Is the Internet inherently free and open? A broad array of actors, from civil libertarians and technical experts to Western militaries, think that it is, that it should be, or both. Whether these beliefs, frequently expressed by referring to the Internet as a commons, are correct has important implications for how the Internet is governed. Relying on the mistaken understanding of the Internet as a commons, rather than a set of nested clubs, encourages overly expansive approaches to Internet governance that apply rules with insufficient regard for differences between issues and that neglect the importance of fostering the club governance arrangements that can ensure the continued smooth development of the Internet’s multitude of clubs.
Economists define a commons as a good that is rivalrous and non-excludable. A good is rivalrous if it cannot be used simultaneously by multiple people, or if its use by one person reduces the quantity and/or quality of the good available for others. A good is non-excludable if people cannot be prevented from using it (whether on the basis of payment or some other similar principle). Neither of these criteria are applicable to the Internet.
The Internet is technically rivalrous in the sense that the computer networks on which it depends (its “physical layer”) accommodate a finite amount of traffic. At peak usage times, especially in congested sections of the network, users may receive a degraded experience; that is, bandwidth-intensive use by a large number of users may mean that many receive lower-quality service.
In practice, however, such problems have relatively easy solutions: more physical infrastructure (fibre optic cable, switches and routers) can be constructed, easing congestion; more efficient protocols for routing and directing traffic can perform a similar function, directing traffic through portions of the network with excess capacity; and usage-based billing can incent users to moderate their consumption of bandwidth. All three of these solutions are already part of Internet governance, and while there are potential drawbacks or limitations associated with each, there is little reason to expect that combinations of such policies cannot continue to meet demand for bandwidth given appropriate investment strategies.
The case for regarding the Internet as non-excludable is even weaker than the case for believing that it is rivalrous. Multiple kinds of exclusion are already occurring, many of them at the Internet’s physical layer.
First, many states already employ their domestic law to block various kinds of content, including child pornography, hate speech, intellectual property violations and political dissent. This kind of exclusion is typically accomplished by requiring Internet service providers (ISPs) to prevent the resolution of certain domain names and their associated IP addresses. In the extreme, it entails states ordering the physical shutdown of Internet service. The governments of Egypt and Myanmar have both employed this tactic, albeit for limited periods of time.
Second, some recently proposed pieces of legislation (for example, the Stop Online Piracy Act, or SOPA, in the US Congress, and Bill C-32 in the Canadian Parliament) have sought to strengthen copyright protections, including requiring web hosting companies, search engines and ISPs to sever relations with websites and users found to violate copyright. While such measures have not yet been passed, it is likely they will remain on the agenda at the insistence of copyright-owning firms.
Third, distributed-denial-of-service attacks accomplish short-term exclusion by bombarding a targeted website with requests for information, overwhelming server capacity and preventing servicing of legitimate requests; these attacks are inexpensive, and sometimes difficult to attribute to particular agents, making them an attractive option for hackers and for cybercriminals. They are also blunt instruments, which can have significant unintended consequences such as denying access to additional, unintended targets. Finally, they allow virtually anyone with minimal technical expertise and computer hardware to engage in excluding others from the Internet.
Fourth, it is possible to exclude people from the Internet by destroying physical infrastructure (fibre or wireless) critical to their connectivity. Such attacks are imaginable both in the context of terrorism and in the context of a major military conflict. While the decentralized nature of the Internet means that terrorist attacks would be unlikely to cause widespread long-term disruption, major military conflict could pose a significant risk to the Internet.
If the Internet is, in fact, non-rivalrous and excludable, it more closely resembles what economists call a club good. Club goods include access to satellite television, or the status that comes with a country club membership. Experience tells us that some clubs are more exclusive than others, and that different clubs have varying rules, norms and bylaws. The Internet is easily mistaken for a commons because it has historically been an extremely open club with incredibly sparse rules for its members.
In some ways, barriers to joining the club continue to fall rapidly: Internet access is more affordable than it has ever been. However, in other important respects, the Internet club looks not only less like a commons than it once did, but also less like a single club.
Rules increasingly circumscribe user behaviour online, and pockets of the Internet are now more likely to allow access only to members — with highly variable requirements for membership, ranging from unverified assertions that a user is above a certain age or resides in a particular place (often employed to restrict access to various kinds of entertainment content), to contractual arrangements on a fee-for-service basis (such as paywalls on major newspaper websites), to requirements that the user be a member of a particular offline organization such as a corporation or government.
Accordingly, the Internet is best understood as a set of nested clubs. At the most basic level, all Internet users are members of the club of people with Internet connections. However, they are also members of smaller clubs composed of people who access the Internet via a particular ISP, and of people who access the Internet from a particular country. It is impossible for an Internet user to avoid membership in any of these three clubs. Beyond this minimal baseline, users will typically also be members of other clubs based on their personal identities and interests.
This view of the Internet facilitates a more nuanced discussion of online rights and responsibilities, one that recognizes that different “areas” of the Internet may correspond closely with the open access norms associated with commons regimes while others may not; and that while trade-offs between distinct public values like liberty, property rights and security may not be entirely avoidable, applying different rules to particular portions of the Internet can help ensure that restrictions on online rights are minimized and do not cause unintended collateral damage to freedom.
Understanding the Internet as a set of nested clubs calls attention to the need to think explicitly about the rules for the three most basic types of clubs: the club of all Internet users, the clubs comprised of each individual ISP and its clients and the clubs of national users. Maintaining the global reach and interoperability of the Internet, and thus maximizing its value to humanity, requires ensuring that access to these clubs remains open to all, and that their restrictions on member behaviour do not exceed the minimum requirements of public safety.
Finally, the vibrancy of any club over time depends on its ability to respond effectively and legitimately to its members’ desires. This highlights the need to augment fora that enable discussion and potential revision of shared understandings about online rights and duties at each level of the nested clubs that comprise the Internet. Doing so will be especially difficult, but also particularly important, at the most fundamental level — the club of all Internet users.