The Internet was invented by a state agency (the Defense Advanced Research Projects Agency, known as DARPA) for military reasons. By design its communications divided into nodes that were intended to be self-sustaining rather than dependent on central control. The Internet initially spread outside the military through academic communities used to free speech. Its explosive growth was based on readily understood free browsers on the World Wide Web – browsers largely supplied by the private sector, whether for profit (Microsoft, Apple) or not for profit (Mozilla Foundation).
The wild west
As a result, it seemed reasonable, not to say intoxicating, to think in the mid-1990s that this communications phenomenon with its massive social and economic impact was somehow free of government controls. Thus John Perry Barlow's famous Declaration of the Independence of Cyberspace, and Johnson and Post's Law and Borders: “The Net thus radically subverts a system of rule-making based on borders between physical spaces, at least with respect to the claim that cyberspace should naturally be governed by territorially defined rules.”
Even in the relatively early days of its popular use, however, there were reminders that 'the Internet is not a No-Law Land'. Laws applicable to communications (such as defamation, fraud and hate speech) and to property (such as copyright) applied to online communications as well. But as some of the early attempts to bring it under control failed, such as the plan to have an anti-encryption 'back door' built into the relevant hardware (the Clipper chip), naturally there was optimism that freedom of expression and participation would prevail over 'the people who run things'.
The U.S. government controlled much of the early developments of the Net. President Clinton's policy was to keep state control away from the Internet as much as possible, in order to promote the expansion of online business. Shortly after that policy was proclaimed, the Internet Corporation for Assigned Numbers and Names (ICANN), a California not-for-profit corporation, was given the authority to run the naming infrastructure, though on a contract with the U.S. Department of Commerce that continues. The point was to allow for a maximum of 'self-regulation' which has been largely successful, though there were sceptics from the early days.
This optimism was also easy to find in the political sphere at the turn of the century, when national liberation movements seemed able to work around traditional forms of censorship. Among others, Professor Henry Perritt wrote in “The Internet and Public International Law” (online fragment and paywall), 88 Ky.L.R. 885 (2000), that NGOs played a proportionately greater role in international than in domestic law reform, because the institutional structure for international governmental functions was less complete than at home. Thanks to the Internet, sharing information and plans was qualitatively different from what it could be with letter mail, telephone and fax.
I wrote a little overview of the Internet and law reform back then that was fairly upbeat.
The sheriff arrives
Governments have been pushing back, however. Part of the response would be perfectly legitimate anywhere. It is the responsibility of government to govern the residents of the territories for which they are responsible, and that includes to some extent their dealings across borders. While finding people online, deciding where they are and thus who has the right to govern them, and figuring out what they are doing, raises new challenges, it is still the exercise of traditional government power.
The debate about whether government's powers have been reduced or defeated, or on the other hand whether they have become too intrusive or harmful, tends to focus on freedom of expression and of political opposition, and the means available to suppress these activities. However, well-established limits to governments' offline powers seem threatened online as well, so the concerns are sometimes broader than just 'politics'.
It is the fate of limits on government that is of most interest in this column.
Among the best known efforts of governments to control the Internet have been those of China and Iran, where tolerance of dissidents has been low. The Great Firewall of China has been operating for many years, with considerable success. (There is even an app by which one can check if a site is being blocked in China – which reports that the app itself is not blocked there.)
Considerable efforts have been made in less repressive countries to provide tools to avoid such detection and censorship. Among the best known is the Citizen Lab at the University of Toronto and its circumvention program Psiphon.
In recent years some outbursts of optimism about the impact of the Internet and social media have been short-lived, such as that surrounding the use of Twitter to coordinate election protects in Iran in 2009. Some positive impact has been seen in some of the countries touched by the Arab Spring, though that phenomenon was very diverse and has had very diverse results. Of course the state of many of the countries is still in rapid evolution, so conclusions should be cautious.
Some reports make it clear that at least in Tunisia and Egypt – arguably the most 'successful' uprisings to date – social media played a large role in providing access to ideas and in permitting coordination of efforts against the government. Others are more nuanced but agree that social media were at least a catalyst to change already begun.
The government of Egypt at one point cut off the Internet to the country entirely. It could do this because of its control over the state-run telecommunications companies that held all the physical connections to the Net. However, it may be that cutting off the social media conversations drove their users into the streets, where the protests became irresistible. (The role of the Internet in distracting the public is not immaterial either, and some connectivity can satisfy demands for modern conveniences and lower pressure for political reform.)
Governments are getting smarter about control in such circumstances, and perhaps more ruthless. The Syrian government opened the country for the first time to Twitter and Facebook in 2011. However, it turned out that the government was able to track the signals and the computers used by anyone sending critical messages, so the Internet was used to find dissidents. "Users who tried to access Facebook in Syria were presented with a fake security certificate that triggered a warning on most browsers. People who ignored it and logged in would be giving up their user name and password, and with them, their private messages and contacts.”
Law and order
Numerous governments are using the Net and technology to fight back , or to main control they have always had. There is nothing inevitable about free expression even online. High technology companies are usually happy to sell state-of-the-art interception and monitoring tools to any government who will pay for them. Service providers on a global level find themselves complying with local government's policies on censorship as the price of doing business in such countries. Google's ongoing struggles with Chinese demands for censorship have attracted attention largely because most companies do not push back.
Indeed Egypt's highly visible – if not politically successful – closing down of the Internet has led to claims that other governments, even western ones, including the U.S. government, should have that power too.
As noted earlier, governments have always taken the position that their laws applied to the use of the Internet on their territory or by users in their territory. The principle is fairly clear. The question has been in part the application of legal principles of jurisdiction and in larger part the difficulty of detecting offences and enforcing rights or penalties. Going after intermediaries and proxies has long been one 'solution' to such questions.
In recent years we have seen governments, including democratic ones, targeting the Internet infrastructure. The US government has seized domains outright, sometimes with little due process or even explanation, usually to protect intellectual property rather than to suppress dissent. It has closed down servers despite the presence of much legitimate content on them. State government has managed (so far) to seize domain names of sites that it alleged were connected with online gaming. So the Internet's structure of nodes and alternative routing does not protect against law enforcement willing to sideswipe legal activities to get at the illegal ones.
The new world order
Part of what is changing that produces this kind of action is the desire to fight terrorism. The voices for censorship and intervention that could be set aside in the 1990s became much louder after the attacks of September 2001. Thus the Council of Europe (most European countries, plus Canada and the U.S. as observers) adopted the Convention on Cybercrime in 2004 that requires member states to impose obligations on Internet intermediaries to keep traffic information for two years and make it available to law enforcement and security interests. “Law enforcement authorities must be granted the power to compel an Internet Service Provider to monitor a person's activities online in real time.”
This Convention is one of the motivations behind the government of Canada's repeated attempts to introduce 'lawful access' legislation (in its most recent appearance, Bill C-30), to give law enforcement authorities rights to easy and largely unsupervised rights to get information from communications intermediaries, and to make the intermediaries hold on to the data in searchable form, generally at their own expense.
On the international level, attempts by government to impose their regimes on the Internet continue. China and Iran have been mentioned, but others work in the same vein. The narrowest access may be provided by North Korea , which allows a few of its residents to access a very partial homegrown computer interconnection system.
In the early part of the decade there was pressure on the privately-run ICANN to open up its governance and to provide top-level domain names in writing systems other than Roman, which has now been done.
Nations gathered in a series of 'Internet governance forums', culminating in the World Summit on the Information Society (WSIS) in 2005, with follow-up meetings in later years. However, these meetings have stayed away from proposing 'solutions' to the governance or operations of the Net.
A much greater threat is seen to come from the International Telecommunications Union (ITU). This body, founded in the 19th century to govern telegrams and later telephones, is composed of national governments. There is no role for non-governmental organizations or business corporations. Many of the member states of the ITU routinely censor communications in other media (and often do unpleasant things to the people responsible for the communicating), and would like to bring the Internet and its users under their wing too.
The World Conference on International Telecommunications (WCIT-12) meeting of the ITU in Dubai in December 2012 debated general principles for assuring the free flow of information around the world, promoting affordable and equitable access for all and laying the foundation for ongoing innovation and market growth.” The aim was to update international regulations last formulated in 1988.
It was probably foreseeable that a number of democracies would refuse to sign the final treaty hammered out at the meeting: the United States, Canada and several other countries refused to sign because it would permit too much government regulation of cyberspace. Time will tell what influence the treaty has on member states and on Internet access around the world – but governments are not surrendering any control, to be sure. (On the other hand, the meeting may have been mainly about the money .)
Conclusions (though the debate is not over yet)
The forces of access and Internet censorship in North America invoke what I think of as the Four Horsemen of the Internet Apocalypse, the threat of whom must, it is alleged, be resisted by all possible measures: terrorists, child pornographers, copyright pirates and Internet gamblers. The Cybercrime Convention deals with the first three expressly, and many of the innovative – not to say extreme – enforcement actions by U.S. authorities in recent years have been exercised in pursuit of the gamblers.
Governments find political, economic and social pressures to control in the 'common good' (after all, who is the government except a body that acts in the name of the people, whether or not the people have a serious role in saying who the government is?) It appears at present as if the technological and policy pressures to put governments back in control are largely succeeding. The notion of limits on government have never been universal, and they are under threat in countries where they have in the past been respected. Governments use the power of fear to justify their use of the intrusive technology.
Security expert Bruce Schneier has said that information technology multiplies the power of the person who uses it – but that user may be government as well as business or political opposition, and when it is the government, liberties may be threatened.
If, as some people say, the Internet is becoming 'feudal', with masses of users being bound by technological fealty to large private bodies like Amazon, Google or Apple – an assertion that must await another column – then one may recall that the feudal system in western European history (still Canada's primary heritage) eventually fell under the sway of the king. Having very powerful 'barons' provides yet further useful pressure points for effective government control of the Internet.
P.S. This note has not raised questions of cyberwarfare or cybersecurity, except for the brief note on the Cybercrime Convention. While these matters raise fundamental questions of the role of governments as defenders and prosecutors of the national interest, they do not relate directly to the abilities of government to control the day-to-day activities of the Internet. I will return to these questions in a future column.