The Internet is truly at a crossroads right now in that more and more elements of society are recognizing its potential significance. Cyberspace is no longer simply composed of academic scientists and computer hobbyists. Instead, major newsmagazines have declared that this holiday season will be the first where e-commerce plays a major role. Users can watch the grand jury testimony of a President on their computer screens and where web journalists like Matt Drudge can scoop more traditional television journalists such as Tom Brokaw. It is even a time when many a romance can be formed on AOL and a major motion picture can be made that deals with such possibilities. Quite simply cyberspace is at least in some ways becoming more like real space. A broad range of people from around the world are beginning to see cyberspace as a place where they can do just about anything, including buying gifts, watching “television”, becoming informed, and even finding love.
But oddly enough as cyberspace becomes at least in some respects more like real space, more real space problems arise online. Individuals have to deal with things like fraud, defamation, and privacy. Companies have to worry about intellectual property. Nations must worry about preventing harms to their citizens, including harms their citizens may not want to avoid such as gambling. In this context, numerous questions arise. For example, what is one to do if the e-merchant from whom you just bought a sweater from happens to be nothing more than a few web pages on a server in Antigua designed to steal your credit card number? What should your state to do if the e-merchant you happen to deal with is instead a gambling site in Antigua? What can and should be done if you decide to forego an e-merchant entirely and go download songs from U2’s latest album at a free, unlicensed MP3 site? Can Iraq legitimately prosecute Matt Drudge if by posting something on his web page he breaks Iraqi law? Do I have any recourse if the web personal site I used to find love online sells my personal information to a marketer?
In the real world, governments have often dealt with issues like these by passing laws and by issuing regulations. More often than not, these laws prescribed a particular punishment that should be meted out for a given kind of proscribed conduct. Such a system can work fairly well if it is clear who broke a particular law and which set of laws should be applied to a particular questionable transaction. However, for several reasons such a system may be much less effective in governing actions and interactions that take place on the Internet. To begin with, identity is still fluid on the Internet. It can be difficult if not impossible to link up an online identity with a corporeal being and often it may even be hard to tell from which traditional nation state an online user is from. So long as a user remains anonymous, she cannot easily be held accountable for her actions, at least not through the means usually employed by territorial governments. Second, there is little consensus as to what actions on the Internet should subject a user to the jurisdiction of a particular territorial government. There is some agreement that users should be responsible for the effects they produce in a particular country, but what does it mean to produce effects in a particular country when one is simply putting something in cyberspace? There is no simple answer to when posting something on the web should subject a person to liability in any country where that something can potentially be accessed.
None of this is to say that the above traditional model of governance has no place on the Internet. There are many situations where the above framework may still be workable. It is sometimes possible to determine the identity of a user, and future technology such as digital identification may make it easier. Nations may also come to some sort of agreement regarding what constitutes causing an effect in a particular country in certain contexts and thus who should have jurisdiction in those contexts. However, the reality is that both individuals and countries also often have very different conceptions about what type of conduct should be proscribed, and it is unlikely people from around the world will come to an agreement over this issue with regard to all of the types of conduct possible on the Internet.
In light of this fact, this paper proposes a couple of technology based solutions to Internet governance problems that will hopefully give governments as well as users the ability to either block or avoid potential harms. The first solution this paper proposes can give a traditional territorial sovereign power to control what kind of activities its citizens participate in online. This solution relies largely on technology, but its successful implementation also depends on governments requiring service providers to implement it and may requirement governments to issue digital identification. Therefore, there will still be a need for more traditional avenues of rulemaking such as legislation and the treaty process.
Our second solution is an attempt to empower individuals and nongovernmental organizations. The hope is that this system will allow individuals to set up electronic zones on the Internet and that each zone will have its own set of rules created by the users and maintainers of the sites within the zone. Such a system will allow individuals to avoid what they consider to be harmful on the Internet and will allow individuals to find places where their conduct will be deemed acceptable. If successful, these zones might lessen the need for regulations on the part of territorial sovereigns. A huge open question though is how well can people regulate themselves within these zones. When the Internet was small, self-regulation was reasonably effective, but it is not certain that a norms based system could survive now that the Internet has such a diverse user base. However, this system will also rely on these sovereigns to an extent. Again some form of digital id may be needed for zones to hold members accountable for violations of rules, and if these zones are based on some form of contractual relationships, some traditional sovereign may be needed in extreme cases to provide remedies for breaches of those contracts.
Finally, it is important to note that the viability of any legal or technical solution this paper proposes also depends largely on who ends up shaping the technical contours of the Internet. Therefore, sovereignty over the architecture of the Internet is just as important an issue as sovereignty over what people can do on the Internet. In the last few months, a great deal has happened in this area, namely the formation of an organization called ICANN. There has also been a great deal of pressure to let the private sector play a significant role in determining the structure of the Internet.