Intermediary liability has become one of the critical flashpoints of Internet governance. A few weeks ago, we celebrated an Australian court decision that denied a bid by copyright holders to make ISPs liable for copyright infringement by people who happened to be using their networks. Yesterday, we learned of an Italian court decision that seems to have pointed in the opposite direction. Google executives were convicted of a privacy violation because of a video that one of their millions of users posted. The decision raises major concerns as it seems to require Internet intermediaries to monitor user generated content, which would be a disaster for the freedom and openness of the Internet.
But there is more to this case than meets the eye. US news coverage, which concentrates solely on Google’s outraged claims, fails to take into account three broader issues: 1) the fact that Google itself has undercut its exemption from liability by implementing monitoring of copyright; 2) the weakness, vagueness and obsolescence of the EU E-Commerce Directive’s liability protection provisions; 3) the politics in Europe and the way privacy law can be used – for both legitimate and illegitimate reasons – to attack this large global corporation that threatens the business models of entrenched interests.
An Australian judge has given the world's supporters of Internet freedom reason to heave a big sigh of relief. Judge J. Cowdroy of Sydney yesterday rejected an attempt by 34 film studios to make iiNet, Australia's third largest Internet Service provider, responsible for the copyright violations of a few of their users. The critical issue was whether iiNet was responsible for infringement because it failed to take any steps to stop infringing conduct. The judge said it wasn't.
The censorship of Internet communications by the Iranian theocracy has been known for years. Months ago, a Freedom House study singled out Iran as one of the four worst enemies of Internet freedom. Yet a 22 June Wall Street Journal article got about 100 times more publicity than the Freedom House report, by making what turns out to be a spurious claim. Nokia-Siemens Networks is alleged to have sold the theocrats deep packet inspection (DPI) equipment that made it possible for them to, in the reporter’s words, “not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes.”
The story was eaten up because it pushes hot buttons on both sides of the American political spectrum. For liberals and the left, the article fingered DPI technology, which many fear will be used to undermine if not destroy net neutrality. And to many in that camp, nothing could be more ideologically simpatico than to place some of the blame for the Iranian debacle on greedy capitalists. For conservative nationalists, on the other hand, the story hit an equally strong nerve. They tend to favor a hard-line foreign policy toward Iran, a charter member of the “axis of evil.” Their agenda is to isolate and demonize the Iranian government and, in a replay of the Cold War, push to cut off all trade and dialogue – if not to invade it outright. DPI becomes a proxy for nuclear weapons and a new kind of nonproliferation is advocated.
But even as the story was rippling through numerous email lists and blogs, I smelled something fishy about it.
A coalition of investors have filed shareholder resolutions with 10 major U.S. Internet service providers, urging their corporate boards to report on the impact of the companies’ use of deep packet inspection for Internet network management on the freedom of expression and privacy of their customers. The effort was organized...
Milton Mueller, appointed as professor to the Chair of Security and Privacy of Internet Users within the Faculty of Technology, Policy and Management at the Delft University of Technology will present an Inaugural Address, "The Future of Freedom on the internet: Security, Privacy and Global Governance" on Friday, 17 October...
Milton Mueller will be a keynote speaker at the upcoming Privacy in Social Network Sites Conference to be held October 23-24, 2008 at Delft University of Technology (TU Delft). The program is available here. Recently, Social Network Sites (SNS) have been used to support the American presidential campaigns and to...
I just returned from the “Internet of Things, Internet of the Future” conference sponsored by the French Presidency of the EU. At a panel on the privacy implications of RFID, I was struck by the way so many panelists, perhaps 4 or 5 out of 7, invoked “privacy by design” as a way of responding to RFID privacy threats. They all seemed to agree that it was somehow possible to pre-configure the technology in a way that privacy is structurally protected. Appropriately enough, the next day one of the chief intellectual promoters of this myth, law professor Lawrence Lessig, keynoted the conference.
I think people who put such stock in the ability of “design” or constructed “architectures” to solve or forestall social problems are wrong. Our ability to solve privacy problems depends on how strongly people value privacy, how well they mobilize politically and economically and whether they have the legal and regulatory tools to intervene in strategic areas of the value chain. There is no magic shortcut that allows a social objective to be inserted into the “genes” of a technology at the outset to save us from all that laborious work.
The FBI is soliciting vendor proposals to provide one-stop, turn-key access to Internet Zone files, domain WHOIS and DNS records. Posted July 22, with responses due yesterday, the solicitation details a system that would aggregate the data and provide it to the FBI for up to the next 5 years. On one hand, the open nature of the DNS makes this request mostly just a large data collection exercise, but it has some interesting wrinkles with respect to its scope and selection process, as well as implications for civil liberties.
This is the most intensely political ICANN meeting I have ever been in, with the possible exception of Berlin 1999. Part of the cause is the GNSO structural reform, which has the various constituencies snarling at each other about vote distributions. Multilingual domain names, which combines market pressures with geopolitics, adds to the mix. But one of the main causes is the escalating power of ICANN's Governmental Advisory Committee (GAC).
GAC is gradually inserting itself ever more persistently into the so-called bottom-up, nongovernmental policy making process of ICANN. As this happens, the politics of ICANN become ever more high-level and difficult for ordinary Internet users to access. As this happens, some of its more ambitious members of the GAC are chafing at its “Advisory” status. It is evident that many governments have trouble understanding the idea that their role is only to provide advice and guidance to ICANN on matters within their jurisdiction, and that they are (supposed to be) one of many “stakeholder groups.” Which goverment has the most trouble here? The answer may surprise you. It is not China or Russia, or some other authoritarian state. Nor is it Brazil or South Africa, or any other state that led the charge against ICANN during WSIS. No, it is the USA.
But fortunately, there are some people within ICANN willing to assert its autonomy and stand up to state pressure. The following dialogue between ICANN's Board Chair Peter Dengate Thrush reveals an unexpectedly stiff spine. In the following exchange, the US GAC representative, Commerce Department's Suzanne Sene, is badgering ICANN's Board about GAC's advice that it do “studies” on Whois – privacy. We repeat the exchange here with only a few excisions. It makes for delightful reading. The Board chair politely but firmly explains to the US government how ICANN — an organization it set up — is supposed to work.
The Security and Stability Advisory Committee (SSAC) has added a new wrinkle to the ongoing domain name Whois saga. In a document released late last week, it identified some well known and other less talked about problems with the Whois protocol and it called on ICANN and its community to pursue a more holistic approach involving policy recommendations. Interestingly, it also called for consideration of a new “formal directory service for the Internet” standard to serve domain name interests.