Skip to content

Tech & Digitalisation

The Open Internet on the Brink: Origins and Evolution

Report30th September 2021

Key Points

  • The economic and social value generated by the internet is based on core technical and governance principles: interoperability, permission-less innovation, security, resilience and physical infrastructure that is unaware about the content being communicated (known as “dumb pipes”).

  • Several countries, companies and multilateral governance institutions shape the development of the internet. The US has been historically dominant but in time this will shift.

  • Led by China, more restrictive internet models are gaining ground on the open, liberal, Western internet model.

The internet is often referred to by a series of immaterial metaphors – “cloud”, “web”, “cyberspace” or even “information superhighway” – but little about how it really works is made visible. This grounding is important: understanding how the different physical and virtual layers of the internet combine is necessary to reveal who has control over the internet, where that power comes from and why it matters.

Chapter 1

How Does the Internet Operate?

The internet is often illustrated as a vertical “stack” of physical and virtual layers. The Open Systems Interconnection (OSI) conceptual model breaks this down into seven layers while the TCP/IP model, which describes how these layers practically combine in today’s internet, contains four layers:

Figure 1

Figure 1 – Layers of the internet stack

OSI Conceptual Model


TCP/IP Model



Provides user interface, e.g. Facebook or BBC News



Formats data packets into application-ready text or audio/visual formats, and vice versa



Controls connections between devices and rest of network, creating and terminating connection sessions


Co-ordinates transfer of data packets between devices and the network, e.g. using protocols such as TCP



Defines how data is routed around a network, e.g. using IP addresses



Data Link

Translates binary data (electrical pulses) into signals

Network Access


Hardware layer, e.g. undersea data cables

Source: Adapted from Article 19

Several features of the original vision behind the internet have contributed to its enormous social and economic importance today:

  • The internet’s architecture was built to commonly agreed standards that enable interoperability and communication between different devices and networks with minimal friction. This interconnectedness is the foundation upon which a single, global internet and economy is enabled.

  • Open protocols mean that anyone can build tools and services based on these standards without needing permission. This paves the way for massive experimentation and innovation.

  • Each layer of the internet stack was intended to be independent from others, limiting the ability for any single political or corporate actor to control the entire system. This ensures the rules that govern the internet cannot change without consensus, and this stability promotes investment and innovation.

  • The global internet is, ultimately, a network of networks, each of which is designed to be relatively autonomous and resilient, and also ensuring that power is distributed throughout the network.

  • At the bottom of the stack, data is transferred via physical and virtual networks that transport packets of information without being aware of their content. This model of dumb pipes limits preferential transporting and censorship.

While these conceptual layers of the internet mostly still hold today, the technologies and business models of internet companies have evolved significantly. This shift is often referred to as a transition between three eras:

Figure 2

Figure 2 – Internet paradigms


Web 1.0

Web 2.0

Web 3.0





Key characteristics

Open, permission-less protocols

Closed platforms and services

Decentralised applications (e.g. built on blockchain)

Economic value captured by innovators




Barriers to entry for new users



High, but becoming much easier



Facebook, Twitter, Google, Adobe

Ethereum, Bitcoin

Source: TBI

Chapter 2

Who Controls the Internet?

The original vision of the internet was built on a patchwork of norms, policies and technical standards that were designed to avoid centralised control. While much of this architecture has remained distributed, some nation-states, technology companies and multilateral organisations have increased their roles in shaping the future of the internet. Smaller companies, emerging economies and the global internet community are often left out.


Europe, China and India are growing players in internet geopolitics but the US, in particular, has immense jurisdictional power by setting the regulatory environment for many of the internet’s largest companies. Despite only 7.1 per cent of the world’s internet users being based in the US, it is home to some of the most influential consumer tech companies and, on average, houses over 60 per cent of core infrastructure services for the global internet. This includes data centres – which store content for websites, databases and applications – and DNS servers – which tell your browser to convert URLs like into an IP address like

Source: Nick Merrill, The Internet Atlas Project, accessed 17 September 2021

Note: *(DNS servers, web hosting, data centres, SSL certificates, top-level domains, server locations, proxy services) - May 2021


As the web has developed – reducing costly friction and allowing innovators to capture some of the economic value they generate – many companies have also grown to extend significant influence over different aspects of the global internet. Many of these are large, well-known firms. For example, Apple and Google set privacy standards for a Covid-19 contact-tracing API; Facebook created a new “supreme court” to oversee its moderation decisions; and Twitter explored a new protocol to decentralise social media. All these decisions challenge nation-states’ historical monopoly over global policy. These companies also wield significant economic power, such as when setting rules that govern how other companies can monetise services through app stores or by implementing proprietary technologies that become de facto standards for all.

Beyond user-facing services, however, are a set of infrastructure companies that are increasingly coming under scrutiny. In one recent example, a failure at Fastly – a content delivery network (CDN) that physically stores content closer to where users are based globally, to speed up load times – affected access in some geographies to popular websites including the Guardian, GOV.UK and Amazon. As sociologist Susan L Star wrote, this exemplifies how infrastructure often only “becomes visible upon breakdown”. While it may be tempting to bemoan the single points of failure that lead to these breakdowns, the reality is that the costs of building in the redundancy required to avoid these issues, by contracting with multiple companies simultaneously, are often more than a short period of downtime.

Beyond accidental failures, some infrastructure companies also have taken deliberate actions that illustrate their power. For example Cloudflare, another CDN, has denied service to websites 8Chan and The Daily Stormer – which had repeatedly failed to remove or moderate far-right, abusive, violent content – making it difficult for those sites to operate. While these decisions broke with a general precedent that content moderation should primarily happen at the application layer by user-facing services, these user-facing websites had failed to moderate so Cloudflare took action at the infrastructure layer.

Content neutrality remains an important default principle for services further down the stack. However, with other infrastructure services including payments, web hosting and search companies under pressure to act on abusive content, these firms are increasingly left to evaluate their responsibilities with little legal guidance or regulatory support. For example, Cloudflare has recently launched extra cybersecurity support for at-risk public interest groups and state elections. While the power of infrastructure companies is clear, it is a lack of due process and internet infrastructure policy frameworks that is the primary issue.

Decentralised Web 3.0 Organisations

The transition from Web 2.0 platforms to Web 3.0 protocols will also challenge incumbent gatekeepers. For example, while traditional currencies require a single authority, such as a bank or government, to maintain a record of transactions and prevent double spending, transactions of decentralised digital currencies like Bitcoin are verified computationally by consensus mechanisms such as proof of work or proof of stake, with no need for central authorities. Ethereum, another decentralised currency, is also a protocol incorporating programmable contracts whereby payments are automatically made on the basis of some condition being fulfilled. At scale, this could enable entire organisations to be managed autonomously in code, rather than by individuals in a bricks-and-mortar office.

While nation-states retain some levers to control Web 3.0 applications – for example, so-called on-ramps, such as cryptocurrency exchange platform Coinbase, are regulated financial entities – they have limited ability to regulate the underlying protocols except by participating directly in their development, which in turn could devalue any individual protocol’s appeal to the wider crypto community. While we are only at the beginning of the Web 3.0 era, as it matures it promises to disrupt what is already an unstable power dynamic between states, technology companies and the global internet community.

Global Institutions

Finally, there is a group of multilateral, multi-stakeholder, international governance bodies that collectively maintain and develop the global internet. While these organisations have been fundamental in the formation of the internet, they have also struggled to keep pace with its evolution and now their role is being challenged.

Figure 3

Figure 4 – Internet governance institutions


Full Name





Internet Governance Forum

Internet policy

2005. IGF set up as forum for discussion re: internet policy and governance

UN multi-stakeholder forum and regional dialogues


International Telecommunications Union

Internet infrastructure and technical standards (incl. radio, satellites, other ICTs)

1865. Set up to connect international telegraph networks. Became UN agency in 1949

UN agency


World Wide Web (W3) Consortium

Develops web standards

1994. Founded by Tim Berners-Lee to develop web protocols and guidelines

Voluntary standards body, funded by members


Internet Engineering Task Force

Develops and promotes internet standards, incl. TCP/IP

1986. Originally supported by US federal govt, but since 1993 funded by Internet Society

Voluntary standards body


Internet Society

Advocacy re: internet standards, access, skills and policy, incl. funding for IETF

1992. Set up by Vint Cerf and Bob Kahn. In 2002, ICANN gave ISOC Public Interest Registry (PIR) to generate revenue from .ORG domains

Non-profit / charity. Funded by .ORG profits. Sale of PIR to private equity in 2019, to create an endowment, was aborted


Internet Corporation for Assigned Names and Numbers

Manages IP addresses and DNS / domain names

1998. Technical maintenance for IP address and DNS root

Non-profit / charity


Unicode Consortium

Maintains and develops the Unicode Standard, which ensures text can be shared between languages and borders without corruption, including approving new emoji

1991. Established to create and maintain a standard for multilingual text representation

Non-profit, funded by membership fees and donations. Voting members include Adobe; Apple; Facebook; Google; Microsoft; Netflix; SAP; Salesforce; University of California, Berkeley; Bangladesh Computer Council; Emojipedia; Tamil Virtual Academy; and Yat Labs


Global Internet Forum to Counter Terrorism

Information sharing for countering online terrorism

2017. Founded by Facebook, Microsoft, Twitter and YouTube

Tech-industry funded initiative


Internet Watch Foundation (UK)

National Center for Missing & Exploited Children (US)

Child safety and protection; hashing databases for spotting CESA content. IWF and NCMEC entered data-sharing agreement in 2019

1996 (IWF). ISPs + London Internet Exchange initiative to provide URL database to enable CESA content blocking. Now includes a broad membership of tech companies and education providers

1981 (NCMEC). Missing children’s charity funded by US Department of Justice

Non-profit / charity

Five Eyes

Five Eyes

Intelligence sharing

1940s. Set up to counter Russia’s growing sphere of influence pre- and during Cold War

UK, US, Australia, Canada, New Zealand alliance


Digital Nations

Digital government collaborative network

2014. Initially D5: UK, Estonia, Israel, NZ, Korea

Diplomatic network

Source: TBI

Chapter 3

Openness Versus Authoritarianism

The foundations of today’s internet are based on openness, permission-less innovation, security, stability and global interoperability. These features, and the limited friction and intervention they entail, have enabled the internet to grow and act as one of the world’s most important economic and social infrastructures.

However, as the internet has grown in importance, regulations have followed. Some restrictions are clearly necessary – a libertarian “state of nature” would do little to ensure privacy or safety while the meme of an unregulated “wild west” is misleading. But nation-states are looking to reimpose their authority. Even governments in free societies are considering increasingly interventionist steps on internet architecture – be it bans on encryption or anonymity, data localisation laws, censorship or full internet shutdowns. At the most extreme end, China’s internet model is the archetypal authoritarian approach, given its extensive domestic and international censorship as well as requirements on foreign companies to create local subsidiaries and store data in the country to enable surveillance.

However, many other jurisdictions, including the EU, are also considering data-localisation laws as part of a growing global trend towards policies that promote the idea of digital sovereignty. It is not unreasonable to require data to be stored in a jurisdiction where countries have a stake in its governance. Yet for some smaller countries in particular, this comes with trade-offs. Putting up new digital borders could impede access to the global internet economy, while data-localisation laws could also cut countries off from hyperscale data centres and technical services – and their immense economic and technical benefits – if they are located outside their borders.

Leaders must beware a death by a thousand cuts: the stability, openness and interoperability of the global internet are a public good – generating prosperity and opportunity for the long-term – and they are increasingly at risk.

Article Tags


Practical Solutions
Radical Ideas
Practical Solutions
Radical Ideas
Practical Solutions
Radical Ideas
Practical Solutions
Radical Ideas
Radical Ideas
Practical Solutions
Radical Ideas
Practical Solutions
Radical Ideas
Practical Solutions
Radical Ideas
Practical Solutions