Over at Kuro5hin there’s the prospect that the US public will be inundated with junk faxes again, due to some corrupt legislation. (That’s corrupt in this sense, not that sense.)
I’m also receiving unwanted telephony, again. No caller ID, silent, drops after 10 seconds. Every afternoon.
Clearly, this is a network with sociability problems.
The wireline PSTN (as originally designed) assumes totally dumb devices attached to a smart network. When extended to wireless phones, the telephony aspects of the smart device remain under carrier control. You and I aren’t supposed to be rolling our own telephony. The system also came wired up with the naming system of telephone numbers, and assumes these are issued to paying account holders who can be easily traced. Because the network is smart and inflexible, telephone numbers are the only identifier it will ever support.
When you attach a smart device to a socially naive smart network, and that device is owned by a malicious third party, you get problems. These junk faxes and multi-number autodial telemarketing calls undermine the assumptions of the original PSTN design. Firstly, a human would dial each number. That rate-limits the abuse. Secondly, all end points are good and trusted, and thus every call should be relayed without any questions asked. Since everyone is a goody-goody, it’s OK to withhold their ID if they don’t want to, as nobody does anything naughty. And even if they did you can always complain to your carrier (hoho). You, the callee, don’t really need to know who is trying to interrupt you.
To put it another way, there isn’t any abuse, but if happened there won’t be much of it, and if there is some it isn’t a problem, and if it becomes a problem we know who to kick off the network. These are all false.
The root issue is a rupture in the trust model. You can either have a controlled environment where abuse is limited by design of a smart dedicated-purpose network. SMS is sort-of in this camp, although a bit leaky. Instant messaging is a better example. Yahoo! doesn’t need to know who I really am to stop mass chaos on their IM network. The other destination is where you have an uncontrolled open environment where anything goes but there is some traceability to an abuser. A very savvy but inflexibile network with a weak ID system, or flexibility and a strong ID system.
Unfortunately, we don’t have either today. On one hand we have a naive and inflexible telephone network with a moderately strong but rapidly degrading public identity system. On the other, we have a scintillating Internet which is a cess pit of abuse due to the absence of a decent identity infrastructure. And having spent half this last weekend expunging spyware and trojan dialers from my parents’ PC, I should know.
The smart devices attached to the idiot savant PSTN network come in two flavors. The first are the telemarketing and junk fax services that use traditional circuit switching. These are amenable to regulation because circuits are naturally traceable. They’re part of the closed PSTN ecosystem. Intermediaries record each circuit that is established, including the upstream and downstream physical links. There’s an audit trail for abuse. Even if you spoof your caller ID, your service provider keeps a record. All you need are rules to make the abuse legally as well as socially unacceptable.
The second form of smart device is attached to an IP network which then has a gateway to the PSTN. As I’ve written before, these pose a threat to the existence of the PSTN. You are attaching to the PSTN devices that bridge to the Internet. The PSTN assumes the edges are benign. The edges of the Internet are anything but benign. Malevolent intent is a cross-border contaminant. A widespread bug in a PC telephony application or analog telephone adapter could result in millions of zombie autodialers. The PSTN could collapse. It collapses without much prodding today — just think of any large-scale public disaster that prompts everyone to reach for their cell phone to check their friends and family are OK. Even if technical collapse is averted, the loss of confidence from having your phone endlessly ring without control could be fatal. VoIP that interconnects with and imitates the PSTN may become a parasite that kills its host.
IP communications need a new digital social infrastructure to succeed.
My prediction is that the telephone numbering system will be quietly abandoned over a period of 10-15 years. By the end of next year it is easy to imagine services like Skype, that have their own identity namespace, scale to huge numbers of call minutes. Just ten million active users running up a thousand minutes of use each a year would make Skype bigger than many carriers. Buy yourself a Skype phone with an LCD display, select someone from your address book, and who cares if it is a phone number or a SIP URL you’re contacting. On the corporate side, Microsoft will help enterprises federate their Exchange and Live Communications servers to stay ahead of open source commoditization, and VoIP over VPNs will become the norm for enterprise telephony. Your Windows logon and email address will be your ID. It won’t be possible to have telephone numbers without the baggage of the telephone system, so we’ll just have to ditch it.
(Telcos underestimate the threat from VoIP precisely because it has no revenue associated with it. How do you size a revenueless competitor? Stuart Henshall discusses this in more detail.)
With the stupid network, you need an identity infrastructure where digital identities (like a caller ID) can ultimately be tracked to physical people that are to be punished for misdeeds. We don’t have that today. That’s one reason we have an e-mail spam problem on the Internet. Social infrastructure takes decades or generations to introduce. It took fifty years from Benz introducing the motor car to having universal compulsory driver licensing in the UK. IP addresses are issued to anyone, and AOL make a feature of “no credit card required” (and thus no identity collateral). People happily host open WiFi access points, and run the risk of criminal activity being perpetrated by unknown passers-by which gets traced back to them. This is the era of the unlocked car being parked outside the unlocked house — the 1950s of electronic communications. Enjoy it while it lasts.
The traceability doesn’t need to be automatic, or a single step. You might have multiple avatars, and third party guardians of reputation through which to lodge a complaint that eventually reflects against the Real You. Privacy will still exist.
And being stupid means the network itself may or may not have an identity infrastructure associated with it. Perhaps IP address governance needs to change, but it isn’t necessary. Multiple competing solutions may co-exist at the application layer. Indeed, I believe that the recent announcements of IM interoperability are being misunderstood. It isn’t the IM that’s being made interoperable, as such, but the identity spaces. (For some passionate reporting on what could be a very dry topic, I can strongly recommend Digital ID World magazine.)
Issuance of secure digital identities today is a remote island — a tiny outcrop thousands of miles from mainstream commercial and govermental identity issuers. Ownership of a bank account and passport can’t yet be transferred into your digital trustworthiness. It may not happen until today’s digital children become tomorrow’s presidents and prime ministers. We’ve already seen plenty of examples of disastrously misguided social regulation of the digital economy by analog-era political leaders. Issuance of digitally encoded citizen identity cards, whilst a done deal in a few countries, is a hot political potato in others. Being able to use that data outside of interactions with government bodies is not common anywhere. Telcos may have retail outlets that physical customers visit to get service. They may offer up signatures and other biometrics. Telcos routinely perform identity and credit checks. None of that data is hooked back into their products.
As an aside, consider George Gilder’s vision of a move from the “stupid network” of electronically switched IP to the “cretinous network” of optically switched fiber. Data in the stupid network is processed, modified, fragmented, disassembed, reassembled, munged and redirected en-route. The cretinous network simply bends light down different bits of glass depending on it having a unique wavelength. In the (as yet largely theoretical) ultimate version, no electrical processing occurs anywhere on the way.
Should such a change happen, it would have an extremely interesting side-effect. You can spoof an IP address. Spoofing can only be combated via governance rules (like the anti-junk fax legislation). You you can’t fake a wavelength. There’s no optical equivalent of “caller ID unknown”. The move from logical routing to physical addressing would increase the accountability of the system.
So what does the future of telephony look like? Firstly, a high-revenue but profitless connectivity business. Then a low-revenue and modestly profitable routing function. This might be done using DNS/ENUM or via private and proprietary presence and naming systems. Companies like NeuStar are in that space today. Thirdly, a whole bunch of presence, store-and-forward, and other value-add application services. Finally, you will see the emergence of a highly profitable and physical ID business. And I already have the evidence.
Amazon want to be your personal preferred supplier of everything that can be delivered by a UPS truck. To do this they aim to have an exceptional customer experience. They also act as your trusted advisor in making purchases. Maybe you would consider this other product? Recommendations are a key part. (Remember my trusted introducer post the other day? Go read.) For this to work, you need to know that the guy recommending the book isn’t the author shilling his own work. Thus they’ve introduced Real Names. Your reviewer name is corroborated by your credit card purchase details. You still don’t know whether the guy is the author’s best friend, but it’s a start.
eBay’s control of Paypal adds friction to your ability to create personae at will. There’s only so many Paypal accounts you can open, since each needs to be backed by a real bank account to be useful. eBay without Paypal is not very useful to most people.
While writing this article someone emailed me. The person is a stranger. My first reaction? Google him. Google is our stand-in for a proper digital ID system. And that’s scary. (I won’t compromise his privacy by mentioning his name or the search results, but if you’re a homeopathic revolutionary thespian, yes, it’s you!)
Amazon, eBay, Google. Parts of the future identity puzzle. None of them are telcos. And the telcos have no clue that they’re competing against them for the digital identity dollar.
Posted by Martin Geddes at 01:18 AMTrackBack URL for this entry:
http://www.telepocalypse.net/cgi-sys/cgiwrap/mgeddes/MT/mt-tb.cgi/284.
Listed below are links to weblogs that reference The naive network:
»
Digital Identity and VoIP from Alec Saunders .LOG
There's been a huge amount of buzz around the area of digital identity recently, especially as it relates to VoIP and the interface between the Internet and the PSTN.
[Read more]
The Automated Receptionist feature of ACC answers calls immediately and gives the caller the option to speak with an operator, or go directly to a desired extension. ACC can answer repetitive questions by having the caller make selections from a menu of options. Messages can be taken and special announcement can be broadcast. Callers without a touch tone phone may be transferred immediately to a live operator or they are able to leave a message. ACC streamlines the office operations without the need of additional office staff.
Posted by: at May 30, 2005 08:47 AM