A widespread and in many ways concerted series of attack by governments on the internet is underway, one that has increased in scope and complexity since WikiLeaks humiliated the US government and social media helped fuel the Arab Spring.
A widespread and in many ways concerted series of attacks by governments on the internet is underway, one that has increased in scope and complexity since WikiLeaks humiliated the US government and social media helped fuel the Arab Spring.
The attacks involve censorship and blocking of access to the internet, the use of judicial systems to harass users, trade treaties to target internet users, physical harassment and punishment of activists, and the manipulation of social media by governments.
It’s a fully-fledged war on the internet (not via the internet, which is also going on, as Lockheed Martin can attest). It is fought across multiple fronts, as governments respond to the threat posed by their citizens connecting up with one another and with citizens of other states. And it is being fought in the US, in Europe (especially France) and in Australia, as well as by the world’s worst dictatorships
Understanding the differing types of attacks is important in understanding what is driving governments to respond so aggressively to the internet. So it’s important first to develop a taxonomy of attacks on the internet currently underway.
1. Defence against regime change
The lesson of the Arab Spring is clear: internet-based media can be tools for regime change. Equally clearly for dictators, controlling the internet, or shutting it down where it can’t be controlled, is a key step in regime survival.
China and Iran continue to be the exemplars of states that have demonstrated that if you throw enough resources at censoring the internet you can exercise a degree of control, but both states couple direct control (Iran has aggressively explored ways of undermining the Tor anonymisation software, and now proposes to establish its own version of the internet to prevent the inflow of Western ideas) with harassment and brutalisation of bloggers.
Failed Arab regimes have proved less successful at online repression over the last six months, but they’ve employed a suite of tools — attempts to harvest information from social media, or using tools developed by Western companies to filter and monitor online activity, or reducing bandwidth, cutting power or simply switching internet access off as a last resort. Bahrain and Syria have taken to using armies of sockpuppets to flood social media with pro-regime messages and harass legitimate users — an approach in which the US Defense Department is eager to invest.
Direct repression and harassment isn’t limited to countries perceived as being dictatorships. As Crikey has noted several times, despite the “net freedom” rhetoric of the Obama administration, it has engaged in extended harassment of internet activist Jacob Appelbaum, including theft of his IT equipment, for — apparently — the crime of supporting WikiLeaks and being a key Tor developer.
2. National security
The post-9/11 development of the surveillance-heavy, rights-lite National Security State, primarily in the US, has seen systematic assaults on internet users in the past, such as the Bush administration’s mass internet surveillance via AT&T. That continues under Obama, who is virtually indistinguishable from his predecessor on national security matters. The FBI recently refused to reveal the names of American ISPs that continue to provide surveillance data on their customers to the Feds, for fear it would make their customers flee in droves.
Incidentally, last week, the infamous Patriot Act, which contains a series of assaults on the basics liberties of Americans, was extended on the eve of expiry, amid speculation the Obama administration, like Bush, is using it to justify using mobile phone data to track people.
Many national security-related cyber measures, however, are aimed not at nebulous “terrorism” but at eliminating the potential for embarrassment occasioned by exposure and transparency (which is where this category of attacks most blends into attacks designed to protect regimes). The Obama administration’s Department of Justice is still trying to find a way to split WikiLeaks, which the administration insists has merely caused embarrassment rather than any harm to national security, from the mainstream media in order to prosecute Julian Assange for espionage over the diplomatic cables, and has issued subpoenas to Twitter, Facebook and Google (which only Twitter has contested) in order to obtain details about users who have supported WikiLeaks, including anyone who follows the WikiLeaks Twitter account.
WikiLeaks has also prompted a legislative response in the US and Australia. Joe Lieberman introduced a bill in US Congress targeting whistleblower sites, and the Gillard government is specifically amending the Intelligence Act to enable ASIO to legally spy on WikiLeaks.
The potential for further unauthorised exposure plainly deeply concerns Western government. Following the recent declaration by the US that cyber attacks may prompt a real-world response, overnight it was revealed NATO is preparing a campaign of “infiltration and persecution” against Anonymous, which has primarily targeted corporate America via campaigns against the copyright industry and in support of WikiLeaks. However, Anonymous also humiliated the US cyber security industry, which has deep ties with the US defence establishment, through its HBGary crack that revealed an extensive array of embarrassing information.
3. Influential gatekeepers
The primary source of governmental attacks on the internet come at the behest of powerful pre-digital commercial sectors keen to protect their legacy business models. The most obvious example is the copyright industry, the world’s most politically powerful industry, which has convinced governments around the world to allow it to outsource its enforcement function — traditionally something the industry itself paid for — to taxpayers.
France, with its three-strikes law and a governmental determination to regulate the internet, and the US are the two most activist governments on this. In America, legislation that will establish an internet filter based on the demands on the copyright industry, the PROTECTIP Act, has reached the floor of the Senate, although Senator Ron Wyden has placed a stop on the bill as he did for its predecessor, the COICA bill. The US also tries to use trade treaties like ACTA to enforce the demands of the copyright industry, and is now seeking to do the same via the Trans-Pacific Partnership Treaty. The Department of Homeland Security doesn’t merely shut websites down, it seizes domain names on the basis the sites in question may have linked to material perceived as “infringing” US copyright laws.
The French government is even more stringent, not merely through its “three-strikes” HADOPI law, but by prosecuting people connected, even indirectly, to file sharing. The French don’t merely operate at the behest of the international copyright industry, but on nationalist grounds as well: its parliament recently updated its 1980s-era “Lang Law” to enable French publishers to dictate the price e-books are sold for (it’s just over three year since a French court ordered Amazon to stop delivering books for free).
Another influential gatekeeper is the legal industry, which by virtue of its governmental status is able to mount its own attacks on the internet, as well as co-opt governments to assist them. Courts across the western world have repeatedly reacted to the internet as an automatic enemy, but the phenomenon is best exemplified by the UK, where the country’s powerful legal industry, strict libel laws and growing tradition of superinjunctions are in direct conflict with the internet.
Two weeks ago the UK’s chief justice demanded ways be found to muzzle social media and compared it to child pornography after tens of thousands of people used Twitter to break the superinjunction obtained by Ryan Giggs. English courts have developed a fearsome reputation for restricting online free speech — science writer Simon Singh recently revealed The Age refused to run comments about the absurd scam that is homeopathy because it feared being sued in London.
Apart from lawyers and the copyright industry, Australia has its own influential gatekeepers: commercial television broadcasters in Australia have convinced the Federal government to extend the anti-competitive anti-siphoning list to online media.
4. Cultural engineering
The desire to engage in the sort of cultural engineering traditionally made possible by the mainstream media is another key form of attack, usually via filtering or censorship intended to prevent the internet from enabling access to perceived socially undesirable (rather than outright criminal) content. Turkey, for example, already has a massive internet filter in place blocking pornography, prostitution and sports gambling sites, including at one stage YouTube.
Australia is a stronghold for cultural engineering as well (Australia, along with France, is one of 16 countries “under surveillance” by Reporters Without Borders on internet regulation). Australia already has laws preventing you from positively discussing euthanasia, drugs or criminal behaviour online, from gambling online (like the US) or accessing pornographic content that is available in the nearest newsagent, and that’s before we get to Labor’s internet filter proposal which is on hold awaiting a review of the RC category.
This sort of taxonomy is important because it enables a clearer understanding of what is driving governmental attacks on the internet and how they can best be fought.
*Tomorrow: how government attacks differ and why some are far more serious than others