Tim Berners-Lee: 25 years on, the Web still needs work (Q&A)
The World Wide Web is a smashing technological success. But the man who invented it wants it to break down more cultural barriers, thwart government snooping, and let the Web run applications not just house documents.
Twenty-five years ago, on March 12, 1989, Tim Berners-Lee proposed "a universal linked information system" to help itinerant academics from across the globe run a complicated particle accelerator.
Boy, did the World Wide Web ever exceed those initial expectations.
Berners-Lee aimed to help the CERN facility in Switzerland, but he called for a system that worked much more broadly. And spread it did, fostered by the then-novel idea of hyperlinking that let people feed vast amounts of information into the Web, giving it a location and a way of finding it later.
"The result should be sufficiently attractive to use that the information it contained would grow past a critical threshold, so that the usefulness the scheme would in turn encourage its increased use," Berners-Lee wrote.
That positive feedback loop caught on, and Berners-Lee spawned a global technological and social force. He also founded the World Wide Web Consortium (W3C) to help oversee the Web's technology. Even with developers fixating on mobile apps and sequestering data within the confines of walled gardens, it's not clear anything will ever be able to match the Web's critical mass.
He suggested the first phase of his hyperlinked data system would take two people a few months to build. Now, thousands of companies rely on it; thousands of programmers build and rebuild it every day; and millions of people expand its wealth of blog posts, cat pictures, and viral videos.
But for Berners-Lee the job is nowhere near done. His to-do list includes reining in governmental spying, ensuring personal privacy, getting people to look beyond their own narrow cultural interests, and reshaping the Web into a better foundation for software instead of just documents.
Berners-Lee spoke with CNET's Stephen Shankland about what he sees about the Web's next priorities.
Q: The Web has accomplished remarkable things, spanning the globe and becoming a universal publishing system. But what are the areas where you think the Web hasn't fulfilled its potential?
Tim Berners-Lee: The anniversary gives us a chance to look back but it also serves as a way to look forward. A lot of people never thought about the Web at all until it was disconnected by [former President Hosni] Mubarak in Egypt. They realized it's not a constant. Even with the Snowden revelations, they tend to be thinking just about the phone issues. Now everybody gets to think about human rights on the Web. What sort of Web do you want over the next 25 years? Are you satisfied with what you've got -- or with what you might get if you're not careful?
Since we can credit you with the idea of the Web in the initial days, at least to a large degree, are you satisfied with what you've got? What would you like to see over the next 25 years?
Berners-Lee: I've been very satisfied with the international spirit. It's wonderful how the Web has taken off as non-national thing. I don't think of it as international, because that's nations getting together. The Web took off without regard for borders at all. People have chipped in with all kinds of creativity, inventiveness, and hard work from all over the planet at the content level and the standards level. The diversity of stuff you see out there is amazing.
Meanwhile, there's been a constant battle for control of it. We've seen lots of times when Internet service providers have been tempted to try to restrict VoIP [voice over Internet protocol]. They've tried to stop people from using VoIP to support their traditional telephone business, or stop people from using other people's VoIP to enhance their own VoIP business. We've got ISPs that will charge you a lot more to watch a movie on somebody else's Web site than their own Web site.
The control thing -- we've got big companies and big governments. Now in some countries the corporations and the governments are very hard to tell apart. I'm concerned about that.
I'm impressed by Wikipedia -- a nice repository of general knowledge -- but what I want to see that I haven't seen is the Web being used to bridge cultural divides. Every day we get people falling for the temptation to be xenophobic and to throw themselves against other cultures. The Web has gone up without national borders, but when you look at the people that other people support, it tends to be people very much of same culture.
We look at governing the Internet in a multi-stakeholder, non-national way, but the world is still very nation-based and people are still very culture-based. I'd like it if developers on the Web could tackle the question of how to make Web sites that actually make us more friendly to people we don't know so well.
Is that a technology question or a culture, politics, and economics question? I'm an expat living in France and to me it's amazing how much the Web has made my horizons much more global and made my foreign living much more possible. From where I sit it seems like the Web has facilitated a lot of cross-cultural linkages. Can you make that happen more with technology?
Berners-Lee: The Web works not because HTTP [Hypertext Transfer Protocol, a foundational Web standard that controls how a Web browser fetches a page from a Web server] exists. It works because HTTP exists and because people like to link to good content. They like to link to good content because they think that more people will read to their own content, and because people psychologically like to be read.
The dollars flowing and the kudos flowing are the social part of how the Web works, and HTTP and HTML [the other seminal standard Berners-Lee created, used to build a Web page] are the technical part of how Web works.
They're intimately connected. You can't do something just with technology, but often you need to change policy. Copyright law is terrible. It's not enough to design something like Napster. Napster was a technology introduced without any thought of whether we could change the social piece of it. It was judged against existing copyright law, which had been designed for books.
So in order for the Web to fulfill its mission, there have to be changes at the social, political, and economic level?
Berners-Lee: Yes, keeping the Net open for example. One thing we're doing is removing all the deep packet inspection equipment [which lets network equipment examine network data as it's routed on its way]. The spying stuff will be probably be controlled by organizations, and you have to bring social systems for holding those organizations accountable. Those social systems will be based on fundamental values -- I have the right to use the Web without worrying about being spied upon. I have the right to connect to your Web site no matter what it is, what politics you have, what color and culture you are.
What do you think of the transformation of the Web from a publishing medium to a software foundation -- a foundation on which you can run Web apps? How far through that transition are we, and what needs to happen to fulfill that promise? The world of Web apps looks to me still to be pretty rough around the edges.
Berners-Lee: Web apps are really exciting. The fact you can run a Web app once and have it run everywhere -- it's got massive benefits. On the other hand, the standards are still coming out to give you all the features that you have on a normal system.
You're right that it's a massive change from being a Web of documents to a Web of a programmable computer. The Web of documents is a platform people used to do wonderful things -- dinosaur museums, Wikipedia, and things. With WebRTC [a standard for Skype-like real-time communication on the Web], for example, Web pages can talk to each other. The Web as a programmable platform is going to allow real-time collaboration, videoconferencing based on any Web site, not just your videoconference Web site. It'll allow data conferencing as well -- people sharing artwork, sharing ideas, sharing ideas.
The W3C is producing all these APIs [application programming interfaces, which programmers use to draw on built-in abilities] to make it a really full-fledged computing platform. With access to the raw primitives, if the libraries [of prewritten higher-level software] don't give what you want, you can write it yourself. There will be millions of really interesting libraries people will be writing to provide features and functionality, to provide different ways of coding, to provide different ways of doing application development.
So much development effort nowadays is going into mobile apps distributed through Google or Apple app stores, often vertically integrated with various services. It's very antithetical to the open, interlinked world of the Web. How much does that concern you, and what can you do to reclaim the developer momentum that's being lost?
Berners-Lee: It does concern me. I think of those as legacy applications. At conferences, I encourage people to develop Web apps. I think people notice if they take a magazine, developed as a native app, it doesn't interact properly with the Web. There are fundamental philosophical reasons it's less powerful. If you don't give it a URL [Web address], people can't tweet about it. If people can't tweet or email about it, then it's not part of the discourse. So your article, beautiful though it may be on a native app, is not part of the scene. It's not part of the discourse, it's not part of life, it's not liked or despised. Being part of the Web is going to be important.
The idea is to work toward the best of both worlds -- all the advantages of a native app and all the advantages of the Web. With my fitness tracker, I want it to run all the time, even offline like a native app. But every day of my workout history will have a URL and I can link my friends to it.
From a programming point of view, should we be creating lower-level standards, then people can use those to assemble the higher-level features and interfaces they need? Or is it the other way and we should be concentrating on libraries of more automated tools that open the Web up to more programmers? I'm still wrestling with the idea of how you transform the Web into something that's programmable.
Folks on the TAG [the W3C's Technical Architecture Group] talk about layering. You can rewrite the higher-level things in terms of the lower-level things.
The biggest change I've seen in the Web in the last year has been the shift in perspective triggered by the Edward Snowden leaks. How has your perspective on the Web changed after seeing the organized governmental efforts to extract as much information as they can?
Berners-Lee: I wasn't surprised NSA and GCHQ [the US National Security Agency and the UK Government Communications Headquarters] were spying on the Web. I think it's clear that there needs to be a complete overhaul of the system of accountability. We just had an MIT-White House workshop about privacy on the Net. Both technically and socially, the questions are not simple. It wasn't just a ranting workshop; it was people going into complicated details. If a government agency has a very large and complete data set, how do you control the way it's used to make sure individuals aren't exploited? The mathematics of that are complicated.
The challenge for the USA is to put in place some agency, some court which has a lot more power than the FISA court [which currently oversees some data-gathering activities] -- a lot more teeth and a lot more respect. You need to do something to say we are really serious about being trustworthy about personal and corporate data. Both the UK and the US need to make it very clear why they can be trusted in the future if people are going to store their data there.
What do you think about moving everything to secure HTTP [HTTPS is the secure, encrypted version of HTTP used today for e-commerce transactions but gradually expanding to e-mail, search, and other domains]? How practical is that and how many problems would that solve?
Berners-Lee: HTTPS everywhere is a recommendation. IT departments tend to balk at it, but most of the reasons why they balk at it are out of date. It used to be you didn't have the processor power to support HTTPS, but now you can get network cards and SOC [system-on-a-chip] processors that will do it. It's become a lot cheaper. Encrypting stuff everywhere is a good idea.
If you look at the way secure establishments are penetrated, it's done by phishing. The way you phish is you build picture of life within company, by watching the emails go by and looking at the minutes of the meetings. Then you write something that looks as though it comes straight out of the company, from the CEO, saying "Read this quickly," and then you send a zero-day attack. Phishing is the main way in, and phishing is that much easier when everybody can just sit on a network and monitor stuff going by.
I use PGP [Pretty Good Privacy e-mail encryption]. I can only use it with others in my life who use PGP. I recommend you install PGP. We should push on the people who make PGP software to make it much more friendly. PGP software should as easy as friending people on Facebook. When you sign with somebody's key, it should be like friending somebody. It encourages people to encrypt stuff.
It's funny you should say that. You have done more than almost anybody to bring about a cloud computing future, but PGP is difficult to use in a cloud-based environment. Everybody is accustomed to Web-based email. You get it on your phone, on this PC, on that that tablet. When you're visiting a friend, you fire up a browser tab and check your email there. You can't do any of that with PGP.
Berners-Lee: If I can have a personal email cloud it's going to be on my machine.
My problem is that I have 12 different machines. If I have one computer, then PGP would be practical. I don't. People have TVs and smartphones and laptops and tablets.
Berners-Lee: I'd like it to be easier. I agree you can't get PGP for smartphones. I do have PGP installed on all the laptops and non-portable things I use. Yes, you have to move keys around between them. We may move toward more use of personal certificates for HTTPS. The two-factor authentication people might decide to add client-side certificates to machines. Once you use two-factor authentication, you go through more hoops, you're more aware of security, you're spending a certain amount of time each month just keeping those certificates and passwords up to date. Maybe you're using cloud services to transfer your keys from one place to another, which can help even though it can be attacked.
In the future we need to make the secure systems easier to use. Getting a nice user interface to a secure system is the art of the century.
I'm interested in the idea of trust. Whenever you have humans interacting, they tend to establish some level of trust that makes transactions efficient -- yes, I believe your money isn't counterfeit or you're not making up the data in that scientific paper. But then when you have somebody sending troops across a border or lying on a resume, you have to replace that trust with some verification regime. Over the last 25 years, have you seen that pendulum shift more toward the trust side, because there are so many more human interactions over the Web? Or has it gone the other way where people are more worried because there are so many criminals trying to get their credit card data?
Berners-Lee: I don't think people are more or less trusting. People have to be wary about spam and phishing, which is something they didn't have to worry about before. To be streetwise in this world requires more distrust. Meanwhile, people tend to trust a larger group of their friends with stuff.
The Pew Trust interviewed Americans in depth about their experiences. The average American feels the Web has helped their social relations. It has made them feel more connected. That's a data point.
The Internet has enabled this very global, social world we live in. It's now trivially easy to keep in touch with your college roommates. Do you think humans are geared for this global-scale society, or are we wired for the village scale so that this is going to bite us in the butt?
Berners-Lee: We can change our wiring. Even though we can keep in touch, we also need small, closed, intimate circles. Social networks maybe will learn to be more nuanced. They are learning bit by bit to give more of a flavor of intimacy when you know you're sharing things with a very small number of people. There are social network Sgrouples that specifically is privacy-aware. You can share share stuff there that they won't share with anybody else.
What I think we are wired for is fresh air and green. We need to be in nature. We maintain our friendships through a screen where before we would have gone for a walk through a field with the person next to us. I think we are universally wired to need to see green stuff, to be in green space, to be in the open, and see the sun. We have to make sure technology doesn't drive that out.
So the founder of the World Wide Web suggests you get out from behind your screen every now and then?