Group items tagged

Why did the internet freedom agenda fail? Goldsmith’s essay tees up, but does not fully explore, a range of explanatory hypotheses. The most straightforward have to do with unrealistic expectations and unintended consequences. The idea that a minimally regulated internet would usher in an era of global peace, prosperity, and mutual understanding, Goldsmith tells us, was always a fantasy. As a project of democracy and human rights promotion, the internet freedom agenda was premised on a wildly overoptimistic view about the capacity of information flows, on their own, to empower oppressed groups and effect social change. Embracing this market-utopian view led the United States to underinvest in cybersecurity, social media oversight, and any number of other regulatory tools. In suggesting this interpretation of where U.S. policymakers and their civil society partners went wrong, Goldsmith’s essay complements recent critiques of the neoliberal strains in the broader human rights and transparency movements. Perhaps, however, the internet freedom agenda has faltered not because it was so naïve and unrealistic, but because it was so effective at achieving its realist goals. The seeds of this alternative account can be found in Goldsmith’s concession that the commercial non-regulation principle helped companies like Apple, Google, Facebook, and Amazon grab “huge market share globally.” The internet became an increasingly valuable cash cow for U.S. firms and an increasingly potent instrument of U.S. soft power over the past two decades; foreign governments, in due course, felt compelled to fight back. If the internet freedom agenda is understood as fundamentally a national economic project, rather than an international political or moral crusade, then we might say that its remarkable early success created the conditions for its eventual failure. Goldsmith’s essay also points to a third set of possible explanations for the collapse of the internet freedom agenda, involving its internal contradictions. Magaziner’s notion of a completely deregulated marketplace, if taken seriously, is incoherent. As Goldsmith and Tim Wu have discussed elsewhere, it takes quite a bit of regulation for any market, including markets related to the internet, to exist and to work. And indeed, even as Magaziner proposed “complete deregulation” of the internet, he simultaneously called for new legal protections against computer fraud and copyright infringement, which were soon followed by extensive U.S. efforts to penetrate foreign networks and to militarize cyberspace. Such internal dissonance was bound to invite charges of opportunism, and to render the American agenda unstable.

The United Nations has disgraced itself immeasurably over the past month or so. In case you missed the following stories, I suggest catching up now: The UN’s “Sustainable Development Agenda” is Basically a Giant Corporatist Fraud Not a Joke – Saudi Arabia Chosen to Head UN Human Rights Panel Fresh off the scene from those two epic embarrassments, the UN now wants to tell governments of the world how to censor the internet. I wish I was kidding. From the Washington Post: On Thursday, the organization’s Broadband Commission for Digital Development released a damning “world-wide wake-up call” on what it calls “cyber VAWG,” or violence against women and girls. The report concludes that online harassment is “a problem of pandemic proportion” — which, nbd, we’ve all heard before. But the United Nations then goes on to propose radical, proactive policy changes for both governments and social networks, effectively projecting a whole new vision for how the Internet could work. Under U.S. law — the law that, not coincidentally, governs most of the world’s largest online platforms — intermediaries such as Twitter and Facebook generally can’t be held responsible for what people do on them. But the United Nations proposes both that social networks proactively police every profile and post, and that government agencies only “license” those who agree to do so.

People are being harassed online, and the solution is to censor everything and license speech? Remarkable. How that would actually work, we don’t know; the report is light on concrete, actionable policy. But it repeatedly suggests both that social networks need to opt-in to stronger anti-harassment regimes and that governments need to enforce them proactively. At one point toward the end of the paper, the U.N. panel concludes that“political and governmental bodies need to use their licensing prerogative” to better protect human and women’s rights, only granting licenses to “those Telecoms and search engines” that “supervise content and its dissemination.” So we’re supposed to be lectured about human rights from an organization that named Saudi Arabia head of its human rights panel? Got it. Regardless of whether you think those are worthwhile ends, the implications are huge: It’s an attempt to transform the Web from a libertarian free-for-all to some kind of enforced social commons. This U.N. report gets us no closer, alas: all but its most modest proposals are unfeasible. We can educate people about gender violence or teach “digital citizenship” in schools, but persuading social networks to police everything their users post is next to impossible. And even if it weren’t, there are serious implications for innovation and speech: According to the Electronic Frontier Foundation, CDA 230 — the law that exempts online intermediaries from this kind of policing — is basically what allowed modern social networks (and blogs, and comments, and forums, etc.) to come into being. If we’re lucky, perhaps the Saudi religious police chief (yes, they have one) who went on a rampage against Twitter a couple of years ago, will be available to head up the project. What a joke.

This June 5th, I pledge to take strong steps to protect my freedom from government mass surveillance. I expect the services I use to do the same.

Fight for the Future and Center for Rights will contact you about future campaigns. Privacy Policy

The International Telecommunication Union (ITU) will hold the World Conference on International Telecommunications (WCIT-12) in December in Dubai, an all-important treaty-writing event where ITU Member States will discuss the proposed revisions to the International Telecommunication Regulations (ITR). The ITU is a United Nations agency responsible for international telecom regulation, a bureaucratic, slow-moving, closed regulatory organization that issues treaty-level provisions for international telecommunication networks and services. The ITR, a legally binding international treaty signed by 178 countries, defines the boundaries of ITU’s regulatory authority and provides "general principles" on international telecommunications. However, media reports indicate that some proposed amendments to the ITR—a negotiation that is already well underway—could potentially expand the ITU’s mandate to encompass the Internet.

The International Telecommunication Union (ITU) will hold the World Conference on International Telecommunications (WCIT-12) in December in Dubai, an all-important treaty-writing event where ITU Member States will discuss the proposed revisions to the International Telecommunication Regulations (ITR). The ITU is a United Nations agency responsible for international telecom regulation, a bureaucratic, slow-moving, closed regulatory organization that issues treaty-level provisions for international telecommunication networks and services. The ITR, a legally binding international treaty signed by 178 countries, defines the boundaries of ITU’s regulatory authority and provides "general principles" on international telecommunications. However, media reports indicate that some proposed amendments to the ITR—a negotiation that is already well underway—could potentially expand the ITU’s mandate to encompass the Internet. In similar fashion to the secrecy surrounding ACTA and TPP, the ITR proposals are being negotiated in secret, with high barriers preventing access to any negotiating document. While aspiring to be a venue for Internet policy-making, the ITU Member States do not appear to be very open to the idea of allowing all stakeholders (including civil society) to participate. The framework under which the ITU operates does not allow for any form of open participation. Mere access to documents and decision-makers is sold by the ITU to corporate “associate” members at prohibitively high rates. Indeed, the ITU’s business model appears to depend on revenue generation from those seeking to ‘participate’ in its policy-making processes. This revenue-based principle of policy-making is deeply troubling in and of itself, as the objective of policy making should be to reach the best possible outcome.

EFF, European Digital Rights, CIPPIC and CDT and a coalition of civil society organizations from around the world are demanding that the ITU Secretary General, the  WCIT-12 Council Working Group, and ITU Member States open up the WCIT-12 and the Council working group negotiations, by immediately releasing all the preparatory materials and Treaty proposals. If it affects the digital rights of citizens across the globe, the public needs to know what is going on and deserves to have a say. The Council Working Group is responsible for the preparatory work towards WCIT-12, setting the agenda for and consolidating input from participating governments and Sector Members. We demand full and meaningful participation for civil society in its own right, and without cost, at the Council Working Group meetings and the WCIT on equal footing with all other stakeholders, including participating governments. A transparent, open process that is inclusive of civil society at every stage is crucial to creating sound policy.

In our society, the rule of law sets limits on what government can and cannot do, no matter how important its goals. To give a simple example, even when chasing a fleeing murder suspect, the police have a duty not to endanger bystanders. The government should pay the same care to our safety in pursuing threats online, but right now we don’t have clear, enforceable rules for government activities like hacking and "digital sabotage." And this is no abstract question—these actions increasingly endanger everyone’s security

The problem became especially clear this year during the San Bernardino case, involving the FBI’s demand that Apple rewrite its iOS operating system to defeat security features on a locked iPhone. Ultimately the FBI exploited an existing vulnerability in iOS and accessed the contents of the phone with the help of an "outside party." Then, with no public process or discussion of the tradeoffs involved, the government refused to tell Apple about the flaw. Despite the obvious fact that the security of the computers and networks we all use is both collective and interwoven—other iPhones used by millions of innocent people presumably have the same vulnerability—the government chose to withhold information Apple could have used to improve the security of its phones. Other examples include intelligence activities like Stuxnet and Bullrun, and law enforcement investigations like the FBI’s mass use of malware against Tor users engaged in criminal behavior. These activities are often disproportionate to stopping legitimate threats, resulting in unpatched software for millions of innocent users, overbroad surveillance, and other collateral effects.  That’s why we’re working on a positive agenda to confront governmental threats to digital security. Put more directly, we’re calling on lawyers, advocates, technologists, and the public to demand a public discussion of whether, when, and how governments can be empowered to break into our computers, phones, and other devices; sabotage and subvert basic security protocols; and stockpile and exploit software flaws and vulnerabilities.  

Smart people in academia and elsewhere have been thinking and writing about these issues for years. But it’s time to take the next step and make clear, public rules that carry the force of law to ensure that the government weighs the tradeoffs and reaches the right decisions. This long post outlines some of the things that can be done. It frames the issue, then describes some of the key areas where EFF is already pursuing this agenda—in particular formalizing the rules for disclosing vulnerabilities and setting out narrow limits for the use of government malware. Finally it lays out where we think the debate should go from here.   

Much to the disappointment of the digital advertising establishment, Mozilla is going ahead with plans to automatically block third-party cookie tracking in its Firefox browser. Mozilla first announced its Do Not Track browser in February, only to back off in May saying it needed to do more testing. But that didn't stop a growing chorus of loud protests from the advertising community, which argued that the browser would choke off the ad-supported Internet. The Interactive Advertising Bureau's general counsel Mike Zaneis called Mozilla's browser nothing less than a "nuclear first strike" against the ad community. No date has been set for when Firefox will turn on the feature, but advertisers, which have been regularly meeting with Mozilla and were hopeful for a compromise, are already lashing back at Mozilla.

"It's troubling," said Lou Mastria, the managing director for the Digital Advertising Alliance, which manages an online self-regulatory program called Ad Choices that provides consumers with the choice to opt-out of targeted ads. "They're putting this under the cloak of privacy, but it's disrupting a business model," Mastria said. Advertisers are worried that Mozilla's plans could be the death knell to thousands of small Web publishers that depend on third-party targeted ads to stay in business. Nearly 1,000 signed a petition urging Mozilla to change its plans.  "One publisher said that 20 percent of their business would go away. That's huge," said Mastria. "Mozilla is really picking business model winners and losers."

Not all cookies will be blocked under Mozilla's latest plans for its proposed browser; there will be exceptions. Through a partnership with the Center for Internet and Society at Stanford Law School, the two are launching a Cookie Clearinghouse. Overseen by a six-person panel, it will determine a list of undesirable cookies and then block those. "The Cookie Clearinghouse will create, maintain and publish objective information," Aleecia McDonald, director of privacy at CIS, said in a statement. "Web browser companies will be able to choose to adopt the lists we publish to provide new privacy options to their users." But others say the approach is far from objective. "What these organizations and the privacy groups that back them are really saying is 'let us choose for you because we know best,' " said Daniel Castro, a senior analyst with the Information Technology and Innovation Foundation. "The proponents of this model have claimed they are empowering users. ... This is basically Sarah Palin's 'Death Panels' but for the Internet."

The nonprofit advocacy group said it sent a letter to Christine Varney, Assistant Attorney General for Antitrust Division, after news that the European Commission had received three complaints against Google alleging the company manipulated search engine results in an anticompetitive way.

"As part of your continued antitrust investigation we call on you to shine a light on Google’s black box, and require it to explain what’s behind search results," Simpson wrote.

"If, as it appears, Google is tweaking results to further its narrow agenda, this anticompetitive behavior must be stopped."

Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think it’s unlikely. Here’s why:1. The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English. 2. The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult. I would find the presence of Chinese far more plausible.

3. It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as. 4. Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless. Likewise, I find it hard to believe that a “Nation State” which lives by propaganda would be so willing to just throw away such an unprecedented level of access to the beating heart of Hollywood itself.

5. The attackers only latched onto “The Interview” after the media did – the film was never mentioned by GOP right at the start of their campaign. It was only after a few people started speculating in the media that this and the communication from DPRK “might be linked” that suddenly it became linked. I think the attackers both saw this as an opportunity for “lulz” and as a way to misdirect everyone into thinking it was a nation state. After all, if everyone believes it’s a nation state, then the criminal investigation will likely die.

As it continues to explore new business models that may work in a world focused on privacy rather than broadly sharing data online, Facebook on Tuesday revealed plans for its own global digital currency, Libra, which aims to allow users to make purchases or send money with close to zero transaction fees. Facebook said it hopes Libra will make it easier for the estimated 1.7 billion unbanked adults worldwide to access banking services and transfer money electronically. “Just as people can use their phones to message friends anywhere in the world today, with Libra, the same can be done with money — instantly, securely and at a low cost,” Facebook said in a Libra white paper.

Users will be able to make transactions with Libra by 2020, Facebook says, both through a standalone app called Calibra as well as with Facebook’s own family of apps. Unlike bitcoin and some similar offerings, the price of Libra is tied to low-risk assets, which should prevent the speculative behavior and wild price swings plaguing other digital currencies. The currency will be overseen by the Libra Association, a Switzerland-based collective of more than a dozen companies, including Visa, Uber and Mastercard, each of whom have invested at least $10 million in the technology. Users of Libra will pay $1 to use Libra which will sit in a bank account and earn interest which will pay the Libra Association.

The Web was designed to bring people together and make knowledge freely available. It has changed the world for good and improved the lives of billions. Yet, many people are still unable to access its benefits and, for others, the Web comes with too many unacceptable costs. Everyone has a role to play in safeguarding the future of the Web. The Contract for the Web was created by representatives from over 80 organizations, representing governments, companies and civil society, and sets out commitments to guide digital policy agendas. To achieve the Contract’s goals, governments, companies, civil society and individuals must commit to sustained policy development, advocacy, and implementation of the Contract text.

As a general rule, politicians don’t pick fights with their state’s biggest private employers, but Seattle Congresswoman Pramila Jayapal is doing just that, sponsoring legislation that would break up Amazon.Jayapal’s Ending Platform Monopolies Act is part of a broader, bipartisan effort in Congress to rein in the power of the Big Four tech giants: Amazon, Facebook, Apple and Google.Following up on a 16-month antitrust investigation completed last fall, House lawmakers this month unveiled five antitrust bills aimed at checking the power of the companies by limiting their abilities to gobble up or hamstring competitors.Jayapal’s proposal would allow the federal government to sue to force the Big Four tech firms to sell off lines of business deemed a “conflict of interest.” That would mean Amazon could no longer run its marketplace for third-party sellers while also competing against them with its own products. Similar divestments would be required of the other top tech firms, and all could face massive daily fines for noncompliance.

The focus on today’s ubiquitous big tech giants in some ways echoes past antitrust confrontations in the U.S. In the 1980s, the federal government forced the breakup of the Bell System phone monopoly. In the late 1990s, the U.S. sought to bust up Microsoft over its PC market stranglehold — a battle that ended in a 2002 settlement curbing some of its practices.The Big Four have inspired blowback from across the political spectrum, though not always for the same reasons. All five of the House bills rolled out last week had both Democratic and Republican co-sponsors — producing some unusual alliances.