Playing favorites across a bordered Internet

Earlier this month Guernica magazine published the first article I’ve found time to write in over a year. (The Ranking Digital Rights project and related work has been keeping me incredibly busy.) It’s about Internet companies as gatekeepers across an Internet on which national borders are more powerful than many people (especially in the West) realize. It begins with a description of the video above:

Last November, volunteers with a group called Pakistan for All filmed a man wandering the streets of Karachi wearing a cloth-covered cardboard box over his torso. The box was painted on four sides with YouTube logos, a silver TV antenna affixed to the top. He held a hand-painted sign: “Hug me if you want me back.”

Using The Jackson Five’s “I Want You Back” as a soundtrack, filmmaker Ziad Zafar created a short and cheeky video featuring men, women, and children hugging the YouTube mascot in locations around Karachi. “God, please let them open YouTube,” one young man said to the camera. Another complained that his personal channel was now inaccessible: “I used to have so many videos.”

After explaining why YouTube is blocked in Pakistan I continue:

Public frustration over YouTube censorship in Pakistan is just one of many points of worldwide friction between old and new information sovereignties: sovereign nation-states versus globally networked commercial “sovereigns” of cyberspace. These commercial sovereigns like YouTube’s parent company, Google, are the new arbiters—sometimes censors, sometimes champions—of a large and growing percentage of citizen speech all over the world.

To find out how and what it all means click here to read the full article.

Advertisements

Netizen Report: Search Edition

Last week’s Netizen Report on Global Voices Advocacy started off in the Googleplex, looking at a series of challenges Google has faced over the management of its search results:

In our latest Netizen Report we focus on the busy week Google is having as the world’s biggest search engine seeks to manage concerns from governments, businesses and users. Google’s decision to punish copyright violators by lowering their rankings on the search engine’s algorithm is a reminder of the how search results have far-reaching effects. The move to decrease the page rankings of sites that have repeatedly received DMCA “takedown” notices of copyright infringement is a nod to Hollywood’s concern over content piracy, but some technologists argue it will do little to stem illegal downloads because the links on Google will merely be harder to find. Privacy advocates say the move threatens the reliability of search results.

Another search engine change Google announced is a beta test of a tool that will include results from Gmail in search requests when a user is logged in to their account. This announcement is arousing privacy concerns similar to when Google used its users’ personal data in 2010 to create the now-defunct Google Buzz chat network. As a result of the 2010 Google Buzz concerns the United States’ Federal Trade Commission (FTC) required Google to undergo privacy audits for 20 years. The FTC also announced last week that Google will pay a $22.5 million settlement for violating that privacy settlement with the agency by placing behavioral tracking cookies in Apple’s Safari Web browser. The settlement is the largest ever filed with the FTC, but it is reportedly equal to the amount Google makes in five hours. More government pressure on Google comes from India, which just launched an anti-trust investigation of the company over alleged anti-competitive practices on Monday. When questioned on the investigation Google replied to Reuters, “We’re confident that our products are compliant with competition law in India.”

From there, we turn to other Sovereigns of Cyberspace, including Craigslist, Facebook and Apple, each of which is reshaping the Internet environment through a series of policy changes. Then we turn to Hong Kong, the Ukraine, and beyond. Click here to read the whole thing.

Foreign Policy: Google Confronts the Great Firewall of China

Last week I wrote a piece for Foreign Policy analyzing Google’s decision to roll out a new feature warning Chinese Internet users if they type a search term that could trigger censorship by the government’s network-level “Great Firewall.” In a nutshell:

For the first time, Google is making it crystal clear to Chinese Internet users that their frequent connection problems while using its search engine are caused by the Chinese government, not by its own systems. According to Alan Eustace, Google’s senior vice president for knowledge, the purpose of this feature is to “improve the search experience in mainland China.” Users are given the option to “refine their searches without the problem keywords” in order to “avoid connection problems.” What Google executives won’t discuss — at least publicly — is the obvious fact that they are exposing the Chinese government’s censorship tactics in an unprecedented way.

Read the whole piece here.

Meanwhile, in the week since it was published there have been some developments and reactions worth noting. Google has declined to publish a list of all the characters and phrases it has found likely to trigger censorship. But that did not stop different groups from reverse-engineering the list. It is now available on greatfire.org (explanation in English) and atgfw.org (explanation in Chinese).  It also didn’t take long for the engineers working on the Great Firewall to ramp up the arms race by another notch, blocking Google’s nifty pop-up alerts warning users about censored terms. Here is how the anonymous team at greatfire.org, a website that tracks Chinese Internet censorship from within China, reported on the situation:

Within a day, they disabled the new Google feature by blocking the javascript filethat contains the code altogether. This of course makes us wonder what Google’s next move will be. It would be very easy to rename the file or to embed it on the html page making it more difficult to selectively block features.

Going forward, there is much more that Google can do. Rather than just informing users that a search query has been censored, they could offer ways to get around it. The most obvious one would be to redirect users (automatically or manually) to the encrypted version of Google which is still not blocked in China (https://www.google.com.hk).

The fact that this functionality was rolled out, and not just on Google Hong Kong but actually any Google search engine that is accessed from China, shows that Google is actively working on ways to get around censorship in China.

Independent Beijing-based technology researcher Dave Lyons, who I interviewed for my piece, has a more cynical take about Google and its motivations over at the rectified.name blog:

While many people in China know that Google doesn’t always work because of government blocking, I’d bet that the vast majority of Internet users don’t know, or care for that matter, because if you’re planning a vacation to [丽江] [LiJiang, in Yunnan Province] where you want to stay in a [锦江之星] [MianJiang ZhiXing, the name of a hotel] which search engine are you going to use? The one that says: “Sorry, can’t use those words” or are you instead going to use one of those nice search engines that just deletes any politically sensitive search results and serves up those travel links? So while Google describes the move as “improving our user experience from mainland China,” from a user perspective this doesn’t really change anything unless you’re a political dissident trying to find the latest banned words, like a broken soda machine that always gives you Fresca no matter what button you push now has sign saying “In need of service: all buttons serve Fresca.”

Chinese internet users truly committed to seeking banned or sensitive information for the most part already have circumvention tools, and will use the regular Google.com like they did before, so this doesn’t really help them much unless they want vague confirmation from Google that a term is blocked. And this isn’t likely to earn Google any new friends in the Chinese government, which it already sees as in cahoots with the US State Department. If Google were serious about this, they would develop their own built-in circumvention tools, but they won’t — because that’s a bridge too far — and so I can’t help but think that the real audience for Google’s move isn’t in China but in the halls of Internet governance organizations like the ITU and global users who, they hope, will start having warm, fuzzy feelings about Google as a fearless advocate for free speech. Good luck with that.

Surveillance and Censorship in India

Chapter 9 opens with quotes from an infamous April 2011 BBC interview with RIM’s co-CEO Mike Lazaridis, in which he ends the interview abruptly after the BBC’s Rory Cellan-Jones presses him to answer questions about RIM’s “arguments with the Indian government and various other governments in the Middle East” over those governments’ desire to gain access to Blackberry messages and e-mails.  In August 2010, the United Arab Emirates and Saudi Arabia  threatened to ban BlackBerry services until RIM agreed to allow a satisfactory level of government access to communications sent through RIM devices within the country. India soon followed suit with its own demands for access. Late last month, the Wall Street Journal reported that RIM has set up a facility in Mumbai “to help the Indian government carry out lawful surveillance of its BlackBerry services.” The report further quotes a RIM statement which says that “we believe the government of India is now applying its security policy in a consistent manner to all handset makers and service providers in India, which means that RIM should not be singled out any more than any other provider.”

There is a larger problem, however. When it comes to censorship in India, the hardworking folks at the Centre for Internet and Society in Bangalore recently concluded that the Indian government is violating not only Indian laws but also the Indian Constitution in the way it handles censorship demands to companies. What are the chances, then, that the Indian government is not violating its citizens’ rights in similar ways when it comes to demands for user information to RIM and other mobile service providers?

CIS’s Pranesh Prakash compared Google’s most recent Transparency Report, which reveals the number of content removal and user data requests made between January and June 2011 by the Indian government, and compared that information with an official response to CIS queries on content removal and blocking by the Ministry of Communications & Information Department of Information Technology. Prakash’s conclusion:

…it would seem that law enforcement agencies are operating outside the bounds set up under the Indian Penal Code, the Code of Criminal Procedure, as also the Information Technology Act, when they send requests for removal of content to companies like Google. While a company might comply with it because it appears to them to violate their own terms of service (which generally include a wide clause about content being in accordance with all local laws), community guidelines, etc., it would appear that it is not required under the law to do so if the order itself is not legal.

However, anecdotal evidence has it that most companies comply with such ‘requests’ even when they are not under any legal obligation to do so.

This way the intention of Parliament in enacting s.69A of the IT Act—to regulate government censorship of the Internet and bring it within the bounds laid down in the Constitution—is defeated.

As I reported in the book, in April 2011, the Ministry of Communications and Information Technology issued new rules under which Internet companies are expected to remove within thirty-six hours any content regulators designated as “grossly harmful,” “harassing,” or “ethnically objectionable.” Indian free speech advocates have vowed to challenge the rules’ constitutionality. Google publicly protested the rules in a statement warning that “if Internet platforms are held liable for third party content, it would lead to self-censorship and reduce the free flow of information.” As Prakash put it then, “The Indian Constitution limits how much the government can regulate citizens’ fundamental right to freedom of speech and expression. Any measure afoul of the constitution is invalid.”

More details about surveillance and censorship in India can be found in the India-focused chapter of a new book, Access Contested: Security, Identity, and Resistance in Asian Cyberspace, produced by the Open Net Initiative, coming out in December from MIT Press. The India chapter is not currently available online but I discuss India’s issues in a related chapter titled “Corporate Accountability in Networked Asia” (The Citizenlab, one of ONI’s partners, has made that chapter, along with all of Part I of the book, available online here.) I wrote it late last year and it went into production before the new April 2011 rules came out (academic presses take a long time), but I think the larger point remains very relevant. I compare the role played by companies in facilitating government censorship and surveillance in China to the role of companies in two Asian democracies: South Korea and India. I argue that “efforts to hold companies accountable for free speech and privacy in authoritarian countries like China will face an uphill battle unless companies in Asia’s democracies are pushed by domestic civil society actors to defend and protect user rights in a more robust manner than is currently the case.”

The first step is for companies to follow Google’s lead in being more transparent about how they respond to government demands. Then civil society organizations in democracies, like India’s CIS, will be equipped and empowered with the information they need to push their governments to stop using companies as an opaque and unaccountable extension of state power. RIM can and must recognize that by being evasive with the public it is standing firmly on the wrong side of history.

Here is the video of Lazaridis’ interview:

Kudos and Concerns for Google

Earlier this week, Google published an update of its Transparency Report, which among other things discloses the number of government requests received for user information as well as requests to remove content. The latest report contains more granular data than ever before, including the number of actual users targeted by the government requests. (China remains a black hole because releasing the data would break China’s “state secrets” law and expose Chinese employees to prosecution.) As The Guardian points out, the data show a 70% increase in requests by the U.S. government or police. The company has also refused some takedown requests, including video of police brutality.  In the first half of 2011, Brazil topped the list with the most requests for content removal, followed by Germany, the U.S., and South Korea.

In the book I argue that inadequate transparency and accountability at the nexus between state and corporate power is one of the most insidious threats to democracy in the Internet age. All Internet and telecommunications companies should be required to report regularly and systematically to the public on how content is policed, and under what circumstances it gets removed or blocked and at whose behest. All companies serious about building public credibility and trust should waste no time in following Google’s lead.

Google still has a long way to go, however, when it comes to managing the development and rollout of its various services in a way that does not hurt its most vulnerable users. As Chapter 10 described, the implementation and enforcement of the real-name identity policy on Google Plus has thus far been a fiasco, resulting in dissidents and other vulnerable users around the world being booted from the service. Google’s Senior VP of Social Vic Gundotra recently announced that the social network will “soon” provide support for pseudonyms and other forms of alternative identity not tied to people’s government-issued ID. However it remains unclear what “soon” means.

Meanwhile, Google has announced that it will soon make major changes to Google Reader (an RSS reader used by many people to follow, manage, and share content from a large volume of news and blog feeds). Some of the social sharing functions will be eliminated and Reader will be integrated more closely into Google Plus. What Google staff apparently did not anticipate is how these changes will hurt some users including Iranian users struggling to share information despite harsh censorship. Because Google Reader is encrypted with https, it is harder for the Iranian government to block than most other overseas sites and services. As one Iranian blogger explains:

Google Reader acts like a news spreading website. Easy access to Google reader made it suitable for Iranian community and through all these years, specially after June 2009 election, developed an strong community for spreading the news.

Elimination of Reader’s sharing functions will put an end to this. Even worse, if Reader is integrated with Google Plus before the company finds a way to accommodate pseudonymous users and other forms identity not tied to people’s government-issued identity, Iranian users will be left even further in the cold.