Author Archives: Stefan Geens

Stockholm Internet Forum: The future of freedom on the internet is at stake

Posted on by
Reply

This article was first published on The Local as a general introduction to the net freedom issues being tacked at the 2013 Stockholm Internet Forum.

This week sees 450 policy-oriented technologists from 90 countries meet at the Stockholm Internet Forum, a two-day conference hosted by Sweden’s Ministry of Foreign Affairs, its aid agency Sida, and .SE, the foundation responsible for Sweden’s Internet infrastructure.

Experts from civil society, government and business will tackle “Internet freedom for global development” and its security implications. If this sounds like the typical capacity-building aid summit, it’s not — the stakes are in fact much higher. This forum is not (just) about promoting an inclusive and open Internet in the developing world; it is also about ensuring a free and secure Internet in Sweden. That’s because these days, laws in countries from halfway around the world can affect you directly via your browser. Consider:

  • Many of the best Internet companies are American, subject to US law. When you trust your email correspondence to Gmail or Facebook, it is US law that protects your privacy. Bad laws, like the proposed Cyber Intelligence Sharing and Protection Act (CISPA) currently stalled in the US Senate, would allow law enforcement agencies to access your data without a warrant.
  • Some countries, such as Russia, turn a blind eye to cyber criminals as long as they target users outside their jurisdictions, giving these gangs a safe haven from which to attack, scam and spam. Their presence also provides plausible deniability for state-sponsored cyber attacks and espionage, such as the 2007 attack on Estonia’s banking system.
  • China’s government requires backdoor access to the contents of popular Chinese messaging services like QQ, TOM-Skype and WeChat. Connect via Skype to a user in China and your private conversation will be an open book, no matter where you are.

Still, the primary victims of delinquent Internet governance policies are most often local users: China’s sophisticated online censorship system has made much of the global Internet off-limits to its citizens; South Korea’s real name registration policy makes it harder for whistleblowers and sources to stay anonymous online; Internet kill switches allow dictators to single-handedly drag their county back into the 80s.

Sometimes, European and American firms contribute to the problem by selling surveillance tools to authoritarian regimes. One such company, Gamma International, let its tools be used to spy on the political opposition in Egypt, Bahrain and Malaysia. In 2012 Belarus was caught spying on dissidents using equipment installed and maintained by Sweden’s own Teliasonera. Growing public intolerance for such practices is having an effect, at least in the west: This year, Teliasonera contritely signed on to industry-wide guidelines for defending freedom of expression and privacy.

These and many other examples over the past decade have prompted a movement towards global norms for Internet governance. It’s this process that the organizers of the Stockholm Internet Forum are trying to shape, by keeping human rights concerns at the center of the debate about Internet security. The core message is that Internet governance should ultimately serve the citizen-user, rather than the interests of states or corporations. And yet even liberal democracies sometimes get this wrong, drafting overbearing security laws that gut the Internet of the freedoms that make it worthwhile.

There have been some successes on the human rights front: In 2011 a United Nations report by the special rapporteur Frank La Rue delineated how human rights law applies to online notions of freedom and privacy; in 2012 Sweden and other nations sponsored a successful non-binding UN Human Rights Council resolution affirming “that the same rights that people have offline must also be protected online”. Of course, the same countries that prey on the rights of people offline tend to do so online, using the same excuses.

Today, the situation remains precarious. There are two strongly opposed visions for how best to proceed with Internet governance at the global level. The incumbent arrangement sees responsibilities shared among many actors — technical foundations, corporations, governments, civil society NGOs — none of which individually control the process. The main policy-setting forum for this multi-stakeholder model is the annual Internet Governance Forum, championed by civil society organizations for its inclusive nature, even if the Internet’s core technical policy body, ICANN, remains based in the US.

In the other camp is a slew of countries — predominantly from Africa and Asia — who feel that the current system is too western and, well, democratic. In their vision, Internet policy is the sovereign right of states, with centralized, top-down control within national borders and multilateral treaties governing connectivity globally. Prominent backers of this model are Russia, China, Tajikistan and Saudi Arabia; they recently began promoting the UN’s International Telecommunication Union as a state-centric policymaking body for the Internet. As a result, much of Europe and North America refused to sign the latest ITU regulatory agreement in December 2012; many more countries did sign, however. The Internet may yet balkanize.

The ball is now in the court of those attending the Stockholm Internet Forum, most of whom defend the multi-stakeholder model of governance. Ideas on the table include making the distributed governance model even more inclusive of Asian and African stakeholders, since that is where most of the world’s Internet users now reside. Another proposal is to recast security concerns as compatible with human rights, by redefining security from the perspective of the user. In this same vein, several NGOs have just proposed principles for Internet surveillance that would be compatible with human rights. The hope is to win over the fence sitters in this emerging global schism by convincing them that a freedom-centric Internet is the only path to a mature and developed global information society.

If the Internet freedom movement is to prevail, it needs more opportunities to debate strategy, generate ideas and strengthen its networks. The Stockholm Internet Forum may just make the difference.

Follow the conference live on May 22-23 via video and via the #sif13 hashtag on Twitter.

Resources update: May 2013

Posted on by
Reply

Under Institutions > The Internet and society:

The Stanford Center for Legal Informatics (CodeX) • Stanford University center working on “technologies ranging from initiatives that solve content licensing inefficiencies in today’s digital media markets, to initiatives that provide greater access to justice, and initiatives that increase transparency in public markets.”

Under Institutions > Development and ICT:

Open Aid Partnership • A World Bank mapping initiative for open data to improve strategic planning, transparency and accountability of aid projects. Collaborates with the International Aid Transparency Initiative (IATI) and the Open Government Partnership (OGP).

Under Institutions > Crisis management and ICT:

Humanitarian OpenStreetMap Team • HOT “acts as a bridge between the traditional humanitarian responders and the OpenStreetMap Community.” Activities include collecting data, coordinating the design of OSM tools, teaching data quality assurance, collaborating with data imagery providers, and OSM outreach.

Under Institutions > Net Freedom, civil rights, privacy:

Digital Rights Foundation • Pakistan-based advocacy NGO “focusing on ICTs to support human rights, democratic processes and digital governance.” @DigitalRightsPK

IFEX • Global network of advocacy organizations, coordinating the defense of free expression. @IFEX

Under Institutions > Activism:

Demand Progress • US-based grassroots campaign organizers with a focus on civil liberties, civil rights, and government reform, including in the digital domain. @demandprogress

The Internet Defense League • Distributed system that allows websites to display alerts related to Internet freedom campaigns. By Center for Rights and Fight for the Future.

Center for Rights • Advocacy group organizing web-based campaigns defending Internet Freedom.

Fight for the Future • Advocacy group organizing web-based campaigns defending Internet Freedom. @fightfortheftr

Under Institutions > Net freedom technology projects:

Abayima • non-profit founded in Uganda, working to create digital tools that “empower citizens when oppressive regimes use tech infrastructure against the public”. Creators of the Open Sim Kit mobile sim card hacking toolkit. @abayima

OpenITP • “Supports and incubates a collection of free and open source projects that enable anonymous, secure, reliable, and unrestricted communication on the Internet.” @Openitp

Commotion • “Open-source communication tool that uses mobile phones, computers, and other wireless devices to create decentralized mesh networks.”

Under Tools > Tools:

We Fight Censorship • Tools to securely submit, publish and shelter articles censored on the web, by Reporters Without Borders. @FightCensors_en

The Guardian Project • Provides a suite of secure open-source communciations apps for Android, including the Tor client Orbot, and the secure browser Orweb. @guardianproject

Flash Proxy • Experimental plugin-based proxy to ensure access to Tor when common bridge relays are blocked.

Cloudfogger • Encryption tool for securing cloud-based file systems like Dropbox. @Cloudfogger

BoxCryptor • Encryption tool for securing cloud-based file systems like Dropbox. @boxcryptor

Under Tools > Data:

Net Neutrality Map • Map tool to evaluate the net neutrality of ISPs in countries around the world.

FreeWeibo • Search tool for Sina Weibo that also returns censored content. @CensoredWeibo

HoneyMap • Real-time global map of cyber attacks captured by honeypots, by the Honeynet Project. @ProjectHoneynet

Under Tools > Online journals, book series, essay series, manuals, reference texts:

Internet rights are human rights • “A series of training modules concerned with the relationship between human rights, ICTs and the internet” commissioned by the Association for Progressive Communications (APC).

Resources update: September II

Posted on by
Reply

In no particular order:

The Public Voice • Coalition established by the Electronic Privacy Information Center (EPIC) “to promote public participation in decisions concerning the future of the Internet”. Seeks to increase the presence of NGOs at meetings across the globe. @thepublicvoice

Students for Free Culture • An “international, chapter-based student organization that promotes the public interest in intellectual property and telecommunications policy.”

Center for Studies on Freedom of Expression and Access to Information (CELE) at the University of Palermo, Buenos Aires • Research institution whose principal objective is “to produce reports that can be useful tools for those journalists, governmental institutions, and members of the private sector and civil society that are dedicated to the defense and promotion of these rights, especially in Latin America.” @CELEUP

BOLO BHI • Pakistan-based NGO “geared towards advocacy, policy and research in the areas of gender rights, government transparency, legislation, Internet freedom, digital security, privacy and empowerment”. @bolobhi

Free Press • US-based advocacy group out to “change media and technology policies, promote the public interest and strengthen democracy. Free Press advocates for universal and affordable Internet access, diverse media ownership, vibrant public media and quality journalism.” @freepress

Mideast Youth • Hacktivist launchpad for digital projects that “amplify diverse voices of dissent with a specific focus on access to information, free speech and minority rights.” Authors of CrowdVoice and Ahwaa.org. @MideastYouth

Resources update: September

Posted on by
Reply

Here are the most recent additions to the resources section of Dliberation.org, listed in no particular order:

Institutions:

Internet & Society Co:llaboratory • An “open think tank” initiated by Google Germany that engages in thematic initiatives lasting several months, bringing together experts to answer societal questions in the tech sphere. @IGcollaboratory

Media Access Project • US non-profit law firm and advocacy organization promoting the public interest before the FCC and US courts, “fighting for an open and diverse communications system that protects freedom of expression, promotes universal and equitable access to media outlets and telecommunications services, and encourages vibrant public discourse on critical issues facing our society.” @mediaaccess

Foundation for a Free Information Infrastructure • Global network of associations “dedicated to information about free and competitive software markets, genuine open standards and patent systems with lesser barriers to competition.” Publishes ACTA Blog. @FFII

govfresh • NGO works to “inspire government-citizen collaboration and build a more engaged democracy.” Tracks people and ideas “that are changing how government works.” @govfresh

IT For Change • Bengaluru, India-based NGO promoting the use of ICT in the global South for socio-economic change.

Internews • International NGO “whose mission is to empower local media worldwide” through training and advocacy. @Internews

Projects:

OpeningParliament.org • “A forum for international collaboration on efforts to improve access to parliamentary information and share experiences and good practices” among parliamentary monitoring organizations. Sponsored by Sunlight Foundation, Open Society Foundations, NDI among others.

KoBo Project • “Research expertise and open-source applications for mobile data collection” in conflict areas.

Project on Information Technology and Political Islam (PITPI) • “Investigating the politics of ICTs in Muslim societies, with special focus on political uses of digital media in MENA.” @p_ITPI

Spider • A Swedish resource center for ICT4D based at the Department of Computer and Systems Sciences (DSV) at Stockholm University. Primarily financed by the Swedish International Development Cooperation Agency (Sida). @spidercenter

Blogs:

International Law and the Internet • “A blog on why norms matter online” by Matthias Ketteman at the Institute of International Law at the University of Graz, who writers about Internet governance and human rights. @MCKettemann

loose wire blog • “Social Technology: The Future of Information.: By Singapore-based Reuters journalist Jeremy Wagstaff. @loosewire

Build it Kenny, and they will come…Kiwanja.net founder and FrontlineSMS developer Ken Banks’s blog, “where technology meets anthropology, conservation and development.”

Books:

Cyber-security: The vexed question of global rules • Published: January 30, 2012. By the Security & Defence Agenda, “a neutral platform for discussing defence and security policies”.

The Open Data Handbook • “Discusses the legal, social and technical aspects of open data,” aimed at those working with government data. A project by the Open Knowledge Foundation.

Tools:

Safer Mobile • Tools, training and software to help activists and journalists “understand the security risks of mobile technology and use mobile tech more securely for their work.” @safermobile. Funded by Google, US State Dept. among others.

WCITLEAKS.ORG • “Bringing transparency to the ITU.” @WCITLeaks

GreatFire.org • “Bringing transparency to online censorship in China. Real time testing of blocked URLs and Baidu, Sina Weibo and Google search results from within China.” @GreatFireChina

Blocked on Weibo • Site “tracking the various words that are blocked on Sina Weibo to get a sense of where the boundaries of Chinese censorship and self-censorship lie.” By @jasonqng

FrontlineSMS • Open-source software to send and receive SMS messages over a mobile network, facilitating information access and social change in areas with low Internet penetration. @FrontlineSMS

The Software Freedom Law Center • Non-profit provides pro-bono legal services to developers of free and open-source software. Eben Moglen is Director-Counsel.

UN: Online expression == offline expression. Is that really a good idea?

Posted on by
1

I’m conflicted by the Sweden-initiated resolution (PDF, HTML) on “The promotion, protection and enjoyment of human rights on the Internet”, adopted in a consensus by the UN Human Rights Council on July 5, and subsequently portrayed in a NYT op-ed as a “victory for the Internet” by Sweden’s foreign minister Carl Bildt.

The main thrust of the resolution lies in its first article (the others and the preamble are more aspirational in nature):

The Human Rights Council, [...]

1. Affirms that the same rights that people have offline must also be protected online, in particular freedom of expression, which is applicable regardless of frontiers and through any media of one’s choice, in accordance with articles 19 of the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights;

My ambivalence stems from this: The flip side to affirming the equivalence of online and offline rights is that it also affirms the equivalence of the limitations on those rights, as currently interpreted and implemented by national governments.

In practice, many countries fall far short of allowing their citizens the full exercise of their (offline) right to free expression as enumerated by the Universal Declaration of Human Rights and related texts. This shortfall is justified on the basis of national security concerns or cultural differences such as religious or national sensitivities or even especially draconian libel laws.

With this new resolution, such rationalizations can now be transposed wholesale into arguments for a likewise censoring of the Internet. Instead of preserving the freedom of the Internet, it could give authoritarians further legal cover to constrain it, allowing the entrenched justifications from meatspace to bleed into cyberspace.

This perspective on the resolution perhaps better explains why so many countries with a strict censorship regime were willing to adopt it. Turkey, with its persecution of journalists and writers and its periodic blocking of websites for alleged offenses against Ataturk, is even one of the seven co-sponsors of the resolution.

Why lament an explicit declaration of the equivalence of the offline with the online? Because the Internet has been and still is a disruptive force in favor of free expression, especially in places like Iran, Belarus and China, despite increasing technical and legal attempts to “nationalize” it, with varying degrees of success.

Such nationalization projects, of which the Great Chinese Firewall is the most advanced, aim to give authoritarian regimes renewed monopoly control over the flow of information among citizens — a monopoly once enjoyed in the offline world, but lost when the Internet came calling. This new resolution gives authoritarian regimes legal permission to bring such offline controls online.

In a best-case scenario, the resolution is ineffectual; even Cuba and China have signed on (with reservations). In the worst case, dubious justifications for offline controls on free expression made within the existing human rights frameworks will now be applied online. Much better (and therefore unlikely to succeed) would have been a resolution which:

1. Affirms that the same rights that people have online must also be protected offline, …

Internet freedom in Sweden — a primer

Posted on by

Sweden ramps up a major foreign policy initiative this week when it hosts the inaugural Stockholm Internet Forum, bringing together 300 technologists, activists and scholars from around the world to brainstorm “Internet freedom for global development”. By linking net freedom to social development, Sweden becomes one of a handful of countries for which defending the rights of Internet users beyond its borders is now an explicit foreign policy goal.

Underlying this policy of promoting Internet freedom abroad lies the assumption that there is Internet freedom within. So just how free are people emailing in Umeå, linking in Linköping or downloading in Dalarna? From a policy perspective, is the set of laws regulating Internet use inside Sweden worth emulating abroad?

To answer these questions, it helps to to look at six facets of Internet freedom that have come to loom large as ever-greater parts of our lives are lived online: Connectivity, transparency, censorship, surveillance, privacy and copyright. How does Sweden fare in each of these areas?

Connectivity
Sweden is one of the world’s best-connected countries, with around 90% of households having access to the Internet. It was also one of the earliest countries to see a majority of its population online — by 2001 — in part because regulations promoting competition ensured shared access to Internet infrastructure, keeping prices far below the European average.

On the other hand, network operators are free to prioritize the different types of data they deliver to subscribers; there is no legal requirement to be “network neutral”, though most are, given the competitive landscape. Overall, argues Patrik Fältström, head of research at the Swedish Internet infrastructure organization Netnod, the result has been positive: “The access you get when you buy simple broadband access is more open than most other places on the planet,” he says.

Transparency
One response to having so many Swedes online so quickly was to move government services there. In Sweden it has long been possible to file taxes online. Since 2003, Sweden has an e-government task force dedicated to delivering all government services — municipal, county and national — online. By 2008, it topped the UN’s global e-government readiness rankings.

Providing e-services is one thing; compelling government agencies to make their public datasets available online in free and open formats has proven far harder, despite a long tradition of making (analog) documents public. In part, this is due to vague directives that have let reluctant bureaucracies drag their feet.

Sweden thus lags behind “open government” leaders, notably the US and UK, and is alone among Scandinavian countries in not having a national open data portal. There are individual successes, such as the open data portal by Sweden’s international aid agency SIDA. Overall, still only one third of Swedish public data sources are available online in an open and free format.

Censorship
In Sweden there is no law that compels Internet service providers (ISPs) to block access to sites. ISPs voluntarily collaborate with police to block a centralized list of sites trafficking in child sexual abuse.

And yet such a system is not ideal, argues Marcin de Kaminski, an Internet researcher at the department of Sociology of Law at Lund University. That’s because there is no transparency in how the blacklist is maintained. “There is no way to legally appeal a list entry, for instance,” he says, ” and there is no third-party control of what is actually blocked.”

The risk, then, is that an unregulated block list could end up being used as a political tool — perhaps not in Sweden, where trust in the police is high and there is widespread disdain for censorship — but in other countries looking to adopt the Swedish model of Internet regulation. “Even though the Swedish blocklist has these flaws,” says de Kaminski, “it is used as a role model in the European discussion about block lists.”

Surveillance
In 2008 Sweden’s parliament narrowly passed a law that lets its signals intelligence agency (FRA) monitor the content of all cross-border cable-based Internet traffic to combat “external threats” such as terrorism and organized crime — but only after obtaining court permission on a case-per-case basis, and upon the explicit request of government or defense agencies. In 2012 parliament broadly passed the “Data Retention Directive” (DLD) which compels ISPs to store the who, where, and when (but not the what) of online communication within Sweden for six months, in case law enforcement agencies come calling for their investigations with a court order.

The FRA law has proven controversial in Sweden; the DLD law not so much. One reason is that they both exist within a European context, where EU directives guide how national legislatures are meant to implement laws. While the DLD law implements a minimal version of the European Data Retention Directive of 2006, the FRA law goes beyond the directive’s scope by allowing the surveillance of content.

Privacy
Sweden’s Data Inspection Board has long worked to ensure that personal information stays protected when handled by government agencies, businesses and people. The Internet has greatly transformed its role, which now includes combating cyberbullying and regulating use of cloud-based data storage. One complicating factor is that many of the services people use to share personal data — Facebook, Google — lie outside Sweden’s jurisdiction. Another is the natural tension between the right to privacy and the right to free expression and a free press, with that balance scrambled by the rise of blogs and semi-private publishing on social media platforms.

Copyright
File sharing is popular in Sweden, especially among youth, even though much of it is illegal under Swedish copyright law. In an effort to enforce copyright protection online, parliament in 2009 broadly passed a law implementing the EU directive on intellectual property rights enforcement (IPRED). The law allows criminal prosecution and jail terms for heavy illegal file sharers, and compels ISPs to identify suspected offenders upon request by a court of law.

Unlike France, Sweden’s implementation of IPRED does not cut off Internet access for repeat offenders. Swedish courts have also ruled that the right to privacy of suspected occasional file sharers trumps the interests of copyright holders, curtailing IPRED’s scope to more serious cases. Sweden’s IPRED law is currently being challenged in the European Court of Justice for violating European personal integrity laws.

A more encompassing international treaty, the Anti-Counterfeiting Trade Agreement (ACTA) has been signed by EU member states but has not yet been ratified.

Both IPRED and ACTA are proving controversial, especially with Swedish youth. Sweden’s Pirate Party parlayed this popular discontent into its first ever European Parliament seats in 2009. Criticism comes in several flavors: Pirate Party supporters wants to overhaul the very notion of copyright, so that the online remix culture and other non-commercial uses of creative content are exempt from regulation. Says Rick Falkvinge, founder of the Pirate Party: “The civil liberties that our parents enjoyed offline must carry over into the online world.”

Others worry that the enforcement laws being implemented have their priorities wrong, or are too intrusive. Argues de Kaminski: “What we need to do is establish rights and principles of freedom concerning the Internet — so that we have a free, open and secure base to begin with. Then we can start to discuss the necessary exceptions.”

Conclusion
When it comes to assessing the FRA, DLD and IPRED laws, the block list and privacy protections, it is worth remembering that they operate within a specific Swedish context. Replicating these laws may not produce the same results in places that do not also have Sweden’s negligible corruption, high levels of trust in public institutions, and a culture of free expression — non-legislated norms. Internet Freedom in Sweden is determined by more than the sum of its legislative parts.

An edited version of this article is available on Sweden.se, for which it was commissioned.

Some questions for Twitter re censorship

Posted on by

Some outstanding questions regarding Twitter’s new country-specific censorship system:

  1. Mobile clients: Will Twitter’s mobile clients also get the ability to let the user manually choose their jurisdiction, just like they now can on the full browser client? Currently neither the mobile web client nor the phone apps let you. This matters because much (most?) tweeting is done from mobile devices, especially when people are busy bringing down dictators.
  2. Transparency: Twitter says it will promptly notify users if their content has been withheld, “unless we are legally prohibited from doing so.” It also says it will post requests to withhold content to the Chilling Effects website. Does that include all requests, or only those it is not prohibited from posting? Does Twitter anticipate operating in countries where it is illegal to make public the specifics of a takedown request in any jurisdiction?
  3. Country-withheld content: Here is my best guess at how the country-specific censorship system works, based on testing: Before the browser requests new tweets from Twitter’s server, it first checks a cookie to see if the country location setting has been manually overridden. If it has not, then Twitter geolocates the IP address of the browser and filters the resulting twitter feed for that jurisdiction before sending the tweets along to the client. If the country setting has been manually overridden, then the browser sends along the chosen country to the server, which proceeds to filter the feed for that country, rather than the geolocation IP address. Is this correct?
  4. Forms of censorship: Twitter states that sovereign jurisdictions can request the withholding of individual tweets and/or of entire accounts, and also writes that this withholding can only be reactive, in response to “a valid and applicable legal request.” The problem is, I can think of several scenarios where this might not be enough to avoid breaking local laws. For example:
  • France and Germany among others prohibit search engines within their jurisdiction from linking to specific sites they deem illegal. If Twitter is not going to use a block list to pre-emptively withhold tweets containing such links in these countries, will it be breaking the law?
  • If a tweet has been retweeted (natively, or by using RT, or by using quotes, or after a slight edit) by a number of users by the time a withholding request arrives which Twitter agrees to comply with, will there be an effort to remove these retweets in that jurisdiction? Might not the legal entity making the request reasonably expect these to all be one-and-the-same tweet?

How to turn off Twitter’s censorship

Posted on by

It’s clear by now that Twitter’s new censorship regime is a pre-emptive move to keep the scope of censorship to within the jurisdictions of the legal authorities making the requests. This way, if Twitter is obliged by French law to remove a tweet deemed illegal in France, it will only be removed from French timelines — the rest of the world will continue to see it.

In its implementation, Twitter’s censorship system is very easy to circumvent by users — no doubt intentionally. I’ve played around with it using a virtual private network (VPN) to access my account from various countries in various setups; the workaround is trivial, albeit with a few twists.

Twitter’s own FAQ pages give two massive hints as to how to go about it:

  1. Which censorship regime your account will follow is decided by having Twitter geolocate your browser’s IP address to set your “initial country” in the settings.
  2. However, because Twitter might “misidentify” your country, Twitter says you get to manually override the chosen country in your Twitter account settings. Your choice is saved as a cookie in your browser. Twitter says it does not store this information on its servers.

Circumventing Twitter’s censorship is not as easy as choosing the “Worldwide” option from the dropdown menu of countries — a choice which you might assume places you outside any jurisdiction.

Choosing “Worldwide” has the opposite effect, in fact: Your censorship regime will automatically default to whatever jurisdiction your browser finds itself in. So if you choose “Worldwide” from a Swedish IP address, your country setting will immediately switch to Sweden. If you later move to an Egyptian IP address, the country setting will automatically switch to Egypt.

The “Worldwide” setting is Twitter’s default. If you haven’t changed your country manually in your account settings, this is how Twitter will choose your censorship regime. (If your IP address is not on the dropdown list of 59 countries, such as for Belgium, then the country is listed as “Worldwide” *.)

What if you are in the US, and want to ensure that your censorship regime stays American when you travel? Even though your country is listed as “United States” by default, that will change when you leave the US, unless you do this: Select any other country, save changes (and provide your password), then select the United States, and save changes. Even though the before and after settings will look exactly the same, you have now forced the browser to choose the US as your country, as opposed to whatever country you happen to be in.

But regardless of what country you happen to be in, why not choose one with best practices in free speech? A quick look at the Press Freedom Index shows that the Netherlands, Sweden and Switzerland are great choices. The governments of the Netherlands and Sweden in particular have been vocal in their defense of the net freedom agenda.

I’ve confirmed by using the same Twitter account on several browsers simultaneously across different IP addresses that the country setting for each browser is independent, saved locally in a cookie. This means you can have a second browser set to a different country, in case your default setting coughs up a censored tweet. It’s also a great way to compare and contrast censorship regimes.

In sum, circumventing Twitter’s censorship model is trivial, and I’m sure that’s not because Twitter is incompetent. What I do worry about is that this model is not robust against the future demands of censors. The wording of SOPA and PIPA, had they become law, could have been construed to classify the opt-out nature of Twitter’s censorship model as an enabler of piracy. And what about those Taliban tweets? If the US ever gets around to censoring those, it would certainly not be content with barring them just from the US; Twitter is a US company, and it can be compelled to act globally by US law.

While the newly introduced censorship model will allow Twitter to expand to countries like France and Germany, where historical baggage from World War II results in peculiar censorship regimes, or the UK, which has unique defamation laws, it is possible that new laws or future legal tests of Twitter’s approach will prohibit this censorship model. It’s great of Twitter to try, of course, but it makes Twitter’s expansion into new jurisdictions somewhat precarious, as the company may suddenly find itself faced with the grim choice of having to dismantle its opt-out censorship model in some jurisdictions, or pulling out operations from that country entirely.

Fortunately. Twitter is unlikely to ever set up shop in countries where revolutionaries are still fighting the good fight, and relying on Twitter to do so. In those countries, Twitter will not care about what the regime demands. They’ll just have to block Twitter wholesale, just as Iran, Vietnam and China currently do.

(* I suspect, but cannot prove absent a censored recent tweet to test with, that when Worldwide is selected for an IP address not from a listed country, the censorship regime defaults to that of the US. One reason I think this is the case is that only from a US IP address is it possible to select the “Worldwide” option from the dropdown menu and not have it switch automatically to the current jurisdiction, in this case “United States”. I think this is because the browser compares the two jurisdictions and sees they are the same, so does not bother to force the switch.)

On Twitter censorship: Don’t shoot the carrier pigeon

Posted on by

Twitter’s decision to enable country-level blocking of tweets is a rational response to an Internet that long ago ceased to be that utopian place beyond location. Companies who want to grow global amid the forked legal code of today’s Internet need to follow in Twitter’s footsteps.

It would be great if there were companies that did not want to grow global, who could offer a fortified service from a free speech haven and pay no attention to the thin-skinned legal codes of the world. Such an mission would be difficult to sustain, however: Twitter is not some abstract concept; it costs money to run. Free services need advertising-generated revenue; ads require local sales teams and/or local payment systems. This means local offices, and these are within reach of local laws. A Twitter service used by the world but not paid for by the world is unsustainable. (A hypothetical premium Twitter would have the same achilles heel: local payment systems.)

In terms of fine-tuning its censorship, Twitter is catching up to Google. Google has long had the ability to censor search results on a per-country basis. It also serves mutually exclusive map datasets to India and China, where it is illegal to publish country borders at odds with the official stance. Google does this because it is heavily invested in both countries — not just with sales teams, but with development teams too. Executives face real-world criminal charges for non-compliance, as Google found out in Italy.

A highly relevant question now is: Where should the limits of tolerance lie for Facebook, Twitter and Google when it comes to censorship? When does a country, in Twitter’s own words, “differ so much from our ideas that we will not be able to exist there.”? Let’s say we’re even understanding about Germany censoring Google search for Nazi propaganda and France for Nazi memorabilia. What about the case last week of the Indonesian who posted to Facebook that he did not believe in God, and was arrested for it? Should Facebook remove the post globally? Should it remove it only in Indonesia (something it cannot currently do)? I’d say no in both cases, but many Indonesians apparently prefer not to be confronted with expressions of non-belief in their midst. (The BBC reports the page in question has been taken down, but the group still seems to be up when visited from Sweden. Facebook is able to make entire pages unavailable to specific countries.)

Is this really a fight Facebook should fight alone? Should it be YouTube’s fight to serve videos deemed insulting to Ataturk in Turkey? If we demand Facebook and Twitter and Google exit these markets rather than collaborate with laws odious to our free-speech sensibilities, shouldn’t we demand that other businesses boycott the country in solidarity? And is that really feasible?

When to tolerate censorship, then? It depends. It depends on whether a country is on a trajectory towards more free speech. It depends on whether the local laws in question are created through a broad participatory process that gives them legitimacy. It depends on whether the content objected to is an expression of a fundamental human right, such as a sincerely held belief. More cynically, it depends on whether the company in question has business interests there, chasing a growing user base. (For Google in China, this complex calculation turned against collaboration when it became obvious speech was becoming less free, not more, despite its presence.)

Today’s announcement is a bid by Twitter to ensure that excessive censorship in one jurisdiction does not bleed over into other jurisdictions. In tandem with Google, this approach amounts to a new balance of power between national jurisdictions and the web’s native interest communities. We cannot assume it is a stable equilibrium, however. One risk is that the offer of country-level content blockage is not enough for a censorious regime. It may demand that content be removed globally, else face local legal jeopardy. This is not far-fetched — demands for the removal of military “secrets” from Google Earth make no sense if they can still be seen by everyone except those within a jurisdiction. (So far, with one exception, Google has resisted such requests. China certainly tried.) It is also illegal for Google to post any information about China’s censorship requests globally, as explained in its transparency report:

Another risk is that the outsourcing of censored tweets to chillingeffects.org is only a temporary solution in a long jurisdictional arms race. Censored tweets are currently listed on chillingeffects.org/twitter, where the offending tweet can be read in full, with link and all, thus:

Since Twitter promises to alert us anytime a tweet is blocked, the Streisand effect will likely ensure wide exposure for all content that ends up there. But SOPA and PIPA were phrased to criminalize precisely this kind of “enabling” of piracy by linking, with an added extra-jurisdictional twist: Companies with a US presence would not only be enjoined from directly linking to illegal content, they would also be enjoined from doing business with non-US companies linking to it. I fear non-US legal codes will innovate to mirror this extra-judicial demand, not just for copyrighted material but for all content deemed not in the national interest. China already does (see Google’s transparency report, above).

Finally, one interesting issue I’ve not seen explained by Twitter: The mechanics of this censorship. It sounds as if there will be a block list of links for each country. I assume that once a country demands a link be put on the list, all tweets containing that link will not be shown to Twitter users in that country. But what about tweets that do not contain a link but which merely contain speech objectionable to censors? Will there be a continuously updated list of blocked terms, as is done with Chinese microblogging tools? Or will each individual offending tweet need to be flagged by censors? If it’s the latter, then there is little worry, as the half-life of a tweet is far shorter than a censor’s reaction time. But that is why China sets its own far more onerous rules for those who want to play there.

What if a country with a conservative culture or oppressive regime does demand a list of blocked terms, ostensibly to prevent obscene or defamatory speech? I suspect (and hope) Twitter decides such countries “differ so much from our ideas that we will not be able to exist there.” Twitter could then serve a full uncensored feed to users in, say, Saudi Arabia or UAE or Pakistan; the onus would be on these countries to decide if they want to invest in unilateral blocking technology of the kind China uses for its Great Firewall. That is indeed the route Iran and Vietnam have taken, and which others may yet take as Internet censorship technology gets cheaper and easier to deploy. When that kind of Internet has broadly arrived, we’ll be in the next phase in the Internet censorship arms race.

Resources update: January 2012

Posted on by

Here are the most recent additions to the resources section of Dliberation.org, listed in no particular order:

The Centre for Spatial Law and Policy • Blog and online resources on laws and policies relating to spatial and location data in terms of privacy, national security and intellectual property. Run by Kevin Pomfret.

Telecomix’s We Rebuild • Resource pages of projects run by the hacktivist collective Telecomix, aiming to ensure “access to a free Internet without intrusive surveillance.” @Telecomix

The Crypto Project • Organization “designed to assist and encourage anonymity and encryption research, development, and use” by providing “better software, security, and anonymity to individuals worldwide.” @cryptodotis

Fight for the Future • US-based non-profit organizing grass-roots opposition to proposed SOPA and PIPA censorship bills. Facebook page @fightfortheftr

Chaos Computer Club • German hacker group, “Europe’s largest”, with activities supporting “free speech, free communication and internationalism on the World Wide Web” that range from “technical research and exploration on the edge of the technology universe through campaigns, events, publications and policy advice to the operation of anonymizing services and communications.” @chaosupdates

Index on Censorship • UK-based organization promoting free expression, with “up-to-the-minute news and information on free expression from around the world.” @IndexCensorship Facebook page

Internet Rights & Principles (IRP) • multi-stakeholder coalition aiming “to make Rights on the Internet and their related duties, specified from the point of view of individual users, a central theme of the Internet Governance debate.” Facebook page

Yochai Benkler wrote @The Wealth of Networks

Tom Glaisyer • Knight Media Policy Fellow at the New America Foundation, where he is involved with their Media Policy Initiative. Studies “the interplay between digital infrastructure, its use, and democratic institutions in society.” @tglaisyer

Mapping Online Publics • Research blog by the New Media and Public Communication program at Queensland University of Technology, with a focus on Twitter data gathering, processing, textual analysis and visualization.

Web Ecology Project • “An interdisciplinary research group based in Boston, Massachusetts focusing on using large scale data mining to analyze the system-wide flows of culture and community online.”

Free Society Conference and Nordic Summit (FSCONS) • Annual conference in Gothenburg, Sweden, billed as “the Nordic countries’ largest gathering for free culture, free software and a free society.” @fscons

Envaya • “A technology platform for civil society organizations in developing countries” with a mobile component. @Envaya

Governance across borders • Blog by a group of researchers that “shares ideas, concepts and examples on how to deal with old and new forms of such transnational governance.” Loosely affiliated with the research group “Institution Building Across Borders” at the Max Planck Institute for the Study of Societies. @govxborders

Cornelius Puschmann’s Blog • Blog “blog on Linguistics, Digital Humanities and Scholarly Communication on the Internet.” @coffee001

Nexa Center for Internet and Society • Independent research center at the Politecnico of Torino “focusing on quantitative and interdisciplinary analysis of the force of the Internet and of its impact on society.” Aims to “become a point of reference in Europe, interacting with the European Commission, regulators, local and national governments, as well as with business and other institutions.” Facebook page @nexacenter

Knight Foundation • US-based Foundation “supports transformational ideas that promote quality journalism, advance media innovation, engage communities and foster the arts.” Journalism is supported through a focus on “funding media innovation, journalistic excellence, and freedom of expression.” Facebook page @knightfdn

European Public Policy Blog by Google • “Google’s views on Government, policy and politics in Europe.”

Res Communis • Blog “on the legal aspects of human activities using aerospace technologies” at the University of Mississippi Schol of Law’s National Center for Remote Sensing, Air and Space Law.

GroundTruth Initiative • Website and blog by Mikel Maron and Erica Hagen at their new media and technology consulting company “specializing in community-based participatory technologies, especially mapping and citizen journalism, in poor and marginalized regions throughout the world”.

Joho the Blog by David Weinberger • Senior researcher at Harvard’s Berkman Center writes about “the effect of the Internet on how we think about ourselves, our world, and business.” @dweinberger

Krebs on Security by Brian Krebs • “In-depth security news and investigation” by a former Washington Post reporter, covering online crime investigations, new threats, security updates, data breaches and cyber justice. Facebook page @briankrebs

F-Secure Labs blog • Cyber-security news from F-Secure Security Labs, by “the personnel responsible for analyzing virus, phishing, spyware, and spam attacks.” Facebook page @FSecure

Slight Paranoia by Christopher Soghoian • Blog with analysis and opinion by the Washington DC-based security and privacy researcher. @csoghoian

Infosec Island • News and community site “for IT and network professionals who manage security, risk, and compliance issues.” @InfosecIsland

Code for America • Non-profit helps US city governments improve their services by funding the coding and deployment of web-based solutions. Facebook page @codeforamerica

CJNEWS India • India-focused collective blog with news and opinion about techno-legal issues.

TorrentFreak • Blog “where breaking news, BitTorrent and copyright collide.” @torrentfreak