Playing favorites across a bordered Internet

Earlier this month Guernica magazine published the first article I’ve found time to write in over a year. (The Ranking Digital Rights project and related work has been keeping me incredibly busy.) It’s about Internet companies as gatekeepers across an Internet on which national borders are more powerful than many people (especially in the West) realize. It begins with a description of the video above:

Last November, volunteers with a group called Pakistan for All filmed a man wandering the streets of Karachi wearing a cloth-covered cardboard box over his torso. The box was painted on four sides with YouTube logos, a silver TV antenna affixed to the top. He held a hand-painted sign: “Hug me if you want me back.”

Using The Jackson Five’s “I Want You Back” as a soundtrack, filmmaker Ziad Zafar created a short and cheeky video featuring men, women, and children hugging the YouTube mascot in locations around Karachi. “God, please let them open YouTube,” one young man said to the camera. Another complained that his personal channel was now inaccessible: “I used to have so many videos.”

After explaining why YouTube is blocked in Pakistan I continue:

Public frustration over YouTube censorship in Pakistan is just one of many points of worldwide friction between old and new information sovereignties: sovereign nation-states versus globally networked commercial “sovereigns” of cyberspace. These commercial sovereigns like YouTube’s parent company, Google, are the new arbiters—sometimes censors, sometimes champions—of a large and growing percentage of citizen speech all over the world.

To find out how and what it all means click here to read the full article.

Advertisements

Afterword to the Paperback Edition: Confronting surveillance

The paperback edition of Consent of the Networked came out in late April. I wrote the Afterword last December. It begins:

I ended Consent of the Networked with a call for action, and in 2012 netizens around the world proved they are willing to act, as demonstrated by the movement’s recent successes. But while we have gained momentum, we face continuing challenges in the pursuit of digital liberty that will not easily be overcome.

The most difficult challenges, I argued, are posed by the already well-entrenched, pervasive, unaccountable surveillance in the United States and other democracies. That argument has been vindicated, unfortunately, by recent news about the U.S. government’s surveillance programs.

Writing in December I concluded:

Citizens of democracies, companies that understand that they can build long-term global value for their brand by earning trust with their users, and politicians who understand the need to protect and strengthen the digital commons (even if mainly out of self-interest) must unite to demand a national and global reconsideration of already deeply entrenched surveillance laws, technologies, and corporate practices. There needs to be a more robust public debate about the facts of digital surveillance in democracies, the implications for accountable governance and social justice—and what can be done now that the surveillance state has already been allowed to reach too far, too fast. That debate requires data and information that companies as well as democratic governments have so far been reluctant to share. Companies claiming to support a free and open Internet and that benefit from the existence of a robust global digital commons are doing the commons no favors unless and until they agree to publish systematic and useable information about their relationships with governments.

Furthermore, governments that want their citizens to believe that their support for global Internet freedom and citizens’ digital rights is genuine—and not shallow political rhetoric—must make sure that laws are not preventing companies from releasing such information. All governments that intend to keep calling themselves “democratic” with a straight face should publish their own transparency reports so that engaged citizens can see enough of the whole picture that they can grant or withdraw consent for, or divest from, the surveillance systems and procedures governments and companies have built. Until these things happen, Western democracies and Western companies will remain net exporters of surveillance technologies, legal norms, and business practices that facilitate political abuse of surveillance powers by repressive regimes—and that will ultimately corrode existing democracies.

Getting governments and companies to do these things will make the fights against ACTA, SOPA, and ITU Internet incursion look trivial in comparison. The global movement for digital liberty spread its wings and took flight in 2012, but the real tests of its strength and agility have yet to come.

The whole chapter is available online here.

Mark News: Internet Freedom and the Erosion of Democracy

Canada’s Mark News has just published my latest essay on how increasing government surveillance around the world is threatening the freedoms granted by Internet access. An excerpt:

This week, at least 125 million people are watching the Eurovision Song Contest, an annual competition of singers from 56 countries across Europe and parts of the former Soviet Union. This year’s contest is hosted by Azerbaijan, a country whose human-rights record has come under heavy fire.

Azerbaijan is a classic example of how, even when people are free to connect to the global Internet, they can be subject to pervasive, unaccountable, and unconstrained surveillance. It is also a case of how, while western democratic governments have been quick to follow the lead of the United States and Secretary of State Hillary Clinton in calling for a free and open global Internet, they are much more conflicted when it comes to surveillance. The democratic world has failed to address the freedom-eroding potential of government surveillance through commercial networks.

Read the rest of the piece here.

Does CISPA Have Sufficient Safeguards?

Mike Rodgers, Republican Representative from Michigan and Chairman of the U.S. House of Representatives’ Intelligence Committee, has responded to my article published on the Foreign Affairs website last month. In my essay, I argued that surveillance technologies and practices originating in the United States are undermining the Obama administration’s “Internet freedom” policy. He objected strongly to my critique of the Cyber Intelligence Sharing and Protection Act (CISPA) which recently passed the House under his co-sponsorship, accusing me of repeating what I had read on Twitter instead of reading the actual bill. I responded. The full exchange can be found here.

Foreign Policy: The Rise of Europe’s Private Internet Police

This week in Foreign Policy I examine the debate in Europe over whether and how private Internet companies should be expected to police people’s activities on the Internet. An excerpt:

European governments may not have intended to create a “privatized police state,” but that is what digital rights activists in Europe warn is happening, due to growing government pressure on companies to police themselves. As Joe McNamee, director of the Brussels-based nonprofit European Digital Rights Initiative (EDRI), puts it, “We are sleepwalking further and further along a road on which we’ve decided that our right to communication and privacy shall be put in the hands of arbitrary decisions of private companies.”

Read the whole commentary here.

Foreign Policy: The Shawshank Prevention

In Chapter 3 of my book I described how Internet censorship works in China. Foreign social media platforms like Facebook, Twitter, and many Google services are blocked by the “Great Firewall” of China, so most Chinese Internet users spend their time on social media services run by Chinese companies which are required to carry out heavy political censorship. Most recently, the name of the blind legal activist Chen Guangcheng  has been censored on the Chinese social media platform Weibo – and so was the name of the Hollywood movie Shawshank Redemption. Why? Because once it became impossible to mention Chen’s name directly, Chinese netizens used the movie about a prison break to allude to Chen’s dramatic escape from house arrest.

In Chapter 12 I described the political fights in Washington that came to a head in 2010 and 2011 over  the State Department’s “Internet freedom” policy and, specifically, which projects should receive U.S. government funding to build tools that help people in China and elsewhere circumvent Internet censorship.  My latest article published Wednesday on ForeignPolicy.com gives an update on how circumvention tools are used in China. I conclude:

Whether or not the U.S. government funds circumvention tools, or who exactly it funds and with what amount, it is clear that Internet users in China and elsewhere are seeking out and creating their own ad hoc solutions to access the uncensored global Internet. In China today, thanks to the government’s success in nurturing a domestic commercial walled garden, circumvention technology has not been a direct driver of political change. Yet circumvention tools of various kinds have provided a lifeline for a small core of tech-savvy liberals who are becoming more active online as political uncertainty grows. Meanwhile, the recent political uncertainty is driving new demand for circumvention technology, which could make it just that much more difficult than in the past for the government to control what the Chinese public learns — or believes — about Chen Guangchen and this week’s delicate diplomatic dance between Washington and Beijing.

Read the whole thing here.

Preaching Internet Freedom, Practicing Surveillance

In Foreign Affairs this week, I argue that while Washington preaches global Internet freedom, its practices are facilitating the global spread of unaccountable surveillance. An excerpt:

In the Internet age, it is technically trivial for corporations and governments to gain access to people’s private communications and track their movements. The Obama administration recognizes that online freedom requires not only an open and uncensored Internet, but also one on which government and corporate surveillance powers are appropriately constrained, so that citizens are protected against abuse, and abusers are held accountable. Without strong global standards of public transparency and accountability in how surveillance technologies are deployed, the empowering potential of the Internet diminishes quickly.

Yet, even as the White House clamps down in Iran and Syria, other parts of the U.S. government are driving the development of policies, regulatory norms, and business practices that make a mockery of Washington’s well-meaning efforts to expand Internet freedom abroad. Put another way, although the State Department funnels millions of dollars to nonprofits fighting censorship and surveillance beyond U.S. borders, repressive digital surveillance around the world continues to expand in scope and sophistication.

Read the whole thing here.

Containing Weapons of Mass Surveillance

My latest article in Foreign Policy argues that President Obama is on the right track with Monday’s executive order, but the United States needs to get tougher on the global digital arms race. I conclude:

President Obama has certainly taken a step in the right direction with Monday’s executive order. But the executive branch and Congress will need to do much more if they want to stem electronic abuses against activists in Iran and Syria — let alone anywhere else. It’s time to take decisive action to stop American and other multinationals from aiding and abetting the wrong side in the global digital arms race.

Read the whole thing here.

The article contains a late-breaking update. After my deadline had passed, I managed to reach a spokesperson at the Department of Commerce, who confirmed that an investigation of Blue Coat is “ongoing.” Blue Coat is the California-based company whose surveillance and censorship devices turned up in Syria last year. I described the circumstances in the article as follows:

Last October, the international activist group Telecomix published log files taken from 13 Blue Coat devices deployed by the Syrian Telecommunications Establishment to monitor and block users’ activity. Facing scrutiny over apparent violation of a strict U.S. embargo against technology sales to Syria, Blue Coat later told the Wall Street Journal that these devices were shipped to a Dubai reseller that claimed the final destination as Iraq. In December, the U.S. Department of Commerce placed restrictions on a person and an entity in the United Arab Emirates for having sold the devices to Syria. But questions remain about what Blue Coat really knew or didn’t know, because after installation in Syria the devices transmitted regular automatic status messages back to the company’s computer servers. Blue Coat claims that it doesn’t monitor the origin of such messages.

Surveillance and Censorship in India

Chapter 9 opens with quotes from an infamous April 2011 BBC interview with RIM’s co-CEO Mike Lazaridis, in which he ends the interview abruptly after the BBC’s Rory Cellan-Jones presses him to answer questions about RIM’s “arguments with the Indian government and various other governments in the Middle East” over those governments’ desire to gain access to Blackberry messages and e-mails.  In August 2010, the United Arab Emirates and Saudi Arabia  threatened to ban BlackBerry services until RIM agreed to allow a satisfactory level of government access to communications sent through RIM devices within the country. India soon followed suit with its own demands for access. Late last month, the Wall Street Journal reported that RIM has set up a facility in Mumbai “to help the Indian government carry out lawful surveillance of its BlackBerry services.” The report further quotes a RIM statement which says that “we believe the government of India is now applying its security policy in a consistent manner to all handset makers and service providers in India, which means that RIM should not be singled out any more than any other provider.”

There is a larger problem, however. When it comes to censorship in India, the hardworking folks at the Centre for Internet and Society in Bangalore recently concluded that the Indian government is violating not only Indian laws but also the Indian Constitution in the way it handles censorship demands to companies. What are the chances, then, that the Indian government is not violating its citizens’ rights in similar ways when it comes to demands for user information to RIM and other mobile service providers?

CIS’s Pranesh Prakash compared Google’s most recent Transparency Report, which reveals the number of content removal and user data requests made between January and June 2011 by the Indian government, and compared that information with an official response to CIS queries on content removal and blocking by the Ministry of Communications & Information Department of Information Technology. Prakash’s conclusion:

…it would seem that law enforcement agencies are operating outside the bounds set up under the Indian Penal Code, the Code of Criminal Procedure, as also the Information Technology Act, when they send requests for removal of content to companies like Google. While a company might comply with it because it appears to them to violate their own terms of service (which generally include a wide clause about content being in accordance with all local laws), community guidelines, etc., it would appear that it is not required under the law to do so if the order itself is not legal.

However, anecdotal evidence has it that most companies comply with such ‘requests’ even when they are not under any legal obligation to do so.

This way the intention of Parliament in enacting s.69A of the IT Act—to regulate government censorship of the Internet and bring it within the bounds laid down in the Constitution—is defeated.

As I reported in the book, in April 2011, the Ministry of Communications and Information Technology issued new rules under which Internet companies are expected to remove within thirty-six hours any content regulators designated as “grossly harmful,” “harassing,” or “ethnically objectionable.” Indian free speech advocates have vowed to challenge the rules’ constitutionality. Google publicly protested the rules in a statement warning that “if Internet platforms are held liable for third party content, it would lead to self-censorship and reduce the free flow of information.” As Prakash put it then, “The Indian Constitution limits how much the government can regulate citizens’ fundamental right to freedom of speech and expression. Any measure afoul of the constitution is invalid.”

More details about surveillance and censorship in India can be found in the India-focused chapter of a new book, Access Contested: Security, Identity, and Resistance in Asian Cyberspace, produced by the Open Net Initiative, coming out in December from MIT Press. The India chapter is not currently available online but I discuss India’s issues in a related chapter titled “Corporate Accountability in Networked Asia” (The Citizenlab, one of ONI’s partners, has made that chapter, along with all of Part I of the book, available online here.) I wrote it late last year and it went into production before the new April 2011 rules came out (academic presses take a long time), but I think the larger point remains very relevant. I compare the role played by companies in facilitating government censorship and surveillance in China to the role of companies in two Asian democracies: South Korea and India. I argue that “efforts to hold companies accountable for free speech and privacy in authoritarian countries like China will face an uphill battle unless companies in Asia’s democracies are pushed by domestic civil society actors to defend and protect user rights in a more robust manner than is currently the case.”

The first step is for companies to follow Google’s lead in being more transparent about how they respond to government demands. Then civil society organizations in democracies, like India’s CIS, will be equipped and empowered with the information they need to push their governments to stop using companies as an opaque and unaccountable extension of state power. RIM can and must recognize that by being evasive with the public it is standing firmly on the wrong side of history.

Here is the video of Lazaridis’ interview:

Surveillance technologies and “apolitical” corporations

Since the book’s manuscript was finalized in August, there has been a steady stream of headlines recently about the use of Western surveillance technology by repressive regimes, adding to the cases I described in Chapter 4 and elsewhere. One of the biggest stories has been the revelation by the hacktivist group Telecomix that the Syrian government continues to use censorship and monitoring devices manufactured by the California-based company Blue Coat. Late last month the company has finally acknowledged that at least thirteen of its devices are being used by Syria.

Today, The Guardian has an amazing article titled “Governments turn to hacking techniques for surveillance of citizens.” It describes the annual Intelligence Support Systems (ISS) World Americas  conference, at which surveillance firms share tips on the latest “lawful interception” techniques used to spy on citizens. The companies showed little concern for how this technology can be and is being abused around the world. An excerpt:

Jerry Lucas, the president of the company behind ISS World, TeleStrategies, does not deny surveillance developers that attend his conference supply to repressive regimes. In fact, he is adamant that the manufacturers of surveillance technology, such as Gamma International, SS8 and Hacking Team, should be allowed to sell to whoever they want.

“The surveillance that we display in our conferences, and discuss how to use, is available to any country in the world,” he said. “Do some countries use this technology to suppress political statements? Yes, I would say that’s probably fair to say. But who are the vendors to say that the technology is not being used for good as well as for what you would consider not so good?”

Would he be comfortable in the knowledge that regimes in Zimbabwe and North Korea were purchasing this technology from western companies? “That’s just not my job to determine who’s a bad country and who’s a good country. That’s not our business, we’re not politicians … we’re a for-profit company. Our business is bringing governments together who want to buy this technology.”

The Electronic Frontier Foundation has proposed a two-part “know your customer” framework for surveillance equipment:

  1. Companies selling surveillance technologies to governments need to affirmatively investigate and “know your customer” before and during a sale.  We suggest something for human rights similar to what most of these companies are already required to do under the Foreign Corrupt Practices Act and the export regulations for other purposes, and
  2. Companies need to refrain from participating in transactions where their “know your customer” investigations reveal either objective evidence or credible concerns that the technologies provided by the company will be used to facilitate human rights violations.

Click here for further details. One of the broader problems, of course, is that the market for ever-more sophisticated surveillance equipment feeds unaccountable abuses of power not only by authoritarian regimes but also by democratic governments.

As long as engineers and companies claim to have no responsibility for the political context in which their inventions and products are used, the problem is going to grow worse. This problem of “amoral” technology being used for immoral purposes has been exacerbated in the Internet age, but it has been around a lot longer. In a talk I gave last week at the Silicon Valley Human Rights Conference, I played a video clip from Tom Lehrer‘s early 1960’s song about ex-Nazi rocket scientist Wernher von Braun:

The lyrics :

Gather round while I sing you of Wernher von Braun,
A man whose allegiance
Is ruled by expedience.
Call him a Nazi, he won’t even frown.
“Ha, Nazi Schmazi,” says Wernher von Braun.

Don’t say that he’s hypocritical,
Say rather that he’s apolitical.

“Once the rockets are up, who cares where they come down?
That’s not my department,” says Wernher von Braun.

Some have harsh words for this man of renown,
But some think our attitude
Should be one of gratitude,
Like the widows and cripples in old London town
Who owe their large pensions to Wernher von Braun.

You too may be a big hero,
Once you’ve learned to count backwards to zero.
“In German oder English I know how to count down,
Und I’m learning Chinese,” says Wernher von Braun