The Responsibility Of Open Standards In The Era Of Surveillance

Harry Halpin

The core infrastructure of the Internet is defined by interoperability between code-bases: The ‘rough consensus and running code’ of open standards at the Internet Engineering Task Force (IETF) and World Wide Web Consortium (W3C). However, there are a number of powerful critiques of open standards. First, there is a widespread failure of many core standards in terms of security and privacy, and even concerns of subversion. There is an even more substantial critique that standards are simply moving too slowly in the face of rapid innovation. However, we’ll argue that engagement with open standards is the best way for privacyenhancing technologies to gain widespread adoption.

What are open standards? Open standards are defined by IETF/W3C Working Groups, who provide both the formal structure and patent agreements necessary for engagement
with many parts of industry, as well as ideally long-term maintenance of the specified protocol. In contrast, Tor is at present not a standard. Only if there were multiple Tor code-bases or forks that needed to communicate would a standard be needed. Officially, at both the W3C and IETF there must be two interoperable implementations for any draft specification to officially become a standard.