Human Rights Protocol Considerations Research Group N. ten Oever
Internet-Draft ARTICLE 19
Intended status: Informational A. Sullivan
Expires: April 25, 2018 Oracle
A. Andersdotter
ARTICLE 19
October 22, 2017

On the Politics of Standards
draft-tenoever-hrpc-political-02

Abstract

This document aims to outline different views on the relation between protocols and politics and seeks to answer the question whether protocols are political.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on April 25, 2018.

Copyright Notice

Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.


Table of Contents

1. Introduction

 "we shape our tools and thereafter they shape us"

                          -John Culkin

The design of the Internet through protocols and standards is a technical issue with great political and economic impacts [RFC0613]. The early Internet community already realized that it needed to make decisions on political issues such as Intellectual Property, Internationzalization [BramanI], diversity, access [RFC0101] privacy and security [RFC0049], and the military [RFC0164] [RFC0316], governmental [RFC0144] [RFC0286] [RFC0313] [RFC0542] [RFC0549] and non-governmental [RFC0196] uses, which has been clearly pointed out by Braman [BramanII].

Recently there has been an increased discussion on the relation between Internet protocols and human rights [hrpc] which spurred the discussion on the political nature of protocols. The network infrastructure is on the one hand designed, described, developed, standardized and implemented by the Internet community, but the Internet community and Internet users are also shaped by the affordances of the technology. Companies, citizens, governments, standards developing bodies, public opinion and public interest groups all play a part in these discussions. In this document we aim to outline different views on the relation between protocols and politics and seek to answer the question whether protocols are political, and if so, how.

2. Vocabulary Used

Politics
(from Greek: Politiká: Politika, definition “affairs of the commons”) is the process of making decisions applying to all members of a group. More narrowly, it refers to achieving and exercising positions of governance or organized control over a community. Furthermore, politics is the study or practice of the distribution of power and resources within a given community as well as the interrelationship(s) between communities. (adapted from )

3. Literature and Positions

While discussion the impact of protocols on human rights different positions could be differentiated. Without judging them on their internal of external consistency they are represented here.

3.1. Technology is value neutral

This position starts from the premise that the technical and poltical are differentiated fields and that technology is ‘value free’. This is also put more explicitly by Carey: “electronics is neither the arrival of apocalypse nor the dispensation of grace. Technology is technology; it is a means for communication and transportation over space, and nothing more.” [Carey] In this view technology only become political when it is actually being used by humans. So the technology itself is not political, the use of the technology is. This is view sees technology as instrument; “technologies are ‘tools’ standing ready to serve the purposes of their users. Technology is deemed ‘neutral,’ without valuative content of its own.’” [Feenberg]. Feenberg continues: “technology is not inherently good or bad, and can be used to whatever political or social ends desired by the person or institution in control. Technology is a ‘rational entity’ and universally applicable. One may make exceptions on moral grounds, but one must also understand that the “price for the achievement of environmental, ethical, or religious goals…is reduced efficiency.” [Feenberg]

3.2. Some protocols are political some times

This stance is a pragmatic approach to the problem. It states that some protocols under certain conditions can themselves have a political dimension. This is different from the claim that a protocol might sometimes be used in a political way; that view is consistent with the idea of the technology being neutral (for the human action using the technology is where the politics lies). Instead, this position requires that each protocol and use be evaluated for its political dimension, in order to understand the extent to which it is political.

3.3. The network has its own logic and values

While humans create techologies, that does not mean that they are forever under human control. A technology, once created, has its own logic that is independent of the human actors that either create or use the technology.

Consider, for instance, the way that the very existence of the automobile imposes physical forms on the world different from those that come from the electric tram or the horse-cart. The logic of the automobile means speed and the rapid covering of distance, which encourages suburban development and a tendency toward conurbation. But even if that did not happen, widespread automotobile use requires paved roads, and parking lots and structures. These are pressures that come from the automotive technology itself, and would not arise without that technology.

Certain kinds of technology shape the world in this sense. As Martin Heidegger says, “The hydroelectric plant is not built into the Rhine River as was the old wooden bridge that joined bank with bank for hundreds of years. Rather the river is dammed up into the power plant. What the river is now, namely, a water power supplier, derives from out of the essence of the power station.” [Heidegger] (p 16) The dam in the river changes the world in a way the bridge does not, because the dam alters the nature of the river.

In much same way, then, networking technology once created makes its own demands. One of the most important conditions for protocol success is that the protocol is incremental deployability [RFC5218]. This means that the network already deployed constrains what can be delployed into it. Moreover, one interpretation of [RFC7258] is that pervasive monitoring is an “attack” in the narrow sense precisely because of the network’s need not to leak traces of online exchanges. A different network with a different design might not have been subject to this kind of attack.

3.4. Protocols are inherently political

On the other side of the spectrum there are the ones who insist that technology is non-neutral. This is for instance made explicit by Postman where he writes: ‘the uses made of technology are largely determined by the structure of the technology itself’ [Postman]. He states that the medium itself ‘contains an ideological bias’. He continues to argue that technology is non-neutral:

(1) because of the symbolic forms in which information is encoded, different media have different intellectual and emotional biases; (2) because of the accessibility and speed of their information, different media have different political biases; (3) because of their physical form, different media have different sensory biases; (4) because of the conditions in which we attend to them, different media have different social biases; (5) because of their technical and economic structure, different media have different content biases. [Postman]

More recent scholars of Internet infrastructure and governance have also pointed out that Internet processes and protocols have become part and parcel of political processes and public policies: one only has to look at the IANA transition or global innovation policy for concrete examples [DeNardis]. Similarly one can look at the Raven process in which the IETF after a long discussion refused to standardize wiretapping (which resulted in [RFC2804]. That was an instance where the IETF took a position that was largely political, although driven by a technical argument. It was similar to the process that led to [RFC6973], in which something that occurred in the political space (Snowden disclosures) engendered the IETF to act. This is summarized in [Abbate] who says: “protocols are politics by other means”. This emphasises the interests that are at play in the process of designing standards. This position holds further that protocols can never be understood without their contextual embeddedness: protocols do not exist solely by themselves but always are to be understood in a more complex context – the stack, hardware, or nation-state interests and their impact on civil rights. Finally, this view is that that protocols are political because they affect or sometimes effect the socio-technical ordering of reality. The latter observation leads Winner to conclude that the reality of technological progress has too often been a scenario where the innovation has dictated change for society. Those who had the power to introduce a new technology also had the power to create a consumer class to use the technology, ‘with new practices, relationships, and identities supplanting the old, —and those who had the wherewithal to implement new technologies often molded society to match the needs of emerging technologies and organizations.’ [Winner].

4. Examples and approaches

5. Competition and collaboration

Standards exist for nearly everything: processes, technologies, safety, hiring, elections, and training. Standards provide blue-prints for how to accomplish a particular task in a similar way to others trying to accomplish the same thing, while reducing overhead and inefficiencies. Formal technical standardisation, then, is the process whereby the expected features or functionalities of a particular technology are codified in writing. It is a way of ensuring that different technological systems can interoperate, or work in tandem and exchange functionality.

A formalised standard does not stop competition between entities working to realise those standards in practical implementations of that technological base. If the standard is well-crafted, it will even help entities cooperate and construct products and services on top of the commonly shared technological base. In these circumstances, standardisation is seen as beneficient for competition in downstream markets, meaning those markets making used of the standardised technologies. Standards have long been used as a tool to lay groundworks, a certain minimal commonality, that helps countries, companies or individuals cooperate to reach the next level of technological advancements more quickly.

Standards may not only exist in the form of a formal document laid down by an organisation gathering many different parties of different backgrounds behind a single, converging process. We also speak of de facto standards: the rules governing a technological base used by downstream market actors, such that, even if the rules have not been decided by many different entities they still constitute the effective boundary within which downstream innovation and development occurs. De facto standards can arise in market situations where one entity is particularly dominant, and may or may not lead to technical difficulties in challenging the dominant entity’s technological base [Ahlborn]. Under EU anti-trust law, de facto standards have been found to be able to restrict competition for downstream services for PC software products [CJEU2007], as well as downstream services dependent on health information [CJEU2004]. If such restrictions are found to apply, the resolution may entail obligations on the restrictive party to grant a license (if a failure to grant a license to the standard was the cause of the restriction) or arrange the technical solution in such a way that restrictions do not arise.

Standards development faces a number of economic and organisational challenges that are well-studied: the cost and difficulty of organising many entities around a mutual goal, as well as the cost of research and development leading up to a mutually beneficial technological platform. The first problem may, on the one hand, be described as just the sheer organisational costs: how do you create platforms, especially global platforms, that are accessible in terms of price and time, when implementors affected by the standards produced may include any range of entities with different economic means and resources (in the specific context of the IETF some issues of this nature are considered in [draft-finance-thoughts] and its references, but challenges are clearly universal in nature). It also incorporates the problem of too many cooks spoiling the broth: if the interests of a large number of entities need to converge around a single solution, by which mechnism does one mitigate the inconvenience of differing opinions or preferences between the parties reducing the over-all utility of the final compromise [xkcd927].

The standards enabling interoperating networks, what we think of today as the Internet, were created as open, formal and voluntary standards. With openness, we understand that the standards were available at no cost to anyone around the world. Internet standardisation set itself apart from traditional standard bodies by not requiring implementors to pay a subscription fee to have access to the texts of codified standards. A platform for internet standardisation, the Internet Engineering Task Force (IETF), was created in 1992 to enable the continuation of such standardisation work.

On the one hand, this enables anyone willing and able to fulfill any standard requirement produced in the IETF. On the other hand, the costs and difficulties of organising many different entities in the standardisation process itself do not disappear only by making standards open and accessible to anyone seeking to implement them.

The IETF has sought to make the standards process transparent (by ensuring everyone can access standards, mailing-lists and meetings), predictable (by having clear procedures and reviews) and of high quality (by having draft documents reviewed by members from its own epistemic community). This is all aimed at increasing the accountability of the process and the quality of the standard. The IETF implements what has been referred to as an “informal ex ante disclosure policy” for patents [Contreras], which includes the possibility for participants to disclose the existence of a patent relevant for the standard, royalty-terms which would apply to the implementors of that standard should it enter into effect, as well as other licensing terms that may be interesting for implementors to know. The community ethos in the IETF seems to lead to 100% royalty-free disclosures of prior patents [Contreras] which is a record number, even among other comparable standard organisations.

In spite of a strong community ethos and transparent procedures, the IETF is not immune to externalities. Sponsorship to the IETF is varied, but is also of the nature that ongoing projects that are in the specific interest of one or some group of corporations may be given more funding than other projects (see [draft-finance-thoughts]).

6. More legacy, more politics?

Roman engineers complained about inadequate legacy standards they needed to comply with, which hampered them in their engineering excellence. In that sense not much has changed in the last 2100 years. When starting from a tabula rasa, one does not need to take other systems, layers or standards into account. The need for interoperability, and backward compatability makes engineering work harder. And once a standard is designed, it does not automatically means it will be broadly adopted at as fast pace. Examples of this are IPv6, DNSSEC, DKIM, etc. The need for interoperability means that a new protocol needs to take into account a much more diverse environment than early protocols, and also be amendable to different needs: protocols needs to relate and negotiate in a busy agora, as do the protocol developers. This means that some might get priority, whereas others get dropped. Thus with the

7. Layers of politics

There is a competition between layers, and even contestation about what the borders of different layers are. This leads to competition between layers and different solutions for similar problems on different layers, which in its turn leads to further ossification, which leads to more contestation.

8. How voluntary are open standards?

Coordinating transnational stakeholders in a process of negotiation and agreement through the development of common rules is a form of global governance [Nadvi]. Standards are among the mechanisms by which this governance is achieved. Conformance to certain standards is often a basic condition of participation in international trade and communication, so there are strong economic and political incentives to conform, even in the absence of legal requirements [Russell]. [RogersEden] argue: As unequal participants compete to define standards, technological compromises emerge, which add complexity to standards. For instance, when working group participants propose competing solutions, it may be easier for them to agree on a standard that combines all the proposals rather than choosing any single proposal. This shifts the responsibility for selecting a solution onto those who implement the standard, which can lead to complex implementations that may not be interoperable. On its face this appears to be a failure of the standardization process, but this outcome may benefit certain participants— for example, by allowing an implementer with large market share to establish a de facto standard within the scope of the documented standard.

9. The need for a positioning

It is indisputable that the Internet plays an increasingly important role in the lives of individuals. The community that procuces standards for the Internet therefore also has an increasing impact on society. The IETF cannot ordain what standards are to be used on the networks, but it does set open standards for interoperarability on the Internet, and has does so since the inception of the Internet. Therefore the standardization process of the IETF has influence and power. Because of the impact Internet standards have on society, the IETF should take into account the political aspects and implications of its work.

The risk of not doing this is threefold: (1) the IETF might make decisions which have a political impact that was not intended by the community, (2) other bodies or entities might make the decisions for the IETF because the IETF does not have an explicit stance, (3) other bodies that do take these issues into account might increase in importance on behest of the influence of the IETF.

This does not mean the IETF does not have a position on particular political issues. The policies for open and diverse participation [RFC7704], the anti-harassment policy [RFC7776], as well as the Guidelines for Privacy Considerations [RFC6973] are testament of this. But these are all examples of positions about the IETF’s work processes or product. What is absent is a way for IETF participants to evaluate their role with respect to the wider implications of that IETF work.

10. The way forward

There are instruments that can help the IETF develop an approach to address the politics of protocols. Part of this can be found in draft-irtf-hrpc-research as well as the United National Guiding Principles for Business and Human Rights [UNGP]. But there is not a one-size-fits-all solution. The IETF is a particular organization, with a particular mandate, and even if a policy is in place, its success depends on the implementation of the policy by the community.

Since ‘de facto standardization is reliant on market forces’ [Hanseth] we need to live with the fact standards bodies have a political nature [Webster]. This does not need to be problematic as long as there are sufficient accountability and transparency mecahnisms in place. The importance of these mechanisms increases with the importance of the standards and their implementations. The complexity of the work inscribes a requirement of competence in the work in the IETF, which forms an inherent barrier for end-user involvement. Even though this might not be intentional, it is a result of the interplay between the characteristics of the epistemic community in the IETF and the nature of the standard setting process.

Rather than arguing for the fairly general blanket statement that ‘standards are poltiical’ [Winner] [Woolgar] we argue that we need to look at the politics of individual standards and invite document authorts and reviewers to take these dynamics into account.

11. Security Considerations

As this draft concerns a research document, there are no security considerations.

12. IANA Considerations

This document has no actions for IANA.

13. Acknowledgements

14. Research Group Information

The discussion list for the IRTF Human Rights Protocol Considerations working group is located at the e-mail address hrpc@ietf.org. Information on the group and information on how to subscribe to the list is at: https://www.irtf.org/mailman/listinfo/hrpc

Archives of the list can be found at: https://www.irtf.org/mail-archive/web/hrpc/current/index.html

15. Informative References

[Abbate] Abbate, J., "Inventing the Internet", MIT Press , 2000.
[Ahlborn] Ahlborn, C., Denicoló, V., Geradin, D. and A. Padilla, "Implications of the Proposed Framework and Antitrust Rules for Dynamically Competitive Industries", DG Comp’s Discussion Paper on Article 82, DG COMP, European Commission , 2006.
[BramanI] Braman, S., "Internationalization of the Internet by design: The first decade", Global Media and Communication, Vol 8, Issue 1, pp. 27 - 45 , 2012.
[BramanII] Braman, S., "The Framing Years: Policy Fundamentals in the Internet Design Process, 1969–1979", The Information Society Vol. 27, Issue 5, 2011 , 2010.
[Carey] Carey, J., "Communication As Culture", p. 139 , 1992.
[CJEU2004] Court of Justice of the European Union, ., "ECLI:EU:C:2004:257, C-418/01 IMS Health", Cambridge, UK: Cambridge University Press , 2004.
[CJEU2007] Court of Justice of the European Union, ., "ECLI:EU:T:2007:289, T-201/04 Microsoft Corp.", Cambridge, UK: Cambridge University Press , 2007.
[Contreras] Contreras, J., "Technical Standards and Ex Ante Disclosure: Results and Analysis of an Empirical Study", Jurimetrics: The Journal of Law, Science & Technology, vol. 53, p. 163-211 , 2013.
[DeNardis] Denardis, L., "The Internet Design Tension between Surveillance and Security", IEEE Annals of the History of Computing (volume 37-2) , 2015.
[draft-finance-thoughts] Arkko, J., "Thoughts on IETF Finance Arrangements", 2017.
[Feenberg] Feenberg, A., "Critical Theory of Technology", p.5-6 , 1991.
[Hanseth] Hanseth, O. and E. Monteiro, "Insribing Behaviour in Information Infrastructure Standards", Accounting, Management and Infomation Technology 7 (14) p.183-211 , 1997.
[Heidegger] Heidegger, M., "The Question Concerning Technology and Other Essays", Garland: New York, 1977 , 1977.
[hrpc] ten Oever, N. and C. Cath, "Research into Human Rights Protocol Considerations", 2017.
[Nadvi] Nadvi, K. and F. Wältring, "Making sense of global standards", In: H. Schmitz (Ed.), Local enterprises in the global economy (pp. 53–94). Cheltenham, UK: Edward Elgar. , 2004.
[Postman] Postman, N., "Technopoly: the Surrender of Culture to Technology", Vintage: New York. pp. 3–20. , 1992.
[RFC0049] Meyer, E., "Conversations with S. Crocker (UCLA)", RFC 49, DOI 10.17487/RFC0049, April 1970.
[RFC0101] Watson, R., "Notes on the Network Working Group meeting, Urbana, Illinois, February 17, 1971", RFC 101, DOI 10.17487/RFC0101, February 1971.
[RFC0144] Shoshani, A., "Data sharing on computer networks", RFC 144, DOI 10.17487/RFC0144, April 1971.
[RFC0164] Heafner, J., "Minutes of Network Working Group meeting, 5/16 through 5/19/71", RFC 164, DOI 10.17487/RFC0164, May 1971.
[RFC0196] Watson, R., "Mail Box Protocol", RFC 196, DOI 10.17487/RFC0196, July 1971.
[RFC0286] Forman, E., "Network Library Information System", RFC 286, DOI 10.17487/RFC0286, December 1971.
[RFC0313] O'Sullivan, T., "Computer based instruction", RFC 313, DOI 10.17487/RFC0313, March 1972.
[RFC0316] McKay, D. and A. Mullery, "ARPA Network Data Management Working Group", RFC 316, DOI 10.17487/RFC0316, February 1972.
[RFC0542] Neigus, N., "File Transfer Protocol", RFC 542, DOI 10.17487/RFC0542, August 1973.
[RFC0549] Michener, J., "Minutes of Network Graphics Group meeting, 15-17 July 1973", RFC 549, DOI 10.17487/RFC0549, July 1973.
[RFC0613] McKenzie, A., "Network connectivity: A response to RFC 603", RFC 613, DOI 10.17487/RFC0613, January 1974.
[RFC2804] IAB and IESG, "IETF Policy on Wiretapping", RFC 2804, DOI 10.17487/RFC2804, May 2000.
[RFC5218] Thaler, D. and B. Aboba, "What Makes for a Successful Protocol?", RFC 5218, DOI 10.17487/RFC5218, July 2008.
[RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M. and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013.
[RFC7258] Farrell, S. and H. Tschofenig, "Pervasive Monitoring Is an Attack", BCP 188, RFC 7258, DOI 10.17487/RFC7258, May 2014.
[RFC7704] Crocker, D. and N. Clark, "An IETF with Much Diversity and Professional Conduct", RFC 7704, DOI 10.17487/RFC7704, November 2015.
[RFC7776] Resnick, P. and A. Farrel, "IETF Anti-Harassment Procedures", BCP 25, RFC 7776, DOI 10.17487/RFC7776, March 2016.
[RogersEden] Rogers, M. and G. Eden, "The Snowden Disclosures, Technical Standards, and the Making of Surveillance Infrastructures", International Journal of Communication 11(2017), 802-823 , 2017.
[Russell] Russell, A., "Open standards and the digital age: History, ideology, and networks", Cambridge, UK: Cambridge University Press , 2014.
[UNGP] Ruggie, J. and United Nations, "United Nations Guiding Principles for Business and Human Rights", 2011.
[Webster] Webster, J., "Networks of Collaboration or Conflict? The Development of EDI", The social shaping of inter-organizational IT systems and data interchange, eds: I. McLougling & D. Mason, European Commission PICT/COST A4 , 1995.
[Winner] Winner, L., "Upon openig the black box and finding it empty: Social constructivism and the philosophy of technology", Science, Technology, and Human Values 18 (3) p. 362-378 , 1993.
[Woolgar] Woolgar, S., "Configuring the user: the case of usability trials", A sociology of monsters. Essays on power, technology and dominatior, ed: J. Law, Routeledge p. 57-102. , 1991.
[xkcd927] Randall Munroe, ., "Standards", xkcd.com, a web comic , 2011.

Authors' Addresses

Niels ten Oever ARTICLE 19 EMail: niels@article19.org
Andrew Sullivan Oracle EMail: andrew.s.sullivan@oracle.com
Amelia Andersdotter ARTICLE 19 EMail: amelia@article19.org