On Standards

I’ve been thinking about standards and telecom, or more specifically, the process of standardization. Recently, I read an article by Timmermans and Epstein that tries to advance a “Sociology of Standards and Standardization“. As the authors explain, there is a great deal of sociology that deals with standards in different domains, or as part of other processes, such as classification, quantification, and regulation. But “relatively few scholars analyze standards directly” (p. 74) — for instance by studying standardization as a social phenomenon.

Drawing significantly from Bowker and Star,  Timmermans and Epstein define standardization as “a process of constructing uniformities across time and space, through the generation of agreed-upon rules… [making] things work together over distance or heterogeneous metrics” (p. 71). Standards can coordinate “people and things in ways that would be difficult to achieve on an ad hoc basis, they may allow communication between incompatible systems, and they may create specific kinds of mobility, uniformity, precision, objectivity, universality, and calculability” (p. 83). While we often aspire to (have) standards, the authors point out how standardization typically carries negative connotations of uniformity and “dull sameness” (p. 71). And yet, we only have to look to the internet to see the vast creativity and heterogeneity that has been enabled through standardization. Diverse networks, systems and devices can communicate with one another because they agree on basic standards and protocols. If the experiences we have through the internet are trending towards uniformity and sameness, this says more about the concentration of power in certain platforms, algorithms, and service providers than standardization.

Timmermans and Epstein’s article doesn’t discuss the internet, but scholars of internet governance have often focused on standards as the internet’s core. Inspired by Deleuze’s (1992) Postscript on the Societies of Control, Galloway’s (2004) Protocol grapples with the contradictions of internet standards being forms of power and control, while also facilitating autonomy, decentralization, and local decision-making. The protocols Galloway is interested in are the “standards governing the implementation of specific technologies” (p. 7), and he holds up DNS as the “most heroic of human projects” (p. 50). Galloway goes some way in advancing social theory on the basis of standards, painting a complex picture, but one in which the “full potential” (p. 122) of protocol is restricted, and channelled instead by law, government and corporate power. He ultimately envisions an even darker future where open-source standards and TCP/IP are replaced by something more proprietary, either under the control of states or a corporation  (which in 2004 is naturally assumed to be Microsoft).

While corporate and state power over internet policy has intensified in the intervening years, and old principles like end-to-end architecture sound increasingly idealistic, the internet’s established standards-making bodies continue their work, and often do so in the open. In general, internet standards are voluntary, and internet protocols work because networks agree to use them. The IETF acts as a key standards-making organization, where individuals (sometimes employees of rival companies) collaborate to develop new proposals for improving how the internet operates. Galloway (2004, p. 122) paints a picture of a “technocratic elite [that] toils away, mostly voluntarily, in an effort to hammer out solutions to advancements in technology”.

ietfThe technocrats of the IETF toiling away

Anyone can participate in this “technocratic elite”, and at the IETF your membership is defined by your participation. But because of the technical understanding required, membership tends to be limited to a particular social class. Meaningful participation also requires a time commitment, and so bodies like the IETF often see the greatest participation from individuals with employers who are willing to support their activities. Organizations can benefit from being part of the standards-making process, but participation in the IETF is on an individual basis (with individuals often disclosing their organizational affiliations).

The IETF produces RFCs, but has no power to compel anyone to adopt these standards. Many are ignored, or (like IPv6, which Laura DeNardis wrote about in 2009) are only slowly implemented long after the problem they are meant to solve is well-known. So the actual making of standards is just one aspect of standardization, and achieving voluntary adoption is actually a bigger challenge, particularly when things seem to work ‘good enough’ as they are.

While government agencies have relatively little impact on internet standards, they do produce various kinds of standards for service providers operating within their territory. These may be voluntary ‘best practices’ or backed by regulatory law. Sometimes companies ‘voluntarily’ standardize their conduct, under threat of government regulation. Standardization can even be pursued through criminal law, as when previous Liberal and Conservative governments in Canada tried to pass lawful access legislation, standardizing surveillance and disclosure responsibilities for intermediaries. More recently, standardization has become a frequently-suggested means of addressing cyber security, but I’ll save these topics for a subsequent post.