The Internet, Part II
IBM’s futurist envisions an Net that’s smart, safe and always on.
Monday, July 31, 2000
By H. Asher Bolande (Asian Wall Street Journal)
John Patrick’s business card doesn’t read “chief dreamer,” but the title might reflect his work better than the others he holds. As vice president for Internet technology at International Business Machines Corp.,he is the company’s chief strategist for the next-generation Internet, something he believes will in the near future be as ubiquitous as the air we breathe.
Not only as ubiquitous but as easy to use. Mr. Patrick predicts that before long each of us will have a fool-proof digital ID that automatically authenticates who we are in cyberspace, regardless which of our many devices we’re using to access the Internet. Not only will it secure our e-commerce transactions but protect our privacy, by regulating how things we send and receive are coded with encryption. In line with IBM’s recent moves, he also foresees a central role for open (non-proprietary) standards like the Linux operating system, which he thinks will help speed technological progress as engineers world-wide focus and combine their efforts in a single, shared platform.
His work extends beyond Big Blue. He serves as chairman of the Global Internet Project, a group of executives from international companies seeking to ensure that private-sector leadership will guide the Internet’s development.
H. Asher Bolande sat down with Mr. Patrick on the sidelines of the recent World Congress on Information Technology in Taipei, Taiwan, to talk about his vision. What follows is an edited transcript of the interview.
WSJ: What are the main ways the next-generation Internet will be distinct from the current edition?
Mr. Patrick: Everyone anticipates and hopes the next-generation Internet will be faster. Speed is a key thing, but I think there will be other important factors defining the future. First of all, it’ll be always on. That will be profound because of the frustration we have with
delays in how long it takes to log on. There will be no more logging on; you will just be on. This is a significant change. Next is that it will be everywhere. Today, it’s not everywhere, but where your PC is. Experiencing the Internet from the PC is going to drop from 90% of the time to less than 50% in the next few years as we start using PDAs [personal digital assistants], pagers, mobile phones and new wireless devices. What NTT Docomo is doing with iMode mobile phones is a shining example. Internet kiosks are happening in Korea. Fast, always on, everywhere.
Next characteristic: intelligent. The Internet today is mostly unstructured. The next big thing that’s already happening is XML [extensible markup language]. XML is going to totally transform the Internet. It will provide an underlying structure for Web pages so that they don’t just show what they look like but what they mean. For example, if you do a search on William Shakespeare, today you find things by him, about him, somebody’s Web page of favorite authors. XML will add context to Web pages so people can find things, and so applications can communicate with each other. This is the holy grail of the Web: application integration.
The last one is security. Technology exists today for bullet-proof protection on the Internet. Security is not an issue, authentication is. Who is that Web server you are dealing with? How do they know it is really you they are doing business with? The next-generation Internet will use digital IDs so that we can have authentication.
WSJ: What form will these digital IDs come in, and how exactly will they work?
Mr. Patrick: With a digital ID, you will no longer have to send your log-in and password over the Internet. A digital ID is issued by what is called a Certificate Authority. The CA is someone who can establish that you are who you say you are. This might be a bank, an insurance company, a government or any trusted third party. They will then issue a digital ID to us which we will store in a smart card or perhaps in our mobile phone or maybe in something that is attached to a keychain. In the next-generation Internet, we will see a biometric of some kind associated with our digital ID. It may be a voiceprint, a fingerprint, a faceprint, or other approaches. Used in tandem, these will ensure that no one can impersonate us on the Web.
The digital ID will also be a key ingredient in enabling each of us to protect our privacy, our medical records, and the integrity of financial transactions.
WSJ: Currently, are there any concrete initiatives to that effect?
Mr. Patrick: One of the most significant that I know about is from the Ministry of Finance in Spain. They have implemented a public key infrastructure with digital IDs and digital signatures to allow people to pay their taxes without having to file paper and [while] providing complete privacy protection for that information. Europe has issued a directive that will lead to digital IDs, and the U.S. government has just approved a similar approach this month.
Here in Taiwan there’s a very good initiative by the Taiwanese government and the city of Taipei to provide for multiple certificate authorities. Essentially, the government has … established standards by which multiple certificate authorities can issue these digital IDs. Singapore has done the same thing. This is another example of where Asia may have come to the Internet a little later but is now ahead.
WSJ: Are these ad-hoc approaches by different countries and different governments really going to lead to a feasible solution to the authentication issue? Isn’t an international standard needed?
Mr. Patrick: There is an international standard — it’s called X.509 version 3. It’s the current global standard for what’s called a public key certificate. Inside of this electronic certificate stored in your smartcard would be encryption keys that could enable you to add your digital signature to a contract, or to become authenticated at an airline lounge in order to use a PC for sending e-mail. So these initiatives that I’ve referred to are not really ad hoc; they are utilizing these existing standards.
Also there’s a global initiative called Identrus. Identrus is a company that has been formed by about 30 international banks around the world. It provides a public key infrastructure, the issuance of keys, certificate authorities, transaction capabilities and standards for those transactions in a B2B environment. It’s not yet a business-to-consumer but it could be. It could lead to that.
WSJ: Earlier, you said security was not really an issue. But in a system where everybody’s online and interconnected nonstop, no matter where they are, surely hackers and viruses will be even greater dangers than before.
Mr. Patrick: With the advent of cable modems and DSL [digital subscriber line] and other forms of being “always on” instead of having to log on, there definitely is larger security exposure. There are very good ways to deal with it, however, and I think this is an area that does require more focus from the providers of these always-on connections.
Specifically, personal firewalls are essential, and anyone having a DSL or cable modem wherever in the world they might be should be sure to have a personal firewall installed or a separate hardware device that protects against unwanted intrusion. I don’t think frankly that that exposure has been highlighted enough. The good news is that it’s very easy to do.
WSJ: To me, a firewall is something obscure that my office’s system administrator manages. How does a personal firewall work?
Mr. Patrick: A firewall allows us to access everything on the Internet but prevents “anything” from the Internet from accessing us. Firewalls for corporations can be relatively complicated, but for individuals they are relatively simple. A personal firewall can be either hardware or software. There are many choices. I personally use a LinkSys Etherfast Cable/DSL Router. It provides excellent protection and is simple to install.
WSJ: With each person using so many different types of devices to get connected in the future, it seems more practical for big server computers to run and distribute all the software applications centrally. The broadband connection speeds available soon will be nearly as fast as those between my PC and its disk drives, so why not? Will PCs running their own software go the way of the dinosaur?
Mr. Patrick: No, I do not foresee that happening. [But] I do see that the era of the PC as the center of our lives and the center of the Internet — that era is over. It’s being replaced by an era where there are many different kinds of devices. It’s not just is it the PC or is it something else; it’s going to be a lot of things.
WSJ: But will programs — say, the software that’s tracking my stocks — be running on the system or on my personal device?
Mr. Patrick: It’ll be both. We’ll see some devices that are very, very, very inexpensive and simple, and everything they can do from a transaction point of view will be done somewhere else on the network. But then you will also see devices that are much more intelligent, that are able to get a little bit of help from the network but are much more self-sufficient.
It will be a function of cost, a function of the desires of individuals. It’s just like a tape recorder, like you’re using. You can buy a solid-state one, you can buy one with a mechanical tape, you can buy a little one, you can buy a big one, you can buy one with rechargeable batteries. .. It’s the same thing with connectivity to the Internet. The particular kind of devices we use will very much be the consumer’s choice.
What Docomo is doing in Japan is very illustrative of this point that people are deciding how things will be used. The iMode cell-phone of NTT Docomo has the ability to share images and display them on the screen. I don’t know if the designers of that product really foresaw how “in” it would become for teenagers to send their pictures back and forth over the phone.
WSJ: Most experts predict the role of the big, powerful servers will grow much more important in the next-generation Internet, because it’s more efficient for them to distribute video and other and applications to users on demand. Will big Western companies like IBM control this market, or will there also be opportunities for new hardware players or subcontractors?
Mr. Patrick: There will definitely be room for new players, and many of those new ideas and new players are coming from Asia. There’s a tremendous energy here in Taiwan, for example. If you visit the ITRI [Industrial Technology Research Institute], you’ll see there’s 80,000 employees, 6,000 engineering and research people, and tremendous focus on the Internet. … A lot of products and ideas will come from there. Take IBM. It has OEM [original equipment manufacturer] relationships, supplier relationships going in both directions, a lot of that here in Taiwan, for example.
WSJ: What types of business models will be successful with the next-generation Internet?
Mr. Patrick: The two factors that I believe will lead to success for companies are not culturally or geographically specific. Those two factors are, No. 1, developing world-class customer service. People have expectations that are expanding by the day, people in every part of the world. They’re beginning to realize what’s possible on the Internet, and once they see what’s possible, they want it. If company A doesn’t deliver to their expectations, then they’ll go to company B. The first ingredient to success is customer satisfaction and reducing the time it takes to get something done for the customer.
The second ingredient for a successful Internet company either as a technology company or as a user of it is to take advantage of open standards. There is no room for proprietary approaches any longer. Companies need to compete based on their unique implementation of open standards, based on their speed of execution, based on the quality of their relationships and their people.
Linux, for instance, is spreading like wildfire because people are finding it’s easier to work on a common platform. More people can concentrate their efforts on key issues when there aren’t so many noncompatible platforms that create unnecessary problems. Because of this, Linux over time is going to have a profound impact on the future of the Internet.
WSJ: How is adoption of Linux and open standards in general going to play out in Asia?
Mr. Patrick: In Asia, we’ll see more rapid adoption of open-source technology. There’s a lot of interest in Linux throughout Asia, and I believe one of the reasons is that it’s a way to take advantage of the technology without becoming dependent on the ideas of others. I don’t think everything is going to be open-source, but I think it will rise up from the lowest levels and over time become more and more important.
WSJ: Many Asian governments are grappling with the issue of how to regulate the Internet. The Global Internet Project, which you chair, calls for market self-regulation. Why?
Mr. Patrick: National governments have to realize the limits of national rules and regulations for a global medium like the Internet. Wherever possible, they should encourage nonregulatory solutions to Internet policy problems. The Global Internet Project’s mission is to help governments understand why they should not try to impose “old models on this new medium.”
For instance, as Internet radio and streaming video become more common, some are suggesting that governments should impose existing broadcast regulations on the Internet. Over the last 50 to 60 years, governments have created hundreds of pages of complicated broadcast regulations — dealing with everything from the type of advertising allowed to when violent or explicit programming can be shown. But the Internet is not television. It’s global, not national, and there are an unlimited number of “channels,” unlike with over-the-air broadcasting.
Rather than regulate the Internet, governments should work with industry to demonstrate and foster technologies that will help us deal with thorny Internet policy issues — such as online pornography, privacy, fraud, and security — far, far better than national laws and regulations. We need to address these issues, but regulation simply cannot keep up with the rapidly evolving, ever-expanding, global Internet.