Towards a broken future of Internet
Internet, which initially started as a DARPA experiment is [still] under the indirect control of USA government through ICANN despite several objections from Europe as well as IBSA. This worked when most users were from the western world with the notable exception of China and few minor quirks. But in the past few decades, not only the governments around the world are putting more controls but also the internet users (as well as enterprises) are fighting back against US control. In this blog post, I will describe the main threats to the existence of (current form of) Internet.
First, let’s see a few incidents from the past –
Incident 1: Operation Shady RAT, 70 organizations across 14 nations (from the USA to India) fell to targeted intrusions (probably) by a state actor, the operation started in 2006 and continued till 2011.
Incident 2: Operation Ghostnet, primarily targeted Tibetan government in exile (in India) but computers at embassies and foreign ministries of many other governments were compromised as well.
Incident 3: Stuxnet was designed to target a particular configuration of centrifuges at Natanz who operational capacity dropped by 30 percent in 2010. The aim was to (at least) slow down Iran’s uranium enrichment. Given the sophistication of Stuxnet (which exploited four zero-day vulnerabilities), it is believed to be the work of a state actor. A year later, a similar malware duqu has emerged.
Incident 4: Byzantine Hades has targeted 760 companies with the alleged aim of industrial espionage.
Incident 1: SOPA and PIPA are designed for pro-active blacklisting of domain names which are alleged to be serving infringing copyright content, thus, if domain registered by European national (with no link to the US at all) can be removed from DNS registry just on the basis of one legal notice, of course, European parliament is not happy about it. Laws like this threatens the existence of the Internet as we see it today.
Incident 2: An English national, who is running a travel agency in Spain, had his websites taken down by his American registrar after receiving a notice from the American government that his sites were helping Americans evade travel restrictions to Cuba.
Incident 3: Owner of popular music hosting domain had his site seized for over a year (even though seizure legally are restricted to 60 days) for intellectual property infringement till US government ultimately realized that music was being released on the site by the actual copyright holders.
Incident 4: Indian Parliament considers a new Information Technology Act was calling for a ban on the uploading of blasphemous and controversial content.
Incident 5: Fearing civilian uprising and with the aim of creating a halal network, Iran is working towards creating a national network disconnected from the Internet. The efforts look credible since they are working on in-house hardware (network gears) as well as software (search engine).
More and more governments are opting for digital surveillance sometimes by framing laws, sometimes in a more blatant illegal fashion.
Incident: Multiple attempts were made in Iran for getting fake certificates for major websites (primarily to do man-in-the-middle attack on dissidents), first on 15th March 2011, an Iranian patriot compromised a Registration Authority of Comodo, which is a root Certificate Authority(CA) to issue fake certificates for major sites (which were revoked quickly), two months later, Dutch CA DigiNotar was breached and fake certificates were issued which were used for ~ 2 months before revocation.
Several companies in the USA have engaged in selling technology to oppressive regimes in Syria, Myanmar, China, etc. for cyber surveillance of citizens. But let’s not forget, the Internet was not primarily designed with national boundaries in mind, therefore, it’s not uncommon for these countries to spy on traffic of neighboring countries flowing through them (un)intentionally, as it happened in case of Pakistan’s block of YouTube which went much beyond its national boundaries or when a big chunk of international traffic went through China due to [mis]configuration at the end of China Telecom.
Fearing the dangers of spying, USA government does not want its data to be located in data centers outside the USA, the same law has been enacted by Europe and we should expect other governments to follow soon (if they ever purchase cloud storage).
Privacy on the internet was not a major issue till user-generated content (or more specifically social networks) became mainstream. Controlled primarily from the United States, they fumbled several times in Europe. Following are a few notable incidents –
Incident 1: A group of students uploads a video showing bullying of a mentally challenged boy on videos sharing site, the Italian court convicts three executives of the company for privacy violations.
Incident 2: A social networking company launches face recognition (with opt-out settings) and is fined by the German government for not making it opt-in.
Incident 3: US courts order a microblogging company to supply account data of a Parliamentarian of Iceland, of course, Iceland is not happy about this.
Incident 4: A search engine company is ordered by French courts to remove defamatory contents about an individual (the contents were generated based on the court cases going against him), of course, the cases are still available online.
And the European Union is working on tougher data protection laws for the companies to access its internal market.
As initially mentioned, the Internet today is virtually divided into two halves – China and the rest of the world (RoW). One can see that this not only enables censorship but encourages protectionism. While RoW has one dominant search engine(google), one dominant social network(Facebook), one dominant micro-blogging site(Twitter) and one dominant video-sharing platform(YouTube), most of these are either banned in China or have a very small market share. Baidu is the search engine, Renren is the social network, Youku being video-uploading and Weibo being micro-blogging site. While protectionist policies usually don’t work in the long run, they do give immediate short-term gains and necessary protection to local companies. And this might encourage EU or Arab-world to follow this route.
While The current tussle is primarily between the USA and Europe (and in some cases USA and China), going by demographic trends and rate of Internet adoption, it is easy to see that in the near future, we are going to have two more major players namely Middle East (with technical know-how supplied by Iran) and India. The clash among these five major players over above issues will certainly threaten the existence of the unified Internet as we see today and lest the above issues are resolved, we are going to end up with a form of the Internet much different from what we currently have.
2 Replies to “Towards a broken future of Internet”
We have a battle raging. Brought in by the proponents of the old generation – who are too scared to understand the full impact of the cyberspace on the new generation – it is vested monetary interests at the core of these new acts – but the case I believe can be tied back to this basic difference of how young and old understand this new dimension that was added over the last few decades. If one looks at the list of supporters – one one side is the age old companies who create their IP outside the cyberspace and the other side is companies who create their product in the cyberspace.
The first group understands the new dimension in the context of their old framework – where they have markets which they advertise or sell to. So far as this goes on fine by them. Heck! Our creativity is not restricted by blocking/surveillance. They are the generation who understand this revolution of making the old acts of meetings, documentation, reporting, billing more efficient and more convenient; nothing more nothing less – for them the renaissance, the struggle for American Independence, Martin Luther happened without the internet and we were very creative – we can live with a rudimentary internet.
The second, is the group of pioneers who understand this better – monetary interests or not.
What has arisen, is a cause of failing to take the whole world with them – and SOPA nad PIPA are the result of this failure, an effort to control this other world in a manner that this old world was controlled by its czars. This legislation will eventually serve to isolate the ideas of the world – as you suggest the possibility of 5 segments – perhaps the world will become a more interesting place, closer to the fairy tales. 5 kingdoms, each with a very different approach to life.
My view on the point of protectionism is going to be unpopular, but I’ll make it. China has created a thriving ecosystem of web companies as a side-effect of censorship. While I cannot defend censorship anywhere in the world, I should like to admire China for this side-effect of protectionism. When it’s not far-fetched to limit foreign investment and market share in a nation’s critical infrastructure such as airlines, telecom, highways, and power, why should Internet be any different?
After all, each self-interested nation would like its workers to be at their innovative and creative best in their jobs. If a developing nation such as China can guarantee such an innovative environment only under the guise of protectionism, so be it. It’s reasonable to say that India would’ve had an indigenous search engine (on the lines of Baidu) by 2012 had Google not taken 90% market share by 2004 (before Indian IT companies even had a chance to look at the search problem). Consequently, Indian IT ended up being the back-office of Microsofts and Ciscos of the world, while Chinese web companies stand shoulder-to-shoulder with giants Google and Facebook in NASDAQ and NYSE.