Entrusting users to find trust on the post-NSA Internet

[Commentary] The revelations about National Security Agency monitoring of online communications have eroded trust in the Internet.

The language of trust lost, and what it means for the future of online communication, can be seen in discussions of various communities of stakeholder across the Internet. If we want users to rely on the Internet for substantial social, economic, and political uses, providers of Internet-based services need to be able to credibly commit to handling user data in accord with user expectations. By “service providers,” I mean to include everything from consumer Internet service providers (ISPs), to services like Facebook and Google Mail, to the backbone providers and those who operate the networks of routers and switches that make up the physical Internet architecture. As an initial matter, making these commitments requires understanding how users expect their data to be handled and developing technologies in line with those expectations -- this task is the subject of myriad ongoing efforts. But even more important, users need visibility into how their data is actually handled -- not just assurances that their expectations are being respected -- and they need means of recourse against Internet services that do not respect their expectations.

The question, of course, is what to do to buttress the Internet’s credibility as a trustworthy communications medium. A first step is the development of technologies that better allow users and service providers to specify how data is to be treated. If the Internet is to support complex social and economic institutions, we need to think carefully about the functions that the network architecture needs to support in order for those institutions to work.