The internet’s underlying architecture harbors a critical flaw that remains largely unknown to the public, yet it underpins many frustrations experienced with contemporary technology. This includes the challenges of having your photos locked within Apple’s ecosystem, the difficulties in transferring data across applications, and the reality that many new services start from scratch, lacking any familiarity with your preferences. Most crucially, it raises concerns about the future of AI—despite its transformative potential, it risks reinforcing the dominance of Big Tech rather than empowering individuals with innovative tools.
Alex Komoroske, a former executive at Google and Stripe, provides an insightful analysis revealing that these issues stem from a concept known as the “same origin paradigm.” This was a quick security measure implemented by the Netscape team during a pivotal night in the 1990s, which inadvertently established the unyielding framework that governs modern software.
The essence of the same origin paradigm is straightforward yet highly damaging: each website and application operates in its own isolated environment. For instance, Amazon and Google might as well exist in entirely different universes when viewed through your browser. Similarly, the Instagram app and the Uber app on your mobile device cannot share information directly. Initially designed for user safety, this isolation has led to what Komoroske terms the “aggregation ratchet”—a phenomenon where data gravitates towards those entities capable of hoarding it.
This observation offers a clearer understanding of a dilemma I articulated nearly twenty years ago: the absurdity of repeatedly uploading the same data to various services instead of allowing them to access data stored in a designated location on the internet. Back then, I argued that the primary goal of the open internet should not be to confine data within private silos but rather to empower users with control over their own data, enabling them to grant access to services based on individual preferences and benefits.
Komoroske’s analysis uncovers the fundamental architectural flaw that led to the failure of this vision. The optimistic notion of “the cloud” was that it would facilitate easier data and service connections. However, the reality morphed into a land grab by internet behemoths who sought to collect and retain as much data as possible. The underlying reason for this shift is clear: the same origin paradigm inadvertently favored a centralized approach, becoming the most straightforward path for developers.
As Komoroske elaborates, this architectural decision imposes an overwhelming constraint on system designers, the creators of the operating systems and browsers we rely upon.
This constraint, which I refer to as the iron triangle of modern software, limits the capabilities of system designers. They face a challenging dilemma: they can either develop systems that provide:
- Sensitive data (your emails, photos, documents)
- Network access (the ability to communicate with servers)
- Untrusted code (software from unknown developers)
However, they can only enable two of these three aspects simultaneously—never all three. If untrusted code can access your sensitive data while communicating over the network, it poses the risk of theft and unauthorized data transmission.
Consequently, system designers opted for safety through isolation. Each app is designed as a secure fortress—safe yet isolated. If you wish to utilize an innovative photo organization tool, the browser or operating system presents a harsh dilemma: either trust the tool completely with your data (sacrificing the “untrusted” aspect), or keep your data entirely separate (sacrificing functionality).
When you grant an app or website permission to view your photos, you are not merely indicating, “You can use my photos for this specific purpose.” Instead, you are asserting, “I trust the controller of this origin indefinitely to use my photos as they see fit, including sending them anywhere.” It’s an all-or-nothing scenario.
This architecture creates significant friction whenever data needs to transition between services. However, this friction does more than slow down processes; it fundamentally alters where data accumulates. The service amassing the most data is capable of providing the greatest value, which in turn attracts more users, resulting in even more data generation. Each incremental click of the ratchet further hampers new entrants from competing in the market.
Consider how you might organize a trip: essential information such as flight itineraries in your email, hotel confirmations in a separate app, restaurant suggestions in a Google document, and your calendar spread across another platform. Every time you need to connect these various components, the tedious process of copying, pasting, and reformatting ensues. This often leads you to grant one service (like Google) access to all your data. Suddenly, the friction dissipates, and everything operates seamlessly. Later, when it’s time to share your travel plans with fellow travelers, you instinctively gravitate towards the service that already understands your preferences, history, and context.
The service that possesses the most data can yield the highest value, attracting more users and generating additional data. Each increment of this cycle further entrenches existing players, making it increasingly difficult for newcomers to break through. The larger entities grow not necessarily because they are superior, but due to systemic advantages that skew the competition in their favor.
This phenomenon is not a result of malice or conspiracy; rather, it represents an emergent behavior stemming from architectural decisions. Just like water flows downhill, software built on the same origin paradigm tends to concentrate around a select few dominant platforms.
Amidst this landscape, artificial intelligence emerges as a potential game changer. Komoroske emphasizes that AI introduces an unprecedented element: it renders software creation virtually costless. We are entering an age of “infinite software”—countless personalized tools designed to meet every imaginable need.
However, for AI to be genuinely effective, it requires context. An AI capable of accessing your calendar, email, and documents collectively could significantly enhance your daily planning. In contrast, an AI limited to isolated fragments merely functions as another chatbot providing generic suggestions. Yet, our current security paradigm—which enforces policies at the application level—transforms context sharing into an all-or-nothing gamble.
What typically occurs? The familiar path of least resistance—consolidating all data in a single location.
We must consider what we sacrifice: instead of the adaptable, personalized tools envisioned by innovators like Litt, we end up with generic assistants that compel us to entrust mega-corporations with our most sensitive information. The same dynamics that have led to the dominance of social media platforms are poised to replicate themselves in the realm of AI.
We only accept this unfavorable trade because it is the only framework we know. It is an architectural decision made before many of us were born. However, this need not be our future—not anymore.
Here lies the optimistic aspect: the essential technical components for a radically different approach are finally surfacing. The aspirations I held two decades ago regarding the cloud’s ability to liberate us from the necessity of allowing services to monopolize our data may finally be achievable.
Intriguingly, Komoroske posits that the technological advancement enabling this shift is the emergence of secure enclaves found in modern chips. This technology, which many feared would lead to the demise of general-purpose computing and empower large corporations, could potentially be repurposed to help users regain control over their data.
Komoroske’s argument centers on this point:
These secure enclaves enable a process called remote attestation, providing cryptographic proof—not mere promises, but mathematical verification—of the software running within them. It’s akin to possessing a tamper-proof seal that ensures the code managing your data is precisely what it claims to be, unaltered and uncompromised.
When these elements are combined effectively, they facilitate policies that are associated with the data itself, rather than the apps. Thus, each piece of data could embody its own rules governing its usage. For instance, your photos could stipulate, “Analyze me locally but never transmit me.” Your calendar might allow, “Extract patterns but only share aggregated insights in a manner that ensures anonymity.” Your emails could permit reading while forbidding forwarding. This paradigm shift dismantles the iron triangle: untrusted code can now interact with sensitive data and possess network access because the policies—not the app’s origin—dictate the permitted actions with that data.
Having spent years observing that Cory’s warnings are often spot-on, I approach this embrace of secure enclaves with a degree of caution. The same foundational technologies that could free users from the constraints of platform monopolies could also be leveraged to create advanced control mechanisms. Nevertheless, Komoroske’s vision represents a genuinely transformative application—utilizing these tools to empower users over their own data and cryptographically limit what systems can do with that data, rather than granting platforms additional authority to impose restrictions. The pivotal distinction lies in who wields control over the policies. (I’m genuinely interested in learning Cory’s perspective on this approach!)
The vision articulated by Komoroske is captivating: envision tools that act as extensions of your will, maintaining privacy as the default setting and adapting seamlessly to your needs—software that functions for you, not upon you. Imagine a personal research assistant that comprehends your note-taking methodology, a financial tracker tailored to your unique budgeting style, and a task manager that reshapes itself according to your evolving work habits.
Previously, achieving any semblance of this required surrendering all your data to a major tech company. The prospect of achieving a separation between these elements is truly thrilling.
This movement transcends merely developing superior applications; it signifies a fundamental overhaul of the power dynamics on the internet. Instead of being compelled to choose between security and functionality, privacy and convenience, we could establish systems where these considerations are no longer trade-offs.
The same origin paradigm has led us to this juncture, fostering data monopolies and limiting user autonomy. However, as Komoroske argues in both his contributions and this recent piece, we constructed these systems—we possess the ability to create better alternatives. We may finally fulfill the promises of user empowerment rather than perpetuating concentration.
As we have long contended at Techdirt, the internet functions best when it empowers its users rather than the platforms. The same-origin paradigm was a reasonable decision given the constraints of the 1990s. However, we are no longer constrained by those limitations. The tools now exist to restore users’ control over their data and digital experiences.
We can transcend the learned helplessness that has plagued the past decade of internet discussions. We can reject the false dichotomy that suggests the only route to accessing groundbreaking technologies is to relinquish our freedoms to tech giants. We can genuinely strive toward a world where end users themselves wield both power and control over their digital lives.
We must seize this opportunity, rather than resigning ourselves to the belief that the internet’s operation over the past thirty years is the only viable model moving forward.
For more insights on the latest developments in litigation, regulation, partnerships, and trends in financial services, subscribe to Finance Docket, a collaboration between Breaking Media publications Above the Law and Dealbreaker.
