News, privacy

ISOC Chennai IGF workshop proposals updated

News, privacy, security

Spy@home? Mandatory Filtering Software in China

from the Electronic Frontier Foundation’s Deeplinks blog

China’s Spy in the Home

Commentary by Danny O’Brien

The Chinese Ministry of Industry and IT’s announcement that all PCs sold in China must include government-approved filtering software is a profoundly worrying development for online privacy and free speech in that country. While the application, “Green Dam Youth Escort”, claims to only block pornographic sites, the access to a home computer such filtering software requires means that it could also have the power to conduct all sorts of other surveillance and control — far more than China’s current monitoring and blocking systems at the ISP level permits.

On present day operating systems, government-controlled software that are granted such admin rights would be able to collect IM and email conversations, install keyloggers, relay microphone and webcam recordings. It could prevent or detect the use of web proxies (the primary method of Chinese citizens seeking an uncensored Internet), and scan for privacy-protecting software like Tor and PGP. Business users of Chinese PCs will be vulnerable to state-sponsored corporate espionage. Foreign users of computers in China will be unable to guarantee the security of their communications.

Are these realistic threats? Absolutely: indeed, we’ve already seen what many suspect is the Chinese government’s use of software in this way. A localised Chinese version of Skype included backdoors that passed on private IM conversations to third-parties. Tibetan dissidents have struggled with keylogging spyware that is uniquely targetted to this political group.

But until now, such software has relied on duping its users as to its function or on the poor security of their operating systems. “Green Dam Youth Escort” will allow the Chinese state an automatic foothold on every Chinese PC, installing their own code remotely through automatic upgrades.

PC distributors have already reacted negatively to the announcement, not least because of its unrealistic deadline of July 1st. Dell has said that it will only consider installing the software if its only purpose is to block pornographic content from children, and only if it can be disabled.

These companies need to continue the pushback, not just for reasons or practicality, or for privacy and surveillance, but in defence of their users’ right to manage their own property.

Other software companies, like the anti-virus companies, can assist by detecting and removing such programs in just the same way as they defeat other malware that undermines user control (if they do not, they risk having criminal non-government malware use the Chinese program as method to conceal their own intentions, as happened with the Sony Rootkit).

Finally, Western governments need to understand that their own plans to infect computers with such software — under the proposed Loppsi 2 law in France, or the Federal Trojan project in Germany, or via the FBI’s current domestic spyware projects — needs detailed scrutiny and firm judicial controls in place. The modern PC is as private and personal a locale as a citizen’s home. Any state that claims to respect human rights and civil liberties should respect that privacy.


ISOC IGF Leaders Program – applications for IGF Sharm El Sheik, Egypt now open

As part of the ISOC Internet Leaders programme, the Ambassador programme is designed to involve members in ISOC’s global engagement activities while providing valuable expertise and know-how to IGF meetings – read more on ISOC’s Ambassadors help to explain and promote ISOC’s positions on public policy issues related to the themes of the IGF. Ambassadors add their significant local and regional experience and insight to discussions and interventions during the sessions and workshops. The Ambassadors are also expected to take home first-hand experience of the IGF and to continue to drive local ISOC activities, particularly as they relate to Internet governance issues. The objective is also for them to continue participating in global discussions on Internet governance.

ISOC has participated at all stages of WSIS and the follow-on IGF. In this process we have succeeded in gaining significant recognition for our positions which support an open and globally accessible Internet. Much of this has been achieved through cooperation with our Chapters, members, and partner organizations from around the world. We believe that the IGF provides a very useful platform for open dialogue on the challenges and opportunities that face the Internet, its governance and the role it will play in empowering individuals and contributing to social and economic development around the globe.

Applications for IGF Sharm El Sheikh are open from 4 to 29 June 2009.


ICANN as a transparent, accountable public corporation that the world can have faith in

In terms of transparency and participative governance, there is no other public corporation anywhere in the world that has established systems and practices as elaborate as ICANN has done.

To reach another person on the Internet you have to type an address into your computer – a name or a number. That address has to be unique so computers know where to find each other. ICANN coordinates these unique identifiers across the world. Without that coordination we wouldn’t have one global Internet.

The Internet Corporation for Assigned Names and Numbers (ICANN) coordinates the Interent’s Naming system. ICANN was formed in 1998. It is a not-for-profit public-benefit corporation with participants from all over the world dedicated to keeping the Internet secure, stable and interoperable. It promotes competition and develops policy on the Internet’s unique identifiers.

It was a US Presidential directive in 1997 that led to the formation of ICANN as not-for-profit corporation based in California. The Department of Commerce maintained its oversight of ICANN through an agreement known as the Joint Project Agreement which is a topic of global discussion as the world considers it fair that Internet Governance is a muti-stakeholder affair, that needs to extend beyond the oversight of any one nation.

The JPA is under review. In this context, Paul Twomey, the CEO of ICANN filed a written testimony before the Subcommittee on Communications, Technology, and the Internet of the United States House of Representatives on June 4, 2009 on Issues concerning the Internet Corporation for Assigned Names and Numbers (ICANN), including the expiration of the Joint Project Agreement between the U.S. Department of Commerce and ICANN at the end of September and the creation of new global top level domains (gTLDs).

Apart from stating his postion on the JPA, the document summarizes the elaborate participatory, transparency and accountability systems that have evolved over the years to make ICANN a model of a global public organization. ICANN has impressively taken shape with its accountablility mechanisms in three spheres as Paul Twomey narrates and it would evolve even more as a fully independant organization