By Latha Jishnu and Arnab Pratim Dutta
As the Internet turns into the public square and the marketplace of our world, it is increasingly becoming a contested terrain. Governments, corporations and even seemingly innocuous social networking sites want to control and influence the way it operates
To many, the Internet is the rebel hero of our times, subverting conventional media and leaking news and information that governments would like to censor. Even a village in the remote reaches of Odisha’s Malkangiri district which may have no electricity is in some way linked to cyberspace through smart cellphones, because mobile operators are increasingly turning Internet service providers.
It is about the power and reach of connection, unprecedented since people first begab communicating with each other. The Internet, therefore, is turning into a conflict zone with everyone seeking control of it: governments, corporations and social networking sites, all of whom have different agendas.
While most governments are seeking to filter and block specific content, in extreme cases, as in Egypt, the Net has been blacked out using what some experts say is the ‘kill switch’ (a security measure used to shut off a device in an emergency situation in which it cannot be closed up in the usual manner.). This could emerge as the biggest threat to the Internet since other regimes could be tempted to go the Egyptian way. Most governments, however, prefer not to use it, not even the censorship-obsessed Chinese and Saudi regimes because the Internet is also about business—commerce (or e-commerce) of increasing significance is being routed through its sinews.
But the world has a long way to go before the Internet becomes ubiquitous or an all-encompassing global commons. Currently, just two billion people are linked to the system, which is less than a third of the world’s population. India may be in the top five Internet using nations with a total of 81 million users but penetration is an abysmal 6.9 per cent, the worst in the list. Blame that on our pathetic education levels and poverty. China, however, is the undisputed leviathan with 420 million users in 2010—some estimates put the figure closer to 500 million now—who account for more than a fifth of the world’s Internet users.
This is one reason Washington frequently raises the issue of China’s policing of the Internet in different fora. In February 2011, US secretary of state Hillary Clinton pointed out that attempts to control the Internet were rife across the world, but she singled out China for repeated attacks: “In China, the government censors content and redirects search requests to error pages… In Cuba, the government is trying to create a national intranet, while not allowing their citizens to access the global internet. In Iran, the authorities block opposition and media websites, target social media, and steal identifying information about their own people in order to hunt them down. These actions reflect a landscape that is complex and combustible, and sure to become more so in the coming years as billions of more people connect to the Internet.”
That seemed a fair assessment of the trends, but the irony is that even as Clinton was speaking, the US Department of Justice was seeking to enforce a court order to direct Twitter Inc, to provide the US government records of three individuals, including Birgitta Jonsdottir, a member of Iceland’s Parliament, who had been in touch with others about WikiLeaks and its founder Julian Assange last year when WikiLeaks released its huge cache of US diplomatic cables.
The Assange case, more than anything else, has exposed how vulnerable the Net is to political meddling and control. In December last year, Amazon said it stopped hosting the WikiLeaks website because it “violated its terms of service” and not because the office of the Senate Homeland Security Committee had questioned Amazon about its relationship with WikiLeaks.
WikiLeaks had turned to Amazon to keep its site available after hackers tried to flood it and prevent users accessing the classified information. Few people were willing to credit Amazon’s feeble explanation for cutting off WikiLeaks and the general surmise was that the Security Committee had put some kind of pressure on the web hosting platform. But according to an analyst, the simple reason is that the US government is one of the company’s biggest clients.
As Amazon abandoned WikiLeaks, Paypal, Visa and MasterCard also dumped WikiLeaks. This set off a full scale cyber war in which a fourth party made its presence felt: hackers/‘hacktivists’ who unleashed operation payback for what they deemed unfair targeting of WikiLeaks and Assange. This involved a series of attacks on Paypal, MasterCard, Swiss Bank Post Finance etc.
So while governments in many parts of the world block sites, jail or kill dissidents for expressing their views on the Net, threats to the freedom of the Internet come primarily from the paranoia that governments suffer and from badly crafted policies they implement to protect business and other interests.
The US, the ultimate symbol of liberal democracy, is no less uneasy about the power of the Internet. A slew of laws are making their way through the Senate, laws that will give the administration sweeping powers to seize domain names and shut down websites, even those outside its territory, and laws that strengthen the powers of the president in the time of a cyber emergency, including the use of a kill switch. In September, the US Senate introduced the Combating Online Infringement and Counterfeits Act, which would allow the government to create a blacklist of websites that are suspected to be infringing IP rights and to pressure or require all ISPs to block access to those sites. In these cases, no due process of law protects people before they are disconnected or their sites are blocked.
In India, in the wake of the terrorist attacks in Mumbai in November 2008, Parliament hastily passed amendments to the Information Technology Act, 2000, without any discussion in either House. The December 2008 amendments have some good points but they also allow increased online surveillance. Section 69A permits the Centre to “issue directions for blocking of public access to any information through any computer resource”, which means that the government can block any website.
The battle for keeping the Internet is joined by netizens (citizens who use internet) who are aware of the power of connection; governments, too, are ramping up command and control measures. Among the risks to an open, democratic Internet, the following stand out:
Threat to universality
The basic design principle underlying the World Wide Web is universality and, according to its founder Tim Berners-Lee, several threats are emerging. Among these are cable companies that sell Internet connectivity wanting to limit their Net users to downloading only the company’s mix of entertainment and social networking sites. Another is by pricing Net connectivity out of the reach of the poor and allowing differential pricing.
Actions against piracy
The nub of such operations lies in the US Department of Homeland Security, whose Immigration and Customs Enforcement (ICE) and the Department of Justice (DoJ) have been seizing domains because they are suspected of hawking pirated goods. The first seizure was in November last year when 82 websites selling counterfeit goods ranging from handbags to golf clubs were taken out. But Internet freedom could easily become the biggest casualty in the ill-conceived and poorly designed procedures adopted by developed countries— France, the UK, South Korea, Taiwan and New Zealand have similar laws—to protect intellectual property from counterfeiters and pirates, primarily at the behest of the film and music recording industries. There are indications India may be planning to follow suit, although civil rights groups say it could amount to a form of deprivation of liberty.
With increasing number of cyber attacks on both official and public websites from an array of hackers and malware, governments are reaching for even more sophisticated high-tech surveillance systems. For instance, computer systems of the US Congress and the executive branches are under attack at an average of 1.8 billion times per month, according to a recent Senate report. The result: more spyware. One such is deep packet inspection technology. It is a tool that protects customers from rampant spam and virus traffic. Experts say the Internet could not survive without this technology and yet, it helps authorities to keep a close watch on what people are doing on the Net. In the US, ISPs are required to have this technology.
Blocking access to Internet
China’s most famous blogger, author of best-sellers and race car driver, Han Han, took a jab at his government after he was named one of the 100 most influential people by Time magazine. In his blog, he wrote, “Other Chinese nominees include sensitive word, sensitive word and sensitive word.” His post, referring to China’s web censors’ habit of blocking even commonplace names from web searches and blog sites, struck a chord with his readers. Within days, more than 20,000 commented on his post, most echoing Han’s exasperation with the Chinese censorship of the Internet.
China has one of the most advanced web monitoring and blocking systems. The system can be likened to a check at the airport where every piece of luggage, coming in or going out, is put through a scanner and something suspicious is blocked. Web filters work in a similar way. They scrutinise and block websites which could range from websites on free speech and democracy to ones on pornography, depending on the country using the system.
Internet sites can be blocked at different levels.
Censoring begins at home: The most basic form of censorship is the one parents employ at homes to prevent their children from browsing adult content. This can be done by altering a file called the host, which is a text document. The host file is like a contact list in your mobile phone where each name has a corresponding coordinate. It guides domain names to their respective Internet protocol (IP) addresses. Every device (computer or mobile) connected to the Internet has a unique IP address. Tweaking the host file ensures a user will not be able to access the desired website even when he has typed the correct domain name. Names of websites to be blocked can be added to a list in this file and directed to the loopback IP 127.0.0.1, a reserved IP address used when a programme needs to access a network service running on the same computer. When the user types the name of a website, the loopback IP will bring it back to the user’s machine, showing an error on the screen.
When blocking has to be done on a larger scale, like at the corporate or national level, all computers are routed through an intermediary device called a proxy server. These servers work as a front for a group of computers that connect to other network servers. Filters in these servers scan content as well as uniform resource locators (URLs). URL blocking is simple. The proxy server has a database of URLs called a black list, that it will block. It also contains a white list of URLs that can be browsed. Proxy servers’ URL databases are updated through web-based subscription services just like an anti-virus software.
Content blocking uses a similar design like the URL blocking wherein blocking is based on keywords or the category to which a website belongs. In China, for example, websites containing key words and phrases such as democracy, Dalai Lama and Chinese occupation of Tibet are scrutinised and blocked. If a government bans the category called social networking, then all popular websites like Facebook and Orkut are likely to become out of bounds.
Denial of service: Popular whistle blower website wikileaks.org was unavailable for some time in December 2010. As on February 17, 2011, typing the domain name wikileaks.org would lead to a mirror site or an alternative site called wikileaks.info. But typing the IP address, http://184.108.40.206/, would open wikileaks.org. This was because the website was subjected to a distributed denial of service (DDoS) attack through a Domain Name Service (DNS) provider. DNS is an Internet service that translates domain names into IP addresses. When a new domain name is registered, the registrar enquires where the website is to be hosted.
Once the website is hosted at a specific IP address, the server is linked to the domain name which the public uses to access the website. So, if a surfer types www.wikileaks.org, the DNS will connect it to http://220.127.116.11/. But if there is disconnect between the domain name and IP address, a browser will not be able to access the website. After the US cable leaks in 2010, Everydns.net, a DNS provider, withdrew its services to wikileaks.org. Result: most people could not access the site.
How to avoid scrutiny
An easy way to circumvent censors is to use a virtual private network (VPN). A VPN uses public Internet infrastructure but the content is only visible to the person sending the data. It is like a private tunnel that piggy rides a public set up. Data is first encrypted and sent to a remote server or computer which decodes the packets. Since VPN is used for secured corporate communications and remote desktop assistance, and not solely for Internet browsing, governments tend to ignore such networks.
However, VPN networks are not absolutely filter proof—a procedure called deep packet inspection can analyse layers of information in an encrypted message.
Another way of avoiding detection is using an “anonymiser” website. Many websites allow anonymous browsing by making browsers invisible to Internet activity. The net-users’ traffic is routed thorough a tunnel created by the anonymiser website, in many ways mimicking the VPN network.