Friday, May 5, 2023

The Next Web Is Here And It Will Rock Your World

The Web’s inventor has an upgrade that fixes the bad stuff and makes the good stuff better


 

Note: also available on Medium

Great news, everyone! The web is about to get a major upgrade. Brought to you by an open community of technologists including Sir Tim Berners-Lee, who invented the original World Wide Web, it introduces a handful of targeted tweaks that completely refactor the web, fixing most of the stuff we hate today, while making everything else work better going forward.

The central insight driving the next web is that today we suffer from a power problem. Specifically:
1. Whoever holds the data holds the power
2. You never hold the data so you never hold the power

The next web addresses this root problem by giving you control over your data, and tools to make it useful to you. Turns out it’s pretty easy to fix today’s power misalignment and put you in charge.

This post will introduce the general concepts behind the next web and help you understand why it’s so transformative. Make sure to read Part 2, which tells the story of how the next web transforms our relationship with Big Tech.

What is the Next Web?

The next web is basically release 2.0 of the original World Wide Web from 1989. Its main change is decentralization, a big word that basically means transferring power to the humans who use the web -- you and me -- from the profit-seeking corporations that extract all the value today.  Berners-Lee's contribution is a set of updates to his original web standards, and tools to implement them.

The Solid project, as it is known, is a set of open standards just like the original web — which means it’s built on words, not computer code. The proven power of this approach is that anyone who supports the specifications can innovate, without royalty, as far as their imagination takes them.

Like all proper upgrades, the new release is fully backward-compatible and builds upon the web’s existing infrastructure, while delivering major new features and options.

The next web operates in a way that today’s users will find very familiar, yet far more intuitive and natural, because it eliminates most of the complexity we face today. Participation is fully opt-in, but like the original web, the next web’s value grows as more people discover and adopt it. Importantly, nothing that works today stops working on the next web; you just get better options when an app or service supports the new model.

So what are the major differences on the next web? There are three of them:

  1. Identity — Today you have a different login/password pair for every service you use. The next web provides a single, consolidated identity that you legally own and administratively control, and that works everywhere, seamlessly and securely. Existing apps can easily add support, and new ones can accept it from the start. This identity also manages all your contacts and relationships for you— your social graph.
  2. Data storage — Today you spray data across many apps and services, where it is functionally out of your control and programmatically isolated from all your other data. The next web consolidates it all in a “pod,” a private, secure cloud repository that acts as your personal home in the digital world. It’s the default destination for everything you create going forward, and incorporates all the data you’ve created in the past. Viewing, managing, and sharing content becomes a much simpler process because everything’s centered around you, not the apps and services you use.
  3. Interoperability — The primary architectural flaw on today’s web is that every site is an island, completely isolated from every other one. Your data and identity are split up. The next web uses semantic programming principles to turn the entire web into one big application space, so any data can be accessed (with your permission) by any app or service. This breaks the lock between your data and the applications that use it, enabling whole new classes of solutions.

Together, these three relatively simple modifications serve to radically change the web, all in your favor.  You become free to use any app or service you want, granting, modifying, or revoking access to your data at any time. Vendors must continuously compete for your patronage, or they can lose you in an instant. Like in the real world.

Sounds cool? It is. Let’s dig a little deeper.

The Fundamentals

Identity

If you’re like most people, today you have dozens or even hundreds of separate identities on the web, each with its own password. Each “account” is merely a duplicate of your basic identity, scoped to a single app or service and useless anywhere else. Those copies aren’t identical. Each has varying amounts of information; for example many identities require only an email and password, but for others you provide detailed information, as when you store a shipping address or credit card. Invariably there are errors and outdated information among your accounts. Accounts also tend to become forgotten, or disappear altogether when entities cease to exist. What happens to that identity data? You generally have no idea.

The next web uses a technology called a decentralized identifier, or DID (pronounced dee-eye-dee), sometimes called self-sovereign identity. Your DID is a “single source of truth” that you own and control, and people and entities use it to verify you and to conduct secure communications with you, and they always see your current personal information. You can put lots of information in your DID but always retain complete control over who can access what, and under which circumstances.

Like your data pod, your DID is professionally hosted for you, but you retain absolute legal ownership and total administrative control. It can be the same service that hosts your pod but it doesn’t have to be. Like your pod you can move to another provider at any time.

Your DID, combined with your data pod, makes you a logical equal to any other object on the web, whether it’s a mega-corporation, a government agency, a community organization, or another person. Any of them will be able to securely and privately share things with you using this unique and lifelong identity, and you’ll be able to do the same (and can modify or terminate access to any data at any point). You can even declare your own default terms of use (e.g., “Don’t share my data”) and request that companies honor them; if they don’t agree completely you can still use them, but that will invite competition from services that are willing to accept more or all of your terms.

It also makes for a much more intuitive identity process. You log into your identity and all your relationships and connections just work. The first time you interact with a person or organization, you’re given a prompt to accept the cryptographic credentials of the other party. After that, as long as the credentials aren’t modified, revoked, or expired, the DIDs will create a secure connection that’s seamless to you.

As your connections accumulate, they’re organized as an address book, which also serves as a social graph of your connections. DIDs map and consolidate usernames for you and your contacts across various services, so you can see all interactions with any party in a single unified view.

Data

The central insight to the next web is that, to have any power, you need to control your personal data. The root problem is that today we simply give it away.

On the next web you have your own private, secure “personal online datastore,” or pod, that provides you with a dedicated space on the internet from which you can interact with the rest of the digital world, on your own terms. Your pod becomes the default destination and lens for all of your data. Your pod essentially re-centers the web around you, and puts you in complete control.

One critical advantage of the next web is that, through interoperability (next section), it includes your past data as well as what you create going forward. On the next web you don’t have to start over when you exercise choice.

There are three broad types of data in a pod, each treated somewhat differently.

The first is true personal data, the things you typically associate with your Apple or Google account: email/calendar, files, chats and texts, along with generated data like call, location, and browsing histories. This is the class of data that will start flowing into your pod once you start using the next web, and you can import the stuff you created in the past for a combined, uninterrupted view. Sharing and managing content becomes much more intuitive because everything is in one place; you no longer have to remember where you connect with whom, and what’s been shared there in the past.

The second data type is social data, for large-scale services that aggregate content from many users, and share it back to the user population according to algorithms and preferences. In this case your posts and likes and shares take place in your pod and constitute the authoritative copy, and are then federated out to compatible social apps. You can make changes on any service and they’ll all get updated, so you can use whichever one you want or even switch back and forth seamlessly. (We go deeper into this in Part 2.)

The third data type is all the data you have today in various commercial, community, and government accounts including shopping, utilities, clubs, banks, tax authorities, vehicle registries, etc. This data could be imported into your pod too, but in most cases you can simply leave it where it is. By adding support for next web standards, this data appears the same as any other pod data to you, and can be utilized by any app that needs it.

Interoperability

Since the dawn of network computing, the basic operating model is that when an application or service entices/empowers you to use it to do something, the entity running the back end retains any data you create or generate, effectively taking control of it and (as first-generation web innovators quickly discovered) getting to harvest all its value. Because it has always been so, no one has really thought to question it.

But that data belongs to you. That’s true both conceptually and literally, if you reside in one of the rapidly growing number of jurisdictions with a modern privacy law like the European Union’s GDPR. Even if you’re not covered today, those laws have forced major apps and services to engineer the capability for users to view and manage their data, so any regulator or legislative body can make them turn it on for you.

On the next web, semantic coding (another Berners-Lee innovation) delivers a “common framework that allows data to be shared and reused across application, enterprise, and community boundaries.” This creates interoperability through standards, effectively turning the entire web into one big, universal application. No matter where your data resides, you control who can see it, and what can be done with it.

Semantic web data describes itself, what it is and what it can do, so applications can use it no matter what type of data it is, or what source generated it.

But it can also be extremely domain-specific through the use of open-sourced shapes and vocabularies that are unique to a particular industry or activity. A shape incorporates domain context, for example a social network. A vocabulary defines the data types that social networks use. Any social network application just works, since they’re all using the same data in the same format.

In fact, millions of sites and applications already use semantic web programming within their “walled garden” environments, because it’s an efficient and flexible way to code. What they haven’t done is activate the semantic web’s greatest property: universality. With identity and data standardized, all these services need to do is add next web support and they’ll instantly integrate with the new model.

High Level Architecture

For those who like diagrams, the next web looks like this:


From your hosted pod, you can communicate with any other person's pod, as well as other data sources and many types of web apps and services.  The cloud-based pod can also sync and communicate with computing and IoT devices, creating a personal view of the web, with you in charge.

Summing it Up

The next web addresses the root flaw that ruined today’s web. By restoring the power of the data to its true owner — you — the next web fixes most of the problems we suffer today, while making everything work better from here on out.

The transformative part is the powerful platform it creates for people to innovate upon, just as the original World Wide Web triggered one of the world's most important technological evolutions and created historic fortunes. It will be exciting to see what people come up with this time, but you can be sure it won’t presume the power imbalances and lock-in we suffer today, because people won’t have to accept that anymore.

Of course, the most common objection I hear is that the entities that have all the power today would hate this and never allow it to happen. The reality is, they can object to it but they can’t escape it. Once we adopt the next web they will embrace it, or lose us to competitors who will.

Congratulations! You now understand the core concepts and dynamics of the next web. Read Part 2 to see how it massively improves your relationships with Big Tech.

The Next Web Reins In Big Tech — and Improves Everything Else

Solving the data problem restores competition and empowers users


 

Note: also available on Medium

In Part 1 we covered the mechanics of the next web. This post focuses on the ways it changes your relationship with Big Tech, and showcases the generational improvements the next web delivers throughout your digital existence.

To be clear-eyed about it, decades of dominance have given today’s giants the ability to implement advantages that will be tough to overcome. Think Amazon’s cutting edge logistics, Apple and Google’s ironclad duopoly in mobile operating systems, or social media services’ massive audiences.

However, the next web levels the playing field by introducing and enforcing competition across important dimensions where Big Tech clearly feels they don’t have to try very hard today—most notably privacy, but other control points as well, like the algorithms that dictate what you see. The next web frees your trapped data, so every existing or yet-to-be-born competitor gains the ability to deliver value in any way that the market rewards.

In the following use cases we’ll examine how this lets you take control of your experience on the web. Permanently.

Example 1: Amazon

Amazon has grown to be one of the biggest companies in the history of the world, with low prices, fast delivery, and easy returns. Innovations like Amazon Prime and the company’s cumulative investments in efficient logistics give Amazon an aura of unstoppability to customers, competitors, and platform sellers alike, who grudgingly accept Amazon’s market power… and its constantly creeping gross margins.

Less attention is given to the value of the user data that Amazon holds, and how it creates a self-reinforcing cycle of convenience that only serves to further entrap its customers. If you’re like many people, a purchase decision means opening up Amazon in a browser or app and selecting from among options you find there. Your purchase history makes re-buying a snap and “1-Click Ordering” takes advantage of the shipping and payment information you’ve entered previously.

This is what professional marketers call the “Will I?” vs. “Which one?” process. In a “Will I?” decision, the buyer decides to make a purchase and then proceeds to the “Which one?” stage. This is a natural and logical process and small differences in price or value can be determinant. However, marketers work hard to to eliminate the “Which one?” phase, traditionally through differentiated value which drives brand loyalty — and delivers significantly higher margins. Amazon has achieved much the same result through tactics like Prime 1-Day Shipping and 1-Click Ordering.

Again, the next web works by freeing your data, which restores competition. Let’s explore how that would work with Amazon.

As we discussed in Part 1, you own any data that pertains to you. The European Union’s General Data Protection Regulation (GDPR) and other modern privacy laws make this a legal fact. As a result, any company operating in one of these jurisdictions, including Amazon and all of Big Tech, have put in place methods for you to review, correct, and delete your data. There’s also a term called “data portability” that requires companies to let you download your complete data set in “machine readable format,” ostensibly so you can move to another service provider — but that merely puts you in the same locked-in position with some other walled garden vendor.

The next web makes data portability actually useful. You could download your Amazon history and import it to your pod. There you can access it via a non-Amazon app that lets you do things that Amazon would never design into its own apps. For example, clicking on an item and viewing, on one screen, all the times you bought it and how much you paid. Amazon doesn’t enable this type of easy analysis because it reveals pricing patterns and inflation over time.

Ok, that’s interesting but not transformative. Here’s what is.

Remember that Amazon is not the only merchant with the responsibility to give you your data. Virtually all medium-sized and large merchants have a history of everything you’ve bought, which is tracked via web activity, loyalty cards, or payment methods. That’s how modern hyper-targeted marketing works. So it includes your local supermarket, pharmacy, department store, home center, etc., etc. And all of them must provide access to your complete data set to you.

You can download your data from those other merchants and use the same app you use with Amazon, to construct a full view of your personal purchase history and compare identical items across different merchants. The app might even provide a comparative view of what an item would currently cost across all vendors, and at what delivery terms. Now you’re starting to talk transformative.

Take it a step further. Imagine a service that local merchants, even small ones, can use to see your purchase intent (anonymously) and automatically bid on it. If the offer works for you, pick it up on your way by. Free of shipping and delivery costs, these merchants can offer competitive pricing with fair margins when competing with Amazon and other mega-merchants. And you can keep your money in your community.

Now imagine that you don’t have to bother with any of the download/import stuff at all — the merchants adopt the next web’s interoperability standards (because customers demand it or due to GDPR-like laws) and you can just leave the data where it is. Everything just works. Ok, that’s transformative.

The point here is that, by freeing your data you force competition where little exists today. The next web “locks the web open” — for both you and the thousands of merchants that also feel trapped on the Amazon platform. Amazon will have to compete for the “Which one?” decision again, and that’s good for everyone.

Example 2: Apple IOS / Google Android

Your pod will become the default destination for a big chunk of your most important data. As part of a complete communication and sharing platform, that’s where email/calendar and contacts, files, photos and videos, and texts/IMs will all go. Also, important generated data (metadata) like history of calls, locations, and browsing.

For these apps you will go and import all your previous data from whatever vendors you’ve used. Once it’s all in your pod, you can view and search across the merged corpus, for example clicking on a contact and seeing all communications across all apps and services you’ve used together.

But if all that data now goes into your pod, what about the places it used to reside? If you’re like most people, the vast majority of it was stored by the vendor of your mobile operating system — Apple or Google. According to the next web’s primary thesis, these companies lose what you gain. And that’s exactly the case.

It doesn’t get enough attention, but Apple and Google have built one of the most powerful duopolies in the history of free enterprise. Apple has arguably been better about promoting user privacy than Google, whose entire business model is built on profiling you. But both companies, through the very nature of mobile operating systems, have exclusive access to some of your most important — and therefore most valuable — personal data.

It also positions the mobile OS vendor as a gatekeeper and toll-taker, enabling (or blocking) the connection between content creators and consumers. Both Apple and Google take up to 30% of every transaction, a cut arguably disproportionate to their role in delivering someone else’s creation. I think we all would rather that most of that money goes to the people creating the content we value.

The next web’s architecture creates an opportunity to evolve past this duopoly state. While your pod is in the cloud, it also has the capability to sync with your mobile device. Data can be selectively replicated for speedy local operation, with changes propagating back through the cloud copy and onward.

Containerized versions of this next web client software — basically a partition on your device, much like the mobile device management (MDM) software that isolates your work content from your personal content — could abstract much of what the mobile operating system handles today. The container would have high-level permissions over the OS and hardware, and manage those rights granularly for its own data and apps. You could still run any OS-native apps outside the next web container, but anything inside would be basically invisible to the OS.

This reduces the importance of both the mobile OS and the hardware itself to a more appropriate role in the value stack. It also should make it much easier to migrate between the two platforms, as well as future operating systems should they emerge.

Example 3: Social Apps

I’ve always used Facebook as the subject of this use case, as people have wanted to leave Facebook forever. But here in May 2023, the exit energy clearly belongs to Twitter, so we’ll use that.

There are many problems for someone who wants to leave Twitter, but the biggest one is that you have to start over — which many people can’t get past.

Moving to an alternative service means abandoning all your Twitter content and interactions, including posts, comments, follows, followers, blocks, likes, and re-shares. Even the algorithms need to start over, learning the things you like and want to see.

If you accept the need to start over, you still encounter the problem that others who have left Twitter are scattered among multiple isolated services. You could use more than one of course, but that multiplies the work of monitoring and posting. And even then, finding people to follow and gaining followers require a lot of time and effort.

Here’s how that would work on the next web.

You’ll open a page that lists all Twitter competitors, each with a checkbox next to it. You can add one, if it’s not listed, with a URL. You’ll check the boxes on the ones that you want to use and click a button that says, “Federate”.

Immediately all your Twitter data since the beginning of time will be propagated across all those services. You can thereafter use any one of them that you want, or even switch back and forth between them. Any data you create or generate will flow to all of them automatically. You can terminate participation in any one at any time and your data there will be deleted.

Blue checkmarks or other verification schemes become nonsensical because your identity ties back to your DID, not each service’s “account.” If you use your real name, it’s the same identity that you will use everywhere else on the web. If you prefer an alias, that’s fine too, and you can still view your data within the context of your pod. Getting banned or throttled on one service doesn’t affect any of the others, as they each control their own policies, so someone can always find you somewhere.

That equality is a critical point. Because they all have access to the same data, these Twitter competitors are free to compete in virtually any dimension, including privacy and choice. They could have varying moderation policies, ranging from strict to unfettered. They can have different terms of use (e.g., no data sharing or user profiling), or economic models (e.g, ad-supported or paid). They might let you tune your own algorithms, or even — the holy grail of control — support third party clients.

The point is, this scenario breaks the data locks that make it so hard to leave Twitter, and true competition is the result. Most people regard competition as good for markets.

Note that this doesn’t just work for Twitter, but for all social media — specifically, any service that collects data from users and shares it back to its membership. So Facebook, LinkedIn, Pinterest, Reddit, Instagram, NextDoor, Youtube, TikTok, eBay, etc., etc., etc... All of them will have to share your data with existing or new competitors, and thereafter be forced to compete for your patronage continuously.

Note also that this theme isn’t limited to Tim Berners-Lee’s Solid Project or the larger decentralized web movement. Twitter co-founder Jack Dorsey has advocated for just this type of interoperability, and supports Twitter alternatives like Mastodon, Nostr and his open Twitter competitor, Bluesky. Those systems use Twitter-style data federation, but the Solid approach is designed to work everywhere. It’s engineered to be as universal as Berners-Lee’s original World Wide Web. When everyone has their own pod and identity, the infrastructure is in place for data freedom and a once-in-a-generation transformation in how the web works.

The Bottom Line

The next web will happen because end users and developers will demand it. It’s true that Big Tech hates and fears it; data freedom disrupts their high-margin business models. But a combination of user demand and a perhaps a smidge of regulation can make it impossible for Big Tech to avoid it.

A practical course would be for some forward thinking body to create a law — the EU has traditionally been the leader in these things — that states that companies must support data interoperability within some prescribed time frame, say two or three years. Whether that’s Solid, or some modified version, or something else altogether, it will set our best computer scientists and entrepreneurs on the path to creating it.

And then the web will work the way it ought to: for the benefit of people and society, not just corporations and their shareholders.

Monday, May 31, 2021

Wow I haven't updated this blog with new content in almost four years, although I've remained fairly busy elsewhere.  As stated in my last entry, I've been posting to Medium.  Here's a list:

 

I've also done a number of work blogs for RSA:

But as always, probably the best way to read my musings is on Facebook.  There I'm just Artie.  Clearly I hate Facebook as much as anyone, but in my defense I've been publicly promoting the solution to that problem since 2014.  It's just that I find the Facebook form factor, which we used to call microblogging, is the sweet spot between spontaneity and scholarship.  Even on Facebook I try to make everything I post worth a reader's time.  Much of it is public so check it out!

Tuesday, December 4, 2018




New post on Medium, so much has changed since 2014... It's not just me shouting at clouds, this stuff is getting built!

Wednesday, March 16, 2016

Posting on Medium now

I've started to post on Medium and will update this blog when I post something new there.

Posts can be found at this link.  The main one is There's a Hole in the Internet, from March 16, 2016. The original essay is The cloudspace solution: Let's fix the Internet, which was posted on November 15, 2015, adapted from a post that appeared here last July.

Thanks for reading!

Art

Monday, June 8, 2015

The Cloudspace Solution: An Internet White Paper


I've written a White Paper describing my proposal to fix the Internet.  In this version I introduce the term "cloudspace" to describe the personal data stores we need so we can stop giving our data away on the Internet.

Here's the link to the file on my Google Drive (PDF, 10 pages):
http://bit.ly/1T84DUh

Saturday, April 11, 2015

Flip the data model

I've written before about how we can permanently fix the Internet.  But those posts kind of jumped right to implementation and adoption, without ever really focusing on the basic principle that makes the theory work.  To fix the Internet, all we really need to do is flip the data model.

The data model we use today is as precisely screwed up as it can be.  Here's what we do: we take our most personal and private data and we hand it over to strangers.  That's insanity, because the moment we do that, we surrender any claim to equality in the relationships we conduct.  The entirely predictable result is the exact types of abusive behavior we're seeing.  And the calculus is that it only gets worse over time, as we keep feeding the machine.

It makes far more sense to adopt a data model where we hang on to our stuff, and then share only what we want to.  This ridiculously simple concept changes everything 180 degrees.  That's what I mean by "flip," because we go from a state where we have absolutely no control, to one where we're in complete control.

This basic thought was made clear to me recently when I read "Data And Goliath: The Hidden Battles To Collect Your Data And Control Your World" by Bruce Schneier.  This deeply insightful, fastidiously researched, and thoroughly depressing book documents the many ways our personal data is exploited by privacy abusers, spy agencies, censors, and cybercriminals.  But all of it is only even possible because we willingly give everything away in the first place.

In my prior posts I focused on social and collaborative data -- the Facebook posts and emails and IMs and file shares.  That's where your average end user feels the most pain.  We all know that our stuff is being harvested and misused by people we can't trust, for purposes we don't like.  But we're all under the collective illusion that it's the price we have to pay to participate in the digital era, so we hold our noses and accept this Faustian bargain.

The truth is, it's not necessary at all.  In fact, it's suboptimal in many ways beyond just the loss of private data.  To touch on one, having your data scattered across all these different repositories makes it far less useful to you.  Putting it in one place allows you to search and manipulate and control in ways we can't even dream of now.  That's another example of the "flip": as your data accrues, its value increases to you, instead of feeding the privacy problem that Schneier documents so clearly.

And that personal data corpus is going to grow exponentially either way.  Think of all our Fitbits and Nests and the emerging Internet of Things.  Shouldn't all that data be retained for your exclusive benefit?  Your browsing history, your GPS data, your medical records, your commercial interactions -- these are all examples of data that are specifically tied to you as a human being, yet are stored in places you have absolutely no control over.

I still believe that social/collaborative tasks are where people will get the most immediate benefit, and drive adoption of private, encrypted personal cloud spaces.  With open identity and communication APIs on top, anything that now requires a service can be achieved with a simple app.

But here's the biggest thing.  With this new model in place -- one that's just better in every meaningful way -- we'll have a powerful, universal mechanism to administer our rights to privacy and dignity.  In the commercial space, we'll be able to favor companies with business models that don't rely on exploiting our personal data.  And in the legislative space, we'll have a data destination that enables laws designed to protect our privacy.

Anyway, I wanted to note the basic principle embedded in my prior posts, because it's the essence of the permanent solution available to us.  Put your feet up on your desk and think through it yourself.  As before, I invite you to have this conversation, with me or with others who are working on the problem.  Whether it's the free and open solution I've proposed, or another approach I haven't considered, we need to flip the data model.  Because once we achieve that, we'll take back the Internet.