Boeing subsidiary Narus reports on its Web site that it “protects and manages” a number of worldwide networks, including that of Egypt Telecom. A recent IT World article entitled “Narus Develops a Scary Sleuth for Social Media” reported on a Narus product called Hone last year:
Hone will sift through millions of profiles searching for people with similar attributes — blogger profiles that share the same e-mail address, for example. It can look for statistically likely matches, by studying things like the gender, nationality, age, location, home and work addresses of people. Another component can trace the location of someone using a mobile device such as a laptop or phone.
Media advocate Tim Karr reports that “Narus provides Egypt Telecom with Deep Packet Inspection equipment (DPI), a content-filtering technology that allows network managers to inspect, track and target content from users of the Internet and mobile phones, as it passes through routers on the information superhighway.”
It’s very hard to know how Narus’ technology was used in Egypt before the country pulled the plug on its Internet connectivity, or how it’s being used now. Narus is declining comment.
So what’s to be done?
Narus and its parent, The Boeing Company, have no right to their business with the U.S. government. On our behalf, Congress is entitled to ask about Narus’/Boeing’s assistance to the Mubarak regime in Egypt. If contractors were required to refrain from assisting authoritarian governments’ surveillance as a condition of doing business with the U.S. government, that seems like the most direct way to dissuade them from providing top-notch technology capabilities to regimes on the wrong side of history.
Of course, decades of U.S. entanglement in the Middle East have created the circumstance where an authoritarian government has been an official “friend.” Until a few weeks ago, U.S. unity with the Mubarak regime probably had our government indulging Egypt’s characterization of political opponents as “terrorists and criminals.” It shouldn’t be in retrospect that we learn how costly these entangling alliances really are.
Chris Preble made a similar point ably on the National Interest blog last week:
We should step back and consider that our close relationship with Mubarak over the years created a vicious cycle, one that inclined us to cling tighter and tighter to him as opposition to him grew. And as the relationship deepened, U.S. policy seems to have become nearly paralyzed by the fear that the building anger at Mubarak’s regime would inevitably be directed at us.
We can’t undo our past policies of cozying up to foreign autocrats (the problem extends well beyond Egypt) over the years. And we won’t make things right by simply shifting — or doubling or tripling — U.S. foreign aid to a new leader. We should instead be open to the idea that an arms-length relationship might be the best one of all.
NebuAd is dead. The company‘s plan to track users through their ISPs for the purpose of targeting advertising met with public and congressional concern that ultimately led to its demise.
I believe that ISPs should stick to serving bits and not get into the business of serving or helping to serve ads, so I’m glad to see NebuAd’s model fail. I’ve been made aware by a similar company – Phorm – of the privacy sensitivity they design into their system, but the answer for me is still “No, thanks.”
In terms of policy, this story is mixed. Fans of government involvement probably believe that concerns expressed by public authorities caused NebuAd’s partners to pull out. ISPs also responded to public concerns expressed directly and in the media, of course, and I believe that consumers’ passive reliance on government authorities for protection is in error.
The Progress & Freedom Foundation has just launched the new Center for Internet Freedom. CIF offers an alternative to the proliferation of advocacy groups calling for government intervention online by offering timely analyses and critiques of proposals that diminish the vital role of free markets, free speech and property rights. We aim to drive the Internet policy debate in new directions by emphasizing a layered approach of technological innovation, user education, user self-help, industry self-regulation, and the enforcement of existing laws consistent with the First Amendment. Such an approach is a less restrictive—and generally more effective—alternative to increased regulation.
Here are some of the issues I’ll be working on as CIF’s Director in conjunction with my esteemed colleagues Adam Thierer, Adam Marcus, and adjunct fellows:
- Defending online advertising as the lifeblood of online content & services, especially in the “Long Tail”;
- Emphasizing market solutions to problems of privacy protection, especially regarding the use of cookies and packet inspection data;
- Protecting online speech and expression both in the U.S. and abroad;
- Defending Section 230 immunity for Internet intermediaries;
- Opposing online taxation and legal barriers to e-commerce and digital payments, especially at the state and local levels; and
- Ensuring that Internet governance remains transparent and accountable without hampering the evolution of the Internet.
By Berin Szoka & Adam Thierer
Progress Snapshot 4.19 (PDF)
Since the fall of 2008, a debate has raged in Washington over “targeted online advertising,” an ominous-sounding shorthand for the customization of Internet ads to match the interests of users. Not only are these ads more relevant and therefore less annoying to Internet users than untargeted ads, they are more cost-effective to advertisers and more profitable to websites that sell ad space. While such “smarter” online advertising scares some—prompting comparisons to a corporate “Big Brother” spying on Internet users—it is also expected to fuel the rapid growth of Internet advertising revenues from $21.7 billion in 2007 to $50.3 billion in 2011-an annual growth rate of more than 24%. Since this growing revenue stream ultimately funds the free content and services that Internet users increasingly take for granted, policymakers should think very carefully about what’s really best for consumers before rushing to regulate an industry that has thrived for over a decade under a layered approach that combines technological “self-help” by privacy-wary consumers, consumer education, industry self-regulation, existing state privacy tort laws, and Federal Trade Commission (FTC) enforcement of corporate privacy policies.
In an upcoming PFF
Special Report, we will address the many technical, economic, and legal aspects of this complicated policy issue-especially the possibility that regulation may unintentionally thwart market responses to the growing phenomenon of users blocking online ads.
We will also issue a three-part challenge to those who call for regulation of online advertising practices:
- Identify the harm or market failure that requires government intervention.
- Prove that there is no less restrictive alternative to regulation.
- Explain how the benefits of regulation outweigh its costs.
Continue reading →
Stuck with limited ISP choices, broadband users are increasingly angry with the growing number of providers that poke around in their customers’ traffic. From resetting Bittorrent sessions to sniffing packets for URLs, more and more providers are wielding their power as the “man in the middle” to monitor and manipulate traffic in unpopular and possibly illegal ways. While these practices can be beneficial, tech-savvy consumers are understandably agitated. Congress is now considering legislation that would outlaw these ISP practices.
Instead of urging lawmakers to enact sweeping new laws that would often do more harm than good, broadband users should look to the recent emergence of commercial secure tunneling services. These services remind us that the marketplace is perfectly capable of resolving skirmishes without government getting involved.
Numerous companies have begun to offer encrypted tunnels using Virtual Private Networks (VPNs). These networks have long been used for a variety of reasons, and are popular with network security experts because of how well they protect data from outside snooping. By tunneling traffic through secure links, broadband users can break free from the constraints imposed by ISPs on certain types of traffic. Routing peer to peer applications through these tunnels makes them almost entirely indistinguishable from other types of traffic—even to stateful packet inspection tools like Sandvine that are undeterred by header encryption.
Tunneling traffic via encrypted, remote servers is also one of the toughest targets for ISPs. Many corporate users and university students connect to VPNs for necessary reasons, and there’s no easy way for an ISP to distinguish “legitimate” VPN traffic from the other kind. And with new secure tunneling firms popping up all the time, simply blocking the IP-address ranges of known tunnels is no solution. Absent a VPN Whitelist—highly infeasible given the growing number of VPNs in the wild—ISPs will soon realize that, no matter how much they invest in packet inspection tools like Sandvine and Phorm, informed users will always find a way to stay a step ahead.
Continue reading →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.