Tim Berners-Lee: Can we protect future generations' internet privacy? © CERN

Interview: Web inventor Tim Berners-Lee thinks his creation is out of control. Here’s his plan to save it

Computer scientist Sir Tim Berners-Lee is best known as the inventor of the World Wide Web. We talk to him about his plans to help us reclaim our personal data from Silicon Valley.

In 1989, while tinkering with a system to share scientific notes, a 34-year-old CERN scientist named Tim Berners-Lee invented something that would change everything. You might have heard of it: the World Wide Web. Fast-forward three decades and 4.57 billion users later, he’s on a mission to save his creation. Specifically, save it from a mounting privacy problem.


In the wake of the Cambridge Analytica scandal – in which the data of 87 million Facebook users was obtained without consent – Berners-Lee (now Prof Sir Tim Berners-Lee), has led numerous campaigns persuading governments to act. This notably includes 2019’s Contract for the Web calling for new global web regulations. Its overall impact? Limited.

However, after years lobbying others to take charge, Berners-Lee himself is trying to turn our online world upside-down (or, as he says, “the right way up”). His idea: Solid, a new system aiming to drastically decentralise the web. At its core, it’s a platform allowing you to store your private information in Personal Online Data Stores (PODS) which you have full power and sight over.

While most sites and apps currently take your data and move it into a ‘silo’ out of your reach, Solid’s vision is for these services to ask permission to use specific information from your PODS – permission that, crucially, you can remove at any time. In short: it’ll be you who holds full control over your data, not Big Tech. While currently in its experimental stage, the platform is already trialling its system with the likes of the NHS, the BBC, NatWest and even the Belgian government.

But how far will Solid spread? And could it truly fix the internet’s privacy problem alone? We put these questions to Berners-Lee.

Why does online privacy matter?

A lack of online privacy is not just about companies having your data, but how they use it to figure out what you’ll click on. They’re using it to make you click on stuff that you shouldn’t be going on, making you follow clickbait.

Using private information, they’ve built a profile of you and know exactly who you are. They know the lies they can spin you that could lead you up the garden path – things that may be political, commercial or criminal. And here’s the bigger picture: people could misuse data about you to trick other individuals into voting for people that they really shouldn’t – people that are not in their best interests.

How does it feel to know your invention could be abused like this?

Ten years ago I would have said that humanity uses the web and if you look at humanity you’ll see good and bad stuff.

However, at a certain point, around 2016 [circa the Facebook-Cambridge Analytica data scandal], I realised it’s all very well if people I know are honing their bookmarks to have reliable, scientifically-based information, but there are a lot of people I don’t know who have very different bookmarks.

They could be reading all kinds of stuff that isn’t true, and if it wasn’t for democracy then I would have been happy for them to go on reading. But because they vote, we require more from the web – and certainly more from social networks. They have a duty, because we need informed voters who can participate in the debate.

Billions of users have happily handed over their data to big tech companies – doesn’t that show web privacy isn’t a real issue for most people?

Most people in their day-to-day lives aren’t worrying about their privacy, but every now and then something happens like the Cambridge Analytica scandal. After things like that, people on the street may be worried that they’re part of a system which is manipulating elections, for instance. And when they’re offered more privacy-preserving alternatives they may become even more aware.

Every time something horrible happens with one of the large social networks, a whole bunch of people move over to networks like MeWe that don’t do anything with your data.

Is it simply too late for us to fix the internet?

It’s amazing how quickly things can change. Years ago people were worried that Netscape dominated every browser. And then Microsoft came along with Explorer, which became dominant. And then everyone worried about that until many other browsers emerged. And today people are saying “Oh no, everyone’s using the same search engine!”

Well, problems can pass. In general, the web has been incredibly good at demonstrating that lovely though the walled garden might seem, the outside jungle is more valuable.

The dominant thing is always innovation and creativity.

Does creating a system like Solid feel like building the World Wide Web for the first time?

Yes! It’s really exciting because it’s building a new system. But it is similar to the web in that it’s really hard to explain what a world with a decentralised system like Solid will look like.

Solid is different from what we currently know because of its collaborative potential. For instance, if you are on a video call, you and whoever you’re speaking to could be using whatever video call app you like. People struggle with this at the moment: the idea that you don’t have to do a back end, that if you built a website you wouldn’t have to make a database to store customer data. It’s because PODS will provide a standardised protected data set.

Can Solid alone fix the internet’s privacy problem? Or do governments and companies need to act too?

In a society that’s best, you have to design technology with society at the same time. For instance, GDPR [the EU’s General Data Protection Regulation that minimises the data organisations can take from users] is incredibly compatible with Solid.

Solid will not only allow you to control who gets access to data, but you can also turn off that access with a switch. But if you hand over data for medical research, for example, there is no technology that can possibly make that data vanish if I change my mind. As a user, if I retract the access, I need rules and laws in place to make this happen. We need both rules and technology to solve this problem.

More on how to make the internet great again: