The Internet needs to evolve (again), this time with security as a fundamental feature

To safeguard the Web real control needs to be put into the hands of users

In the beginning, the Internet was very much defined by its functionality. ARPANET was created by the US Government as a communications network designed to scale vast distances. This niche focus led to a vital innovation in the form of the TCP/IP packet-switching protocol almost exactly 45 years ago to the day. If you like, global connectivity was the 'killer app' of the so-called internetworking age.

Since so few computers were involved at that stage, security was not a primary consideration; we live with the consequences of that today.

Enter the World Wide Web

The Internet changed in March 1989 with Sir Tim Berners-Lee's novel proposal for linking and sharing information on the network. The hyperlink was the new killer app.

With the creation of the World Wide Web, the barriers to global involvement in the network fell away. Technology stepped out of the shadows to lay powerful tools at the feet of society — email, early forms of ecommerce and the like. Yet the online landscape remained wild and, for most, uncharted. With the trails hidden from all but the most enthusiastic computer hobbyists, a land grab commenced as third parties rushed to compete and curate unseen content on behalf of others (for a fee, of course).

[Larger image]

At one stage the new online world was in danger of becoming a series of walled gardens with the default online experience controlled by Compuserve, AOL and others whose vision was to encircle, protect and monetise. But the fundamental flaws of the walled garden approach became clear very quickly. The open internet may have been a scary place — but from that freedom came the opportunity for real innovation and opportunities for all.

Web 2.0: the read/write/edit Web

The combination of connectivity and access brought the Internet and Web to the public consciousness, but Web 1.0 was largely a one-way experience. Real engagement was lacking.

With Web 2.0 everybody could comment and share their thoughts with a freedom that was unimaginable. The next killer app was social media. But as the masses rushed to publish their news, views and intimate photos across social media and blogs, one vital consideration was largely overlooked: the importance of personal data.

It was not overlooked by everyone, however.

Fuelled and fattened by an almost unlimited torrent of personal data, small technology startups exploded in size at a pace previously unheard of, quickly becoming dominant as a result of network effects and global reach. Our valuable data made these companies very rich.

As the amount of data grew, so did the severity of attacks upon it. But it was only when the really big hacks, identity thefts and surveillance scandals started to hit the headlines that people begin to ask the right questions: 'do you trust this company with your data?' and 'do you trust this company not to get hacked?'

It's now possible to provide three essential features together for the first time: connectivity, engagement and security

It had become abundantly clear: security online was broken, and trust was going the same way. No company could ever be unhackable, but like the proverbial oil tanker, these engorged technology company behemoths were now too colossal to turn round.

The walled gardens were back in a big way too. In many places, for many people, Facebook is the Web.

Web 3.0: the decentralised Web

The Internet and Web were made possible by radical innovations in connectivity. But connectivity is not security, and this has led to many problems. However, recent advances in peer-to-peer (P2P) technology have made it possible to provide three essential features together for the first time: connectivity, engagement and security. In addition, network-based cryptocurrencies open up new possibilities for the benefits from personal data to accrue to the individual rather than third parties.

That may sound simple, but it's not. Like any paradigm shift, Web 3.0 is neither easy to build nor is its success guaranteed until we've passed the tipping point for mass adoption. Nevertheless, the goals are clear.

All users must have control over their data. At no point must the Internet depend on architectural weak points such as third-party locations where your data can be stored unencrypted, however temporarily, and thus become a magnet for criminals.

Each individual must also have the right to choose the apps that use his or her data, i.e. data must be fully transferable. No longer should it be locked up in the new walled gardens, feeding the commercial models of a massive social media advertising platform.

Web 3.0 is a new world that encourages people to participate and rewards them for doing so. It's one in which computers that aren't fully utilised today can be set to work in a far more efficient and equitable way.

Towards the new model

In the beginning, the World Wide Web was the Wild Wild West: unkempt, lawless and close-to-impossible for the average user to traverse. This scared people, but that openness proved to be crucial for innovation — a feature not a bug. It's precisely because of this permissionless architecture that we have experienced the greatest acceleration of information sharing and value exchange in the modern era.

But throughout history, we've learned one lesson time and again: free thought and innovative thinking dies when we are forced to rely on central institutions that control our interactions, our experiences and what we are allowed to do.

To safeguard the Web, real control needs to be put into the hands of users. This means that security must be built in at the lowest level, with all data encrypted by default before it is stored anywhere online.

The next age of the Internet is nearly here, but it's going to take some work - and we don't yet know what the next killer app will be. As the old saying goes, if you want to start getting involved, the best time was a couple of years ago. But the second best time is today.

We're looking forward to seeing you there.

Dug Cambell is a decentralisation advocate and head of outreach at MaidSafe.

IT security failings are, increasingly, costing CIOs and CEOs their jobs. With business utterly dependent on IT, it's not enough for senior executives to dismiss security as ‘techie stuff'. At Computing's Enterprise Security & Risk Management Live event, hear from the National Crime Agency, ex-hackers and big-business CISOs to learn about how they are tackling cyber security. For more information, check out the dedicated event website. Attendance is FREE to IT leaders and senior IT pros.