Communications of the ACM

DOI: 10.1145/2507771.2507773 Vinton G. Cerf
Revisiting the tragedy
of the Commons

The concept of the commons and its overuse was not then new and had been applied to the overgrazing of common or public properties made available, for example, to cattle and sheep owners. The primary message tended to be that the limitation of resources should be grounds for regulated access through either law or custom. In 2012, Bill Davidow applied that concept to the Internetb albeit in a prophetic way, since he was worried about the loss of privacy in the Internet commons.

This column is based on the view that the resources of the Internet, while finite, are not bounded except by our ability to construct more resource to grow the shared virtual space the Internet and its applications create. That the characteristic parameters of the Internet have increased by a factor of over one million since the system was activated in January 1983 is testament to the feasibility of growing Internet capacity to meet demands and need. The investments required to achieve this growth have come from many sources but largely from the private sector. What is important to appreciate is that private sector investments have been made voluntarily for business or other reasons and not under coercion or even government mandate.

This is the remarkable property of the In-
ternet: its protocols and implementation
are a consequence of bottom-up, col-
laborative processes and independent
decision making by the implementers
and operators of the autonomous sys-
tems that make up the Internet.

A consequence of these features is the Internet escapes the usual tragedy scenario by responding to demand with increased capacity. This is not to say the Internet is without overuse. It can congest with the manifestation that applications are slow or do not work at all owing to delays that trigger timeouts. Unlike physically limited space for grazing sheep, however, the Internet’s capacity can be expanded if there is willingness and ability to invest.

There is, however, another way in which the Internet does resemble a commons. It is a shared, virtual environment, derived from physical implementation using routers, transmission technology (wired, wireless) and host computers (including gigantic data centers and individual laptops, tablets, and mobiles) at the “edge” of the Internet.

The users of the Internet share a com-
mon environment that permits them to
exchange information, to access resourc-
es, and to carry out computations and,
more generally, applications. A conse-
quence of this sharing is that we may ex-
perience common risks associated with
malefactors seeking to harm others, to
disrupt communication, and to com-
mit a variety of abuses. These abuses
manifest in many ways, such as fraud,
theft, misrepresentation, disruptive
malware, and hijacking of resources,
to name just a few examples.

Whether these abuses are violations of law will vary from one jurisdiction to another, particularly across international boundaries. Coping with these problems is not a trivial matter and may require cooperation across jurisdictions, instantiation of international treaties, formation of informal working groups, R&D leading to more robust operating systems and Web-based tools and applications, and even changes in social behavior. These problems are made all the more difficult to cope with because of the asymmetry between perpetrators of abuse and their victims. Small groups can inflict a great deal of damage that might have required nation-state level resources in the past but, thanks to rapidly evolving computing power, these resources may be available to individuals.

The co-opting of computers owned or operated by businesses, government, and the public to form so-called “ bot-nets” used to inflict damage, generate spam, or to launch denial-of-service attacks is made possible by the exploitation of, inter alia, operating system or application software bugs, lax security procedures, and insider cooperation. Some of these problems lie squarely in the professional spaces of ACM members and thus pose a challenge to us as members or as practitioners of software and hardware engineering. They are certainly subject to serious research initiatives aimed at their mitigation.

The conclusion, then, is while the commons created by the Internet need not be bounded, it is a shared environment that must be protected for the benefit of its users. If there is a potential tragedy here, it will be that the Internet becomes too unsafe for reliable use. It seems to me of vital importance to fend off such an outcome so the benefits of this commons can be realized by all of humanity.

Vinton G. Cerf, ACM PRESIDENT

In 1968, Garrett Hardin published an essay in Science magazinea entitled “The Tragedy of the Commons” in which he focused on indiscriminate population growth as an issue.