Tag Archives: internet-restricting states

From Subversive to Submissive: the internet

The corridor where WWW was born. CERN, ground floor of building No.1

Free-Speech advocates were aghast—and data-privacy campaigners were delighted—when the European Court of Justice (ECJ) embraced the idea of a digital “right to be forgotten” in May 2014. It ruled that search engines such as Google must not display links to “inadequate, irrelevant or no longer relevant” information about people if they request that they be removed, even if the information is correct and was published legally.

The uproar will be even louder should France’s highest administrative court, the Conseil d’État, soon decide against Google. The firm currently removes search results only for users in the European Union. But France’s data-protection authority, CNIL, says this is not enough: it wants Google to delete search links everywhere. Europe’s much-contested right to be forgotten would thus be given global reach. The court… may hand down a verdict by January.

The spread of the right to be forgotten is part of a wider trend towards the fragmentation of the internet. Courts and governments have embarked on what some call a “legal arms race” to impose a maze of national or regional rules, often conflicting, in the digital realm
The internet has always been something of a subversive undertaking. As a ubiquitous, cross-border commons, it often defies notions of state sovereignty. A country might decide to outlaw a certain kind of service—a porn site or digital currency, say—only to see it continue to operate from other, more tolerant jurisdictions.

As long as cyberspace was a sideshow, governments did not much care. But as it has penetrated every facet of life, they feel compelled to control it. The internet—and even more so cloud computing, ie, the storage of vast amounts of data and the supply of myriad services online—has become the world’s über-infrastructure. It is creating great riches: according to the Boston Consulting Group, the internet economy (e-commerce, online services and data networks, among other things) will make up 5.3% of GDP this year in G20 countries. But it also comes with costs beyond the erosion of sovereignty. These include such evils as copyright infringement, cybercrime, the invasion of privacy, hate speech, espionage—and perhaps cyberwar.

IIn response, governments are trying to impose their laws across the whole of cyberspace. The virtual and real worlds are not entirely separate. The term “cloud computing” is misleading: at its core are data centres the size of football fields which have to be based somewhere….

New laws often include clauses with extraterritorial reach. The EU’s General Data Protection Regulation will apply from 2018 to all personal information on European citizens, even if the company holding it is based abroad.

In many cases, laws seek to keep data within, or without, national borders. China has pioneered the blocking of internet addresses with its Great Firewall, but the practice has spread to the likes of Iran and Russia. Another approach is “data localisation” requirements, which mandate that certain types of digital information must be stored locally or remain in the country. A new law in Russia, for instance, requires that the personal information of Russian citizens is kept in national databases…Elsewhere, though, data-localisation polices are meant to protect citizens from snooping by foreign powers. Germany has particularly stringent data-protection laws which hamper attempts by the European Commission, the EU’s civil service, to reduce regulatory barriers to the free flow of data between member-states.

Fragmentation caused by government action would be less of a concern if other factors were not also pushing in the same direction–new technologies, such as firewalls and a separate “dark web”, which is only accessible using a special browser. Commercial interests, too, are a dividing force. Apple, Facebook, Google and other tech giants try to keep users in their own “walled gardens”. Many online firms “geo-block” their services, so that they cannot be used abroad….

Internet experts distinguish between governance “of” the internet (all of the underlying technical rules that make it tick) and regulation “on” the internet (how it is used and by whom). The former has produced a collection of “multi-stakeholder” organisations, the best-known of which are ICANN, which oversees the internet’s address system, and the Internet Engineering Task Force, which comes up with technical standards…..

Finding consensus on technical problems, where one solution often is clearly better than another, is easier than on legal and political matters. One useful concept might be “interoperability”: the internet is a network of networks that follow the same communication protocols, even if the structure of each may differ markedly.

Excerpts from Online governance: Lost in the splinternet, Economist, Nov. 5, 2016

The Nationalization of Internet

Seeking to cut dependence on companies such as Google, Microsoft, and LinkedIn, Putin in recent years has urged the creation of domestic versions of everything from operating systems and e-mail to microchips and payment processing. Putin’s government says Russia needs protection from U.S. sanctions, bugs, and any backdoors built into hardware or software. “It’s a matter of national security,” says Andrey Chernogorov, executive secretary of the State Duma’s commission on strategic information systems. “Not replacing foreign IT would be equivalent to dismissing the army.”

Since last year, Russia has required foreign internet companies to store Russian clients’ data on servers in the country. In January 2016 the Kremlin ordered government agencies to use programs for office applications, database management, and cloud storage from an approved list of Russian suppliers or explain why they can’t—a blow to Microsoft, IBM, and Oracle. Google last year was ordered to allow Android phone makers to offer a Russian search engine. All four U.S. companies declined to comment.

And a state-backed group called the Institute of Internet Development is holding a public contest for a messenger service to compete with text and voice apps like WhatsApp and Viber. Russia’s Security Council has criticized the use of those services by state employees over concerns that U.S. spies could monitor the encrypted communications while Russian agencies can’t,,

On Nov. 10, 2016, Russia’s communications watchdog said LinkedIn would be blocked for not following the data-storage rules….. That same day, the Communications Ministry published draft legislation that would create a state-controlled body to monitor .ru domains and associated IP addresses. The proposal would also mandate that Russian internet infrastructure be owned by local companies and that cross-border communication lines be operated only by carriers subject to Russian regulation…

The biggest effect of the Kremlin’s internet campaign can be seen in the Moscow city administration, which is testing Russian-made e-mail and calendar software MyOffice Mail on 6,000 machines at City Hall. The city aims to replace Microsoft Outlook with the homegrown alternative, from Moscow-based New Cloud Technologies, on as many as 600,000 computers in schools, hospitals, and local agencies….“Money from Russian taxpayers and state-controlled companies should be spent primarily on domestic software,” Communications Minister Nikolay Nikiforov told reporters in September. “It’s a matter of jobs, of information security, and of our strategic leadership in IT.”

Excerpts from Microsoft Isn’t Feeling Any Russian Thaw, Bloomberg, Nov. 17, 2016

Global Online Freedom Law, how states and tech companies restrict internet freedom

In May and June [2011] human-rights lawyers in America filed two suits alleging that executives at Cisco Systems, a California-based tech firm, sold China’s government equipment customised to help track dissenters online. Only one of the plaintiffs is an American citizen; more than a dozen are Chinese. Cisco denies all wrongdoing.

Such jurisdictional jiggery-pokery is made possible in part by the Alien Tort Claims Act (ATCA), which lets foreigners bring alleged violations of international law before American courts. Oil companies, mining firms and banks have all been subject to ATCA litigation since the ancient law was unburied in the 1980s. But only in recent years has the act been used to target tech firms whose products, or user data, might have been used to trap activists. In the best-known case, in 2007, Yahoo! reached a settlement with representatives of two Chinese democracy campaigners who said the firm had given authorities information that had led to their arrest. Daniel Ward, a lawyer leading one of the suits against Cisco, thinks that similar cases could be brought against other firms.

The issue is getting hotter as Sino-American internet business expands, in both directions. American tech firms covet China’s huge market. On July 4th Microsoft confirmed that its Bing search engine will soon be powering English-language results for local users of Baidu, China’s censored search giant. Even firms with more modest horizons may find themselves dealing with regimes that closely control the internet. More and more governments are moving to restrict the flow of information online, according to Freedom House, a lobby group.

Meanwhile, the global reach of China’s own internet firms, many of them listed on American stock exchanges, is drawing legal challenges. Campaigners in New York have started a suit against Baidu, saying its censored search results violate their constitutional rights. The plaintiffs’ lawyer, Stephen Preziosi, insists the case be heard in an American court—Baidu sells advertising to American firms and aggressively protects its American trademark, he says.

Still, suits against Cisco or other high-tech players face an uncertain legal path. Last year an appeals court hearing another ATCA case said the statute could not be used to prosecute firms, creating a division among judges that only the Supreme Court can settle. Lawyers retort that even if ATCA use against firms is curbed, individual executives could still be targeted.

Some American politicians think clearer legislation would help. One long-mooted bill, the Global Online Freedom Act, would make the government keep a list of internet-restricting states. Under its latest revision, advanced in April by Chris Smith, a Republican congressman, firms would need to seek the approval of American authorities before passing user information to one of these regimes [or should it be to any regime?]; search engines would have to reveal details of any content they are asked to block. Export controls on web-blocking technologies would also be reviewed.

The bill has struggled to gain support since it was floated in 2006. But it could be helpful to American firms, argues Cindy Cohn of the Electronic Frontier Foundation, a lobby group, because clear legislation at home would give ammunition to executives negotiating business terms with foreign authorities. “They could all point to the same rules,” she says.

Internet freedom: Tort and technology, Economist, July 23, 2011, at 57