Q&A: Worldwide surveillance and filtering

The aim of the OpenNet Initiative is to investigate, expose and analyze Internet filtering and surveillance practices in a credible and non-partisan fashion.

Rafal Rohozinski is a founder and principal investigator of the Information Warfare Monitor and the OpenNet Initiative, where he directs a network of field-based staff in Asia, the CIS and Middle East. Rafal has 18 years of field-based experience working in an operational and advisory capacity in 37 countries. In 2005-2006, Rafal served as an embedded Chief Technical Advisor to the Palestinian Authority.

In this interview, Rafal discusses international surveillance and filtering issues.

Based on what criteria does the OpenNet Initiative select a country to analyze? What does the process look like?
We were among the first to document the emergence of censorship patterns. This began with a series of experiments carried out in 2002 at The Citizen Lab (University of Toronto) and Harvard which probed the Chinese and Saudi Arabia firewall systems. That work evolved into the OpenNet initiative.

Over the years we’ve developed a sophisticated and robust testing protocol that fuses data that we generate through technical testing and information we gather from our partners around the world. We currently have a networks of partners in over 95 countries. Basically, the process of determining where to test is quite simple and straightforward. We learn about Internet censorship either by monitoring official government declarations (that they intend to censor), such as in Saudi Arabia, China, Burma and elsewhere.

Alternatively, we pick up reports from our network of partners and or others, including human rights groups, reporters sometimes even ordinary citizens who complain that certain content or services are no longer available. We have developed a number of deployable software tools which allow us to verify whether or not censorship is taking place. These tools are quite accurate, and often will tell us not just if blocking this occurred, but how it is occurring and at what segment of the Internet.

We generally test across several ISPs in one country, which then allows us to determine whether there is a consistency in censorship behavior, and whether the process is centralized, or decentralize to each individual ISP. In some countries, we’ve now found that governments prefer to use offensive means to silence websites rather than resorting to filtering. But this we mean denial of service attacks, the use of $.50 brigades to overwhelm websites with comments and messages, are sometimes just simply disconnecting the resource by tampering with the DNS or physically pulling its connection (if it happens to be located within the state’s jurisdiction). In these cases, we generally engage in more in-depth investigations to understand exactly how these activities are sanctioned, and who carries them out. In some cases this involves sending researchers to work in these countries for an extended period of time.

How can you be certain that the information you’re using as the basis for your research is indeed correct and complete? From what kind of sources do you obtain the information?
We use two separate lists of URLs and Internet resources in our testing process: The global list which is run in all countries in which we test i used as a means of determining whether blocking takes place, and what categories of content are included. It is also highly useful as a way of determining whether a country is using a commercial censorship product, as these usually employ standardized lists were certain URLs will always be blocked. In some cases, the global list has allowed us to fingerprint the exact product being used.

The second list we use is called a local list and it contains URLs of sites and Internet resources that allegedly are blocked in the country. We supplement this list with other URLs which we obtain from other sources, sometimes people within the governments who are involved in censorship itself. We also do a lot of research to identify sites that could potentially be blocked, and may not be available within the country and therefore not noticed by our in-country partners. In general, we strive to be as comprehensive as possible but of course we can’t say that we catch 100% of all blocked content. Rather I’d characterize our tests as being highly representative of the kind of content that is being blocked.

What are the countries with the most Internet censorship and which ones leave their communication channels open?
There is no black and white characterization anymore. In fact, in recent years we have seen a move towards Internet regulation in just about every country under observation. The difference between censorship and regulation is a narrow one, and usually defined by the degree to which the activity is regulated by law, and the recourse that citizens have in being able to challenge content which is subject to censorship.

In countries like China, Vietnam, and Burma, there is very little recourse for citizens to appeal content which is being deemed unacceptable. In Uzbekistan the actual censor lists are considered secret and the practice of censorship is denied by the government (even though content is censored quite heavily). North America and Europe are still very much open, however, even their we’ve seen the rise of content controls, and more seem ready to be put in place in the coming years. Banning some content, such as child pornography is of course legitimate. Other types of content, such as “terrorist content”, is problematic as there is no proper legal definition and the term is open to broad interpretation. The trouble with content control is that once you start regulating you set a precedent that is difficult to stop.

One of the more interesting things we’ve observed in recent years has been the emergence of “third-generation controls”. This form of content control stops short of censorship, but rather sees the state (and pro-state groups) engage in active information warfare against their opponents. They use denial of service attacks, and other techniques in order to silence opposition. This approach is interesting, as it allows the state to claim that it is not censoring groups, but the effect is the same. Of course, there is no legal recourse to challenge these practices.

How do the United States compare to Europe in regards to surveillance and filtering?
Certainly there seems to be more momentum these days towards regulation in Europe. This is prompted by concerns over child welfare and exploitation, and also the perceived danger from radical militant groups. Europe also tends to be more of a surveillance society, particularly the UK. In the US, censorship is more difficult to implement if for no other reason than the court systems offer greater protections for freedom of speech. However, in both places surveillance is on the rise particularly as law-enforcement agencies become more adept to working in the cyber domain. There is also a lot of public pressure to enact laws and measures that will help you deal with what is seen as a rising tide of cybercrime. The cyber security agenda may lead to a new tighter content controls, and greater surveillance all around.

We’ve actually taken steps to engage in the cyber security agenda by creating a company that will provide tools and the device to this community (initially in Canada, as that is where the Citizen Lab and SecDev are currently domiciled). We realize that we can’t simply be bystanders to this process. If we believe that openness really is a better path, then we have to make sure that we address the legitimate concerns of policy makers and law enforcement agencies by providing them with tools that are relevant to policing in the cyber domain without necessarily resorting to tactics that potentially lead to abuse – first and foremost censorship and unnecessary surveillance.

What advice would you give to Internet users that live in a country that employs strong filtering?
If it is a democratic country where there is still recourse for citizens to challenge public policy, then I would urge them to organize with others to demand transparency over the process by which content is deemed unacceptable, and ensure that it remains open and publicly accountable. For those living in authoritarian country where these possibilities do not exist, the calculus becomes more difficult, and really one of individual choice. While it is easy for me to preach the virtues of an open Internet from Canada, it’s another thing to live in a country where the activity itself may lead to dire consequences, including jail or worse. For most people, that risk may be unacceptable. However, for those for whom the principle of freedom of information is something they are willing to take risks for, there are plenty of good solutions such as Psiphon that will give them access to the Internet while minimizing the risk.