The eternity service may have to be commercialised more quickly than the rest of the Internet, as storage costs money paid locally, while most academic network costs are paid centrally. Here we can adapt digital cash to generate an `electronic annuity' which follows the data around.
Provided the mechanics can be got right, the economics will get better all the time for the fileserver owners -- the cost of disk space keeps dropping geometrically, but they keep on getting their $1 per MB per year (or whatever) for their old files. This will motivate server owners to guard their files well, and to copy them to new media when current technology becomes obsolete.
But the confidentiality properties needed for electronic annuities are not at all straightforward. For example, we may want banks to underwrite them, but we do not want the opponent's lawyers enjoining the bankers. Thus the annuity will probably need to be doubly anonymous, both for the client vis-à-vis the bank and for the bank vis-à-vis the network. How do we square this with audit and accountability, and with preventing money laundering? What if our bent judge orders all banks to delay payment by long enough for the financier of an allegedly libellous file to be flushed out? These requirements do not seem to have been tackled yet by digital cash researchers.
Another problem will arise once the service becomes profitable. Presumably there will be a market in revenue-generating Eternity servers, so that a fileserver owner who wishes to cash in and retire can sell his revenue generating files to the highest bidder. The obvious risk is that a wealthy opponent might buy up enough servers to have a significant chance of obtaining all the copies of a target file. The secondary risk is that a single network service provider might acquire enough market share to penetrate the anonymity of communications and track down the copies.
How can these risks be controlled? One might try to certify server owners, but any central body responsible for certifying `this site is not an NSA site' could be bought or coerced, while if the certification were distributed among many individuals, few of them would have the resources to investigate would-be server owners thoroughly. An alternative could be to leave the security policy to the user who uploads the file: she could say something like, `I want seven copies of my file to be moved randomly around the following fifty sites'. The problem here is how we prevent policy erosion as sites are replaced over time.
At a more mundane level, we need mechanisms to stop a file server owner cheating by claiming annuity payments on a file without keeping a copy all the time. After all, he could just download the file from the Eternity Service itself whenever he needs to demonstrate possession. This provides yet another reason why files must be encrypted with keys the server owners do not know; then the annuity payment server can pose a challenge such as `calculate a MAC on your file using the following key' to check that the annuitant really has kept all the data that he is being paid to keep.