Internet Censorship
Obama Official: Gag Free Speech on the Internet
July 13, 2009New York Post - When it comes to the First Amendment, Team Obama believes in Global Chilling.
Cass Sunstein, a Harvard Law professor who has been appointed to a shadowy post that will grant him powers that are merely mind-boggling, explicitly supports using the courts to impose a “chilling effect” on speech that might hurt someone’s feelings. He thinks that the bloggers have been rampaging out of control and that new laws need to be written to corral them.
Advance copies of Sunstein’s new book, “On Rumors: How Falsehoods Spread, Why We Believe Them, What Can Be Done,” have gone out to reviewers ahead of its September publication date, but considering the prominence with which Sunstein is about to be endowed, his worrying views are fair game now. Sunstein is President Obama’s choice to head the White House Office of Information and Regulatory Affairs. It’s the bland titles that should scare you the most...
Consumer Privacy Jeopardized by DPI Technology
September 13, 2009Osgoode Hall Law School - In response to the complaint against Bell Sympatico (Bell) by the Canadian Internet policy and Public Interest Clinic, based at the University of Ottawa, the Office of the Privacy Commissioner produced a report of findings dated August 13, 2009. The complaint launched under the Personal Information Protection and Electronic Documents Act (PIPEDA) alleged:
1) that the Deep Packet Inspection (DPI) technology used by Bell during Internet transmission collects customers’ personal information without their consent;
2) this practice collects more personal information than is necessary to ensure quality of service and network integrity; and
3) Bell has failed to adequately inform its customers of its policies and practices with respect to personal information collection during Internet transmissions.
DPI technology is a tool which provides ISPs the ability to view information transmitted on Internet, such as e-mail exchanges, any uploads and downloads. The merits of this technology are in dispute since on one hand, it enables networks to manage traffic, but on the other, it is often used to help target advertisements on these networks. DPI has traditionally been used as an intrusion prevention system, an intrusion detection system or with traditional firewall technology. While the technology itself is old, it is being applied in new and creative ways. Bell uses DPI in traffic management by identifying peer-to-peer file sharing so that it can be slowed down. According to Bell, the congestion problems peak between 4:30 p.m. and 2:00 a.m.
While potentially the DPI technology can be used to re-create from Internet traffic a readable record of e-mails, web browsing activity, Voice-over-Internet protocol (VoIP) calls and passwords, Bell emphasizes that its use of DPI does not extend to other applications, such as streaming applications via Internet radio or You Tube. Bell had earlier also represented that the network does not use any personal identification information of an individual user or have any specific knowledge of a user’s real identity or browsing history. This has been accepted by the privacy commissioner, despite the fact that with a simple change in the design, by a simple installation of a filter, the ISPs can inspect content.
Essentially, of the initial complaints, the only one seen as a problem was the lack of openness about the DPI technology. The assistant privacy commissioner instructed the company to change its service agreement and the frequently asked questions section to notify customers of the fact that it collects and retains personal information through the use of its DPI. What is problematic about this finding is the assumption that by merely updating the privacy information on Bell’s website, the consumers will have a true choice- whether to be a part of Bell network or not.
However, the inequality of bargaining power and the reluctance of people to shop for new ISPs may prevent such information to be of any use to the end consumer. It is almost certain that no customer would even contemplate negotiating contracts with network giants, such as Bell. Although it is commendable that the privacy commissioner acknowledged this complaint and invested time and effort to reach its findings, what remains to be seen is whether accepting Bell’s word as evidence for its non-involvement in inspecting content and recording private information is right in the long run.
Cybersecurity Act Returns With a Fresh Coat of Paint
September 3, 2009The Electronic Frontier Foundation - In April, we voiced serious concerns about the Cybersecurity Act of 2009, a bill by Senators Jay Rockefeller (D-WV) and Olympia Snowe (R-ME), that sought to give the federal government unprecedented power over the Internet. For months, the bill has been redrafted behind closed doors and has recently been circulated, but by all accounts, the changes are cosmetic and it’s sadly more of the same.
Like the original bill, the new version appears to give the President carte blanche to decide which networks and systems, private or public, count as “critical infrastructure information systems or networks.” And alongside that authority, there still appears to be murky language that would permit the President to shut down the Internet. Note the troubling provision in the original bill, which said:
The President [...] may order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security...The new bill says:
The President [...] in the event of an immediate threat [...] may declare a cybersecurity emergency; and may, if the President finds it necessary for the national defense and security, and in coordination with relevant industry sectors, direct the national response to the cyber threat and the timely restoration of the affected critical infrastructure information system or network...In other words, they appear to have packaged Presidential authority to shut down the Internet and other private networks behind a ribbon of red tape, and the words “national response.”
In addition, a CNET article by Declan McCullagh indicates that many of the early concerns about privacy, authority, and security effectiveness have gone unsolved: there is vague language about mapping federal and private networks; there is an unexplained scheme to certify cybersecurity professionals at the federal level; and the mandated implementation of a “cybersecurity strategy” before the completion of a legal review that could protect against inadvertent privacy violations or inefficiency.
Despite the many questionable provisions, the bill may snake its way through the lawmaking process by virtue of having been produced in large part by Sen. Rockefeller, who is chairman of the committee in charge of reviewing and approving the bill. Stay tuned to EFF Deeplinks for news as the bill progresses — we’ll be watching it carefully.
No comments:
Post a Comment