Pax Technica: How the Internet of Things May Set Us Free or Lock Us Up

EMPIRE OF CONNECTED THINGS

Behind every empire is a new technology. Empires build information infrastructures that connect distant towns with major financial centers. Network infrastructure allows innovations from any one part of the realm to quickly benefit everyone else. Entrepreneurs have an easier time figuring out supply and demand. Military leaders have an easier time defending the empire, and political leaders have more information about public needs.

The Romans had such an empire, because they built the roads and aqueducts that provided their empire structure and stability. The British also had such an empire, because they had a network of fortifications and a superior navy to manage their global trade routes.

In this chapter I map out the expanding infrastructure of networked devices. I explore this domain with some hard data—a kind of census—on the size of the empire of connected things. Then I discuss some of the ways these networks of connected devices get used in political ways. When governments fail to protect us, and are unable to even warn the public of danger, we use digital media to build new systems of early warning. When governments are working well, they can overreach and use digital media to censor and surveil their citizens. Increasingly, we find that device networks are pressed into service for political and military objectives.

Carna Surveils the Realm

New information technologies have transformed world politics, and not always in good ways. Even trying to understand how technology connects us reveals the strengths and weaknesses of the internet we have built for ourselves. To understand what the internet is becoming, let’s start with a basic question—how big is it?

Recently, a creative programmer decided that it might be an interesting exercise to count all the devices that were connected to the internet. We still don’t know who did this internet census, but for now let’s just call her Amanda. Completing an internet census was an intellectual and engineering challenge. Most important, she wanted to do it without causing trouble—she wanted to ping devices without interfering with them or slowing down the internet. So she built a “bot” and created a “botnet.”

The word “botnet” comes from combining “robot” with “network.” A botnet is a collection of programs that communicate across multiple devices to perform some task. The tasks can be simple and annoying, like generating spam. The tasks can be aggressive and malicious, like choking off internet exchange points, promoting political messages, or launching denial-of-service attacks. Some of these programs simply amuse their creators; others support criminal enterprises.

In playing around, Amanda discovered a surprising number of unprotected devices connected to the global internet. She re alized that the only way of doing a complete census was to build a botnet that would enlist all the unprotected devices in the service of the census project. So she wrote a chunk of code that would both count devices and replicate itself so that its copies could help count devices. When she activated the bot, the botnet spread out and found 1.3 billion addresses in use by devices around the world.1

Amanda called her script the Carna Bot after the Roman goddess of health and vitality. For her, the exercise was about taking basic measurements of the health of the internet. Her bot worked brilliantly, reporting on many different kinds of devices, from webcams and consumer routers to printers and door-security systems. Amanda decided to remain anonymous but published her findings as a public service. Even though she had noble goals, she exposed two dark secrets about how the internet works.

First, she revealed that knowing the default passwords for pieces of key equipment could give someone access to hundreds of thousands of consumer devices and tens of thousands of industrial devices around the world, from gaming platforms to industrial-control systems. So as the world’s security experts debate the impact of the latest sophisticated hacking attempts from China or the encryption possibilities of quantum computers, just knowing factory passwords means someone can access any device once it leaves the factory and is connected to the internet.

Second and more concerning, the bot discovered other bots. Carna wasn’t the only unauthorized bot checking for open ports on devices around the globe. Amanda’s bot was written as a public service for an exploratory project, and it built a botnet to do the census. She found several competing botnets, and an enormous, sleeping, network of bots called Aidra, which had compromised as many as thirty thousand devices. Aidra had the power to hijack not just computers but gas meters, refrigerators, microwaves, car-management systems, and some mobile phones. The bots could attack any network infrastructure for a client with a denial-of-service attack. Amanda had her Carna Bot perform the public service of temporarily disabling any Aidra bots it found.

The next time someone reboots those infected devices, the bots will be ready to start commandeering them. The botnet that Amanda exposed could be very destructive if it is ever used, and some might even see her as a threat because she was fooling around with the world’s device networks. Still, in exposing these dark secrets, Amanda revealed a lot about what our internet is becoming.

What’s in a Pax?

The Pax Britannica was a period of history, between Napoleon’s defeat and World War I, during which the British Empire managed global affairs. London was the center of power, the British navy controlled the most important sea-trading routes, and relatively efficient bureaucracies put the world’s resources and people into the Empire’s service. Several aspects of the Pax Britannica may actually describe our future as much as that moment of our past.

The British were strong because their network infrastructure gave them unparalleled levels of political, economic, and cultural control. The Pax Britannica was hardly a period of universal peace—it was a period of stability more than peace. There were nasty, violent brushfire wars throughout the British Empire as poor communities resisted the oppression of colonial masters. Rival kings, separatist movements, nationalist causes, and radical socialists (and anarchists, for that matter) constantly challenged the authority of the British crown. When the Pax Britannica finally waned in the middle of the twentieth century, these conflicts between allies and challengers had lasted more than a century and cost millions of lives. The sun never set on the Pax Britannica, but it cost a lot to maintain that network of colonies.

For a long century British control of global exchange yielded great profits and political stability. Alliances among Europe’s royal families managed global empires and worked out diplomatic routines, enabled faster communications between power centers, and created a tacit understanding of who controlled what.

The stability of the Pax Britannica made a few people much richer than everyone else. Economic productivity improved overall, and advances in medicine and public institutions resulted in longer life spans and more democratic engagement in the Empire’s colonies than in previous centuries. Certainly development was uneven, resulting in glaring inequalities on the basis of gender, race, and faith. Economic wealth was concentrated in northern urban centers. The colonies funneled riches back only to these centers. In the end, the Pax Britannica produced a set of global institutions that still serve northern wealthy countries better than they serve the global south.

A pax evolved because government and industry interests were closely aligned. The people at the center of all this were a curious mix of technocrats, princes, and business elites. The organized faiths of the Catholic and Anglican churches also provided some social structure. These helped to form community bonds that connected core and periphery, and gave those from the core who traveled to the periphery an existential sense of mission. But the social structure provided by the church was not unique to this period of history. What was unique was the rise of a new organizational form, the “firm.”2 Moreover, these new firms were tightly coupled with the state, such that the East India Company, for example, was able to marshal the resources of the British navy for the company’s global operations, and British fortifications provided homes for the Hudson’s Bay Company.³

A pax indicates a moment of agreement between government and industry about a shared project and way of seeing the world. The key here is that the shared project involved infrastructure. It wasn’t simply an agreement between governments and businesses to help each other. The collective project involved each putting information infrastructure to work for the other’s needs, building it and guarding the project in mutually supportive ways, investing in innovative new technologies, and applying existing technologies, all in such a way that would shore up the power of each while allowing others to benefit.

A few people in the center of the pax made decisions about the development of opportunities at the periphery. Most communities in the rest of the world had limited control over their own development. The British government made key decisions. It defined the borders. It decided which countries would get which technologies and resources. The British military broke down resistance to international trade. This created what historians call “path-dependent development.” For most of the world, the needs of the center limited economic growth at the periphery. Indeed, many of the communities that were simply producing staples—such as minerals and food—regressed in quality of life and fell apart socially.

These defining points hold for other periods that historians have described with similar labels, such as the Pax Romana or Pax Americana. While these periods of political stability were marked by border skirmishes and outbreaks of violence between local power brokers, there were few large-scale wars. Governments and firms worked together to develop new communication technologies. There were widespread benefits to the new information infrastructures, and the elites who participated in this pact benefited most. The social forces behind rival empires and breakaway republics—each seeking to build or restore its own competing network of power—were a constant threat.

And it is safe to say that the Pax Americana is over. Historians have used this label to refer to the dominance of the United States in international affairs since the end of World War II. In important ways this period of stability (more than peace) occurred because the United States managed to dominate global industry, finance, and culture. Some would say that the collapse of the Berlin Wall marked the peak of the Pax Americana, and that the internet is just an extension of America’s ability to wire up economic, political, and cultural life in other countries for its own benefit.

Device networks now provide more of that structure than cultural exports. Today, governments and the technology industry have been closely collaborating on foreign policy. Indeed, in important ways, technology policy has become foreign policy. In recent years, the U.S. State Department and Silicon Valley have found more and more creative ways to work together. They fund and develop research projects together. They exchange personnel. And executives from the State Department and Microsoft, Google, Apple, and other big technology players often share the stage at public events. Increasingly, they subscribe to the theory that technology diffusion and democratic values reinforce each other and spread together. An open, global internet is good for business and good for democracy. But as I’ll argue, the United States has lost control of this digital project in important ways. The United States is no longer the primary source of innovation in digital networks and the most important builder of information infrastructure. The internet no longer just “speaks English,” and the Pax Americana is probably over.

The Demographics of Diffusion

More than ever, technology and technical expertise mean political power. Political clout now comes from ownership or regulation of mobile-phone networks, and control over the broadcast spectrum. The technology trends are well known but still impressive. By 2015 more than a billion people are on Facebook, and every day a half million more join. YouTube has 500 million unique visitors every month who view 95 billion videos. Every minute, users upload more than 3,000 images to Flickr, to say nothing of the other kinds of multimedia content that visitors upload to other variations of blogs, feeds, and websites. Twitter handles 500 million tweets per day, and 12 new accounts appear every second. When new social-media technologies are developed, they can attract millions of users in a blink of an eye. It took Google+ less than three weeks to attract 10 million users.

Yet it is not a particular tool or application that has created these unique circumstances of history. Altogether, the suite of digital technologies allows such levels of interactivity, creativity, and access. Moreover, usage patterns vary around the world. Facebook is only slowly making inroads into Russia and Brazil. The Chinese government has built rival platforms for almost all of the interesting digital media technologies developed in the West, so that its security services can use digital media for social control.

In 2000, only about 10 percent of the world’s population was online. By 2015, more than half the world’s population has internet access, two billion people have smartphones, and almost everyone on the planet has a mobile phone or easy access to mobile technology through family and friends.4 Three of every five new internet users now live in a politically fragile country, but people have used digital media to strengthen family and friendship ties, build political identities of their own, and make other kinds of social groups more cohesive.⁵ Digital media have changed the way people use their networks and have allowed them to be political actors when they want to be engaged. They use the technologies to connect to one another, and to share stories.

For decades, the greatest flow of digital content was between London and New York. That’s changed now, too. The majority of traffic once flowed through the undersea trunk cables connecting North America to Europe.6 However, the network has evolved quickly as more and more devices have become connected. In the past few years, Asian cities have been demanding more bandwidth than cities in the West, and the majority of the world’s internet users live in those Asian cities. February 2013 was an important month for the new world order, because it was probably the last time that the West dominated the use of global bandwidth. If you live in the West, this was the month you lost this centrality. If you live in China, this was the month your region became the dominant network center. If you live in other parts of the world, it was the day in which the center of your economic, cultural, and political universe shifted.

Before February 2013, the bandwidth used across the transatlantic cables that connect the United States with Europe averaged just under twenty terabits per second. Most of that traffic was between the United States and the United Kingdom. Relative to other parts of the world, these two countries had the most internet users, the most internet servers, and the fastest networks. Much of that data involved market-exchange data between financial centers.

A month later, the bandwidth being used by the cables connecting Asian countries averaged more than twenty terabits per second. The most important center in global networks—measured just in terms of bandwidth—shifted from the West to Asia. The bits themselves don’t care how they travel: their job is simply to flow between digital switches. And the routes they take can only be estimated with probability models. There is no consciousness-raising singularity here. But at the end of March 2013, more traffic flowed between China, Korea, and Japan than flowed between the United States, the United Kingdom, and Europe.

A significant amount of digital traffic flows through the cables at the bottom of the Pacific Ocean. However, it’s not undersea cables that carry the most traffic, it’s overland cables. The fastest-growing region for internet traffic is within Asia—between China’s largest cities and between China’s cities and other cities in Asia. Indeed, one of the more pressing infrastructure problems in China is the need for faster internet connections from Shanghai, Hong Kong, and Beijing out to the country’s many large provincial capitals. These days, only a quarter of all global internet traffic flows between North America and Europe.

Information Technology and the New World Order

Information technologies are now the primary conduit for everyone’s political, economic, and cultural lives. This is not true for many people, or for most people in rich countries. Since the end of the Cold War, pundits and policy makers have thrown around a variety of terms to help frame current events. Do we live in a unipolar world, where the United States gets to be dominant? Or is it better to think of our political world as a multi-polar one, with many different kinds of political actors busy projecting different kinds of power? The collapses of the Berlin Wall in 1989 and the Soviet Union in 1991 are two events that clearly mark a transition point in global politics. But a transition to what?

Lots of people have tried to describe the new world order. Many have argued that with the fall of the Soviet Union, the new world order became one in which major political and security crises would be over economic issues rather than ideological differences. Anne-Marie Slaughter said our new world order was new because networks of public officials were connecting across international borders to more effectively solve problems.7 Henry Kissinger said the United States would still be the most important part of the new world order. Francis Fukuyama said that history was over in that capitalism had triumphed and markets would be setting the rules. And John Ikenberry said that the new world order would be governed by liberal values and the institutions of international law that were set up after World War II.⁸

However, it’s always a tough project to define a new world order, because you need to figure out what power is, who has power, and what it means to exercise power. These days, the people who design new information technology, produce content for digital media, and set internet standards have a significant amount of economic, political, and cultural clout. They can efficiently manipulate popular opinion, and they use information technology to make more effective use of labor and resources. Unfortunately, it’s also a real challenge to identify the people, organizations, or countries that have this power today.

A lot of technology design happens in the United States, where Silicon Alley produces digital content that streams around the world and Silicon Valley creates the new gizmos everyone wants. The U.S. National Security Agency (NSA) has the ability to monitor global internet traffic in comprehensive ways. Yet the power to set standards for the global internet rests with a handful of opaque, quasi-governmental, global organizations like the Internet Society and the International Corporation for Assigned Names and Numbers (ICANN).9 And plenty of technical standards with serious implications for our privacy are set by specialized engineering committees that are susceptible to corporate influence. Infrastructural challenges come from the Chinese government, which has direct control over its technology users and is exporting hardware to other countries so that its infrastructure network can grow. And there are the technology insurgents. There’s a lot of digital muckraking that happens with The Pirate Bay and WikiLeaks. Each month some embarrassed government tries to deal with a major information scandal by going after hackers and whistle blowers.

There’s no doubt that political communication in many countries has changed radically since the internet arrived. Blogging, tweeting, crowd sourcing, and collaborating online was once the sport of geeky narcissists. Now these activities shape the national policy agenda in most countries. By simply posting videos about abusive police or corrupt officials, people can rapidly undermine government credibility. At first, these kinds of activities were just pinpricks that had no chance of puncturing an overblown, dictatorial state. But by now, every government in the world has faced some kind of damaging scandal or been brought to heel by citizens who used their mobile phones to document the illegal or embarrassing acts of political leaders.

To understand current events, it’s important to look beyond people and organizations to the technologies themselves. For the past twenty years, there’s no doubt that the United States has been the central node in global networks of technology design and information flows. The most important force in global politics was the United States precisely because this was the country that was building the information technologies that everybody else wanted to use. This was a temporary state of affairs.

Pax Romana, Britannica, Americana

Maintaining power during the Pax Romana, a long period of relative stability established by Caesar Augustus in the late first century B.C., was a bit more straightforward and enduring. With a powerful army, the Romans conquered vast swaths of territory well beyond Italy. With a powerful infrastructure, the Romans ruled all of western Europe, the Near East, and North Africa. There were nasty skirmishes at the borders of Augustus’s empire. Some of the borders of the Pax Romana—like Hadrian’s Wall—were more symbolic frontiers of the Roman Empire than firm markers of territory. But Roman networks of economic exchange lasted for more than two hundred years (and in the East, for more than a thousand), and patterns of family alliances kept an overall power structure in place.

The Romans grew rich, and their system of roads, ports, and runners allowed for improved communications during economic and military crises. Rome made the important decisions about political life in the provinces, and the city’s wealthy trading families made alliances with the institutions of government that put the legitimate military might of the state in their service. Romans worked hard to maintain their infrastructure of roads and seaports, shoring up their own power while also benefiting others.

Technology always has limits—it doesn’t reach everyone and it doesn’t serve everyone in the same way. And the infrastructure that allowed the Romans to have an extended period of political and economic stability was territorially bounded. It was an extensive network, but good roads and public works projects ended where the Visigoths began. Rome was not and could not be everywhere. Having power during the Pax Romana meant having some control over the nodes in the Empire’s networks, and as a city, Rome was the confluence of these networks of power. Similarly, in the British Empire, London served as the node, and the big corporate players all managed their affairs from the capital. The fashions, designs, and innovations of London radiated outward to the colonial seats of British power.

Cultural exports from the United States were an important part of the Pax Americana: Hollywood movies, television programs, music, and advertising techniques had a significant impact on the values of viewers, listeners, and consumers around the world. The United States still generates lots of cultural memes, but many more now seem to come from the Global South. Of course, in cultural production there is give and take. Some of the fashions seen and heard on the streets of London, Rome, or New York at their heights of influence actually originated in the provinces, hinterlands, and peripheries of their empires. Today plenty of cultural memes that originated online have significant offline impact.

For several decades the United States has been the center of the world’s internet. A great many innovative technology designs come from the United States. There, the places we associate with innovation have become iconic. California’s Silicon Valley generates new applications and hardware; Boston produces valuable technology designs; and New York generates digital content. Seattle, Austin, and several other cities are also important nodes in this network of innovation. From the early 1990s through the late 2000s, the world’s information had to flow through digital switches in the United States, as created in its leading centers of technology development.

These days, if you want to have a profile in modern politics, you have to be online. Corporate affairs are now largely managed over digital networks, and some corporations have their own proprietary networks. Now, new innovations in fashion and design diffuse over Instagram and Pinterest. Political power has often shifted along with technical innovation. Harold Innis and Marshall McLuhan taught us that it wasn’t just new weapons that shifted political power centers.10 New media and communication created great opportunities for cultural dominance, turning the limited rule of particular political leaders into decades of social control by generations of ruling elites.

Major concentrations in the control of public infrastructure have a label in political history—we call them empires. In the past, empires have been defined by groups of states and peoples that may be spread around the world but are governed by a relatively small network of political elites who are exceptionally good at control through communication. When new technologies support a political order that envelops many countries and the new rules last longer than any particular monarch or political leader, we call such an order a pax. What makes networked devices a unique infrastructure comparable to Roman roads or British warships? Looking at examples of what governments, battling political groups, or individuals do in these networks is illustrative. To start, let’s look where government is absent and people are desperate.

The Balaceras of Monterrey

When drug wars erupt in Michoacán, Nuevo León, and Tamaulipas, it can be dangerous even to travel on the highways. Gruesome images of street battles between police and gangs have dominated the news coming out of Mexico. And once in a while there are truly horrific events when drug gangs lash out at the people publicizing their crimes—and at the public at large.

War between security services and drug gangs often means violent balaceras—street battles in which civilians are caught in the crossfire. Tortured bodies hang from bridges and fighters hijack vehicles at gunpoint. The streets clear for weeks at a time. Neighborhoods that once had vibrant nightlife are empty. But rather than sheltering at home alone, as people might once have, the inhabitants of these blighted places now connect and find ways of helping one another. One blogger, Monterrey’s Arjan Shahani, relates how social media feeds on altruism.

In traveling through Laredo with my family recently I felt a bit more protected every time a notification came in [to my mobile phone] from a traveler a few miles in front of me noting that there was no danger ahead. With no hidden agenda and nothing to earn from it [Twitter] users I have never met such as @Gabsinelli @labellayelibro and @lacandonosa kept me and my family safe during the trip. All I can do is publicly thank them for it. Following suit, I repaid the favor and used the appropriate hashtags to provide similar information for the benefit of those traveling behind me. To all of those who selflessly participate in this chain of collaboration and communication for the better good, thank you.11

Maybe it is better to say that altruism feeds on social media. Even this fleeting example illustrates how online reciprocity and trust spring up in difficult settings. People gave in different ways: some contributed to a map of confirmed car hijackings.¹² It is important to examine when and how such altruism erupts over networks, and what its limits can be.

Monterrey has always been a tough town, but as soon as the city had a handful of Twitter users, the events of the drug war quickly trended.

There are reports of blasts on Venustiano Carranza Avenue

#Shooting #RiskMty #MtyFollow

This basic tweet reported the time and location of blasts, along with the hashtags or keywords that help label events for tracing through time. And the tag #RiskMty became both a resource and a source of identity for citizens victimized by both drug lords’ attacks and government responses. As always, the eye witness accounts were most valuable, especially if they came with images or short video.

Neither the drug lords nor the government expected a network of real-time war correspondents to spring up. #Fuerza-Monterrey became the hashtag that allowed people around Mexico to encourage Monterrey’s citizens to stay strong during the crisis. #TienenNombre became the hashtag for gathering the names of all the victims of the war on drugs, and it was borne out of a popular sense that the official statistics were greatly under estimating casualties.

An important part of why such hashtags sprang up is that local governments failed to provide information about the chaos. Local security services, not about to publicize their strategies, cowed news organizations. But what happened in many Mexican cities was still a kind of state failure. Or more accurately, public institutions failed to provide the information needed to help citizens feel secure. Many governments have procedures for communicating with the public during crises. (In the United States, these people are “public information officers.”) When city and regional governments failed in public communication, people created their own community alerts.

These are other examples of how people create their own public alert systems. When Hurricane Sandy hit Santiago, Cuba, information didn’t come from the state; it came from the country’s independent (illegal) journalists. Text messages about serious damage and the loss of life circulated among people a day before state media tried to bring citizens up to date. When Hurricane Sandy hit New York City, even the capacity of a relatively strong municipal government was expanded by a crowd-sourced disaster map.13

Obviously, the evolution of media use in Monterrey is mirrored elsewhere in Mexico. The battles that have ravaged many parts of the country have actually helped drive up people’s use of social media. Twitter traffic in Reynosa and Saltillo peaked when the gun battles in the street were most violent. In Monterrey they peaked during the Casino Royale Massacre by drug gangs; in Veracruz they peaked during a spate of kidnappings. The technology for this curation varied from place to place.

Device networks, and services like Twitter and SMS, have had a similar impact in other global crises. During the Iraq War, people used blogs to report on their struggles. When rumors spread during a political crisis in Kyrgyzstan in 2010, people went online to validate stories in real time. During the Arab Spring, people in Egypt used Facebook to document the crisis day-to-day, and to describe their fears and hopes.14 And the crowd-sourced Rassd News Network sprang up, a unique social–media-based volunteer news network with more than a million followers on Facebook and a unique SMS-based funding structure.¹⁵

The consequences of using social media during a security crisis are always complex. There were reprisals against community tweeters, from both drug lords and angry police chiefs. There were plenty of households with no Twitter users that were unable to contribute or benefit from being online. Many community tweeters did not trust each other, or trusted only those they had preexisting social ties to. Eventually, Twitter feeds were clogged with advertisements and misinformation, and communities had to move on to other hashtags and develop sophistication in interpreting what was coming over their feeds.

Communities rapidly develop their own hashtags and keywords and documentary techniques. The Witness Project encourages people to document the abuses they see, and coaches citizen journalists on how to use care with their work. In Monterrey, some tweeters were “halcons” or falcons, people who watched Twitter traffic at the behest of the gangs, looking for tips about police maneuvers and informants.16 Tweeters competed to break news and correct one another.

Social media help people cope during civil strife. First, they follow the news and keep track of family and friends. Most of the time, people use the internet for entertainment, sports, and culture. Yet in a crisis they go online to check news stories, verify facts, and see what foreign news agencies are reporting. They ping their friends and family to make sure those living in nearby neighborhoods are safe and that those living abroad know what’s going on.

Second, they pick sides. They deliberate about who is doing what to whom, and why. And they think about which side is in the right. For a few people, this means supporting the side they think should win. Some people tweet the locations of firefights as a community service; other people tweet locations of the enemy for whichever side they think should win. Some collect tips for the police, reporting the location of drug gang lookouts and drug sales points.

Third, they document. Tweeting on street violence certainly does not have the widespread impact of a punchy piece of investigative journalism from a professional journalist. But the trail of tweets, pictures on Flickr, personal blog posts, and other digital artifacts creates an archive about events that is more public, distributed, and openly contested. Crowd sourcing the production of digital maps of shootings, health needs, or criminal activity is a way of both warning the community and processing the crisis for oneself.

The internet is valuable because it provides the medium for altruism. Even a community in crisis—especially that kind of community—has altruists, and social media let those people find one another and communicate by example. Altruism and social media feed off each other. During these same drug wars, broadcast media simply reported on the violence, vacillated on who was to blame, and offered little advice on what the public should do if their neighborhood became a site of conflict. Social media, in contrast, could be creatively used by a few people to generate value for others.

Tweeting certainly didn’t stop Mexico’s drug war. But it helped Monterrey cope. We can’t measure how important the sense of online community provided by active tweeting can be in the first few weeks of a crisis, both in providing moral support and in keeping people safe. A few citizens rise to the occasion, curating content and helping to distinguish good information from bad.

Eventually the ecosystem of the balaceras degraded, with bots, ads, and misinformation. The drug kingpins showed their frustration with the impact of social media by targeting tweeters and bloggers for especially gruesome murders. The falcons used Twitter for their purposes. Yet people migrated to other hashtags, making for a dynamic flow of content that was propelled by an eagerness to help one another.17 The story here is not that people tweeted and saved the world—the story is about altruism and survival strategies. Will the internet of things be a conduit for altruism?

The Internet Is Also a Surveillance State

While social media has helped communities connect during a crisis, it also provides big governments with a powerful surveil lance tool. Edward Snowden gave us two lessons about how information technologies are used in the name of national security. The first is that the intelligence services don’t have a magic decryption key that unlocks everybody’s secrets. They have the political, economic, and social ties, or at least leverage, to get secrets out of the businesses that own and operate the infrastructure. The second is that most intelligence-technology services are contracted out to private firms. It’s this security industry that builds much of the world’s information infrastructure and analyzes much of the world’s data.

In fact, Snowden, as a civilian employee of the National Security Agency, was one such contractor. Since 9/11, the technology and security industries of the United States have grown significantly. According to the Washington Post, in 2013 almost a million people had top-secret security clearances to gather information about national threats.18 Post reporters counted some 1,271 government organizations and 1,931 private companies working on programs related to counterterrorism, homeland security, and intelligence in about ten thousand locations across the United States. They found that in Washington, D.C., and the surrounding area, thirty-three building complexes for top-secret intelligence work are under construction or have been built since September 2001.

All this adds up to the equivalent of three Pentagons or twenty-two U.S. Capitol buildings—about seventeen million square feet of space. Redundant information systems make several security and intelligence agencies do the same work. For example, fifty-one federal organizations and military commands, operating in fifteen U.S. cities, track the finance and information networks of terrorist groups. The volume of information these agencies study is impressive, and so is the volume of information they produce. The best estimate is that some fifty thousand intelligence reports are produced each year—a volume so large that most are ignored.19

Snowden also taught us that “metadata” is valuable. The content of your email and browser cache can help analysts make inferences about your behavior. The secretive Foreign Intelligence Surveillance Act (FISA) courts ordered Verizon to hand over the metadata on call duration, direction, and location of subscribers. Such a trove of metadata can be used to map out who you know and where you are, and to find patterns in your daily routines.

The Snowden affair is an example of how the weakest link in national security is social, not technological. Obviously, he was the one who leaked immense amounts of information about secretive programs. He also revealed the deep interconnections between the U.S. security and technology industries. As the cryptographer Bruce Scheier says, “Whatever the NSA has up its top-secret sleeves, the mathematics of cryptography will still be the most secure part of any encryption system.”²⁰ He argues that the National Security Agency must spend most of its efforts on the real vulnerabilities in any digital media: poorly designed cryptographic products, software bugs, and bad passwords.

Ultimately, the best way for a national security agency to crack any security system is to get the company that designed the system to collaborate by leaking all or part of the keys and giving access to the computers and networks in question. So the NSA did not always break into the secure systems of other governments or the technology firms that built the global information infrastructure. Snowden’s leaks have revealed that the NSA has used everything from polite requests to legal pressure to ensure collaboration.

And when social engineering or software bugs don’t allow access, government agencies can actually buy data from internet service providers. Recent estimates are tough to come by, but in 2006 the General Accounting Office revealed that some $30 million had been spent in contractual arrangements with information resellers. So not only does the federal government fail to regulate data miners very closely, it buys products and services from these same data miners. It’s safe to assume that much more is spent now, in what is largely an unregulated government procurement process.

But for a conspiracy theorist, anyone who has read Wired, or a historian of revolution, it is not surprising that governments and industry collaborate to sustain each other’s power and to send each other business. What is surprising is the degree of deliberation behind the process, especially between the U.S. government and the country’s technology firms, and their success in rolling out an internet that could be so easily commandeered in the service of the country’s national-security aims.

Working out the terms of the collaboration is not always easy. Some internet companies respond quickly when the government serves real-time “electronic surveillance” orders rather than take the risk that the National Security Agency will install a hardline tap in their server rooms.21 We know of only a few occasions when major technology firms have resisted government queries, or the gag orders that usually come with such queries.²² A few businesses, particularly those that try to serve customers with ultrasecure systems, simply shut down. Lavabit shut down rather than comply, and Silent Circle suspended its operations because its managers thought subpoenas, warrants, security letters, and gag orders were likely to come.23

Before Snowden, there’s little doubt that technology companies responded quickly when queried by national security agencies—especially in the United States. More recently, several firms have been issuing public statements on the number and kinds of government requests they get, and openly discussing government access to customer records in newspapers and with watchdog groups. In 2013, Facebook reported more than twenty-six thousand requests from governments around the world. That year, Facebook responded to 43 percent of all government requests for data, and 80 percent of the requests coming from the U.S. government. In 2014, Google produced some data for 65 percent of all government requests and 84 percent of those coming from law enforcement agencies in the United States. That year, Twitter complied, in some way, with 52 percent of global requests and 72 percent of U.S. requests.²⁴

Whether or not you think Snowden was a traitor, his impact has been to teach us all how big and powerful our high-tech surveillance state has become. He also taught us that government and technology firms were more than cooperating and colluding: they were conspiring to find ways to work more closely with government and to advance each other’s interests.

The internet is not a cloud; it is made up of buildings with expensive air-conditioning systems that help keep racks of equipment cool. Undersea trunk cables connect continents. Private businesses own and maintain those cables. Those businesses have lobbyists who try to acquire bigger and bigger contracts from governments. A simple way to describe this relationship is to say that politicians made investments in surveillance firms, and surveillance firms made investments in politicians.

Of course, public infrastructure projects always involve political decisions about how much to commit from the public purse, and whom to employ to make dreams about the public good a reality. Surveillance firms started making big investments in lobbying for more surveillance. They successfully tied—in the public’s mind—the idea of making people safe with the idea of watching for trouble. After the terrorist attacks of September 11, 2001, being safe meant tolerating surveillance.

Snowden’s revelations broke that link. People are now much more aware of the degree to which the government can access their personal records and communications. Public vitriol on this issue may not be enough to drive significant change in how the U.S. government conducts itself, and U.S. allies do not consistently express outrage about being surveillance targets. Ultimately, Snowden’s contribution has been to help teach the public about technology and surveillance. For political actors that do not have the infrastructure to respond with equal measures of surveillance against the United States, there’s another way to act.

The Wars Only Bots Will Fight

If you can’t comprehensively surveil or censor the internet, the next best strategy is to write automated scripts that clog traffic, promulgate your message, and overwhelm the infrastructure of your enemies. One unique feature of the emerging political order is that it is being built, from the ground up, for surveillance and information warfare. Another is that it has new kinds of soldiers, defenders, and combatants.

The ongoing civil war in Syria has cost hundreds of thousands of lives. The great majority of these are victims of President Bashar al-Assad’s troops and security services. After the Arab Spring arrived in Syria, it looked as if the forces loyal to the Ba’ath government would stay in control. Speedy military responses to activist organizations, torturing opposition leaders and their families, and then the use of chemical weapons seemed to give Assad the strategic advantage. But even with these brutal ground tactics, he was unable to quell the uprising in his country. And by 2013 he was losing the battle for public opinion, domestically and abroad. Even China and Russia, backers that supplied arms and prevented consensus in the U.N. Security Council about what to do, succumbed to political pressure to join the consensus that al-Assad had to go.

What’s unusual about the crisis is that it might be the first civil war to have been fought by both human combatants and bots. Public protest against the rule of Assad, whose family had been in charge since 1971, began in the southern Syrian city of Daraa in March 2011. Barely a month later, Twitter bots were detected, trying to spin the news coming out of a country in crisis.

In digital networks, bots behave like human writers and editors. People program them to push particular messages around, or to respond a certain way when they detect another message. They can move quickly, they can generate immense amounts of content, and they can choke off a conversation in seconds. From very early on, people in Syria and around the world relied on Twitter to keep track of what was going on. Journalists, politicians, and the interested public used the hashtag #Syria to follow the protest developments and the deadly government crackdown. The countering bot strategy, crafted by security services loyal to the government, had several components.

First, security services created a whole host of new Twitter accounts. Syria watchers called these users “eggs” because users’ pictures remained the default image of an egg. No real person had bothered to upload an image and personalize the account. Regular users suspected these profiles were bots because most people do put some kind of image up when they create their profiles. Leaving the default image in can be the marker of an automated process, since bots don’t care what they look like. These eggs followed the human users who were exchanging information on Syrian events. The eggs generated lots of nasty messages for anyone who used keywords that signaled sympathy with activists.

Eggs swore at anyone who voiced affinity for the plight of protesters, and pushed pro-regime ideas and content that had nothing to do with the crisis. Eggs provided links to Syrian soap opera TV shows, lines of Syrian poetry, and sports scores from Syrian soccer clubs to drown out any conversation about the crisis. One account, @LovelySyria, simply provided tourist information. Because of the speed at which they work, the pro-regime bots started to choke off the #Syria hashtag, making it less and less useful for getting news and information from the ground.

A little investigation reveals that the bots originated in Bahrain, from a company called Eghna Development and Support.25 This is one of a growing coterie of businesses offering “political campaign solutions” in countries around the world. In the West, such companies consult with political leaders seeking office and lobby groups who want some piece of legislation passed or blocked. In authoritarian countries, “political consulting” can mean working for dictators who need to launder their images or control the news spin on brutal repression. Eghna’s website touts the @LovelySyria bot as one of its most successful creations because it built a community of people who supposedly just admire the beauty of the Syrian countryside; the company has denied directly working for the Syrian government.²⁶ But @LovelySyria has few followers and not much of an online community presence. With two tweets a minute, Twitter itself decided to stop @LovelySyria from devaluing a socially important hashtag.

Of course, automated scripts are not the only source of computational propaganda. The Citizen Lab and Telecommix found that Syrian opposition networks had been infected by a malware version of a censorship circumvention tool called Freegate.²⁷ So instead of being protected from surveillance, opposition groups were exposed. And a social media campaign by a duplicitous opposition cleric was cataloguing his supporters for the government.

One estimate holds that 75 percent of all Twitter traffic is generated by the most active users—about 5 percent of all Twitter accounts.²⁸ In terms of Twitter accounts, one-third of those active users are believed to be machine bots each tweeting more than 150 times a day. Because some bots generate fewer than 150 tweets a day, the actual number of bot-held accounts is probably higher. In terms of Twitter messages, as many as one-quarter of all tweets sent in an average day may come from bot accounts.

Most of these crafty bots generate inane commentary and try to sell stuff, but some are given political tasks. For example, pro-Chinese bots have clogged Twitter conversations about the conflict in Tibet.29 In Mexico’s recent presidential election, the political parties played with campaign bots on Twitter.³⁰ An aspiring British parliamentarian turned to bots to appear popular on social media during his campaign.³¹ Furthermore, the Chinese, Iranian, Russian, and Venezuelan governments employ their own social-media experts and pay small amounts of money to large numbers of people to generate pro-government messages.³²

Even democracies, as Snowden revealed, have groups like the United Kingdom’s Joint Threat Intelligence Group.³³ These shadowy organizations are also charged with manipulating public opinion over social media with automated scripts. Sometimes Western governments are unabashed about using social media for political manipulation. For example, USAID tried to seed a “Cuban Twitter” that would gain lots of followers through sports and entertainment coverage, and then release political messages by using bots.³⁴

Keeping track of bots is hard work. We know they are out there. The Storm Botnet of 2007 infected as many as fifty million computers.³⁵ It was reportedly powerful enough to force entire countries off the internet, and there was speculation that its builders—as yet unidentified—were getting ready to sell access to some of the bots’ abilities. A year later, the Kraken Botnet grew to more than 400,000 bots and generated nine billion spam messages a day, often from the computers of Fortune 500 companies.36

These days, the safest assumption is that there are lots of bots that we don’t know about. We can only hope that the best of them are dedicated to spam rather than political interference. Storm and Kraken are now several years old, but they are still going, and they mark a turning point in the recent history of bots: many believe that they were designed to target the security companies and spam-listing services that the rest of us rely on to tell us which bots need to be blocked.

These days, it is not uncommon for bots to attack the organizations that try to keep the internet healthy and working well. Unfortunately, most of the world’s webmasters depend on one organization—Spamhaus in the Netherlands—for accurate records to keep Viagra ads and appeals from wealthy Nigerian widows out of our email and social media feeds.³⁷ Increasingly, Spamhaus itself is the target of attack because disabling its watch list would allow pernicious bots to flood the global internet.³⁸

Only a few bots operate like Amanda’s Carna Bot—the one that gave us the first real census of the internet of things. Other bots have been designed as weapons of war, and as weapons in propaganda wars. They are tough to spot and tougher to shut down; sometimes they are put up for sale. These weapons of mass digital disruption operate beyond public policy oversight. The International Telecommunications Union (ITU) may attempt to generate modern communications policy, the ICANN may help to adjudicate internet addresses, and the Internet Governance Forum (IGF) may help internet stakeholders talk through technology standards.39 But real power over technology rests with businesses, the people who build nefarious or noble bots, and the political leaders who deploy armies of bots for their projects.

The Political Empire of Connected Things

On an average day, the United States and all of its allies face automated attacks by vengeful enemies. Some of the attackers are foreign governments, criminal organizations, or politically motivated hackers. The targets are a wide range of government agencies and public infrastructures. Increasingly, the targets are civil-society organizations, because it is often civic groups in democracies that draw the most attention to injustices in less democratic regimes.

Many different kinds of political actors are aggressively using social media more and more not just to reach their followers but to involve them in the organization.40 This was one of the fundamental political innovations of Obama’s campaign for the U.S. presidency in 2008, and an innovation adapted by well-funded civic groups around the world.⁴¹ The Lebanese army has an app for uploading geotagged images of suspicious cars in the neighborhoods of Beirut it controls.⁴² The next version will allow users to download images of “wanted” political figures. So it’s not simply about putting out propaganda. It’s about organizational incorporation.

In today’s physical battlefield, information technologies are already key weapons and primary targets. Smashing your opponent’s computers is not just an antipropaganda strategy, and tracking people through their mobile phones is not just a passive surveillance technique. Increasingly, the modern battlefield is not even a physical territory. And it’s not just the front page of the newspaper either. The modern battlefield involves millions of individual instructions designed to hobble an enemy’s computers through cyberwar, long-distance strikes through drones, and coordinated battles that only bots can respond to.

The reason that digital technologies are now crucial for the management of conflict and competition is that they respond quickly. Brain scientists find that it takes 650 milliseconds for a chess grandmaster to realize that her king has been put in check after a move. Any attack faster than that and bots have the strategic advantage—they spot the move and calibrate the response in even less time. The most advanced bots battle it out in financial markets, where fractions of a second can mean millions in profit or loss. In competitive trading they have the advantage of being responsive. Slight changes in information, however, can result in massive, cascading mistakes.43

Whether it is competition in stock markets or over social-media feeds, we are finding that bots are increasingly dominating digital networks. These networks provide us with our news and information, culture, and more. This doesn’t mean that they always capture our attention. They can certainly compete for it, clog our networks, stifle economic productivity and block useful exchanges of information. We are living in the last empire because a majority of the cultural, political, and economic life of most people is managed over digital media. Control of that information infrastructure—whether it’s by technology firms, dictators, or bots—means enormous power.

Billions of devices connect to the internet, and enormous botnets of mysterious and malicious code are ready to wreak havoc. The center of global information infrastructure is shifting away from the United States, with the largest volumes of traffic and the majority of technology users now in Asia. Past empires were defined by the cultures and communities that built innovation technologies and used them for economic and political gain. But what is emerging now is a political order constituted by the relationships between devices as much as the relationships between people. Obviously, technology networks grow along with social networks, but that means our digital devices increasingly contain our political, economic, and cultural lives. These devices provide some significant capacities, but also some troubling constraints on our political future.

Technology diffusion has had many different kinds of political consequences in countries around the world. But one global consequence is an evolving pax technica. The primary cause of the pax has been the diffusion of the internet of things—diverse devices that many of us no longer even notice as being part of the internet. The beginning of this story is demographic—almost everyone is online. The internet is the conduit for modern political culture and conflict, and almost everyone is affected by this new global network. The next part of the story involves collusion, conspiracy, and crisis.

Infrastructure has a significant impact on the constraints and capacities of political actors. So understanding the new world order means digging into the recent history of how networked devices have proliferated. Understanding how the internet of things will impact our political lives requires a look at its technological substrate—the political internet that we’ve built for ourselves over the past twenty-five years.