Ronald J. Deibert is the director of The Citizen Lab at the University of Toronto’s Munk School of Global Affairs and the author of an important new book, Black Code: Inside the Battle for Cyberspace, an in-depth look at the growing insecurity of the Internet. Specifically, Deibert’s book is a meticulous examination of the “malicious threats that are growing from the inside out” and which “threaten to destroy the fragile ecosystem we have come to take for granted.” (p. 14) It is also a remarkably timely book in light of the recent revelations about NSA surveillance and how it is being facilitated with the assistance of various tech and telecom giants.
The clear and colloquial tone that Deibert employs in the text helps make arcane Internet security issues interesting and accessible. Indeed, some chapters of the book almost feel like they were pulled from the pages of techno-thriller, complete with villainous characters, unexpected plot twists, and shocking conclusions. “Cyber crime has become one of the world’s largest growth businesses,” Deibert notes (p. 144) and his chapters focus on many prominent recent examples, including cyber-crime syndicates like Koobface, government cyber-spying schemes like GhostNet, state-sanctioned sabotage like Stuxnet, and the vexing issue of zero-day exploit sales.
Deibert is uniquely qualified to narrate this tale not just because he is a gifted story-teller but also because he has had a front row seat in the unfolding play that we might refer to as “How Cyberspace Grew Less Secure.” Continue reading →
Susan W. Brenner, associate dean and professor of law at the University of Dayton School of Law, discusses her new paper published in the Minnesota Journal of Law, Science & Technology entitled “Cyber-threats and the Limits of Bureaucratic Control.”
Brenner argues that the approach the United States, like other countries, uses to control threats in real-space is ill-suited for controlling cyberthreats. She explains that because this approach evolved to deal with threat activity in a physical environment, it is predicated on a bureaucratic organizations. This is not an effective way of approaching cyber-threat control, she argues.
Brenner also explains why congressional efforts at cybersecurity legislation are flawed and why U.S. authorities persist in pursuing antiquated strategies that cannot provide an effective cyberthreats defense system. She outlines an alternative approach to the task of protecting the country from cyberthreats, and approach that is predicated on older, more fluid threat control strategies.
Download
Related Links
The number of major cyberlaw and information tech policy books being published annually continues to grow at an astonishing pace, so much so that I have lost the ability to read and review all of them. In past years, I put together end-of-year lists of important info-tech policy books (here are the lists for 2008, 2009, 2010, and 2011) and I was fairly confident I had read just about everything of importance that was out there (at least that was available in the U.S.). But last year that became a real struggle for me and this year it became an impossibility. A decade ago, there was merely a trickle of Internet policy books coming out each year. Then the trickle turned into a steady stream. Now it has turned into a flood. Thus, I’ve had to become far more selective about what is on my reading list. (This is also because the volume of journal articles about info-tech policy matters has increased exponentially at the same time.)
So, here’s what I’m going to do. I’m going to discuss what I regard to be the five most important titles of 2012, briefly summarize a half dozen others that I’ve read, and then I’m just going to list the rest of the books out there. I’ve read most of them but I have placed an asterisk next to the ones I haven’t. Please let me know what titles I have missed so that I can add them to the list. (Incidentally, here’s my compendium of all the major tech policy books from the 2000s and here’s the running list of all my book reviews.)
Continue reading →
Rebecca MacKinnon’s new book, Consent of the Networked: The Worldwide Struggle for Internet Freedom, is well-researched exploration of the forces driving Internet developments and policy across the globe today. She serves up an outstanding history of recent global protest movements and social revolutions and explores the role that Internet technologies and digital networks played in those efforts. She also surveys some of the recent policy fights here and abroad over issues such as online privacy, Net neutrality regulation, free speech matters, and the copyright wars. The Consent of the Networked is certainly worth reading and will go down as one of the most important Internet policy books of 2012.
A Call to Action
Of course, it’s not just a history lesson. MacKinnon has also issued a call-to-arms here. As a well-known web activist, MacKinnon has emerged as a leading force in the broad-based, if loosely-defined, “Net freedom” movement. The term “Net freedom,” she notes, means very different things to different people. It’s “like a Rorschach inkblot test: different people look at the same ink splotch and see very different things.” (p. 188) Nonetheless, on the global stage, the Internet freedom movement is fundamentally tied up with efforts to hold both governments and corporate actors more accountable for their actions toward the Netizens, digital networks, and online speech and expression. Continue reading →
It seems peculiar to me that some of the same individuals and groups who so vociferously opposed a “broadcast flag” technological mandate in past years are now in a mad rush to have federal policymakers mandate a “Do Not Track” regulatory regime for privacy purposes. The broadcast flag debate, you will recall, centered around the wisdom of mandating a technological fix to the copyright arms race before digitized high-definition broadcast signals were effectively “Napster-ized.” At least that was the fear six or seven years ago. TV broadcasters and some content companies wanted the Federal Communications Commission (FCC) to recognize and enforce a string of code that would have been embedded in digital broadcast program signals such that mass redistribution of video programming could have been prevented.
Flash forward to the present debate about mandating a “Do Not Track” scheme to help protect privacy online. As I noted in my filing last week to the Federal Trade Commission, at root, Do Not Track is just another “information control regime.” Much like the broadcast flag proposal, it’s an attempt to use a technological quick-fix to solve a complex problem. When it comes to such information control efforts, however, there aren’t many good examples of simple fixes or silver-bullet solutions that have worked, at least not for very long. The debates over Wikileaks, online porn, Internet hate speech, and Spam all demonstrate how challenging it can be to put information back into the bottle once it is released into the digital wild.
To be clear, I am not opposed to technological solutions like broadcast flag or Do Not Track,
but I am opposed to forcing them upon the Internet and digital markets in a top-down, centrally-planned fashion. While I am skeptical that either scheme would work well in practice (whether voluntary or mandated), my concern in these debates is that forcing such solutions by law will have many unintended consequences, not the least of which will be the gradual growth of invasive cyberspace controls in these or other contexts. After all, if we can have “broadcast flags” and “Do Not Track” schemes, why not “flag” mandates for objectionable speech or “Do Not Porn” browser mandates? Continue reading →
This is the second of two essays making “The Case for Internet Optimism.” This essay was included in the book, The Next Digital Decade: Essays on the Future of the Internet (2011), which was edited by Berin Szoka and Adam Marcus of TechFreedom. In my previous essay, which I discussed here yesterday, I examined the first variant of Internet pessimism: “Net Skeptics,” who are pessimistic about the Internet improving the lot of mankind. In this second essay, I take on a very different breed of Net pessimists: “Net Lovers” who, though they embrace the Net and digital technologies, argue that they are “dying” due to a lack of sufficient care or collective oversight. In particular, they fear that the “open” Internet and “generative” digital systems are giving way to closed, proprietary systems, typically run by villainous corporations out to erect walled gardens and quash our digital liberties. Thus, they are pessimistic about the long-term survival of the Internet that we currently know and love.
Leading exponents of this theory include noted cyberlaw scholars Lawrence Lessig, Jonathan Zittrain, and Tim Wu. I argue that these scholars tend to significantly overstate the severity of this problem (the supposed decline of openness or generativity, that is) and seem to have very little faith in the ability of such systems to win out in a free market. Moreover, there’s nothing wrong with a hybrid world in which some “closed” devices and platforms remain (or even thrive) alongside “open” ones. Importantly, “openness” is a highly subjective term, and a constantly evolving one. And many “open” systems or devices are as perfectly open as these advocates suggest.
Finally, I argue that it’s likely that the “openness” advocated by these advocates will devolve into expanded government control of cyberspace and digital systems than that unregulated systems will become subject to “perfect control” by the private sector, as they fear. Indeed, the implicit message in the work of all these hyper-pessimistic critics is that markets must be steered in a more sensible direction by those technocratic philosopher kings (although the details of their blueprint for digital salvation are often scarce). Thus, I conclude that the dour, depressing “the-Net-is-about-to-die” fear that seems to fuel this worldview is almost completely unfounded and should be rejected before serious damage is done to the evolutionary Internet through misguided government action.
I’ve embedded the entire essay down below in Scribd reader, but it can also be found on TechFreedom’s Next Digital Decade book website and SSRN.
Continue reading →
Tim Wu’s new book, The Master Switch: The Rise and Fall of Information Empires, will be released next week and it promises to make quite a splash in cyberlaw circles. It will almost certainly go down as one of the most important info-tech policy books of 2010 and will probably win the top slot in my next end-of-year list.
Of course, that doesn’t mean I agree with everything in it. In fact, I disagree vehemently with Wu’s general worldview and recommendations, and even much of his retelling of the history of information sectors and policy. Nonetheless, for reasons I will discuss in this first of many critiques, the book’s impact will be significant because Wu is a rock star in this academic arena as well as a committed activist in his role as chair of the radical regulatory activist group, Free Press. Through his work at Free Press as well as the New America Foundation, Professor Wu is attempting to craft a plan of action to reshape the Internet and cyberspace.
I stand in opposition to almost everything that Wu and those groups stand for, thus, I will be spending quite a bit of time addressing his perspectives and proposals here in coming months, just as I did when Jonathan Zittrain’s hugely important The Future of the Internet & How to Stop It was released two years ago (my first review is here and my latest critique is here). In today’s essay, I’ll provide a general overview and foreshadow my critiques to come. (Note: Tim was kind enough to have his publisher send me an advance uncorrected proof of the book a few months ago, so I’ll be using that version to construct these critiques. Please consult the final version for cited material and page numbers.) Continue reading →
The Washington, D.C., fight over “net neutrality” in some ways only scratches the surface of what’s really at stake in the question of government regulation of Internet service providers’ treatment of online content. The downside of permitting FCC and Congressional authority over cyberspace “neutrality” is hard to overstate.
A former colleague and friend, now at New Media Strategies, sent me a January 2010 article—“The Splinternet means the end of the Web’s golden age”—about the proliferation of non-compatible devices used online, and th
e shielding of much new content behind logins and passwords, like the way News Corp. “hides” Wall Street Journal content behind a paywall, and other perceived insults. The author doesn’t see the trend as reversible, but the tone implies what an ominous development this somehow is, as if all this abundance and customization is negative, and that caution is in order.
But the realities of pay models and splintering—like the fact that some journalists have families to feed and can’t write for free, that Google doesn’t see much of what’s on Facebook, and that I can’t stream your iTunes—have no metaphysical, free speech, or public policy implications. Emergent splintering online represents the beginnings of a groundbreaking expansion of the Web’s basic capabilities, not a curtailment. (Besides, many with pro-neutrality views have been upset with Google lately anyway.)
This hand-wringing and use of the term “splinternet” reminded me of a related speculation I’d made in Forbes nearly 10 years ago about the tailoring of networks and pipes. Disturbed by then-burgeoning calls for regulation of the Internet emerging from various quarters over issues like privacy, spam, porn and cyber-trespass, I called for a “splinternet” mindset then and put it as follows:
The Internet needs borders beyond which users can escape damaging political resolutions of [policy] battles, which are rooted in the Internet’s non-owned, common-property status. Conflicting legislative visions in a cyberspace populated by exhibitionists at one extreme and would-be inhabitants of gated communities on the other, reveal the basic truth that not everybody wants or needs to be connected to everybody else.
Continue reading →
Lots of good things in The Washington Post today following up on U.S. Secretary of State Hillary Clinton’s historic address last week about the importance of global Internet freedom. First, The Post has published a powerful supporting statement from Sweden’s Minister of Foreign Affairs, Carl Bildt, entitled, “Tear Down These Virtual Walls.” Bildt notes that:
Two decades ago a wall made of concrete, built to divide the free and unfree, was torn down. Today it is the freedom of cyberspace that is under threat from regimes as keen as dictatorships past to control and limit the possibilities of their citizens. They are trying to build firewalls against freedom. At the end of the day, I am convinced they are fighting a losing battle — that cyber walls are as certain to fall as the walls of concrete once did.
He then goes on to argue that, following Secretary Clinton’s address last week, “We should now forge a new transatlantic partnership for protecting and promoting the freedoms of cyberspace. Together, we should call for all these walls to be torn down.” He continues:
Much like the way the rule of the law is critical to protecting the freedoms we enjoy as citizens in our societies, and international law protects the peace between our nations, we must seek to shape the rules that will protect the rights and the freedom of cyberspace.
Importantly,
The Washington Post itself also editorialized today about “The Internet War.” Continue reading →
The Internet is massive. That’s the ‘no-duh’ statement of the year, right? But seriously, the sheer volume of transactions (both economic and non-economic) is simply staggering. Consider a few factoids to give you a flavor of just how much is going on out there:
- In 2006, Internet users in the United States viewed an average of 120.5 Web pages each day.
- There are over 1.4 million new blog posts every day.
- Social networking giant Facebook reports that each month, its over 300 million users upload more than 2 billion photos, 14 million videos, and create over 3 million events. More than 2 billion pieces of content (web links, news stories, blog posts, notes, photos, etc.) are shared each week. There are also roughly 45 million active user groups on the site.
- YouTube reports that 20 hours of video are uploaded to the site every minute.
- Amazon reported that on December 15, 2008, 6.3 million items were ordered worldwide, a rate of 72.9 items per second.
- Every six weeks, there are 10 million edits made to Wikipedia.
Now, let’s think about how some of our lawmakers and media personalities talk about the Internet. If we were to judge the Internet based upon the daily headlines in various media outlets or from the titles of various Congressional or regulatory agency hearings, then we’d be led to believe that the Internet is a scary, dangerous place. That ‘s especially the case when it comes to concerns about online privacy and child safety. Everywhere you turn there’s a bogeyman story about the supposed dangers of cyberspace.
But let’s go back to the numbers. While I certainly understand the concerns many folks have about their personal privacy or their child’s safety online, the fact is
the vast majority of online transactions that take place online each and every second of the day are of an entirely harmless, even socially beneficial nature. I refer to this disconnect as the “problem of proportionality” in debates about online safety and privacy. People are not just making mountains out of molehills, in many cases they are just making the molehills up or blowing them massively out of proportion. Continue reading →
Ronald J. Deibert is the director of The Citizen Lab at the University of Toronto’s Munk School of Global Affairs and the author of an important new book, Black Code: Inside the Battle for Cyberspace, an in-depth look at the growing insecurity of the Internet. Specifically, Deibert’s book is a meticulous examination of the “malicious threats that are growing from the inside out” and which “threaten to destroy the fragile ecosystem we have come to take for granted.” (p. 14) It is also a remarkably timely book in light of the recent revelations about NSA surveillance and how it is being facilitated with the assistance of various tech and telecom giants.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.