Archive for 2012

A Closed-Door Meeting on the Future of the Internet

6 December 2012

This was originally posted on the Freedom House Blog

This week and next, 193 governments are gathering in Dubai to consider putting the internet under a new regulatory structure that could fundamentally change the way the web works, with dire consequences for global internet freedom.

The International Telecommunication Union (ITU), a UN body, has convened the World Conference on International Telecommunications (WCIT) to review and update the International Telecommunications Regulations, which emerged from a similar conference in 1988. The old rules, known as ITRs, were written to codify principles of international cooperation on telephony, with the hope of expanding the global telephone network and helping it to operate smoothly. Now, 24 years later, the member states of the ITU are deciding, among other questions, whether and how the internet should fall under the same regulatory framework.

Back when the ITRs were first written, the World Wide Web did not yet exist, and internet users numbered only in the thousands. As it grew more popular, the internet was set aside by the ITU and treated as a “special arrangement,” not subject to the Union’s regulations. Under these conditions, the internet flourished organically, with administrative matters addressed through self-regulation, targeted government policies, and an array of technical and multistakeholder bodies. The Internet Corporation for Assigned Names and Numbers (ICANN), for example, is a nonprofit organization that oversees the management of internet protocol (IP) addresses and the domain name system, while the Internet Engineering Task Force is an open, volunteer-based group responsible for developing technical standards for the internet. The Internet Governance Forum, which was held last month in Azerbaijan, offers governments, corporations, and civil society a space to discuss internet policy issues. This ad hoc, informal administration has permitted internet governance to evolve as rapidly and agilely as the technology itself.

To place the internet under regulations written for a wholly different technology, subject to change only by intergovernmental treaty, would pave the way for stifling control far into the future, and jeopardize the internet’s role as a platform for expanding human rights. Yet in advance of the WCIT, certain governments—including a number, not surprisingly, that score poorly in Freedom House’s Freedom on the Net survey—and other entities have proposed putting the ITU in charge of internet regulation. They have also submitted specific draft rules that perfectly illustrate the hazards that could arise from ITU governance of the internet.

A proposal by the European Telecommunications Network Operators’ Association would impose a “sender pays” fee model, which would force internet content providers to pay for the content they disseminate. While ostensibly intended to give telecommunications companies additional resources to invest in expanding the global network, in fact this proposal would have the opposite effect, benefitting only incumbent telecom firms while raising the cost of internet access for individuals. A second proposal from the same group would establish a two-tiered internet by allowing content providers to pay for higher quality of service. This would violate the principle of net neutrality, which mandates that the network must treat all content equally.

In an attempt to combat crimes committed on or via the internet, multilateral coalitions of Arab and African states have put forward a variety of proposals. One would require that states cooperate in the investigation and prosecution of cybercrime, while another would require states to harmonize laws on data retention. No mention is made, however, of the significant impact these measures could have on the privacy of internet users, and there is a risk that repressive states could use these additions to the ITRs as an excuse for restricting political speech online.

To be sure, cybercrime and the digital divide are legitimate global policy problems, and they will require a coordinated global response. However, these are highly complex issues with multifarious implications. They cannot be properly addressed without granting all stakeholders an equal voice in the debate, and this points to another problem with the WCIT and with the ITU taking authority over the internet: only governments get a vote. While companies and international organizations are welcome to join the ITU as observers—provided they are able to pay the hefty membership fee—the technology, corporate, academic, user, and human rights communities cannot vote and are largely locked out of the proceedings.

The most dire and repressive proposals are unlikely to be adopted as changes to the ITRs at this meeting in Dubai. But the more fundamental question is whether the internet ought to be regulated under this framework at all. Over the past two decades, the internet has grown from almost nothing to a global network of over two billion users, with extraordinary effects on commerce, politics, human rights, and every other aspect of our lives. The current, lightweight regulatory framework has allowed the internet to prosper; imposing UN authority will put this invaluable resource at risk and particularly jeopardize those at odds with their government, many of whom have come to depend on the internet to advance causes like human rights and political freedom.

Fortunately, the U.S. government has made public its opposition to any proposals that would increase the ITU’s control over the internet, and the European Parliament has approved a resolution in support of more open, multistakeholder bodies addressing global internet issues. Without the ability to engage in the WCIT directly, we in civil society must count on like-minded governments to prevent a future in which the internet is less innovative, less inclusive, and diminished as a public space for unrestricted speech on politics and human rights.



Old Baku

2 December 2012


The Top Five Threats to Internet Freedom You’ve Never Heard Of

1 November 2012

This was originally posted on the Freedom House Blog

You’ve probably heard of the Great Firewall of China, which scrubs the web of any potentially subversive content for half a billion internet users. And you’ve definitely heard about the Egyptian government’s decision to switch off all internet and mobile-phone networks at the height of the uprising in 2011. But there are a host of lesser-known threats to internet freedom, some of which endanger the very nature of the net as we know it.

Next week, over 20 civil society representatives from around the world will join a Freedom House delegation in Baku, Azerbaijan, for the Internet Governance Forum (IGF), the United Nations’ flagship conference for discussing global internet policy. The delegation will be addressing a range of internet freedom issues covered in our 2012 report Freedom on the Net, including these, the top five threats to internet freedom you’ve never heard of:

1. WCIT

Next month, the International Telecommunication Union (ITU) will hold a major meeting in Dubai that could fundamentally alter the structure and global reach of the internet. The World Conference on International Telecommunications (WCIT) will consider whether and how the ITU should take over regulation of the internet from multistakeholder processes like the IGF. Only governments can be members of the ITU, although corporations can pony up the tens of thousands of dollars needed to buy “observer status.”

WCIT will be more or less closed to civil society actors, but we know that repressive and democratic member states alike are putting forward proposals that could stifle the internet as a force for economic development and positive social change. One European proposal would put tariffs on internet traffic between states, while another, supported by Middle Eastern countries and Russia, would give the ITU authority over cybercrime, and could have negative effects on privacy, anonymity, and human rights. What’s at stake in December is not just the open, cooperative process through which the internet has historically been governed, but also the web’s role as a creator of prosperity and an enabler of civic engagement.

2. Digital Violence

As citizens take advantage of the internet to advocate for political, civil, and human rights, governments and nonstate entities have lashed out at these online activists, seeking to silence their voices. Cyberattacks, including distributed denial-of-service (DDoS) attacks, have been used widely to take down the websites of independent media in Russia and elsewhere, while Syrian and Tibetan activists have been aggressively targeted with phishing and malware assaults that aim to steal their private information and undermine their security. While it is difficult to identify the sources of these attacks, it is all but certain that they originate with government agents. In highly repressive states, including Bahrain, China, Iran, Saudi Arabia, Syria, and Vietnam, this digital violence can spill over into the offline world. Reports abound of citizens being tortured or even killed in police custody because of their online activities.

3. Intermediary Liability

Censorship is hard work. There are an awful lot of blog posts, videos, cartoons, and comments that might contain subversive messages, and any government seeking to “purify” the internet would have to spend a great deal of time and money on the project. So rather than take on the task of policing online content themselves, many governments have outsourced censorship to the private sector. They do so by making internet intermediaries—including internet service providers (ISPs), search engines, hosting services, social-media platforms, and other community forums—legally responsible for the content their users post.

For example, in Thailand, where it is illegal to speak ill of the royal family, someone posted offending messages in a popular online news forum. Rather than block the offending page or go after the commenter, the government sentenced the moderator of the forum to eight months in prison for failing to remove the comments quickly enough. In many countries with laws like this, intermediaries are so intimidated that they cast a very wide net, removing content that may not even be illegal and fundamentally restricting freedom of expression and the free flow of information.

4. Online Misinformation

Over the past decade, activists have gotten better at using the web to organize supporters, share ideas, and advocate for change. Unfortunately, authoritarian governments are learning to do exactly the same things. One of the fastest-rising negative trends is the spread of misinformation and veiled propaganda by repressive regimes seeking to undermine independent media and discredit critical citizens.

In China and Russia, government apparatchiks and their hirelings stay busy posting proregime messages all over the internet, drowning out independent voices. In Iran, the government has spent over $50 million to produce and disseminate domestic propaganda on the web. Leading up to the Egyptian election this year, a Facebook account dedicated to reports of electoral irregularities was hacked, and pro-military messages were published in their place. In the long run, the balance of power may favor the voices of the many over the powerful few, but these governments and others are working hard to dominate what could otherwise be a vibrantly democratic space.

5. Mobile Privacy

Mobile-phone networks were built for functionality, not privacy. Whether you subscribe to Verizon in the United States, Vodafone in Egypt, or MTN in Iran, your mobile network retains a lot of information about you: Every phone call is recorded, every text message is saved, and every place you go is captured by the network’s location-tracking software. Even if the privacy implications don’t bother you, mobile-phone users who happen to disagree with a repressive government have a lot to fear, as network operators are typically very willing to share information with the state security apparatus. Indeed, in many countries, they’re just another branch of the government.

One of the great things about the way the internet is currently governed is that anybody with a stake in internet policy can join the debate—governments, technologists, academics, human rights activists, and businesses alike. This multistakeholder model has been key to keeping the internet free and open. At the IGF this year, the Freedom House delegation will be taking part in this global discussion, engaging at the highest levels to protect human rights online and help shape the future of the internet.



The Digital Age Steps Softly into Burma

18 October 2012

In a recent blog post here and at FreedomHouse.org, I offered my analysis of what the changes in Burma’s ICT sector say about the country’s political transition, and what effects it may have on the same. Think of this as an appendix—less interesting for those into politics and narrative, but perhaps more interesting to dataheads and those working on Burma. Much of what has been recently written about the country is already out of date, and though this, too, will soon be obsolete, my intent is to paint a data-rich picture of the current state of the ICT market in Burma, and offer an anecdotal take on the ICT usage patterns of Burmese civil society at a fleeting moment of transition.

When we talk about ICT use in Burma, it’s important to remember that, for now, we’re talking about a tiny portion of the population. A recent Gallup survey found that 3% of Burmese households have a computer, and less than 1% have an internet connection. Even in urban areas, those figures only rise to 9% and 2%, respectively. As I wrote in the previous piece, low connectivity is the dual result of poverty and policy:

The handful of internet service providers operating in Burma are controlled by a cabal of political cronies, and the government has set high prices to prevent its citizens from accessing the global information network. Until recently, installing a home or office broadband connection cost a ludicrous $1,500—this in a country where the gross domestic product per capita is about $1,300, and a third of the population lives below the poverty line. In the past year, connection fees have dropped to a still outlandish $700. For those who can afford a connection, prices for ongoing access remain high: unlimited web access costs about $155 per month.

Adding to that: in Yangon, a WiMax package allowing usage of up to 12 GB per month costs $90 USD, a 6 GB package costs $55, and a 3 GB package costs $35 USD. As a result, public cafes have been the primary access point for most Internet users in Burma: Gallup found that 89% of those few Burmese who had recently used the internet did so in a café. Even there, prices limit most potential users to relatively brief sessions, while slow-as-molasses speeds and frequent power outages can render the service all but useless. An hour-long session at an average Internet café costs less than a dollar, but even this is prohibitive for average people in Burma.

Recently, there has been a shift toward mobile internet access: many of the civil society leaders I met in Yangon don’t have a wired or WiMAX connection in their home or office, but use laptops tethered to mobile phones to access email and the web. This option is pricier than a session at an Internet café, but far less expensive than a dedicated home or office connection—and though Freedom on the Net reports that the mobile internet “barely functions,” it’s still often faster than a “high speed” connection. Oddly, the advent of mobile Internet has left many Internet cafes in Yangon sitting empty, as they are less convenient than mobile web for those who can afford it, yet still too expensive for poorer citizens.

The data on mobile phones are slightly more encouraging: According to Gallup, 14% of Burmese report having a mobile phone, and almost 30% of urbanites own one. Two years ago, only 3% of Burmese had a mobile: this rise is probably due to drops in the government-fixed price of a SIM card. As I wrote:

While a SIM card in neighboring Thailand costs less than $1.50 USD, acquiring a GSM SIM in Burma costs at least $250 USD: a dramatic drop from the $500 USD it cost until recently.

We should expect the quotient of mobile phone users to continue rising at a rapid clip: Burma’s state telecom agency announced last month that they would privatize the telecom industry, aiming to achieve mobile penetration of 75-80% by 2016. It’s an ambitious goal, but not unrealistic: nearby Cambodia has seen year-on-year growth of 12-14% in their mobile penetration over the past five years, with a current rate over 70%.

Currently, though, Myanmar Post and Telecommunications (MPT), the state-run telecom operator, maintains exclusive control over the country’s mobile networks. MPT offers both CDMA and GSM networks, with CDMA offering higher call quality at higher prices; most mobile phone users opt for GSM. Chinese-manufactured handsets—particularly Huawei devices running Android—dominate the market, and are priced at global levels.

For those able to afford a SIM and handset, prices for service are high but not outlandish: a text message costs 25 Kyat (less than $0.03 USD), and a minute of talk-time costs 50 Kyat (less than $0.06 USD). Despite the popularity of text messaging in other, similar contexts, and the manageable cost of the service, Gallup reports that only a third of mobile phone owners regularly send SMS. This is largely attributable to the fact that it remains difficult to type in Burmese on a mobile device. Only in recent versions of Android is a Burmese font and keyboard available, and SMS has yet to take hold even with these users. On older and cheaper phones, users must transliterate to Roman characters, which is impossible for many Burmese.

Mobile credit “scratch” cards are a recent addition to the mobile market—they became available in 2011. Before the arrival of these cards, mobile phone users could only top up their accounts at an MPT office, which many people found inconvenient.  While the advent of these cards is a step in the right direction, they still pose a barrier to many poorer users, as they are not available in denominations smaller than 10,000 kyat—about $11 USD—which is more than most Burmese are able to spend at one time.

For those Burmese who sign up for Internet access, buy time at an Internet café, or purchase a SIM card, the government imposes strict registration requirements, collecting the name and other identifying information of the customer.  A black market of less expensive, unregistered, prepaid SIMs exists, but not many mobile users opt to purchase their SIMs from unlicensed resellers, in part because of the hassle of changing phone numbers every time the SIM runs out of credit.

Because of better support for Burmese fonts and better in-country marketing, Gmail is the ubiquitous email platform in Burma. On the web, Facebook is rapidly growing in popularity. The younger generation of activists and journalists are particularly active on the social networking platform—one college-aged volunteer at a political advocacy organization boasted of having 20 Facebook accounts that he checked regularly. Even political parties are starting to use Facebook for outreach campaigns. Gallup found that among the small number of internet users they interviewed, 80% had used Google to find news and information in the past month, and 40% had used Facebook.  These two services far outstripped any other online news source.

Looking forward, I am relatively bullish about the growth of connectivity in Burma. The government seems genuine in its desire to expand the economy and reduce poverty, and the recent drops in price for web and mobile access are likely baby steps toward a less regulated market. It’s reasonable to expect mobile penetration to reach 60% or even 70% in the next 4-5 years, and while internet access will grow more slowly, civil society organizations based in the major cities should expect to have more affordable, more reliable service in the coming years.



Burma Steps Warily into the Digital Age

10 September 2012

This was originally posted at FreedomHouse.org.

A Burmese human rights activist told me a story about the last time his office was raided, two years ago. Government security forces kicked down his door and stormed the office, with a mandate to seize the organization’s electronic data. Not exactly savvy in computer hardware, the raiders grabbed only the monitors and marched out. A few days later, the activist was hauled before a judge and accused of deleting all his data. He was convicted and imprisoned.

I recently spent 10 days in Rangoon, Burma’s largest city, working with human rights activists, student organizers, independent journalists, and former political prisoners to help them protect their electronic data and communications. For most, I was starting with the basics, though even they had more technical knowledge than the security forces storming my friend’s office. In Burma, digital literacy is low, internet connections are slow, and fewer people are plugged in than in almost any country on earth. The latest figures on internet and mobile telephone use from the International Telecommunication Union are over two years old, but the grim picture they paint is not yet obsolete: in 2010, 0.2 percent of the Burmese population were internet users, and only one in a hundred owned a mobile phone. Those numbers have improved, but for nearly everyone in this very poor country, such technologies are still inaccessible.

The major obstacles to broader, speedier connectivity in Burma have been—and continue to be—poverty and government policy. The handful of internet service providers operating in Burma are controlled by a cabal of political cronies, and the government has set high prices to prevent its citizens from accessing the global information network. Until recently, installing a home or office broadband connection cost a ludicrous $1,500—this in a country where the gross domestic product per capita is about $1,300, and a third of the population lives below the poverty line. In the past year, connection fees have dropped to a still outlandish $700. For those who can afford a connection, prices for ongoing access remain high: unlimited web access costs about $155 per month. These connections are agonizingly slow, reminiscent of the days of the 56k modem. Outside Rangoon and Mandalay, Burma’s second-largest city, high-speed internet access is rare, if not altogether unavailable.

The government has even tighter control of the mobile phone market. Myanmar Post and Telecommunication (MPT), a state-owned entity, is the sole mobile network operator. As with the internet, prices are set to prevent access for all but the most affluent. While a SIM card in neighboring Thailand costs less than $1.50, acquiring a GSM SIM in Burma costs at least $250—a very high bar for most Burmese, though a dramatic drop from the $500 it cost until recently.

The recent price cuts for internet access and mobile connectivity indicate a shift in policy at the highest levels. As President Thein Sein seeks to build a wealthier, stronger state that is prepared to prosper in the 21st century through a series of gradual reforms, it is safe to assume that the latest pricing changes are just the initial steps toward a telecommunications industry that will be no more heavily regulated than elsewhere in Southeast Asia. International telecom firms have been among the many foreign companies anticipating a “gold rush” opportunity in Burma, and impending investment in communications infrastructure is sure to increase the speed of internet access, as policy shifts bring prices down to global levels.

Also in the past year, the government has stopped blocking access to most online media, including many international and regional outlets, and ended direct censorship of domestic media. Some Burmese outlets, including the online news site Mizzima, have recently returned from exile and opened offices in Rangoon. A small community of Burmese bloggers has been active since the middle of the last decade. Several were arrested following the uprising in 2007 for posting political content, but most were released in the general amnesty in January. This group includes the well-known blogger and activist Nay Phone Latt, who was notoriously arrested on charges of being a “blocker”—the government was unfamiliar with the term “blogger,” and presumed that he was somehow blocking economic activity. Today Nay Phone Latt is among the leaders of a younger generation of activists seeking to use the web to advocate for political progress.

The stories of Nay Phone Latt and the monitor-seizing government agents depict a technically incompetent government that is incapable of effective monitoring and surveillance. This is a fairly accurate picture. Most past cases of the government monitoring electronic communications have involved security forces compelling activists to hand over the passwords to their e-mail accounts, effectively at gunpoint.

But it would be imprudent to expect this incompetence to continue. In the past, the Burmese generals had little need to surreptitiously monitor dissidents. If they wanted to arrest, interrogate, or imprison a suspected activist, they would simply give the order. As the government pursues a degree of internal and international legitimacy, however, it will almost certainly seek more subtle ways to gather intelligence about the activities of citizens. Control of information and communication technologies offers an outstanding opportunity for covert surveillance, and the government is sure to master the art in the coming years.

The government already has mechanisms in place to facilitate monitoring of online behavior. For those Burmese who sign up for internet access, buy time at an internet café, or purchase a SIM card for a mobile phone, the government imposes strict registration requirements, collecting the name and other identifying information of the customer. Between government control of the networks and these registration rules, internet and especially mobile communications are largely exposed to the authorities, and must be considered a serious security risk for political activists.

A cynical—though probably realistic—interpretation of the new moves toward broader, lower-cost access might posit that the Burmese government foresees such a bounty of online and mobile surveillance (as already practiced in countries like China and Iran) that the expected political cost of expanding access has dropped to nil. But for those activists with the skills to ensure a degree of digital security, the falling cost and rising speed of internet access will be a boon to their efforts at protest, organizing, and advocacy. In a country so long cut off from the world, the greater opportunity to access information and express opinions is an immense and positive change.