Posts tagged “Free Expression”

GoDaddy, .CN, Malware & Freedom of Expression



The domain registrar GoDaddy testified before the U.S. Congressional-Executive Commission on China and stated that they would “discontinue offering new .CN domain names” citing concerns over an “increase in China’s surveillance and monitoring of the Internet activities of its citizens” and the “chilling effect” that the retroactive application of new requirements on .CN domain names would have.

CNNIC, which regulates the .CN ccTLD, introduced new requirements in December 2009 on registrations which many in the security community welcomed. .CN domain names are often used for malicious purposes. McAfee has listed .CN as one of the riskiest ccTLD’s. MalwareURL.com and MalwareDomainList.com (two amazing malware/security resources) have collected numerous .CN domain names used to distribute malware. The AV company Kaspersky noted:

Over the last 3–4 years, China has become the leading source of malware. Chinese cybercriminals have shown themselves to be capable of creating such huge volumes of malware that over the last two years, antivirus companies have, without exception, put most of their effort into combating Chinese malware.

However, a lot of the malware activity coming from China is because Eastern European criminal networks moved and are now abusing Chinese infrastructure, .CN domains as well as IP addresses.

Sophos noted that the regulations were having an effect. There was a decrease in spam and Sophos attributed this to the new CNNIC regulations. Symantec noted that .CN registrations used for spam were down and .RU registrations had taken their place.

Others were unsure. StopBadWare noted that since there was a 5 day grace period that would be enough time for the malicious use of .CN domain names. Many, including Isaac Mao, also raised privacy and freedom expression issues arguing that this was a crackdown on freedom of expression.

GoDaddy is now framing their decision to “discontinue offering new .CN domain names” as a freedom of expression issue. Back in 2004 I wrote about GoDaddy’s practice of denying access to its services form certain countries. Others have also had issues with GoDaddy regarding freedom of expression. In other cases, GoDaddy (among other registrars) have been criticized for being too slow to act.

So in trying to get an understanding of what’s going on, I found portions of GoDaddy’s testimony quite interesting. In particular, I’m interested in the emphasis on “Chinese nationals.”

On February 3, 2010, CNNIC announced that it would reopen .CN domain name registrations to overseas registrars. However, the stringent new identification and documentation procedures would remain in effect. CNNIC also announced an audit of all .CN domain name registrations currently held by Chinese nationals. Domain name registrars, including Go Daddy, were then instructed to obtain photo identification, business identification, and physical signed registration forms from all existing .CN domain name registrants who are Chinese nationals, and to provide copies of those documents to CNNIC. We were advised that domain names of registrants who did not register as required would no longer resolve. In other words, their domain names would no longer work.

Now, what I am unclear on is how the requirements affects non-Chinese national who a registering malware domains, pushing rogue antivirus, sending spam and all sorts ofnasty things. These regulation seems to largely target Chinese nationals — not the nationals of other countries who may be using .CN domains for malicious purposes. GoDaddy concluded:

The intent of the new procedures appeared, to us, to be based on a desire by the Chinese authorities to exercise increased control over the subject matter of domain name registrations by Chinese nationals.

We believe that many of the current abuses of the Internet originating in China are due to a lack of enforcement against criminal activities by the Chinese government. Our experience has been that China is focused on using the Internet to monitor and control the legitimate activities of its citizens, rather than penalizing those who commit Internet-related crimes.

I’m having trouble evaluating GoDaddy’s new found (to me anyway) commitment to freedom of expression. I do welcome it and I hope they are serious about it and demonstrate their commitment by joining the Global Network Initiative. But I’m hoping that they don’t confine their interest in freedom of expression solely to China but rather evaluate and assess freedom of expression and privacy across their business operations.

UPDATE:

WP: In response to new rules, GoDaddy to stop registering domain names in China
Dancho Danchev: “With CN/RU requirement for scanned IDs in order to register a domain,underground services are already monetizing the Photoshop-ing process.”

Hossein Derakhshan



Cyrus Farivar has posted a translation of a letter sent by Hossein’s father to Ayatollah Larijani. It has been almost a year since Hossein was arrested and still there have been no charges laid against him, his family has only been able to meet with him twice for a few minutes and they don’t know which institution is holding him.

Alternative Explanation Redux



livejournal.com is now accessible in Kazakhstan and Kyrgyzstan. Why? Because it appears that Livejournal was not actually blocked by ISP’s in those countries in the first place. Instead, it appears that the Sixpart network, on which Livejournal was formerly hosted, firewalled requests from IP addresses in those countries.

Livejournal was reported as blocked by ISP’s in Kazakhstan after bloggers noted that the site had become inaccessible. There was speculation that the blocking was politically motivated and linked to the Livejournal blog of the the Kazakh President’s former son-in-law who is very critical of the government.

The Kazakh ISP’s denied that they had blocked access to it.

“We do not block access in Kazakhstan to any internet resource, including this portal. As a profitable company, our primary concern is to have our subscribers provided with Internet services to the fullest extent,” head of Kazakhtelecom’s PR department Balzhan Ilbisinova told Interfax…

“We have found out that Internet users in Kyrgyzstan and Uzbekistan also do not have access to this resource. Therefore, I think the lack of access may be attributed to technical problems at LiveJournal?s end,” Ilbisinova indicated.

Last year I wrote about the case of dailymotion.com being temporarily blocked in Tunisia as a result of a mis-categorization by SmartFilter. I suggested that sometimes “there are often mundane, alternative explanations” that explain blocking, let alone inaccessibility.

Here is a traceroute to livejournal from KG. It is interesting because it passes through KZ (other traceroutes from the same ISP do not pass through KZ but display the same behavior) but even more so because the last hop is not in KZ or KG but on the first hop on Sixapart’s network. That is the traceroute suggests the problem is on Livejournal/Sixapart’s end.

Tracing route to livejournal.com [204.9.177.18]
over a maximum of 30 hops:

1 237 ms 226 ms 226 ms *.elcat.kg [212.42.*.*]
2 227 ms 226 ms 226 ms *.elcat.kg [212.42.*.*]
3 226 ms 227 ms 226 ms 213.145.131.145
4 229 ms 235 ms 229 ms 92.46.59.161
5 246 ms 246 ms 245 ms alma-core-l2-6.online.kz [92.47.151.157]
6 246 ms 246 ms 245 ms alma-core-l1-6.online.kz [92.47.145.17]
7 246 ms 246 ms 245 ms asta-core-l1-1.online.kz [92.47.145.10]
8 246 ms 246 ms 245 ms asta-core-l2-1-2.online.kz [92.47.145.42]
9 246 ms * 246 ms asta-gate-1.online.kz [92.47.151.166]
10 258 ms 258 ms 258 ms clk15.transtelecom.net [217.150.58.70]
11 350 ms 351 ms 351 ms xe-3-3.r01.londen05.uk.bb.gin.ntt.net [83.231.146.85]
12 667 ms 529 ms 544 ms xe-3-2.r01.londen03.uk.bb.gin.ntt.net [129.250.2.72]
13 352 ms 351 ms 351 ms xe-2-3-0.r22.londen03.uk.bb.gin.ntt.net [129.250.2.65]
14 350 ms 350 ms 351 ms ae-0.r23.londen03.uk.bb.gin.ntt.net [129.250.4.86]
15 358 ms 358 ms 358 ms p64-2-0-0.r22.amstnl02.nl.bb.gin.ntt.net [129.250.4.105]
16 358 ms 360 ms 364 ms ae-1.r23.amstnl02.nl.bb.gin.ntt.net [129.250.4.222]
17 443 ms 440 ms 436 ms as-0.r20.asbnva01.us.bb.gin.ntt.net [129.250.5.46]
18 437 ms 441 ms 441 ms ae-0.r20.asbnva02.us.bb.gin.ntt.net [129.250.2.61]
19 478 ms * 482 ms as-1.r20.dllstx09.us.bb.gin.ntt.net [129.250.3.42]
20 483 ms 482 ms 482 ms ae-0.r21.dllstx09.us.bb.gin.ntt.net [129.250.2.59]
21 512 ms 513 ms 517 ms as-3.r21.snjsca04.us.bb.gin.ntt.net [129.250.4.25]
22 528 ms 524 ms 525 ms ae-0.r20.plalca01.us.bb.gin.ntt.net [129.250.4.118]
23 523 ms 523 ms 520 ms ae-0.r21.plalca01.us.bb.gin.ntt.net [129.250.5.118]
24 520 ms 523 ms 523 ms xe-3-4.r03.plalca01.us.bb.gin.ntt.net [129.250.4.246]
25 529 ms 523 ms 523 ms 140.174.28.110
26 526 ms 525 ms 525 ms v102-sf-core1.sixapart.com [204.9.176.19]
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

This behavior matches many traceroutes to livejournal from KZ that I have seen posted on forums and blogs.(I don’t have direct access to KZ myself.)

[root@localhost ~]# traceroute livejournal.com
traceroute to livejournal.com (204.9.177.18), 30 hops max, 40 byte packets
1 192.168.0.1 (192.168.0.1) 5.056 ms 4.973 ms 6.254 ms
2 92.46.31.32 (92.46.31.32) 37.094 ms * *
3 92.46.31.9 (92.46.31.9) 39.176 ms 42.572 ms 42.705 ms
4 alma-core-l2-6.online.kz (92.47.150.5) 45.835 ms 46.633 ms 49.597 ms
5 alma-gate-6-2.online.kz (92.47.151.158) 49.578 ms 51.314 ms 51.293 ms
6 62.105.145.81 (62.105.145.81) 120.029 ms 81.211.8.53 (81.211.8.53) 119.194 ms 62.105.145.81 (62.105.145.81) 85.843 ms
7 cat01.Frankfurt.gldn.net (194.186.157.138) 150.126 ms 152.341 ms 141.199 ms
8 TenGigabitEthernet7-4.ar1.FRA4.gblx.net (64.208.222.201) 203.801 ms 203.788 ms 206.627 ms
9 te7-4-10G.ar3.FRA3.gblx.net (67.17.111.178) 348.909 ms 350.545 ms 350.517 ms
10 ge-6-11.car2.Frankfurt1.Level3.net (195.122.136.245) 187.929 ms 201.878 ms 191.595 ms
11 ae-32-56.ebr2.Frankfurt1.Level3.net (4.68.118.190) 189.552 ms ae-32-52.ebr2.Frankfurt1.Level3.net (4.68.118.62) 215.396 ms ae-32-54.ebr2.Frankfurt1.Level3.net (4.68.118.126) 148.874 ms
12 ae-2.ebr1.Dusseldorf1.Level3.net (4.69.132.137) 195.665 ms 187.249 ms 190.874 ms
13 * * *
14 ae-2.ebr1.Amsterdam1.Level3.net (4.69.133.89) 217.906 ms 215.069 ms 211.648 ms
15 ae-1-100.ebr2.Amsterdam1.Level3.net (4.69.133.86) 203.764 ms 205.056 ms 214.713 ms
16 ae-2.ebr2.London1.Level3.net (4.69.132.133) 160.643 ms 173.771 ms 174.483 ms
17 ae-42.ebr1.NewYork1.Level3.net (4.69.137.70) 235.561 ms ae-43.ebr1.NewYork1.Level3.net (4.69.137.74) 242.350 ms ae-44.ebr1.NewYork1.Level3.net (4.69.137.78) 242.053 ms
18 ae-61-61.csw1.NewYork1.Level3.net (4.69.134.66) 243.298 ms ae-71-71.csw2.NewYork1.Level3.net (4.69.134.70) 254.401 ms ae-81-81.csw3.NewYork1.Level3.net (4.69.134.74) 231.585 ms
19 ae-94-94.ebr4.NewYork1.Level3.net (4.69.134.125) 233.414 ms ae-64-64.ebr4.NewYork1.Level3.net (4.69.134.113) 224.338 ms ae-74-74.ebr4.NewYork1.Level3.net (4.69.134.117) 243.520 ms
20 ae-2.ebr4.SanJose1.Level3.net (4.69.135.185) 304.158 ms 312.587 ms 314.754 ms
21 ae-74-74.csw2.SanJose1.Level3.net (4.69.134.246) 301.834 ms ae-84-84.csw3.SanJose1.Level3.net (4.69.134.250) 306.405 ms ae-94-94.csw4.SanJose1.Level3.net (4.69.134.254) 297.681 ms
22 ae-62-62.ebr2.SanJose1.Level3.net (4.69.134.209) 300.430 ms ae-82-82.ebr2.SanJose1.Level3.net (4.69.134.217) 315.784 ms ae-92-92.ebr2.SanJose1.Level3.net (4.69.134.221) 300.655 ms
23 ae-5-5.car1.Oakland1.Level3.net (4.69.134.37) 306.771 ms 306.578 ms 294.600 ms
24 SIX-APART-L.car1.Oakland1.Level3.net (4.71.200.18) 306.504 ms 294.604 ms 295.527 ms
25 v102-oak-core2.sixapart.com (204.9.176.82) 310.375 ms 321.391 ms 316.173 ms
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

In both cases the last hop is on Sixapart’s network.

On November 18 2008 Livejournal moved off Sixpart’s network and is now accessible in KG and KZ. Since they have new IP addresses they would be accessible until the KZ ISP updated their blocking, but so far this has not occurred. Since the traceroutes clearly show that packets passed through KG and KZ to Sixpart’s network my sense is that some network admin at Sixapart firewalled some IP addresses (or ranges of IPs) that corresponded to ISPs in KG and KZ, perhaps due to “bad” behaviour, such as scans, originating from those IP’s. In any case it appears that the KZ and KG ISP’s had nothing to do with the inaccessibility of Livejournal in those countries.

In any case I’m glad it is now accessible and hope it remains that way.

Free Hoder



There are reports that Hossein Derakhshan has been arrested in Iran. Hossein is a friend, a blogging pioneer, and a supporter of freedom of expression and human rights. Hossein Derakhshan should be released immediately and I hope that the Canadian government takes action to secure his release.

After he became very concerned about the demonization of Iran in the media, a possible attack on Iran, and the manipulation of human rights issues to support an attack on Iran Hossein alienated many of his former supporters. It is unfortunate that some are now so critical of him (see the comment sections here and here) that they are dismissing his arrest and not supporting calls for his release.

If you believe in freedom of expression and human rights — even if you disagree with Hossein’s opinions — support calls for his release.

Perspectives



The Breaching Trust report that investigated the filtering and surveillance of Tom-Skype continues to generate interest. Today both the Globe and Mail and the New York Times mention the report.

The Globe focused on innovation in research coming our of Canadian Universities, which is a very interesting perspective. One of things that make research at the Citizen Lab so exciting is the ability to use unconventional methods.

The NYT article is about the “global code of conduct” that technology companies and human rights groups have been working on for some time now. It provides guides, for companies like Skype, that aim to “avoid or minimize the impact of government restrictions on freedom of expression.” It also sets up “accountability mechanisms” so that compliance can be evaluated.

In effect this is what I have been doing (see Search Monitor and Breaching Trust) independently. While rightfully labeled as a “first step” the significance of this initiative should not be minimized. I’ll have to wait and see the official documents scheduled to be released tomorrow, but I believe that these principles will help my research by providing benchmark — to which these companies have voluntarily agreed — with which I can evaluate their actual behavior. Hopefully, it will also encourage companies to be more transparent about their practices which definitely helps me interrogate their practices with increased accuracy.

Snips from the articles:

In shadowy Web world, schools are on the case – The Globe and Mail

Through its monitoring, the Citizen Lab discovered swaths of text that failed to make it to intended recipients. The messages had been stored in databases run by the Chinese partner of Skype, Tom Online Inc. Citizen Lab found this thanks to Tom’s apparent lax security, which allowed the Lab to find both encrypted information and the key that would allow them to decrypt it on a publicly accessible Web page.

Big Tech Companies Back Global Plan to Shield Online Speech – The New York Times

Currently Google, Microsoft’s MSN division and Yahoo’s Chinese affiliate are all cooperating with the Chinese government’s demands that search results be filtered. This month, Canadian researchers revealed that the Chinese version of the Skype Internet chat and telephony client had been modified to permit the logging of chat sessions and storage of the information on server computers belonging to Skype’s Chinese partner, Tom, a wireless and Internet company.

Yahoo, MSN Censor More than Baidu



China unblocked many usually censored web sites following intense international pressure and scrutiny after having promised uncensored access during the Olympics. Five days later (August 6, 2008) I tested the search engines that Google, Yahoo! and Microsoft customize for the Chinese market as well as the leading domestic search engine Baidu. I found that all of the search engines were still censoring content that was unblocked by China. one interesting find was that Yahoo! was censoring less than all the others and Baidu (and Google) were censoring much less than Microsoft.

For purposes on comparison Google and Microsoft make a good match because both have to de-list web sites form search results while Yahoo! and Baidu index form within China and thus do not (usually) index sites already censored by China. (For more read my report on search engine comparison.)

Now over a month later things have changed. While these sites remain accessible in China some are still censored by the search engines. Google has dropped to only censoring two sites and is now censoring the least amount of content. Baidu is next with three censored sites. Microsoft remained steady, but Yahoo! has shifted from censoring the least amount of sites to the most!

The divergence between Yahoo! and Baidu is very interesting. If both crawl from within China and are subject to China’s filtering why is Yahoo! censoring so much more than Baidu? It could be that the conclusion that Yahoo! and Baidu do not de-list content is not fully accurate. If the sites are accessible in China then Yahoo! is likely de-listing the sites. Because of the suboptimal method of censorship notification employed by Yahoo! (a standard disclaimer on every page regardless of whether any of the results are censored or not) I cannot fully distinguish between sites that are de-listed and sites that have not been indexed (e.g. because China blocks them).

I’m still struck by the fact that over a month later sites that are available and uncensored in China are still censored by these search engines.

DOMAINS Google Yahoo Microsoft Baidu
ip =
"203.208.39.99"
host = "www.google.cn"
ip =
"202.165.102.243"
host = "one.cn.yahoo.com"
ip =
"202.89.236.206"
host = "cnweb.search.live.com"
ip =
"202.108.22.43"
host = "www.baidu.com"
chinese.wsj.com OK OK OK OK
cn.reuters.com OK OK OK OK
news.chinatimes.com OK CENSORED (0) CENSORED (0) OK
olympics.scmp.com OK OK OK OK
udn.com OK OK OK OK
www.amnesty.org OK CENSORED (0) CENSORED (0) CENSORED (0)
www.atchinese.com OK CENSORED (0) CENSORED (0) OK
www.ftchinese.com OK OK OK OK
www.hrw.org OK) CENSORED (0) CENSORED (0) CENSORED (0)
www.libertytimes.com.tw CENSORED (0, message) OK OK OK
www.mingpaomonthly.com OK OK OK OK
www.mingpaonews.com OK CENSORED (0) CENSORED (0) OK
www.rfa.org CENSORED (0, message) CENSORED (0) CENSORED (0) OK
www.rsf.org OK CENSORED (0) CENSORED (0) OK
www.scmp.com OK OK OK OK
www.voanews.com OK CENSORED (0) CENSORED (0) CENSORED (0)
www.yzzk.com OK CENSORED (0) OK OK
www1.appledaily.atnext.com OK CENSORED (0) OK OK
zh.wikipedia.org OK CENSORED (0) CENSORED (0) OK

Free Expression Principles



Major technology companies, including Google, Yahoo! and Microsoft, have agreed, in principle, to a voluntary set of principles designed to “guide businesses when they encounter laws and practices that may contravene international human rights standards or be at odds with law or culture in their home jurisdiction.” The objective is to protect and advance freedom of expression and privacy. Included in this initiative are mechanisms to provide for ongoing learning as well as the monitoring of compliance.

Google, Yahoo! and Microsoft sent letters to Sen. Durbin announcing the agreement. The letters re-state each company’s commitment to freedom of expression and highlight the core components of the initiative including the principles, the implementation guidelines and the accountability and learning framework.

Google’s letter draws on my report that compared Google, yahoo! and Microsoft’s search engines along with the domestic Chinese company Baidu. The most significant point centers on the impact of engagement. I found that the presence of foreign search engines resulted in an increased amount of information being available to Chinese Internet users. More specifically, I found that:

When the results from Google, Microsoft and Yahoo are combined, 20% of the sites censored by Baidu are available. However, individually they provide more information, especially Google and Microsoft which provide, on average, 51% and 55% more content (content not available in Baidu) while Yahoo! averages 25% more.

Since the search engines were censoring different content mixing searches across multiple search engine resulted in the ability to find sites censored by the other search engines.

Also, I noted that Baidu, the leading Chinese search engine, had introduced a censorship notification following the lead of the foreign search engines. Unlike foreign search engines under pressure from the home governments Baidu is not. While a still a small step, it shows that engagement can make a difference and that industry standards are important. that is why I think the principles for free expression and privacy are so important. They present a united effort and set an industry standard.

Engagement certainly presents a series of hard choices, but is a better choice than disengagement when it comes to information and communications technologies. These technologies build the bridges that connect diverse people and places, putting up barriers is what the censors do. I find it hard to believe that the promotion of free expression is served in Iran by denying Iranians access to the Java programming language.

The catch here is that this agreement and these principles are not an end point but a starting point. As I noted in my report the overall level of transparency is low — there is work to be done in this area. The process for determining what to censor is still unclear and supports the secrecy and unaccountability of China’s censorship policies. Even within a restrictive environment such as China I believe there is much more that can be done. (See below). I also showed that while the total amount of censorship may not be high, the significance of the censored sites is important.

These censored sites are often the only sources of alternative information available in the top ten results for politically sensitive search queries. Moreover, even the uncensored versions of these search engines highly rank content that is hosted in China or ends in the domain suffix .cn, both of which China retains control over and are thus unlikely to present alternative information.

China recently unblocked many censored web sites after intense international pressure and scrutiny after having promised uncensored access during the Olympics. Andrew Lih tested a sample of websites normally censored in China and found them to be accessible. The web sites of human rights groups such as Human Rights Watch, Reporters Sans Frontiers and Amnesty International are all now accessible.

Andrew posted his test results on August 1st, 2008, five days later search engines are still censoring sites that are not unblocked in China. For example, Yahoo! Microsoft and Baidu are still censoring www.amnesty.org while Google is not. Google, Microsoft and Baidu are still censoring www.hrw.org while Yahoo!s not. (Yahoo! has only one result, www.hrw.org/russian, I’m not sure how many Russian speakers there are in China, anyone know?) Only Microsoft is still censoring www.rsf.org — even Baidu is not. In fact, Microsoft is censoring more of these newly unblocked websites than the Chinese company Baidu! Another noteworthy observation is that Yahoo! is censoring the least of these newly unblocked sites.

DOMAINS Google Yahoo Microsoft Baidu
ip =
"203.208.39.99"
host = "www.google.cn"
ip =
"202.165.102.243"
host = "one.cn.yahoo.com"
ip =
"202.89.236.206"
host = "cnweb.search.live.com"
ip =
"202.108.22.43"
host = "www.baidu.com"
chinese.wsj.com OK OK OK OK
cn.reuters.com OK OK OK OK
news.chinatimes.com OK OK CENSORED (0) OK
olympics.scmp.com OK OK OK OK
udn.com OK OK OK OK
www.amnesty.org OK CENSORED (0) CENSORED (0) CENSORED (0)
www.atchinese.com OK OK CENSORED (0) OK
www.ftchinese.com OK OK OK OK
www.hrw.org CENSORED (0, message) OK CENSORED (0) CENSORED (0)
www.libertytimes.com.tw CENSORED (0, message) OK OK OK
www.mingpaomonthly.com OK OK OK OK
www.mingpaonews.com OK OK CENSORED (0) OK
www.rfa.org CENSORED (0, message) OK CENSORED (0) OK
www.rsf.org OK OK CENSORED (0) OK
www.scmp.com OK OK OK OK
www.voanews.com OK OK CENSORED (0) CENSORED (0)
www.yzzk.com OK OK OK OK
www1.appledaily.atnext.com OK CENSORED (0) OK OK
zh.wikipedia.org OK OK CENSORED (0) OK

* If at least one result was returned for a “site:” search on a domain, it was marked as OK.

To be fair, it does take time for search engines to respond. They have multiple servers, it may take time for them all to be updated. Also, there differences in implementation between those that crawl and index the web from behind China’s filtering system and those that do not and thus have to “de-list” results. (See the report for details on this.)

Still, I find it difficult to accept that sites that are unblocked in China remain censored in these search engines.

The (b)Logosphere – Part 2



The companies that provide blogging, social networking and video hosting services are becoming aware of the fact that a core user constituency is engaged in citizen journalism and digital advocacy. And that this also presents challenges. These companies are in a position in which they are are compelled to comply with the censorship and surveillance demands of governments and corporations in addition to protecting the privacy and freedom of expression of their users. In fact many of these services, such a Youtube and Flickr, have been censored in various countries. In other cases, they have chosen to self-censor to comply with local restrictions. They have also turned over data resulting in the arrest of activists and dissidents.

But just as users can protect themselves, so can companies.

1. If you log it, they will come. What you log, how it is stored (anonymized logs), and how long you keep them for are important.

2. Censorship is a double-edged sword. If you do not censor, there is a risk that your service will be blocked. If you do censor, you will be condemned. Therefore it is important to be open and transparent surrounding what and how you censor. Derek Bambauer has a great paper that expands on what the concept of transparency really means. It is well worth the read.

3. Awareness is crucial. Internal awareness of the use of your services by political activists and citizen journalists is very important. Consider the case(starts at 14:15 in the podcast) of Wael Abbas in Egypt: he uploaded videos of police brutality and torture in Egypt to YouTube which lead to the arrest of some officers involved. YouTube suspended his account for posting “inappropriate material” and did no respond to his emails asking for clarification. Only after his case appeared on CNN and major media outlets as well as a campaign by fellow bloggers did YouTube restore his account. YouTube said that the videos did not have sufficient context. Wael says that YouTube told him that the people staffing the suspensions were new and didn’t know what they were doing as all the complaints leading to the suspension of the account were from one source, most likely the Egyptian government.

4. Communication is vital. If is very important for users to know the potential risks they face. For example, it is now well known that Yahoo! China has cooperated with Chinese authorities turning over email and account information that helped convict at least four dissidents. The use of a foreign, well known email service did not provide them with any more protection than a domestic Chinese service would have. In contrast, Google has pledged to not offer certain products in China.

5. Know where your servers are hosted and what your partners/subsidiaries are up to. See Rebecca MacKinnon’s excellent paper for a thorough discussion.

CBC takes down Hamas, Hezbollah websites



When Jonathan Halevi found that websites affiliated with Hamas and Hezbollah were being hosted on servers owned by the Canadian company iWeb he contacted iWeb and asked for them to be taken down. He was not successful. However, when CBC translated some Arabic in the discussion forum and contacted iWeb claiming that they were hosting “a site whose content could violate Canada’s anti-terrorism act” iWeb re-evaluated and took down the sites.

It is unclear exactly which specific sites were targeted although both www.almanar.com.lb (Hezbollah affiliated) and www.aqsatv.ps (Hamas affiliated) were both previously hosted on iWeb. After the initial complaint, iWeb reviewed the English content of the web site(s) (almanar has an English section, aqsatv does not appear to have an English section it is not clear what was actually reveiwed) and determined that “the English version did not seem to have any content which could violate our policies or laws.” However, after CBC’s claim that they were in violation of Canada’s anti-terrorism act iWeb removed the site(s):

In this case, analysis of the site had been done on the English version of the site, a version that did not seem to include material or content that was illegal or in violation of our terms of service (these facts were confirmed by journalists involved in this case). We informed our customer of this complaint and of the conclusions we came to. We also informed the individual who made the complaint, who did not provide any feedback or additional information.

It actually appears that the offending content which lead to the removal of the web sites were actually COMMENTS posted beneath an article:

People’s comments under the article in question are a good example, several believe that the site had to be removed and others believe that this is freedom of expression; who is right?

In response to the original complaint iWeb suggested that that the RCMP be contacted and if the content violated the law they would act. But after CBC’s involvement they acted to remove the content without this:

For our part, we determine that the initial complaint, which did not target a specific part or section of the site was not, at first glance, substantiated and that the version and sections of the site that we analyzed were conformed with Canadian laws and our policies. That being said, we originally specified to the person who made the complaint that if they felt the issue required legal attention, that they should voice their concern to the competent authorities like the RCMP (Royal Canadian Mounted Police) so that they can also analyze the content and that we will collaborate with their verdict. When the complaint reached us for a second time, the new information provided to us made us revise our position. We then agreed that it was not informative speech or opinion or freedom of expression anymore, but a threat to human beings who violates our policies for using this service and why we intervened by shutting down the sites in question.

The details are still a bit confusing:

  • What were the exact web sites in question? Are they in fact www.almanar.com.lb and www.aqsatv.ps?
  • What was the exact offending content that CBC felt was a violation of Canada’s anti terrorism act? Was it a post in a discussion forum? Was it a comment posted below an article? On which site?
  • Were these web sites removed due to content posted by USERS and not by the owners of the sites?
  • Were the owners of the web sites given the opportunity to moderate/delete the offending user comments?
  • Were the owners of the web sites given the opportunity to keep the English version, which had no offending content?

This, of course, is not the first time this has happened. I have posted about this in the past:

Content removed for allegedly supporting terrorism is one of the least documented forms of takedown… The Internet Haganah, which calls for the removal of sites which allegedly support terrorism, had counted 600 successful takedowns by 2005. These include websites, groups hosted by Yahoo! and storefronts at Cafe Press. In 2005, the Toronto-based Friends of Simon Wiesenthal Center had several sites removed by their ISPs, one of which only contained a flag that carried the inscription, ‘There is no other God but Allah’. There was no hateful text or material advocating suicide bombing. The issue, as noted in the press release, was that the flag appeared to be the same one used by Hizb-ut-Tahrir, a group that, at the time, was not on the US State Department’s or Canada’s list of terrorist organisations.

Pending answers to the questions above, it seems that the issue here is not one of content but of association, pressure and selective enforcement.

For example, the web site of KACH www.kahanetzadak.com, which is among a handful of websites listed as terrorist entities by the U.S., is also hosted in Canada:

OrgName: In2net Network Inc.
OrgID: IN2N
Address: 3602 Gilmore Way,
Address: Suite 210
City: Burnaby
StateProv: BC
PostalCode: V5G-4W9
Country: CA

These cases raise troubling question concerning transparency and due process the lack of which leads to chilling effects on freedom of expression. While the details are still unclear, it appears that these sites were removed after CBC determined that forums posts or comment posts were in violation of Canada’s anti-terrorism act. That is, not content posted by the owner’s of web sites but by users. And it is unclear if the owner’s of the sites were given the opportunity to moderate the offending content. This has consequences that go beyond just this case. The “vigilante model” of takedown puts the power of judge, jury and executioner in the hands of hosting providers and ISPs. The entire process lacks transparency, accountability and oversight.

The (b)Logosphere – Part 1



The explosion of citizen journalism has allowed increased access to a diversity of voices around the globe. Issues and voices that are not represented in mainstream media are providing diverse perspectives on both popular and obscure political issues. However, this phenomenon is certainly not new. While recent attention has focused on bloggers around the world, past efforts, including the creation of Indymedia nearly ten years ago, leveraged the Internet for these same purposes. The success of citizen journalism is based on a combination of personal experience, opinion and analysis with traditional news to provide a compelling account of political events that engages and connects with the reader.

While bloggers are quite aware of the danger of government censorship and surveillance, the same skepticism concerning free expression and privacy often does not extend to the corporate sector. The blogosphere looks more like the logosphere, unlike the nologosphere of earlier incarnations of independent media. While some open, decentralized elements remain, particularly the use of open source software such as wordpress and open licensing such as creative commons, most of the tools and platforms used by bloggers are corporate, proprietary products: Blogger/Blogspot, Twitter, Gkype, Gmail, Feedburner, Flickr, Technorati, Facebook, Myspace, Youtube etc… This is not necessarily a bad thing, it just presents a different set of challenges.

After setting up a fake Facebook profile of a Moroccan Prince, Fouad Mourtada was arrested and sentenced to three years in prison. Although Fouad was recently pardoned and released after an international campaign, the case has raised questions about Facebook’s possible involvement:

How the Moroccan police found out Mourtada’s identity remains a bit of a mystery. They could have obtained his IP address from Facebook, or from his service provider, Maroc Telecom, or from an old-fashioned snitch. But the preliminary court hearing did not include details of the police investigation, so the possibility of corporate cooperation cannot be ruled out.

In at least four cases Yahoo! cooperated with the Chinese government resulting in the imprisonment of dissidents. The use of a foreign, well known email service did not provide them with any more protection than a domestic Chinese service would have. Orkut, Google’s social networking site, handed over information to the police in India which was used to arrest a person for insulting a revered figure. Youtube, despite putting up a legal battle, has been ordered to turn over user information of everyone who has ever used Youtube to Viacom. Such services collect and store information about users that can and has been handed over to others, in some cases resulting in the arrests of activists and dissidents.

In other cases companies censor their users. Skype has partnered with a domestic Chinese company to provide a censored version of its popular voip/chat software. Microsoft deleted the MSN spaces account of a well known Chinese blogger and filters its service to prevent posts from being made that contain certain sensitive words. In fact, this is exactly what domestic Chinese blogging platforms do. The Chinese version of Myspace censors posts that contain sensitive words and also encourages users to report those who engage in “misconduct.” Google, Microsoft and Yahoo! all maintain censored versions of their search engines for the Chinese market.

Internet users can and should take measures to protect themselves, even Indymedia’s servers were seized by police in the past. Projects such as Tor provide technical measures to enhance ones privacy online by providing a significant level of anonymity. Global Voices Advocacy has created a guide that shows users how to blog anonymously with WordPress and Tor. The Citizen Lab has produced a guide to bypassing censorship. NGO-in-a-Box has produced a collection of security software that helps NGO’s secure themselves. It is important for citizen journalists to asses the threats they face and use tools that minimize those risks. A well recognized foreign brand is not a substitute for good security practices.

However, the strength of tools such as Facebook, Flickr, and Twitter rests upon their ease of use and most users will not take the additional steps necessary to protect ones privacy. Just as users may need to implement strategies to minimize their potential risks, the technology companies on whose services bloggers and citizen journalists rely should also take proactive steps to protect their users and communicate the limits of that protection to their users.

Perspectives on Transparency



据当地法律法规和政策,部分搜索结果未予显示。

When Google first added this censorship notification to google.cn — the China-specific version of Google — its significance was largely overshadowed by the fact that they had agreed to censor their search engine at all. Following Google, Yahoo! also added a censorship notification, as did Microsoft. All three companies were grilled before Congressional Committees and human rights organizations. Now the domestic Chinese search engine Baidu — and others including Soso, Sougou, Yodao — introduced a censorship notification? What does this mean?

Yahoo! had been censoring their China-specific search engine for years prior to Google’s introduction of censorship drawing criticism from human rights and free speech advocacy organization but little from elsewhere. The open acknowledgment of censorship enabled for a much broader, well publicized debate/discussion to the complex issues of censorship in China. These “You’ve been Censored” notification raised considerable awareness of censorship in China. Of course, it came at the cost of these companies’ compliance with China’s censorship rules, arguably strengthening China’s control of the Internet.

In a recent study I compared the censorship practices of the search engines provided by Google, Microsoft and Yahoo! for the Chinese market along with the domestic Chinese search engine Baidu. I found that although Internet users in China are able to access more information due to the presence of foreign search engines the web sites that are censored are often the only sources of alternative information available for politically sensitive topics. I argued that the wide disparity among the actual web sites that these search engines censor suggests that these companies are determining what to (or not to) censor and that the lack of clarity in the process and the unwillingness of companies to disclose this information acts to bolster China’s current censorship policy that thrives on secrecy and unaccountability.

Since the report was finalized, the domestic Chinese search engine Baidu, following the foreign search engines, introduced a censorship notification indicating that it is possible to make progress through engagement. Other search engines such as Soso, Sougou, Yodao also, at least temporarily, also had a form of notification.

The downside is that these developments normalize censorship. Considering that this latest censorship targeted search terms and resulted in no results being available for those terms, this could be interpreted as a worsening of the situation.

But it is rather remarkable that Baidu has introduced a consistent censorship notification mechanism. Google, Microsoft and Yahoo! have to balance China’s censorship requirements with the pressure they receive from the U.S. Congress and human rights groups and thus have an incentive to be transparent. But Baidu is a domestic Chinese company that does not have such pressures. It is possible that Baidu introduced the notification simply to conform to what has become an industry norm.

It also suggests an increasing openness within China concerning censorship and informs Chinese Internet users — many of whom are not aware of censorship in China at all — that censorship is in fact occurring. While the introduction of censorship notification may seem negligible to some, and it is certainly no reason to become complacent, it is a small first step toward lifting the veil of secrecy and unaccountability that permeates China’s censorship policies. It demonstrates that the leadership of foreign companies can increase transparency even within domestic Chinese companies and, as a result, reaffirms that the further efforts to improve transparency cannot be allowed to remain stagnant.

I’ve been thinking about a range of offensive and defensive strategies to that both companies and activists could pursue in order to stimulate further efforts towards transparency on the part of companies as well as within China that I hope to post soon.

Search Monitor: Toward a Measure of Transparency



Citizen Lab Occasional Paper #1, “Search Monitor Project: Toward a Measure of Transparency“, (mirror) has been released today. This report interrogates and compares the censorship practices of the search engines provided by Google, Microsoft and Yahoo! for the Chinese market along with the domestic Chinese search engine Baidu. It is based on tests conducted between November 2007 and April 2008 focused on uncovering web sites that have been censored from search engine results.

The report finds that although Internet users in China are able to access more information due to the presence of foreign search engines the web sites that are censored are often the only sources of alternative information available for politically sensitive topics. In addition to censoring the web sites of Chinese dissidents and the Falun Gong movement, the web sites of major news organizations, such as the BBC, as well as international advocacy organizations, such as Human Rights Watch, are also censored.

The data presented in this report indicates that there is not a comprehensive system – such as a list issued by the Chinese government – in place for determining censored content. In fact, the evidence suggests that search engine companies themselves are selecting the specific web sites to be censored raising the possibility of over blocking as well as indicating that there is significant flexibility in choosing how to implement China’s censorship requirements.

This report finds that search engine companies maintain an overall low level of transparency regarding their censorship practices and concludes that independent monitoring is required to evaluate their compliance with public pledges regarding commitments to transparency and human rights. The lack of clarity in the process and the unwillingness of companies to disclose this information acts to bolster China’s current censorship policy that thrives on secrecy and unaccountability.

It is becoming increasingly clear that technology companies face a dilemma when attempting to penetrate the Chinese market. A failure to comply with China’s censorship policies can result in the wholesale blocking of a company’s entire service or significant levels of interference due to China’s filtering system. Companies that have a physical presence in China face the challenge of obtaining proper licensing and their Chinese employees may face legal threats for the foreign company’s failure to comply with China’s censorship policies. However, it is also clear that compliance with China’s censorship policies is also an unattractive option. Google, Microsoft and Yahoo! are all facing tough criticism from governments, human rights groups and civil liberties advocates as well as their shareholders for their complicity in China’s censorship policies.

While foreign search engines do provide more content than domestic search engines, the greatest benefit of having foreign search engines in China may not be increased access to information but is the potential contribution that these companies can make to further transparency and accountability in the process of censorship.

Since this report was finalized, the domestic Chinese search engine Baidu, following the foreign search engines, introduced a censorship notification indicating that it is possible to make progress through engagement. While this development may seem negligible to some and it is certainly no reason to become complacent, it is a small first step toward lifting the veil of secrecy and unaccountability that permeates China’s censorship policies.

CBC’s The National Reports on the Citizen Lab



Wikileaks



Wikileaks, the transparency web site that allows anyone to upload leaked materials, was shut down after a California Judge ordered its domain registrar to:

immediately clear and remove all DNS hosting records for the wikileaks.org domain name and prevent the domain name from resolving to the wikileaks.org website or any other website or server other than a blank park page, until further order of this Court.

The site is still available here: http://88.80.13.160/

The Citizen Media Law Project has the case documents and analysis and the story has now been picked up by the mass media. But what’s caught my attention is who is not talking about it. Glad to see the usual suspects raising the issue.

Excluding Iran



A few months ago The Register published a story which noted that Yahoo! (png) and Microsoft (png) had removed Iran as an option in their country lists used when signing up for an account. (On a separate but interesting note Yahoo! has an option for “Iraq-Saudi Arabia Neutral Zone”.) Google still has Iran as an option for creating accounts, but does block GoogleEarth downloads from users in Iran (png).

Another interesting note in the article concerns Skype:

On 30 October, the Tehran correspondent of Netherlands newspaper NRC Handelsblad reported (in Dutch) that his paid Skype account had been cancelled. An email from the VoIP outfit said its financial services provider had been forced to stop taking payments from Iran.

This story reminded me of when Sun started to block downloads of Java using geolocation technology to users in Iran. Back in 2004/2005 Sun was explicit about it and used notices saying “The Java(tm) cannot be downloaded to your machine. You are located in an embargoed country.” (Some old screen shots here (automatic installer) and here (direct manual download).) Sun has now replaced the earlier messages with a generic “Your download transaction cannot be approved. Contact Customer Service.” (png)

I concur with The Register:

Whether Yahoo! and Microsoft’s apparent action is the result of an over-zealous compliance lawyer or not, the effect on US interests of denying ordinary Iranians access to free international communications is questionable at best.

It is ironic that excluding Iranians from using such services is exactly what the Iranian government is criticized for. Take the case of flickr, the photo-sharing service which has been bought by Yahoo!, since it is often blocked by Iranian ISP’s, Iranians need to use censorship circumvention methods to access the service, but now they are not permitted to sign up for a flickr account (they can, of course, circumvent this restriction too).

I’m not a lawyer, so I’m just putting this out here to inspire an lawyers who may wish to explore this but it seems to me that in some cases it may have to do with the presence of encryption technology which would fall under the U.S. export controls on encryption rather than under the U.S. embargo on Iran. In terms of the provision of Internet services there is a clear exception for “information”:

The receipt or transmission of postal, telegraphic, telephonic or other personal communications, which does not involve the transfer of anything of value, between the United States and Iran is authorized. The exportation from the United States to Iran of information and informational materials, whether commercial or otherwise, regardless of format or medium of transmission, and any transaction incident to such exportation is authorized.

But in “Guidance on Internet Connectivity (Iran)” there is some confusing statements. The document is about the provision of “Internet access” also referred to as “Internet connectivity services” but begins to start using the word “service” on its own in relation to “goods, technology or software.” However, one can be exempt “provided that the main purpose is to benefit the people of Iran through increased access to information.”

In the end it is Iranian citizens who are left out, unable to use popular tools and services increase our ability to communicate, create and express ourselves online, not because the Iranian government is censoring them but because the of the U.S. embargo.