A little less than two score years ago, the world, and America in particular, was forced to sit up and watch in awe and horror, the Watergate episode which eventually led to the resignation of President Nixon. What was it about the case that was so captivating? Granted it involved the most powerful man of the most powerful country. But was that it? Was that the real reason why people sat in abject horror, staring at their television sets and newspapers with a gasp stuck in their throats, simply refusing to believe their audio visual senses? No, it was the shameless and total violation of privacy, that single rudimentary quality quintessential to preserving and maintaining our sense of honor and dignity. Sure, things have changed a lot since Nixon quit, but the need for privacy is as important now as it was all those years ago.
Everybody has, some point in their lives, dreamed of being a spy, a super sleuth or some undercover agent on a dangerous mission. Or at least they think it’s rather fashionably cool. That the 007 franchises are so popular lend credence to this fact. But how would we like to be at the receiving end? I don’t think we’d enjoy it much. I mean, nobody in their right mind would find existence a pleasurable experience if they knew that they were being watched and their every move documented for scrutiny and inspection at an unnamed later date. We love being anonymous. Being invisible lets us live unhindered lives, a prerogative afforded by the privileged status of anonymity.
Now, we live in a world that has been so swamped with technology that it has attained the status as a prerequisite for almost anybody. News and information are at our fingertips. The world indeed has shrunk and is now capable of fitting comfortably within our palms. The internet is second only in importance to the essential elements required to sustain life at a certain level of comfort. The usage of the internet has grown at exceptional rates. As the functionality of an object is one of the principal factors determining its usage, it can be safely inferred that the popularity of the online world is primarily on account of its uses and convenience. Having said that, it should be noted that any given coin has two sides, and the internet is no exception. There are wide spread evils lurking in the vast and dark corners of the World Wide Web. And we are in dire need of some sort of regulatory force or legislation to harness the unfathomable potential of cyber space.
Governments around the world have communication and data transfer rules and regulations that control the internet usage in their respective countries to some extent. But some Governments have gone over the edge in their quest to establish a moral code of conduct. They have gone to such an extent as to deprive innocent citizens of their privacy, all in the name of national security. Yes, a code is essential to determine what course the internet takes. It is very much necessary to protect the citizens from unwanted maliciousness that is so abundant in the internet. A chain of command and a regulating body is very much indispensable as the absence of one would mean total and utter anarchy. But there also needs to be some lines that should never be crossed, no matter what.
The main reasons governments give for adopting such repressive laws are the growing presence of child pornography and the seemingly unstoppable juggernaut of copyrights violation. Both these are condemnable crimes, that no self respecting man would indulge in and they need to be controlled and the perpetrators made to face justice. But it should not be at the cost of loss of privacy.
China is the first country that pops to one’s mind when talking about oppressive cyber laws. The country is quite infamous for its totalitarian method of internet censorship. It is the biggest Big Brother of all, with the Chinese government being time and again caught with their pants down censoring internet giants like Google and Yahoo. But in a land where almost everything is subjected to rigorous scrutiny by the government, these, one can say, were rather expected. The worrying part is that western countries especially the USA, Canada and prominent European countries are now following suit and passing legislations and laws to enhance security and avoid the use of the internet for unlawful activities.
Though the ‘Great Firewall’ of China is not the most efficient, it controls the data and information flow into and out of the country. Simply put, the government decided what the rest of world knew about China and the Chinese citizens knew about the world. Now, the Chinese Government is going one step further in internet censorship. According to a new law being enacted, and which will come into effect very soon, all computer units to be sold in the country will have to be pre loaded with the Green Dam Youth Escort software package. Though it appears to be a pornographic filter, it is actually a spyware that lets the government and any third party clever enough to hack into it, watch every citizen who is on the internet.
Green Dam has scores of uses. It can monitor and block a list of forbidden Web sites. It can also monitor a user's surfing habits and reading habits. In a hypothetical future cyber war, it can convert the host systems into spam generators by enlisting them in some massive botnet attack. Systems like this invariably invite criminal appropriation and government abuse. New police powers, enacted to fight terrorism, are already used in situations of normal crime and sometimes even for personal or political gain. What makes us so sure the Internet surveillance and control will be so different?
It is bad enough that the government misuses it, but should some third party with malicious intent gain control of these instruments of control, the consequences are bound to be not too pretty. Any surveillance and control system developed should be secure in the first place. Any infrastructure, software of hardware, developed to make the internet a safer place, should in itself be safe. The Chinese government may have developed the Green Dam for its own use, but it can and may be subverted by criminals to steal sensitive information like bank accounts and credit card information. Researchers have already found security flaws in Green Dam that would allow hackers to take over the computers. Of course there are additional flaws, and criminals are looking for them.
China’s actions may be condemned as being too extreme. But the western world is not too far behind. The USA is leading the pack of developed countries that are enforcing stringent cyber laws. Though aimed at preventing cyber terrorism and helping in solving cases, these laws can be misused to extract revenge or for unlawful activities: basically, they take away the anonymity that the internet offers. Anonymity is a dangerous thing, as it gives citizens the courage to raise their collective voices against the repressive policies, atrocities of the government and corruption in the government departments. And governments simply don’t want that. The anonymous status accorded to Twitter users helped save Iranian dissidents’ lives. True, the anonymous nature of the World Wide Web can be misused, like for encouraging pedophilia and terrorism. Granted that without a proper framework to determine the inflow and outflow of data, terrorist attacks can be coordinated from offshore camps and bases. But prevention of these horrid crimes should not take away the privacy of unwary citizens using the internet.
The American and Canadian governments have taken a new lead in the war against terrorism by introducing controversial cyber warfare laws. This June, U.S. Secretary of Defense Robert Gates ordered the creation of a new military cyber command based in Fort Meade, Maryland, that will not only coordinate the government's efforts to defend their cyber networks, but to engage in more wide scale cyber warfare campaigns around the world. This, they claim, is in an effort to increase internet security, and the safety of citizens. This means, the government can tap into our internet usage record without a court order and can shadow every movement we make in the cyber world. Although this, they claim, will be initiated only in matters of national interest or if criminal activities are suspected.
These risks are by no means theoretical. Such laws have been misused in the past, and nothing is stopping them from misuse this time around. For example, after 9/11, the National Security Agency built a surveillance infrastructure to eavesdrop on telephone calls and e-mails within the United States, so that they could monitor terrorist cells that they suspected to be operating on American soil. Although procedural rules very clearly stated that only non-Americans and international phone calls were to be listened to, actual practice didn't always match those rules. NSA analysts collected more data than they were authorized to, and used the system to spy on wives, girlfriends, and even famous people such as President Clinton.
Nevertheless, the Canadian government too thinks that enacting such laws is a healthy endeavor and has mirrored the American cyber laws. The Canadian government has introduced a new law which would force Internet Service Providers (ISP) to allow police officers and government agents to intercept online communications and to gather personal information about internet users without their consent. Two bills - C-46 and C-47 - introduced in Parliament in June would grant police access without oversight from the courts to all private Internet communications and all information on individual subscribers in the files of ISPs. Protesters are afraid that the government is attempting to seize control of the nation’s cyberspace and computers, thought the government states that it is not trying to militarize the internet.
According to Justice Minister Rob Nicholson, the bills are intended to modernize the Criminal Code of Canada and to help law enforcement officers to detect and apprehend those suspected of cyber terrorism, cyber crime, or other crimes through technology. The current laws were drawn up around 30 years ago when crime through the internet was not even in consideration. The police stated that they are well aware of privacy concerns expressed by the citizens, and that they will strive to achieve an agreeable balance between privacy and national security.
According to the new law, the police are free to access information of any Internet subscriber, such as name, street address and e-mail address without a search warrant. The new legislation forces Internet service providers to freeze data on hard drives to prevent subscribers under investigation from deleting potentially important evidence. It also requires that telecommunications companies invest in technology enabling them to intercept all of the Internet communications they handle. It will allow police to remotely activate tracking devices already embedded in cell phones and certain cars. Also, the police will be able to obtain data about where Internet communications are coming from and going to. And finally, it makes it a crime to arrange with a second person over the Internet for the sexual exploitation of a child.
Another aspect of the new law that poses considerable problems is the financial burden that the ISPs and end users will have to bear. A considerable change in the hardware and the supporting software is needed to facilitate such data collection and storage. Given the sheer amount of internet usage per day, the data that is collected will run into terabytes that requires mammoth storage facilities and equally humongous cooling solutions. According to the law, Larger ISP's will have 18 months to complete the necessary changes to their servers, and smaller ISP's (with fewer than 100,000 subscribers) will have three years to complete the changes. The cost may go up to around $15,000 per customer and this is too huge a burden for many, especially given the current financial condition. When the cost becomes too much to bear, the ISPs will transfer the burden onto the end users and the citizens using the internet will end up paying more to have their data stolen by the government.
In May of this year, the European Union (EU) threatened to sue the British government for violation of EU privacy rules. The British government had passed a targeted internet advertising law. The technology called Phorm technology which enables Internet Service Providers to track web usage of customers for the benefit of behavioral ads is now legal. The EU found that the usage of the technology is not according to the privacy laws drawn out by the EU. UK laws apply only to ‘intentional’ gathering of personal information of users and require that companies need to have only ‘reasonable grounds for believing’ that the users have given their consent while EU laws require that clear consent be given by the users. Internet behavioral advertising is something that can be very useful to both businesses and consumers alike. But they have to be done is such a way as to protect the privacy of internet users. The participation of the consumers should be voluntary and not inadvertent. The EU enquiry was done after the internet users complained that the Phorm technology was being used without proper user consent.
The censorship flu seems to have spread to other European countries too, with German government, the most liberal of them all, erecting infrastructure to facilitate enactment of a new legislation that makes internet censorship legal. The government is planning to block off certain internet sites in order to check child pornography. The general idea is to build censorship architecture that will give the government power to block sites that have child pornography content. The Federal Office of Criminal Investigation is expected to provide the government with a list of sites that are to be blocked, and also a list of ISPs that will be obliged to setup the secret censorship infrastructure. Encryption of sites will also be banned to avoid encrypted child pornography sites from avoiding detection by the censor. This means that VPNs will also be scrutinized, to transfer of malicious content through them.
As soon as news of the planned censorship program was released, large scale protests erupted across the country’s cyber space, and the numbers of protestors are growing. People fear that once the infrastructure is in place, the indexing and blocking of sites can be spread to other sites also, like web sites dedicated to voicing the ire of citizens who disagree with unfair government policies and corrupt officials. The censorship can be extended to cover all sorts of content that the government does not wish to make public. People do want child pornography to stop but, not at the price of the government telling them what they should watch online.
The most stringent and powerful of censorship laws in the whole of Europe were very recently erected in Sweden. The Swedish government, in its bid to balance the protection of private lives of citizens and the surveillance laws required to prevent crime, seems to have tipped over in favor of the latter. By implementing these legislations, the Government of Sweden is robbing the privacy of not only its own citizens, but also certain people around the world. According to the new law, the government can eavesdrop on conversations by telephone, fax and email and can even shadow internet usage, should the flow of data cross the Swedish borders at any point along its journey. Simply put, the government can hear and see every communication that a Swedish citizen or party chooses to have with a non Swedish party located at an offshore location.
The government can track communications for sensitive words that they think pose a potential threat to national security. All this monitoring and censorship requires the approval of no court: that is, it is the discretion of the police. The law enacted by the National Defense Radio Establishment (FRA) makes it mandatory for the operators to channel the data of their clients to the FRA through certain collection nodes that are setup for the sole purpose of data collection. While the FRA claims that it is in the least interested in listening in on the conversations of citizens, the fact remains that it is capable of that and nothing is stopping them from doing so. The private correspondences of citizens who are not suspected of fraud or unlawful activities can also be monitored for no legitimate reason.
The law also provides that the Internet Service Providers need to monitor the sites that they are making available to their users. That is, the ISP will be responsible if the user accesses any illegal material on the internet, and so they have the authority to determine which all are safe sites and have the power to block sites that they feel have objectionable or harmful content. The term ‘illegal material’ is a loose term, and when the ISP is empowered to determine what all are ‘illegal materials’, it takes on a rather unpleasant hue of corporate subservience.
Then there is the financial aspect of these laws. These laws have no clauses about financial remunerations for the costs incurred by the Service Providers while setting up the requisite infrastructure for effective monitoring of internet usage. This will have the end effect of end users paying extra to have their conversations listened to. Experts believe that setting up all this architecture could amount to nothing as the terrorists could easily encrypt messages while ordering hits from offshore camps, unless encryption of email messages is classified as a punishable offense and VPNs are subjected to careful scrutiny. But such a move would be too repressive and a blatant violation of basic human rights. It would also lead to problems to the corporations who are wary of competitors eager for bread crumbs.
The main reason for the enactment of these tight laws is the mounting pressure from corporations that are being affected by copyright infringement. Sweden accounts for nearly eight percentage of the world’s peer to peer file sharing traffic. The hugely popular torrent sharing site Pirate Bay is based in Sweden. Sharing of large amounts of music and other copyrighted material over these networks are, the industry claims, leading to losses amounting to millions of dollars. While piracy and copyright infringement are deplorable crimes, screening of private conversations is not the way to avoid them.
The undeniable fact that surveillance infrastructure can be exported aids totalitarianism around the world. Western companies like Siemens, Nokia, and Secure Computing helped build Iran's surveillance infrastructure while U.S. companies helped build China's electronic police state. Every year brings more Internet censorship and control - not just in countries like China and Iran, but in the United States, the United Kingdom, Canada, Germany, Sweden and other free countries. The control movement is egged on by both law enforcements, trying to catch terrorists, child pornographers and other criminals, and by media companies, trying to stop file sharers. Whatever the reasons maybe for enacting legislations legalizing the monitoring and censorship of internet usage, the governments need to find a workable balance between playing Big Brother and the invaluable privacy of citizens. And the bottom line is, it is a sign of the society’s state of bad health when technologies that someday might facilitate a police state are commissioned.
Privacy & Liberties is our business
Take your privacy back today !