Open Networks, Closed Regimes

From The Internet: Issues at the Frontier (course wiki)
Revision as of 02:17, 16 April 2009 by Jgruensp (talk | contribs)
Jump to navigation Jump to search

Dan Ray, Conor, Joshua

Open Network, Closed Regimes

Problem to be solved

US-based internet services are used by citizens of every regime in the world. Western-based internet companies operate these services in many countries where governments routinely request or demand sensitive information about their citizens. How should high-level officers respond when their companies receive requests to turn over information which violate privacy and anonymity expectations? How can citizens, NGOs, and government actors influence the way these companies respond?

Precis

The idea of the internet service provider as a border-defying government-regulation-free jurisdiction was already dying in the 1990s, but the large-scale movement of internet services into regimes without free speech protections has raised serious concerns about managing cross-border privacy standards over the last five years. From Yahoo turning over pro-democracy Chinese bloggers to the Chinese government, to Saudi Arabia tracking porn downloaders by pulling ISP records, to South Korea trying to arrest anonymous government critics, the problems are widespread and not restricted only to regimes that Americans are used to thinking of as "repressive." The globalization of internet services raises difficult questions: What requests for information are invasive? What kind of deference is due to local sovereignty? How can the competing demands best be balanced? How can the relevant stakeholders work toward achieving a proper balance?

The Story So Far

Several weeks ago, our class read John Perry Barlow’s Declaration of Independence of Cyberspace, written in 1996, in which he addresses the nations of the world and “declare[s] the global social space we are building to be naturally independent of the tyrannies you seek to impose on us.” For Barlow, perhaps the most important innovation of cyberspace was its ability to act as a great leveler: “We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth. We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.” As these lines imply, the key to this brave new world of Barlow’s was the possibility of anonymity (or pseudonymity): real-world barriers placed by normative biases or governmental controls could be hurdled by individuals joining online communities to express their provocative thoughts. Secure in the knowledge that their identities were divorced from their real-world selves, citizens of every nation could create the first truly free global marketplace of ideas.

From well before Barlow’s Declaration, this idea of the Internet as an enabler of the anonymous expression of ideas was a well-established meme in the popular conception of the Internet, from Peter Steiner’s famous New Yorker cartoon to the aphorism that “the internet treats censorship as damage and routes around it.” And just as quickly, people started to raise questions about whether a completely uncontrolled discourse was desirable – Larry Lessig famously told the story (see p. 102-106) of one anonymous student who singlehandedly shut down Lessig’s first-ever online classroom bulletin board by attacking his classmates with unstinting vitriol. The techno-libertarians remained adamant that online communities would develop mechanisms to cope with such problems, and that the benefits of being able to create a discussion area open to all comers – more freedom under repressive regimes, more frank discussion for every individual – would outweigh any drawbacks.

However, the factual accuracy of the idea that the Internet need not respect terrestrial law was soon called into doubt. Tim Wu and Jack Goldsmith document (see Chapter 1) the 2000 case in which Yahoo! attempted to resist a takedown request from the French government. After activists discovered Nazi merchandise for sale on a Yahoo! site, they appealed to the government to enforce the laws banning such material from being sold in France. Yahoo! protested that there was no way for it to identify traffic coming from France and that to enforce the French laws would ultimately mean enforcing the lowest common denominator of all international law in all locations. However, having lost their case in the French courts in the face of expert testimony, and facing fines of 100,000 francs per day against their new French division, the company caved and admitted that IP addresses could be used to tell apart visitors from one country and another. This was a blow to the notion that the Internet was inherently resistant to national laws, but it was also a blow to the idea that users of the Internet were all faceless numbers – it soon became very clear that the companies that individuals did business with on the Internet knew plenty about their users, both in the form of information submitted by those users and in the form of other incidental data.

Once those two facts were combined, it became clear that online service providers doing business internationally were vulnerable to economic threats if they failed to comply with local legal regimes by turning over nominally anonymous users. This first acquired public salience in 2004, when the Chinese government discovered that someone with a Yahoo! email account had forwarded to a US-based pro-democracy blogger an internal Communist party message sent to newspaper editorial boards warning them of potential unrest which might arise from discussion of the fifteenth anniversary of the Tiananmen Square protests. China demanded that the company turn over any records relating to the disclosure of its state secrets, and Yahoo! complied without question. Chinese journalist Shi Tao was ultimately arrested and sentenced to ten years in prison. After the role played by Yahoo! was disclosed, the company became the subject of global outrage, castigated by pro-free-speech nonprofits and hauled before Congress to account for its actions. However, Yahoo! was merely the most visible of the companies involved in such disclosures – Amnesty International reports that many of the largest international online service providers were implicated at the time and continue to wrestle with these issues.

In recent years, similar cases have cropped up all over the world, from Africa to Asia to the Middle East, and even some American companies have taken part in using the disclosure-friendly laws of other countries to track down derogatory speakers. Many of these countries describe themselves as protecting themselves from the dangerous consequences of free speech: in January, South Korea arrested a blogger whose acerbic postings about government bureaucrats had supposedly undermined the population’s faith in the government’s ability to manage the global financial crisis. These governments say that free speech is always at war with social stability, as it was in Lessig’s classroom, and that they and Americans simply disagree on where the line must be drawn. At the same time, pro-democracy activists say that American companies and the American government aren’t doing enough work insisting upon the universality of American values.

The most salient legislative response has been the Global Online Freedom Act (GOFA), proposed by Representative Chris Smith (R-NJ). GOFA would require the State Department to track internet-restricting countries and then require US corporations not to a) store users’ personal data within the borders of those countries or b) turn over any personally identifiable information to law enforcement within those countries without first seeking the permission of the US Department of Justice. Many pro-free-speech non-profits have praised the GOFA bill as an “advance for online free expression.” Commentators have also suggested, however, that it is unworkable in practice, and would, in effect, require US companies to cease doing meaningful business within such countries.

Corporations have pushed instead for a non-government-driven multi-stakeholder plan of action. Several of the largest American online service providers, including Microsoft, Google, and Yahoo!, have joined forces with the Berkman Center to develop the Global Network Initiative (GNI). The GNI lays out a set of universal principles to be referenced when making difficult human rights decisions; it then gives implementation guidance to Boards of companies proceed in considering those principles on a case-by-case basis as requests for data come in. Some of the Congressional critics of these companies have been mollified by the evident progress. At the same time, some legal scholars and privacy specialists (see Rotenberg quote) say the GNI is not widely enough accepted or equipped with severe enough consequences to make a serious difference.

Meanwhile, countries wary of indiscriminate speech have started to look at alternatives of their own. This past year, the International Telecommunications Union (ITU), a specialized agency of the United Nations which deals with the regulation of international telecommunications issues, opened up a study group on Question 6-17 (Q6/17). The Q6/17 group was chartered at the request of a state-owned Chinese telecommunications firm to investigate the feasibility of retrofitting the internet with Internet Protocol (IP) traceback technology. IP packets, the individual building blocks used to send information across the internet, are difficult, if not impossible, to follow back from their destination to their source. IP traceback technology would use new software and hardware to retrofit tracing mechanisms onto the internet as built, so as to make it easier to find the sender of a given message. The proponents of Q6/17 suggest that it could be used to make it more difficult to remotely infect computers with viruses or make anonymous threats online. Privacy specialists, however, suspect that the major purpose is to crack down on unwanted speech.

Required Readings

Class members will get individualized readings in small groups. Coming soon to an Inbox near you...

Early brainstorming on this topic

Additional Readings

(Some of these and additional readings will be broken down by simulation group)

Audio:

Video

Text

“Just the Facts” Reporting

Critiques

Links

http://blogs.wsj.com/chinajournal/2008/10/28/parsing-the-google-yahoo-microsoft-global-network-initiative/

http://www.nytimes.com/2008/11/30/magazine/30google-t.html?_r=1&adxnnl=1&partner=permalink&exprod=permalink&adxnnlx=1229749063-T7qNc5xv9ZLDiLcjc8AZxQ&pagewanted=print

http://blog.wired.com/27bstroke6/2008/04/republican-hous.html

http://rconversation.blogs.com/rconversation/2007/01/google_yahoo_mi.html

http://www.circleid.com/posts/print/20081028_global_network_initiative/

http://www.guardian.co.uk/technology/2008/oct/30/amnesty-global-network-initiative

http://www.economist.com/world/asia/displaystory.cfm?story_id=12783609

http://www.huffingtonpost.com/michael-a-santoro-and-wendy-goldberg/chinese-internet-censorsh_b_156212.html

http://news.cnet.com/8301-13578_3-10040152-38.html (Declan McCullagh of CNet News on Q6/17, including links to several leaked ITU documents)

Brainstorming (On earlier topic: OpenID)

All that OpenID stuff has moved to legacy support. And thank goodness for that. Dan Ray 01:19, 4 February 2009 (UTC)

Note to self: Joe, Miriam, Mark, Jon Fildes, Elana, Melissa