By Jane Duncan · 5 Jun 2014
One year ago today, The Guardian newspaper published National Security Agency (NSA) spy Edward Snowden’s revelations about mass surveillance in the US. Digital activists are marking this day by launching a ‘reset the net’ campaign to encourage internet users to take back the internet from the spies and to make it secure for use: a campaign that has received Snowden’s endorsement.
Other forums have taken place recently, focussing on the broader principles that should guide the development of the internet in the wake of the Snowden revelations, including NetMundial and the Stockholm Internet Forum. The United Nations Educational, Scientific and Cultural Organisation (Unesco) has also launched a research project to identify internet first principles, revolving around their concept of ‘internet universality’. Will such campaigns and forums deliver the kind of internet we want?
Answering this question requires an analysis of the major threats facing internet freedom. In the 1990’s, when the internet expanded across the world, its founders promoted it as the first truly global medium of communication. Some important first principles were established at the time to ensure collaboration across borders for a free and open internet, including the need to use freely available standards that everyone could build on, and ensuring that the various components of the internet were interoperable. All data was supposed to be treated equally, irrespective of its contents, so that the internet remained a level playing field for all its users (the ‘net neutrality’ principle).
Since then, governmental and corporate controls have eroded the internet’s status as a global public resource, and chipped away at these foundational principles. More governments have begun to filter and censor internet content, and some have even considered de-linking from the internet to control information flows better: a move that would clearly undermine the global nature of the medium. While the existing global forums are promoting internet freedom, they are not being sufficiently robust about the thorny questions of who controls the internet.
Unless internet users ensure that the medium becomes what it is truly meant to be – a self-managed network of users, designed for communication and collaboration – then control is likely to slip into the hands of governments and corporations that are driven by needs other than the need to maintain the publicness of the internet.
Countries that like to think of themselves as democracies have resisted direct control of internet content, publicly championing internet freedom through foreign policy, while secretly promoting the privatisation of censorship through corporate control. This could be seen in the ways that companies like Amazon, PayPal and Visa strangled Wikileaks by dropping its website and preventing donations.
The US government could have used its indirect control of the Internet Corporation for Assigned Names and Numbers (ICANN) to have Wikileaks’s domain name removed, effectively scrubbing it out of cyberspace. It didn’t, presumably because it risked a backlash from countries that have been looking for reasons to transfer the management of the domain name system from ICANN to the International Telecommunications Unions (ITU), and presumably because it felt that its objectives were achieved through effective, less politically-costly, privatised censorship.
In an attempt to prevent control of the internet falling into the hands of authoritarian governments, the US has committed itself to establishing ICANN as an independent entity, run according to the principle of ‘multi-stakeholder governance’. While in theory the concept is an attractive one, in practice it is unlikely to deliver truly democratic control of the internet.
Snowden exposed the hypocrisy of the ‘five eyes’ (the US, Canada, New Zealand, Australia and Britain) and their European collaborators in mouthing support for internet freedom, while promoting mass surveillance that went far beyond what was needed to fight international terrorism. He also exposed the ease with which most large private companies rolled over and co-operated with intelligence agencies, playing fast and loose with their user’s metadata.
Net neutrality is also facing possibly its most significant threat yet, with the US communications regulator, the Federal Communications Commission (FCC) proposing recently that Internet Service Providers (ISP’s) should be free to enter into commercial partnerships with content providers, giving them preferential treatment. Ultimately this could lead to massive internet commercialisation, with ISP’s relegating important public interest content to an internet ‘slow lane’, while commercial content receives preferential treatment in an internet ‘fast lane’.
How are these geopolitical battles over the control of the internet playing out in South Africa? The country has legalised the targeted surveillance of voice and data traffic through the Regulation of Interception of Communications and Related Matters Act (ROICA). However, this Act lacks basic protections for human rights. For instance, it does not make provision for user notification if their communications are intercepted: a human rights violation pure and simple.
Evidence has emerged that the country is using mass surveillance technologies for the analysis of foreign signals intelligence, which does not fall under ROICA and which therefore does not require a judge’s interception direction to collect. This means that the state agency that has the greatest potential for mass surveillance, is also the one that is least regulated by law.
If the more well-regulated targeted surveillance capacities of the state are not human rights compliant and have been abused to spy on journalists, then it could be anticipated that its mass surveillance capacities are likely to be abused as well (they were in 2005). However, South Africa has not had its own Edward Snowden, so there is little information in the public domain about the nature and extent of abuses.
Net neutrality has been on shaky ground for some time in South Africa. ADSL service providers have practiced a form of traffic prioritisation by providing shaped services prioritising website traffic over other internet traffic to improve browsing speeds, and charging more for unshaped services. One ISP has already come out publicly against net neutrality, arguing that it undermines investment. If the battle for net neutrality is lost in the US, then South Africa’s ISP’s and content providers are likely to intensify their attempts to undermine net neutrality, and internet users need to be vigilant about this.
Censorship has, to an extent, also been privatised in South Africa too, although the government-controlled Film and Publications Board seems to think that it has jurisdiction over internet content. Internet intermediaries operate an unsatisfactory notice and takedown procedure, and enforce acceptable use policies that are often far too restrictive of freedom of speech. This is because ISP’s are offered protection from legal liability for unlawful content (or ‘safe harbour’), but also need to show that they are doing what they can to remove such content when it is brought to their attention. ISP’s tend to be risk averse, pulling down controversial content readily, and users have no in-built rights to recourse: a problem that is meant to be addressed through a legislative amendment. These practices are not subject to public scrutiny as take-down reports are not published on a regular basis.
Media freedom has been a huge campaign point in the past few years, but internet freedom has received insufficient attention. The focus needs to shift. Users can do a great deal to realise the net they want, by lobbying for greater transparency in intermediary conduct, ensuring user notification and a right of reply in relation to take-down requests, and ensuring that ISP’s censor content preferably after judicial intervention, or at the very least, only after a counter-notice procedure.
While an independent body already exists to administer notice and take down procedures, it cannot be said to represent the interests of users. Internet self-regulation is as susceptible to industry capture as legacy media self-regulation. While the legacy media have shifted away from self-regulation in response to criticisms that it is self-serving, and moved towards public-industry co-regulation, there is little indication of internet intermediaries doing the same. This is hardly surprising, as there is little public pressure on them to do so.
As Snowden has argued, public interest values need to be encoded not just in our writing, but in the structure of the internet. This requires engaging not just the technical part of society, but the users as well. However, users need to realise the extent of the threat to this increasingly important medium, and what they can do to respond to them. This applies to South African users too.
These threats are not a US or Northern concern only; they are making themselves felt in South Africa as well. The internet is the first truly global medium, but advocacy in its defence should not be left to global forums only; it can and must be local, and rooted in the self-activity of the most important stakeholder in the internet space: the user. It is this stakeholder - more than any other - that has the least to lose and most to gain from a truly public internet.