Thursday, 30 July 2009

Freedom and the Internet

One advantage of the Internet is the ability to pull random pieces of information together. The following post is inspired by two of my fav bloggers.

I have always been uncomfortable with the anti-ISP bandwidth/Internet Freedom/Net Neutrality debate. Some of my thoughts on this are well known by now. Chris Parsons appears to be an avid champion of Internet freedom for consumers. Many of his posts illustrate a core belief that consumers, not "unaccountable ISPs" should control or decide what shaping or bandwidth monitoring practices are used.

For the record, I'm all for the control being in the ISPs hands. I would be more distrustful of a neutral third party overseeing this (I suspect such a system would be either toothless, inefficient, incompetent or all three.) This is one case where I support market forces in a free economy to even things out (ISPs that piss off too many customers are biting the hand that feeds them).

An underlying theme though from proponents of Net Neutrality is this sentiment: Because I the consumer can choose, I the consumer should be able to choose. Examples are: If I want to hook up a server to my home internet connection, if I am capable of it I should be allowed to do it without restrictions. If I the consumer wish to use BitTorrent to download content, I should be allowed to do it without restriction. (To be fair to Chris, he acknowledges that their are technical limitations that justify bandwidth management. His concerns are centered around who makes that determination.)

It is in that vein, that I read this post by Adam Rawlings. You're better off reading the whole thing, and part 1 as well.

This section resonated with me in regards to the Net Neutrality debate:

So, freedom in the political sense consists both of the lack of restriction by political institutions and the granting of new abilities by political institutions. On the face of it, these are in serious tension with each other -- forget whether they are in tension with human freedom. That is, in order to create new abilities, it seems that political institutions must impose restrictions on us. In order for there to be public offices, for example, there must be powers associated with those offices, powers which can be used on others. So, if we want to have the freedom to run for public office, we must give up the freedom to not be restricted by those who hold public office. And vice versa -- if we want to maintain the lack of restriction, we must give up the existence of public offices.

The concept that making one choice in the name of freedom creates or limits other choices is interesting. If we took the extreme case and completely banned all forms of bandwidth monitoring/management on the Internet, it is my humble technical opinion as a network guy that the end result would be widespread and random outages. Our freedom to use the Internet would be threatened by chaotic technical limitations because of our intent to create more freedom of use. An example is our road network. Many laws govern where you may drive, who can operate a vehicle, what kind of vehicles can be operated and how those vehicles are operated. We do this to control and allow safe use of the road network. Unfettered access would limit safety (and more than likely efficient use of the roads as well.) It isn't a coincidence that I find more parallels with the Internet and vehicular traffic, than between other utilities and the Internet (which Chris often compares too.)

Our efforts to control the choices ISPs make in the name of consumer freedom affects other choices we as consumers get to make for ourselves. This is the one area where I truly believe the consumer does not understand what they are asking for, and their efforts will make the situation worse, not better. That by controlling the ISPs, we'll be impairing our own access. "The road to hell is paved with good intentions" and all that.

Outside the freedom of choice argument, if I had to make a black and white statement, it is this. As long as ISPs are private entities, we the consumers have no implicit rights to the services they offer. ISPs are under no obligation to upgrade or improve service on their networks. They are entirely within their rights as businesses to milk as much profit as possible out of existing infrastructure. It is up to the management group to decide how to deliver the service within a competitive economy. We as consumers only have the right to subscribe or not subscribe, and with who we enter into contract with.

ISPs state that they need to control bandwidth because the infrastructure can not handle the load, is rebutted by the idea that these same ISPs make huge profits, which could theoretically be used to upgrade their service. There are two problems with that argument. The first is practical. Since we do not know the cost to upgrade infrastructure to meet consumers wishes, we cannot assume that ISP profits would cover those costs. As the Australian example shows, this isn't a cheap proposal.

The second problem is that in a market private-enterprise driver economy, customers have little say in how profits are used. Just because RIM makes record profits, doesn't mean the prices of BlackBerrys should fall. Or because banks make record profits, ATM fees should disappear. Or that Oil and Gas companies make record profits that gasoline prices should fall.

It isn't that I am a champion of the corporate world. I have been ripped off enough times that I am cynical of many (most?) corporate messages. I just come to this view based on the fact we live within a capitalist economy. Tinkering within the model is doomed to failure. If the model is proving unsatisfactory, we need to replace the whole thing. If Internet accessibility is a requirement, then we should nationalize the infrastructure and turn it into a crown corporation. That's an argument I'm a lot more sympathetic too.


ADHR said...

Yeah, I'm more sympathetic to that point, too. If internet access is a public good -- like roads, say -- then we should probably provide it through government. On the other hand, though, we do have private companies providing electricity, and put in place severe regulations governing how they do so. Wouldn't that be an equally legitimate solution?

Catelli said...

It depends on what those regulations are regulating. In some areas ISPs actually do need regulation. Eg. logs and records that identify individuals by content accessed on the Internet. How long must they be kept, what kind of data must be kept? This is an area that should be clearly defined for all parties concerned.

I'm not quite sure where the parallels are for regulations governing Utilities and ISPs.

There is a parallel that governs what consumers can do (and this is a counter-point to something Chris wrote). Utilities cannot tell you how many appliances you can have in your home. But they do have to be CSA approved before they can be installed. The appliances you use have to comply with certain regulations for your own safety, and to ensure they do not affect the service provided by the utilities.

And you also cannot willy-nilly modify the gas or electric service coming into your household. In the event of a power outage, you can't just plug in a gas powered generator into one of your AC outlets to provide emergency power. This is something that is technically feasible (I know a few people that have done it) but it is against the law.

These two areas of regulation restrict and regulate what the consumer can and cannot do in their own home. Which reinforces my point, just because you can do something, doesn't mean you should be allowed to do it. With natural gas and electricity, these actions risk your and your families' safety and the health and safety of your neighbours. These regulations limit consumer choice, but they are there for a reason.

ADHR said...

Well, I wouldn't push the utilities/ISPs parallel too far... there are obvious disanalogies. My main point was that being a private company doesn't imply lack of regulation. There's lots of regulated industries -- the financial industry, for example -- which are regulated because not regulating them could be a frickin' disaster. If we're talking electricity and gas utilities, the disaster in question is usually on the lines of death and destruction. If we're talking financial service providers, telephone companies, radio stations (and so on and so forth), then the types of regulations will differ.

For me, the issue is whether internet service is something the private sector can reasonably be expected to provide, while operating under reasonable regulations. These would probably be something like, just as a rough sketch, the following.

First, guaranteeing access. So, no arbitrary outages, no areas of the province/country that are deprived of service because of distance from urban centres, minimum up/down speeds (with reasonable flexibility -- I know it's hard to guarantee these in some areas of this country), etc. I think that's basic. Internet access is too important to the way we live for it to be unreliable, spotty or significantly impeded.

Second, guaranteeing privacy. So, no checking whether you're downloading copyrighted material -- that's a law enforcement thing; no checking whether you're browsing lots of porn sites -- again, law enforcement; and no checking whether you're using bittorrent as such. Again, I think that's basic. ISPs are in the business of service provision, no monitoring how we use the service. It'd be like the power company telling me I can't use a fridge. Not because it's dangerous to the network -- just because it's a fridge and they don't want to provide electricity to fridges.

Third, maintaining the integrity of the network. This again seems obvious. It's necessary in order to guarantee the other two. But the network has to be maintained, I think, to a level that guarantees the other two. We have a real problem in this regard when it comes to electricity, as well as water (at least in Toronto; not sure about Waterloo, but Toronto still has wooden pipes in some areas). The physical network simply can't handle what we're trying to use it for, and the relevant service providers aren't doing much, if anything, to alleviate the problem. That should be a basic responsibility if a necessary service is in private hands. This one, in particular, puts a burden on the user, too. You can't hook something up to the network that might damage it significantly. The word "significantly" is key, I think. The power company can't cut you off for using non-EnergyStar appliances, although they can for using non-CSA approved appliances. The same sort of thing would apply to internet service: the ISPs can reasonably insist on not using "appliances" that put the network at significant risk, but can't reasonably insist on not using "appliances" that put the network at any risk whatsoever.

So, I guess I'm looking for pretty much what we expect from the utilities, minus the prevention of death and destruction business. Makes ISPs more like a telephone utility, I suppose.

If those regulations are too arduous for a private sector company, then we should just publicize the pipes. If they aren't too arduous, then better to let the private ISPs continue.

Catelli said...

I would largely agree with those in a broader sense. The devil is as always in the details. Being too precise in each area could be problematic.

Point 1, requires partnership with the government to deploy expensive technologies to remote areas. The federal government just announced such an initiative (the effectiveness I have idea of). But it is something already being worked on.

Point two and three are somewhat in conflict. Maintaining the integrity of a network pretty much requires DPI technologies that can and do "know" that you are using BitTorrent (or are playing World of Warcraft, downloading over HTTP, etc.). The large number of application types require some sort of management to keep service available across all applications. Bandwidth demands will always exceed what the network can provide, so choices will have to be made at the network layer to prevent one user or application crowding out and denying all other users. Your very much aware I've been over this ground before.

However, these technologies don't have to (and usually) don't log this information for an extended period of time (the detail logs usually clear within a few hours, due to storage constraints). These are point-in-time solutions to manage traffic in real time.

What Chris has argued for is greater regulation in the use of DPI by ISPs. (He agrees its a necessary evil). However he would like to see clear cut rules governing their use, with disclosure pretty much right down to the rules in use. I'm fairly sure that wouldn't work. The nebulous nature of networks, and the demands placed on them require flexible and changeable management strategies to ensure a constant level of availability.

As to overall privacy, ISPs are actually fighting requirements by law-enforcement agencies to log customer data. In this area the private companies are on our side. Why? Cost management. Detail logging that identifies who, what, when and how can get pricey. Mainly in terms of storage. 24 hours of data can consume 100s of Gigs of disk space. Which is why most logs are purged fairly quickly.

The only real area that private companies will fall behind is continuous innovation and growth of the network. Companies make the most profits by spending as little as possible while charging as much as the market will bear.

There is a rich irony however. What is largely fueling this debate in the online community is the continued use of the Internet by customers to download huge amounts of copyrighted content. They are avoiding paying to legally obtain media (i.e. going the cheapest route possible) and complaining when ISPs don't invest huge sums of money to facilitate their cheapskatedness. My self-righteous side has concluded that the penny-pinching-demanding consumers and penny-pinching ISPs deserve each other.

Catelli said...

Post edit: The federal government just announced such an initiative (the effectiveness of which I haven't a clue.)

ADHR said...

I agree there has to be flexibility. Otherwise, the government should just run it. There comes a point where regulation is so onerous it'd be easier to not have any private players. (I suspect that auto insurance is that rare case where the necessary regulations are so onerous, but I digress.)

Point 1 certainly requires federal and provincial (and probably municipal) government involvement. No question. Of course, the private sector could pony up a little more than it does. One of those deals where, in order to tap the lucrative urban market, the company must provide a certain level of service to the rural market.

I know 2 and 3 are in conflict, but I did that deliberately. It strikes me as too convenient to claim that bandwidth demands are now so herculean that the poor little network can't possibly handle it. That is, while I'd grant that demand will always outstrip supply, I don't grant that the solution is always demand-management. Supply-management has to come in there somewhere, too. For example, if demand for water exceeds supply, we have three options. We could ration -- moderate demand. We could get more water -- increase supply. Or we could do both. There's no particularly compelling reason that I can see for favouring the first over the second, and certainly not over the third.

Which ties into your point about needing to keep growing the network. Governments, generally, are very bad at getting private companies to do this. For example, the current "smart meters" being rolled out in the electricity market in Ontario are supposed to address the fact that the power grid can't supply as much electricity as is being demanded; but there are no initiatives to encourage utilities to increase their ability to provide more power. What we end up with is purely a demand-management tool.

I see that keeping vast logs of user activity would become cost-prohibitive, but I worry that ISPs are flagging certain user accounts and deliberately screwing with their ability to use the network. So, I think that privacy regs need to be stronger to prevent even that amount of management. You've persuaded me previously that there are good reasons to allow ISPs to manage traffic (demand) in real-time, but historical management of demand doesn't seem to me to be justified. (For example, if I'm willing to do lots of downloading during off-peak times, why shouldn't I be allowed to download as much as I want during those times? Even with smart meters for electricity, using tons of electricity during off-peak hours is 1/3-1/4 the cost of use during peak times.)

Although it's a bit of an aside, I should point out that there's a tremendous problem with copyright control looming under the surface of the net neutrality debate. It's not just about avoiding paying for stuff; it's also about the tremendous difficulties involved in getting the stuff you want. For example: DVD region-locking services no purpose except to allow media companies to control their profit margins in different areas of the world. I have a hard time not feeling sympathetic to people who say "to hell with it" and just download.

Catelli said...

I understand the tension with the media orgs. Hell, I've sworn off music completely partly in response to them.

However, ISPs for the most part have nothing to do with this debate, other than the media orgs (and sometimes due to ownership groups there is conflict of interest) see ISPs as enablers of stealing copyrighted content.

I'm not sure what mechanism could force ISPs (public or private) to ensure "supply-side" management. Data use and growth at the moment is exponential, and is outpacing technology's ability to keep up. Often faster network technologies have to be invented before they can be implemented. (A key driver in this area is corporate demand. Access costs are falling networks are faster, yet demand still outpaces it so overall costs still go up. Many of the developments for "private" networks find their way fairly quickly into public networks. I am flabbergasted that looking back only a few years, a 128k ISDN line was a smoking fast connection. Now I'm rolling out 10Mb links and they're not good enough.)

Regarding off-peak usage, are you sure you're off peak? All of my friends have moved their download usage to off-peak times (hell they just leave them on all day). If enough users have done this, there will be no such thing as off peak times. The network will always be close to saturation. ;)

If I had a wish, it would be this, full disclosure of the numbers. What is the actual usage of ISP networks? Where are the choke points? What growth curve are they experiencing?

So here's a thought. Would a regulated full disclosure of network infrastructure be fair to a private ISP? Even if we had the numbers, what could we realistically do with them (and would people honestly assess them?) In other words, would it truly be useful to consumers to know? I could see how this would akin to the arbitrary $100,000 public salary list. Not really useful, and unnecessarily intrusive.

But without them, a lot of this debate is a lot of guesswork!

ADHR said...

It does depend on jurisdiction whether the ISPs have anything to do with the media companies' issues. In France and, I believe, Australia, there are attempts to introduce "three-strikes" laws that will throw someone off the internet (no ISP can take them) for downloading copyrighted material. This provision is apparently in that secret international copyright treaty we keep hearing about, so it may come to Canada, too. Hence why privacy issues become very crucial when talking about ISPs: if they're not allowed to collect the data they would have to in order to implement a three-strikes style ban, then such bans could not exist.

I agree that data use and growth is exponential and ISPs are pretty much trying to tread water. But the growth will eventually level off. At which point I think it's reasonable to encourage ISPs to develop their networks to handle the level of bandwidth required. There could also be incentives now for ISPs who are expanding their networks rather than limiting use. (Since the usual market mechanisms of "charging customers more money" don't seem to be functioning, for some reason.)

Whether a full disclosure of relevant information is fair depends on what "full disclosure" means. There's a lot of information that, say, banks are forced to disclose which the public never sees, only the regulators. Something like that could be handled by the CRTC (or similar internet-related group -- not sure if the internet is within the CRTC's bailiwick or not).

Catelli said...

Exactly! This is the area I think we're ignoring at our own peril. We can't let the Media corps define our laws, and require ISPs to retain logs to protect licensed content.

Internet data should be subject to the same requirements as wire-taps. Data is only logged when a warrant is obtained, starts when the warrant is obtained, and only logs the data for the persons of interest named in the warrant. Requiring too broad a set of logs is a violation of civil liberties.

By "Full disclosure" I meant network architecture and the data stats for each aggregate link. This may reveal too much information to competitors (Revealing this architecture, would reveal information that could be targeted by aggressive competitors. Though that has its pluses as well.)

However, Bell did reveal this exact information at the CRTC hearing and the CRTC was satisfied that the use of shaping technologies to throttle Bit Torrent traffic was justified. As a network nerd, I'd still love to see the data that was presented.

At some point growth will level off. It has to. Right?

But I've tried making such declarations about technology before, and have been wrong every time. New uses that haven't been conceived of yet always set the bar beyond current limits. I once infamously declared that a Pentium 133 was the fastest processor a home user would need, because there wasn't anything they couldn't do that would justify a faster CPU. Of course I was stuck in the Word/Excel/E-mail paradigm of computer use. I didn't foresee the demands photo-editing and other multimedia would place on a CPU. Now the next home PC that I buy has to be at least dual-core, preferably quad. 5 years ago I never thought I'd want a multi-processor machine for home. (and don't even get me started on hard drive space.....)

For them moment at least, data growth is an exponential curve, and we don't know what the factor of that curve is. I'm completely serious when I say we can't even catch up to the demand on the curve, never mind get in front of it. If we all had 100Mb fiber to the home right now, we'd be demanding 10 Gigabit within 5 years.

ADHR said...

Yeah, I agree. If anyone wants information from an ISP, they need a warrant; and ISPs should not be recording anything without a warrant. (I would, incidentally, extend this to all the companies that are holding things like my credit card data. There's no good reason to retain that after the transaction has gone through.)

With regard to full disclosure, again, I'm not sure that it has to be revealed to anyone but the regulatory authority. I mean, Revenue Canada has all kinds of incredibly sensitive information at its disposal and that seems to work out pretty well.

Growth does seem to increase. But, I maintain that we'll eventually level off. Or, alternately, we'll figure out a technology which is capable of satisfying our needs in a far less costly/burdensome way. If, as you say, we can't get ahead of the curve with current technology, then the technology has to change.

Which is why I think that ISPs have some sort of responsibility to keep the network in as advanced a state as is reasonably possible. If a better technology (where "better" is defined in terms of being able to meet more demand for less cost, where more demand and less cost are reasonably weighed against each other) emerges, I think we at least need incentives to encourage ISPs to deploy it.

What I mean, I think, is that there's a hard limit to what current technology can do, analogous to the hard limit to what a P133 can do. A P133 just can't run, say, the current version of Photoshop (no idea if that's actually true, but go with it). So, if you want that version of Photoshop, the only option is to upgrade. And if no upgrade exists, then one has to be invented. We may be approaching that situation with internet service: that is, we may be so close to the hard limit on what the infrastructure can handle that they only way to improve service is to change the technology -- possibly by inventing new technology.

Although, all that being said, Japan seems to do far better in terms of providing more bandwidth and faster service than Canada or the US. So maybe our ISPs aren't trying all that hard.