by Mike Masnick
Thu, Jul 12th 2012 4:02pm
by Mike Masnick
Thu, Jun 21st 2012 9:29am
from the we-don't-regulate-the-internet,-except-when-we-do dept
It goes on to discuss other proposals to regulate parts of the internet, including CISPA and other online security laws. Of course, in each of these cases, the politicians in Congress will come out with a litany of reasons why it "makes sense" (or more accurately "we have to do something!") to pass these laws. But that pre-supposes that all those countries that Congress is now condemning for wanting more ability to spy on and control citizens don't have reasons to do so. Given the increasing evidence that the US government, via the NSA, is already spying on wide swaths of the population -- and Congress' apparent total lack of concern about this, it's incredibly hypocritical to pretend that the US government supports a free and open internet with privacy protections for citizens, when its own actions reveal something very, very different.
The fear that the ITU might be looking to exert greater control over cyberspace at the conference has led to a rare Kumbaya moment in U.S. tech politics. Everyone -- left, right, and center -- is rallying around the flag in opposition to potential UN regulation of the Internet. At a recent congressional hearing, one lawmaker after another lined up and took a turn engaging in the UN-bashing. From the tone of the hearing, and the language of the House resolution, we are being asked to believe that "the position of the United States Government has been and is to advocate for the flow of information free from government control."
If only it were true. The reality is that Congress increasingly has its paws all over the Internet. Lawmakers and regulators are busier than ever trying to expand the horizons of cyber-control across the board: copyright mandates, cybersecurity rules, privacy regulations, speech controls, and much more.
Earlier this year, Congress tried to meddle with the Internet's addressing system in order to blacklist sites that allegedly infringe copyrights -- a practice not unlike that employed by the Chinese to censor political speech. The Stop Online Piracy Act (SOPA) may have targeted pirates, but its collateral damage would have been the very "stable and secure" Internet Congress now wants "free from government control." A wave of furious protests online forced Congress to abandon the issue, at least for the moment.
by Glyn Moody
Fri, Jun 15th 2012 5:04am
from the time-to-check dept
Net Neutrality has suddenly become a hot topic again. Partly, that's thanks to some awful ideas about regulating the Internet coming from the International Telecommunication Union, notably those proposed by the ETNO -- the European Telecommunications Network Operators Association -- discussed recently on Techdirt. New information from WCITLeaks
Wikileaks (found via the Net neutrality in Europe site) provides us with the following details (pdf):
To ensure more efficient use of networks and to allow for new business models better reflecting future demand, Member States should support a new IP interconnection ecosystem that provides both, best effort delivery and end-to-end Quality of Service delivery. Delivery based on QoS allows for management of the IP traffic according to its characteristics (i.e. delivery requirements and acknowledged value) thus supporting innovation to provide a value-added service, making better use of the assets of telecommunications operators.
That may sound innocuous enough, but "supporting innovation to provide a value-added service" is a coded way of saying that the telcos should be allowed to abandon net neutrality, something confirmed in one of the accompanying proposals, which reads:
The key sentence is the last one: "differentiated quality of service delivery" means ignoring net neutrality.
International Telecommunication Services
4.4 Operating Agencies shall cooperate in the development of international IP interconnections providing both, best effort delivery and end to end quality of service delivery. Best effort delivery should continue to form the basis of international IP traffic exchange. Nothing shall preclude commercial agreements with differentiated quality of service delivery to develop.
That proposal to move away from net neutrality contrasts with the Netherlands' decision to enshrine it in law:
The net neutrality law prohibits internet providers from interfering with the traffic of their users. The law allows for traffic management in case of congestion and for network security, as long as these measures serve the interests of the internet user. A technical error in the law might still be corrected in a vote on 15 May. [It was.]
DPI is one of the most intrusive ways of undermining net neutrality, since it involves looking inside the data part of an IP packet, not just the header, which contains basic information such as source and destination IP addresses. A recent study from a team at the Syracuse University School of Information Studies has explored the use of DPI to throttle BitTorrent connections:
In addition, the law includes an anti-wiretapping provision, restricting internetproviders from using invasive wiretapping technologies, such as deep packet inspection (DPI). They may only do so under limited circumstances, or with explicit consent of the user, which the user may withdraw at any time. The use of DPI gained much attention when KPN admitted that it analysed the traffic of its users to gather information on the use of certain apps. The law allows for wiretapping with a warrant.
In order to better understand DPI use and the scope of its deployment, the project makes use of crowdsourced data from a network monitoring test known as Glasnost. An Internet user who runs the Glasnost test can see whether BitTorrent is completely blocked by their ISP, slowed down (throttled), or running normally.
The results for various countries are available as graphs of ISP throttling against time, and show the wide variation in BitTorrent throttling -- and hence the extent to which net neutrality is preserved around the world and by different Internet service providers.
The good news:
BitTorrent throttling by most US ISPs ceased after an FCC ruling in August 2008 that declared Comcast’s actions to be against its 2005 Internet Policy Statement. Only wireless ISPs Clearwire and Hughes showed high levels of BitTorrent manipulation after August 2008, but Clearwire substantially reduced it in 2009. But the Comcast Order was reversed by the courts in April 2010. This data shows that no US ISPs have increased their use of DPI-based throttling since April 2010, despite the absence of any network neutrality regulation in the US.
And the bad news:
The UK is one of the few countries where BitTorrent manipulation appears to be on the rise. DPI measurements for the BT Group in particular increased progressively throughout the 3-year period. Talk Talk’s use of it seems to have declined, but it is still consistently above the threshold indicating some form of manipulation. Test results for O2 UK move erratically slightly above and below the error threshold, making any conclusion difficult. Virgin Media, on the other hand, seems to have altered its policy and increased DPI-based intervention in the 4th quarter of 2010.
At a time when much of the debate about net neutrality is driven by dogma, it's particularly valuable to have some objective data on what's really happening. It's worrying that it turns out that net neutrality has been under assault in some countries for a while -- and disturbing that ETNO wants to intensify that attack still further.
by Mike Masnick
Wed, Jun 13th 2012 9:21am
The EU Telco Plan To Have The UN 'Tax & Track' Internet Usage Goes Against Fundamental Internet Principles
from the this-is-bad dept
Of course, a big part of the problem is just how secretive the entire process is. Not only does it lack transparency, it entirely lacks accountability. It's a system that is ripe for abuse -- and a combination of either gullible or crafty officials seem to have no problem helping enable that kind of abuse.
As we noted in that last post, some of the first proposals had started leaking, and the deeper people dig into them, the worse they look. The basic proposal that is making the rounds is the one submitted by ETNO -- the European Telecommunications Network Operators Association. What they're proposing is a system that effectively puts in place a massive tax system for the internet. Basically, they're taking a long-standing setup concerning how much it costs for telephone calls, in which the calling party pays a ton of money to "connect" to an international phone system. Ever wondered why phone calls to foreign countries can be so crazy expensive?
And now the plan is to basically pretend that the internet is just like the phone system, so they can extend this "calling party pays" plan to one where the "sending party" pays. The reasoning here is more or less twofold: (1) lots of these countries still have (either fully or partially) nationally owned telcos (or at least telco monopolies), whose business models have been completely undercut by the internet. Since these firms have been monopolists from the very beginning, they've never been very good at innovating or adapting to the times. The idea of shifting what had been a key money maker -- collecting tolls for international phone calls -- and then applying it to the internet sounds really attractive to lazy national telco folks who would love a system that just starts printing money for them. (2) While they don't like to admit it, plenty of other countries remain quite jealous of the of large massively successful internet companies which are mostly based in the US. By placing a "sending party pays" tax, it's a way for European (and other) countries to more or less put up toll booths on the internet for these companies, forcing Google, Facebook, Twitter and others to "pay" to reach people in their countries. Oh, and on top of that, it's a chance for them to make plans to drop net neutrality and the basic end-to-end principle that defines the internet.
In fact, the head of the ITU, in a series of speeches in which he insists he wants to cut short these rumors of a "UN takeover" of the internet, makes it abundantly clear that a big part of this plan is to simply funnel cash to national telcos, which he assumes (with no proof) will automatically go towards funding new infrastructure. Take for example, one of his recent speeches in Canada, in which he repeatedly talks up how we need to get money to telcos so they'll invest in infrastructure:
Ladies and gentlemen,The argument he makes is that if we don't somehow subsidize and funnel excess cash to the telcos, they might not be able to survive or invest in additional core internet infrastructure. Of course, all of that ignores the customer, and assumes a primary position for telcos who'd love to bring in this cash (though they appear to severely underestimate both the collateral damage and the lasting impact of such agreements). All of this ignores the fact that there's so much demand for true broadband internet access that more and more private solutions are appearing, none of which require putting a massive tax on the internet. Furthermore, it seems to assume no one will invest in broadband without government help. This, of course, ignores the fact that the effective monopolies of many national telcos has made those companies fat, lazy and slothful when it comes to actual innovation. There are all sorts of reasons to invest in broadband projects that don't require "taxation" every time internet packets cross national boundaries. Furthermore, if these telcos not only have a national monopoly, but are also getting free money from the outside world, what incentive do they really have to actually invest in improving the network?
Everyone wants mobile broadband and the benefits it will bring. But few seem willing to pay for it – including both the over-the-top players, who are generating vast new demand through their applications, and consumers, who have become accustomed to unlimited packages.
This is putting tremendous pressure on mobile operators, who need to invest in high-capacity broadband networks in order to maintain quality of service as demand rises.
At the same time, as broadband becomes increasingly viewed as basic infrastructure for social and economic development, operators are being asked to extend the reach of their networks to under-served populations.
These are strategic, bottom-line issues, and we need to be talking about them.
If you think that roaming charges and international phone calls are crazy in Europe, you haven't seen anything until this ITU proposal moves forward.
And, of course, there's an even more nefarious and mostly unspoken aspect to all of this. While so much of the focus has been on money (and a little bit on technology), there's a bigger issue: destroying privacy online. No one will say that out loud, of course, but taxing the internet as it crosses borders opens up the door to tracking internet usage. Because you can't tax something that you can't track. So all of these proposals have the implicit problem that they open the door for countries who don't truly believe in privacy for their citizens, to also track how they use the internet, and defending it as required to remain in compliance. Anyone believe that won't be abused by corrupt and authoritarian governments?
In the end, this leads to an inevitable balkanization of the internet -- in which internet traffic crossing borders is taxed and tracked as it wasn't before (where the peering system has been mostly effective with just a few minor hiccups). Once you have such taxation it becomes cost prohibitive for some countries to even offer full internet access to its citizens, and that can get worse over time. Add to that the ability to widely track what people do online (and the ability to ditch the end-to-end principle of the internet) and -- especially for more authoritarian governments -- you open a huge can of worms to let officials spy on all sorts of internet activity in the name of supporting a "international relations."
This is why people should be speaking out loudly against these proposals. So far, it's basically the US against everyone else -- and the US only has one vote.
by Mike Masnick
Thu, Jun 7th 2012 11:56am
from the backroom-deals-are-a-problem dept
But what this really highlights is the true problem here, which is that whatever happens here is happening behind the scenes, in backrooms, without public scrutiny. And, if we're talking about regulating the internet that the public uses so much, that seems like a pretty big problem. Just as we've seen with ACTA, TPP, SOPA and lots of other things, a big part of the problem is the near total lack of transparency in what's being discussed around these ideas.
In an attempt to deal with this, Jerry Brito and Eli Dourado have hacked together and launched a new site to collect, host and distribute leaked information about the ITU's plans. With perfect timing, the first documents from the ITU, including some proposed language for International Telecommunications Regulations have leaked. Taking a quick skim, there doesn't appear to be that much of interest in the initial document leak (I reserve the right to change my opinion once I've had more time to read through it in detail...), but it's an important starting point. These documents and details need to be public and need to be discussed in public, rather than allowing internet governance be determined in a series of backroom deals.
by Mike Masnick
Fri, Jun 1st 2012 11:33am
from the the-internet-belongs-to-us dept
Last week, the father of the internet, Vint Cerf, once again raised the alarm in both a NY Times op-ed and in a keynote speech at the Freedom to Connect (F2C) conference:
Last June, then-Prime Minister Vladimir Putin stated the goal of Russia and its allies as “establishing international control over the Internet” through the I.T.U. And in September 2011, China, Russia, Tajikistan and Uzbekistan submitted a proposal for an “International Code of Conduct for Information Security” to the U.N. General Assembly, with the goal of establishing government-led “international norms and rules standardizing the behavior of countries concerning information and cyberspace.”Since then, the story has been getting much more attention in a variety of arenas, with plenty of other mainstream publications warning people about how bad this could be. Congress got into the act too (in a good way), holding hearings on the matter this week, with a near unanimous position that a UN/ITU takeover of the internet would be a very, very bad thing.
Word of a few other proposals from inside the I.T.U. have surfaced. Several authoritarian regimes reportedly would ban anonymity from the Web, which would make it easier to find and arrest dissidents. Others have suggested moving the privately run system that manages domain names and Internet addresses to the United Nations.
Such proposals raise the prospect of policies that enable government controls but greatly diminish the “permissionless innovation” that underlies extraordinary Internet-based economic growth to say nothing of trampling human rights.
It would guarantee moving the internet towards a model of top-down control, rather than bottom up innovation. It would give governments much more say in controlling the internet, unlike the hands-off system we have now, where no government truly has full regulatory control over the internet. It would almost certainly lead to more global restriction on the internet, including serious potential impact on aspects of free expression and anonymous speech. It might also make the internet much more expensive, as the whole ITU setup is about protecting old national telco monopolies, and many would see this as an opportunity to try to put tollbooths on internet data.
The ITU is holding a meeting in December in Dubai about all of this, and it appears that US officials are finally waking up to why this is a true threat to the open internet.
But it needs to go beyond that. The positioning of this discussion from ITU supporters is that the US government has "too much control" over the internet today. And one could argue that's true at the margins, though it's an exaggeration. For the most part the US government does not have much ability to control the internet directly. Now, I think plenty of people agree that the setup of ICANN and IETF are hardly ideal. In fact, they've got significant problems. But moving from that setup to one where the ITU is in charge would be a massive step backwards.
And, certainly, there is significant irony in the fact that Congress is suddenly acting so concerned about fundamental attacks on an open internet -- when many of the same officials were more than happy to toss out key principles of an open and free internet in the past few months with SOPA/PIPA/CISPA/etc. But, in this case, worrying about political consistency is a lot less important than stopping the ITU proposal from going forward.
When the US government started seizing domains, there was significant criticism of ICANN and calls for a more decentralized solution that no one could control. The move towards ITU oversight is a move in the opposite direction. It would make things significantly worse and not better.
For those in the US, we need to speak up and keep the pressure on our elected officials to fight this move in the ITU. While they're saying the right things now, we need to be vigilant and ensure it continues. Trust me, the "irony" of their own attacks on internet freedom and openness have not gone unnoticed by supporters of this ITU takeover plan. Expect them to offer "deals" to the US, by which the ITU gets control over the internet, in exchange for allowing the US to use that process to move forward with efforts to censor the internet for copyright reasons, as well as to get better backdoors to data for snooping.
For those outside of the US, it's also time to speak up. Don't fall for the easy story that this is just about wresting the control from US interests. If you believe in the value of a free and open internet, the ITU is not the answer. You, too, will inevitably be significantly worse off with what results.
The folks over at Access have put together a petition to tell the UN that the internet belongs to us, the people, not to the UN or the governments of the world. While the UN is not as subject to public opinion, if the world speaks out loudly enough against this effort to capture and control the internet, it won't be able to move forward. But people have to speak out to make this happen.
by Mike Masnick
Tue, Feb 21st 2012 12:01pm
from the pay-attention dept
- Subject cyber security and data privacy to international control;
- Allow foreign phone companies to charge fees for "international" Internet traffic, perhaps even on a "per-click" basis for certain Web destinations, with the goal of generating revenue for state-owned phone companies and government treasuries;
- Impose unprecedented economic regulations such as mandates for rates, terms and conditions for currently unregulated traffic-swapping agreements known as "peering."
- Establish for the first time ITU dominion over important functions of multi-stakeholder Internet governance entities such as the Internet Corporation for Assigned Names and Numbers, the nonprofit entity that coordinates the .com and .org Web addresses of the world;
- Subsume under intergovernmental control many functions of the Internet Engineering Task Force, the Internet Society and other multi-stakeholder groups that establish the engineering and technical standards that allow the Internet to work;
- Regulate international mobile roaming rates and practices.
The fact that this effort is mainly being led by Russia and China should give you a sense of the intentions here. Neither country is particularly well-known for supporting the principles of open communications or freedom of speech.
Unfortunately, as McDowell notes, the US doesn't seem to be taking the issue particularly seriously, and hasn't even assigned a negotiator to handle the discussions (though, I'm afraid to find out who they eventually do assign to that role). McDowell also points out that simply saying "no" to any changes probably won't go over well with many countries -- and all Russia and China need to get this approved are half of the countries to side with them on this proposal. Since doing nothing is often seen as ceding the internet to the US, that could be a problem. Of course, that doesn't mean caving in. It means engaging and getting enough people aware of these issues so they can make a reasonable case for why a top-down management system would have massive unintended (or, um, intended) consequences that the world doesn't want:
As part of this conversation, we should underscore the tremendous benefits that the Internet has yielded for the developing world through the multi-stakeholder model.This issue is going to pick up steam pretty quickly in the next few months, so educate yourselves now...
Upending this model with a new regulatory treaty is likely to partition the Internet as some countries would inevitably choose to opt out. A balkanized Internet would be devastating to global free trade and national sovereignty. It would impair Internet growth most severely in the developing world, but also globally as technologists are forced to seek bureaucratic permission to innovate and invest. This would also undermine the proliferation of new cross-border technologies, such as cloud computing.
A top-down, centralized, international regulatory overlay is antithetical to the architecture of the Net, which is a global network of networks without borders. No government, let alone an intergovernmental body, can make engineering and economic decisions in lightning-fast Internet time. Productivity, rising living standards and the spread of freedom everywhere, but especially in the developing world, would grind to a halt as engineering and business decisions become politically paralyzed within a global regulatory body.
Any attempts to expand intergovernmental powers over the Internet—no matter how incremental or seemingly innocuous—should be turned back. Modernization and reform can be constructive, but not if the end result is a new global bureaucracy that departs from the multi-stakeholder model. Enlightened nations should draw a line in the sand against new regulations while welcoming reform that could include a nonregulatory role for the ITU.
by Mike Masnick
Mon, Sep 15th 2008 3:39am
from the that-doesn't-seem-good dept
It is true that not everyone agrees that anonymity is a good thing, but it's taking it to another level to try to block out the possibility of anonymity altogether. While some are trying to position this as way to track down "bad" players (such as those running DoS attacks), the problem is that the definition of who's "bad" may depend heavily on who's in control. Regardless of whether any such anti-anonymous technology gets very far, pursuing it is probably a wasted effort. Plenty of folks have already learned to spoof and hide themselves and pretend to be others. It wouldn't take long for the same thing to happen with any "traceback mechanism" as well. Also, as the article notes, the ITU has no power over the internet these days, but has been pushing to get more power, which is why it's worth following what they're discussing behind the scenes.