of their information back. Think of the web-of-trust systems we rely on for PGP communications, and now imagine that extended to a social network model, peer to peer, decentralised control, encrypted and validated via trusted signatures, not some self-appointed third-party web site.
The hard part is finding a business model to support it, because to do something this ambitious will undoubtedly require funding. Although I strongly believe that putting the power back in the hands of the people is the right thing to do, when you stack it up as a business pitch against the current approach of forcing users to give all their data to you, and to be totally reliant on you on an ongoing basis, it doesn’t stack up particularly well. Plus, everyone is already familiar with the ‘host user content, get eyeballs, profit!’ sequence so it’s a relatively easy sell. Perhaps the answer is not to chase the stratospheric growth targets of typical Web 2.0 companies, but to ramp something up quietly and organically, funding via lightweight (optional) hub search services and provisioning to ISPs and/or early adopters. Open source is totally inherent in the approach too, both to promote open adoption but also to instill trust - in order to fully trust a system like this, its inner workings have to be completely open for anyone to scrutinise.
Well, there we go, my vision for the future of exchange of personal information on the Internet. If any VCs are reading this, feel free to discuss it with me further 
May 12th, 2008 at 12:38 pm
Interesting. I guess the tranisent nature of the internet would have to be migitated too. I know you probably don’t have much choice of isps where you are at… but on mainland uk I’ve swapped isps a few times over the years and that space disappears everytime.
Course migration is possible, and I’m sure already exists, but if you are moving house that’s one more thing to think about or forget about.
The strength of the “2.0″ stuff out there is that it requires very low amounts of commitment and next to 0 tech knowledge. If something open source encorporating all these techs can really just come to a big red button that anyone can push, then I guess it could go somewhere. It would need an extremely strong, diplomatic and dedicated leader to get it all working.
May 12th, 2008 at 4:57 pm
I agree with entirely, but would like to progress the discussion. Paul is right, leadership is key. But we also need the spreading of evolved minds. Technically, corporations are the minority, as are governments.
I believe most people are tired of feeling like there are monstrous organizations that have overwhelming power over them. A person’s desire for control only comes out of their reality of repression and domination. If the corporations weren’t abusive of their power, and realize their ultimate effect on the world (just take a look around), then things will start to turn around. It seems they are a bit, but all under the mask of marketing. Here are some thoughts:
- if companies care about their own growth over individual interest, then perhaps a new way of thinking for corporations is needed.
- there have always been privacy issues. governments, like the USA, that used every means possible to spy on their people. Governments act like corporations, and corporations act like governments. Since they live off the same currency, they are one and the same. Thus, the individual is slotted into the system.
- rolling your own hosting
- “I think we should be working towards developing technologies that make it easier for individuals to be in charge of their own information” yes, power to the people!
- no matter what technology we create, people can find a way to abuse it. What we need to do is spread enlightened thinking and care for one another.
- Don’t Peer-to-peer and other decentralized models create a lot of data duplication, and thus make it hard to stay current, or in control of information you want to remove?
May 12th, 2008 at 5:23 pm
“Don’t Peer-to-peer and other decentralized models create a lot of data duplication, and thus make it hard to stay current, or in control of information you want to remove?”
Not necessarily, look at the success of RSS aggregation systems. You might choose to duplicate some ‘leader’ element (if permitted), but the original source should be deemed to be the authorative one and referenced for all full access - much like a blog really.
It’s a big logistical challenge for sure though.
May 13th, 2008 at 4:57 pm
?believe most people are tired of feeling like there are monstrous organizations that have overwhelming power over them.?
Actually, they don?t.
Most people don?t even consider something like McDonald or Microsoft to be any sort of threat to them and frankly, why should they ?
I would second your point regarding potential government originated abuse since historically that?s where loss of freedom tends to originate from.
People tend to use services like facebook and others for the same reason people like to use banks, go shoping to Sears or use any number of other similar services ? it is convinient and surely more economical than some sort of ?everybody bakes their own bread? approach which peer-to-peer pretty much amounts to.
Sure, some people will prefer the ?do it yourself? approach but generally this will always be a minority.
And surely, a corporation with their ability to hire technical talent has a better chance to secure your data ? don?t we have enough personal zombie windows machines running out there ? do we really want more ?
Of course, if a company turns out to be abusive and reckless with their potentially very valuable data, there are plenty of ways to handle this abuse, not the least of them being simple market competition where people can just take their business to somebody else who offers better service.
In other words, with exception of repeated attempts to censor/limit/tax activities on the Internet by various government entities, I don?t see anything wrong with the way the Internet is growing ? hell, thanks to the commercial involvement ( and that includes providing non-technical people with new ways to make themselves heard/seen on the web) the Internet is a much more interesting place than it used to be in the early 90s.
August 4th, 2008 at 2:02 pm
[...] Open Source and Cloud Computing today, and I was pretty happy to see that his thoughts reinforced what I was saying a couple of months ago about how I thought isolated, corporate-owned islands in the ‘cloud’ were not a [...]