May 29, 2002
Arts and Entertainment
by annalee newitz
Empire of VeriSign
ONE OF THE problems with living in a so-called information economy is that few people actually understand the commodities being traded in it. We know that "clicking" gets us to our favorite Web sites and that we can buy things from them or read articles on them or woe is me do our banking through them. But few of us have the time or inclination to pause and consider exactly how our computers get to www.salon.com when we type the letters into our browsers. Fewer still wonder what makes their financial transactions "secure" when they use Bank of America's extremely hackable Web site (nice SSL on that logon form, kids).
To learn something about the practically invisible network of buyers and sellers who create what you think of as the World Wide Web, consider the strange case of a company known as VeriSign. Perhaps you have not heard of them? Well, you should. When you go to a Web site with a .com, .org, or .net at the end of it, you are using VeriSign technology to find it. If you buy something from a Web site, the security of your financial transaction is likely to have been guaranteed by a VeriSign product. You may even have bought a domain name from the company.
As the VeriSign Web site (www.verisign.com) trumpets proudly, it is the "leading provider of digital trust services." Now there's an interesting commodity: "trust." Obviously we learn nothing about what VeriSign's actually selling by reading its P.R. hype. So let's drill down deeper into the corporate overview. Here we learn that "VeriSign serves as a gateway to establishing an online identity and Web presence, operating the definitive database of over 27.3 million Web addresses in .com, .net, and .org on a powerful platform that is the world's de facto standard in Domain Name System (DNS) registry services."
Rough translation: We control the horizontal; we control the vertical.
Seriously, what this means will probably be startling to people who imagine not entirely incorrectly that the Web is made out of a diverse array of machines linked together in a kind of ragtag democratic harmony. In reality, one aspect of the Web is centralized through VeriSign's databases. Every time your computer looks for a domain that ends in .net, .org, or .com, it has to talk to VeriSign's DNS registry, a vast and ugly database containing the addresses of every single .com, .org., and .net URL. As critics have pointed out, VeriSign's monopoly on this information has a lot of drawbacks: the company has often been sloppy about maintaining accurate information about the ownership of particular domain names, sometimes handing off ownership quite literally at the drop of a fax.
And it gets worse. Last year VeriSign purchased a company called Network Solutions, one of the world's biggest sellers of domain names. So not only does VeriSign regulate your ability to access URLs, it also controls your ability to own them. Ah, so that's why it says it's "a gateway to establishing an online identity and web presence." Basically, if you want to own or operate a piece of cyber-real estate, at some point you're likely to deal with the goons at VeriSign.
Imagine if such a scenario could be translated into real-world terms. Anytime you wanted to travel somewhere, you'd have to get directions from VeriSign's registry. Without those directions, you would effectively lose your mobility rights. If you wanted to buy or rent a place for your stuff, VeriSign would sell it to you. Your movements and living arrangements would be controlled by one company. Add to this the twist that VeriSign is also in the security business, selling authentication certificates and secure-transactions tech to companies that deal in private information like credit card numbers and so forth. So in real-world terms, if you wanted to take a trip somewhere, you'd get permission from VeriSign, then they'd sell you "safe passage" there and not only that, they'd probably also own the place you were traveling to.
Yes, it's creepy.
A kind of dark comical flare tinges the story of VeriSign when you
consider an impending class-action suit against it for deceptive advertising.
When the company's stock was cut in half, owing to a severe drop-off
in domain name purchases, its marketing geniuses were already swinging
into action. Said geniuses mined the databases of other companies who
sell URLs, then sent letters to customers of the competitors. These
alarmist letters stated that the customers' domain name registration
was about to expire and they'd better renew now or lose it! Where
should the scared and befuddled customer go to renew? Why, VeriSign,
of course. The name you associate with "digital trust." Right?