by Reem Al Masri
Adam Senft (Citizen Lab), Jakub Dalek (Citizen Lab) and Baraa Hassaniya (Jordan Open Source Association) contributed to the reporting. Translation was completed by James Cain.
Imagine a museum for the Internet; this is the closest description of the website “Internet Archive”. Of the tens of thousands of books available on the website free of charge, we found more than 127 thousand books in Arabic, most of which were original manuscripts. Books of Islamic jurisprudence and interpretation digitized by libraries of American and Canadian universities were also made available through Internet Archive. The website satiates a nostalgia that infects us from time to time to revisit coverage of Arabic websites of big events such as the coverage of the assassination of Rafiq Al-Harari in 2004, or to return to forums that vanished from the face of the internet such as Abu Mahjoob forum.
In October of last year, the non-profit foundation Internet Archive, along with the wider world, celebrated the 20 year anniversary of the founding of the website which aims to preserve memories of the internet and prevent digitally generated content from disappearing.
The only ones who did not celebrate this occasion were internet users in Jordan.
Since the beginning of the year 2016, internet browsers would simply display a message confirming the unavailability of the site, seconds after typing its address www.archive.org , regardless of the service provider or method used.
The website became available once again in February of the year, according to a statement received by 7iber from Chris Butler, the Office Manager of Internet Archive. In the meantime, during the four-month-long period from September 2016 to January 2017, the team at 7iber attempted to uncover the technical or legal causes which made a global website like this one unavailable to internet users in Jordan. There were two scenarios to explain the phenomenon: Firstly, there were technical issues within the website itself which impeded us, and other users across the world from accessing it. As for the second possibility, it was that the website had been blocked by the Media Commission in Jordan, as we’ve grown to expect, practicing its powers granted by the 2012 amendments to the Press and Publications Law.
However, a third scenario was awaiting us.
How can we technically prove that the website was blocked?
For us to begin research into the second scenario, we had to first confirm that there were indeed no technical issues within the website itself (scenario 1). We needed to find technical evidence of the block after succeeding to get on the website using Tor browser or a VPN. In collaboration with Citizen Lab and the Jordan Open Source Association, we ran a number of tests starting on November 17th 2016 on the network using the application WireShark. The application records all the traffic sent and received by a device when it connects to the internet. The results of the test revealed that devices which attempted to connect to the website Internet Archive were failing to complete the operation known as a “TCP handshake”, which is normally completed whenever a connection is created between two devices. This is something which can be taken as a clear indication that the website had been deliberately blocked. (For more technical details on this test please refer to the attached file).
The test results matched what Chris Butler, Office Manager at Internet Archive, had previously told 7iber in a statement: “reports reached us from two different users, the first of them in February 2016 and the second in March of the same year, both regarding the users’ inability to access the website from Jordan. The complainants had tried to access the website from a range of telecom company networks (Umniah, Zain, and Orange) only to find they were still unable to access the site”. Butler continues that after Internet Archive pursued the issue and were in touch with the Commission in December of last year, the website became available once again in the last days of January of this year.
We ran a second test on the network once the website was available again, and the results now showed the successful completion of the TCP handshake, and the possibility of sending and receiving packets between the site’s server and testing device. This all confirmed that the website had been blocked before and that now the block had been lifted.
The website was blocked centrally, but who blocked it and why?
In November of 2016, at the time the website was still blocked, we directed a number of questions to the three entities through which a website blocking process normally has to pass: The Media Commission, which sends the decision to block the website to the Telecommunications Regulatory Commission (TRC), which in return disseminates it to telecom companies to enact it.
Assuming that telecom companies have the most knowledge of their networks and are careful to carry out blocking decisions to avoid legal liability, we thought that they are the most capable of explaining the unavailability of the website on their networks. We got in touch with two companies (Zain and Orange) last November. The public relations employees in both companies seemed happy to cooperate with the media. After formally sending them our questions, Orange stopped replying to the numerous attempts made by 7iber to receive an explanation. As for Zain, their response after several attempts to get an answer was that “the employee responsible for the block is on a family holiday, and there is not anybody else able to take his place and answer this question”. The public relations employee then dismissed our subsequent inquiry: “What if you were to receive an order to block a website whilst the relevant employee was on holiday?”
The reasons behind the telecom companies’ delays in replying to our questions may well have been purely bureaucratic through which inquiries from non-advertising media simply gets lost. However we were not the only ones being ignored in this way. Butler told us that Internet Archive had also repeatedly tried to contact Orange, Zain, and Umniah throughout April 2016 in order to clear up the complaints which he had received, without a single reply. The website also tried to contact the Ministry of Communications and the National Centre of Information Technology only to find the same level of disregard.
As for the Telecommunications Regulatory Commission (TRC), despite their efficiency in communicating with 7iber, their responses to us seemed to answer another question, one we weren’t asking: “The Telecommunications Regulatory Commission is not the entity which issues the decisions but rather it is the entity which enforces the decisions the block sites as issued by the Media Commission, furthermore the Commission does not receive reasons behind the blocking of any website, and this is the same in the context of Internet Archive”.
When we tried to return to the original question: “Did the TRC carry out the dissemination of the decision to block the website Internet Archive?” the TRC responded with the same answer. We then asked the TRC whether it would be possible to supply us with all blocking decisions that they passed in year 2016, and their reply was that “the TRC is unable to disclose that given that these decisions are temporary and not fixed”.
The only place left to look for an answer was the Media Commission, the sole entity legally authorised to issue decisions to block websites as according to the amendments of the Press and Publications Law of 2012. The director of the Media Commission, Mohammad Quteishat, confirmed to us that at the end of last November, and after looking at all the blocking decisions in 2016, “there was not one which pertained to the website Internet Archive”.
Why did the website become available?
In February 2017, after the website was available, we contacted Chris Butler again. According to Butler, Internet Archive communicated with the Media Commission in January of this year to try again to inquire about the reason for the site’s blocking following all the previous failed attempts to contact telecom companies. The response from the Media Commission was that they would look into this issue, stressing that the blocking decision had not been issued by the Commission. Butler says that the commission got in touch with him at the end of January announcing that the website was “now” available in Jordan according to the following email:
Again, we asked the director of the Media Commission, Mohammad Quteishat, about the reason for the site’s return to Jordan after being blocked for almost a year. However, Quteishat assured us that “the website was not blocked on the Commission’s network, at least as provided by the National Centre for Information Technology [gov ISP]”
And as for what the Commission wrote in its message, that the website “Is now available”, it did not insinuate for Qutaishat that “that the website was blocked,” according to what he told 7iber. As for our request for an explanation of the technical reports proving the blocking of the website, and the coincidence of the availability of the website shortly after Internet Archive contacted the Media Commision, he said: “I cannot answer. We did not have any hand in the blocking or the unblocking of the website, the website was not ever blocked according to a report from the follow-up committee.”
The third scenario: The invisible hand
The website Internet Archive was blocked quietly in Jordan, and then unblocked quietly. Despite the obscurity of the reasons behind the availability of the website, the story lay in discovering the extent of absurdity that the process of blocking websites in Jordan has reached. This absurdity is first structural. It began in the 2012 amendments of the Press and Publications Law, which the government is convinced has been effective in regulating online media. However, until now, the scope of the sites made subject to the Press and Publications Law remains controversial because it goes against the technical nature of network, that cannot define sites into “local” and “global”. The absurdity is also manifested through the administrative authority given by the law to the director of the Media Commission, allowing him to use his own discretion to identify which websites can be categorised under “electronic news website”. As for Internet Archive, it all points to the worst-case scenario: There is a parallel entity outside any radar, with influential central powers over the network, able to jump above the remit of the Media Commission and telecoms, and block or unblock websites centrally.
“We’re appreciative that the Commission appears to have helped get us back online in Jordan,” Chris Butler told 7iber. But despite what the Commission wrote in their email to him, that the website was “currently” available, Butler was hoping “they would reply to our follow-up questions and that we could clearly understand why the website was blocked at the level of the backbone”.
“If the Government censored the site, they should say so,” he says. “If they claim to not have censored it, it would be helpful to have an explanation what the issue was and how it was resolved by the work that the Media Commission referred to.”
This story also reminds us of the absence of minimum transparency in the blocking process, even the legal and visible one. Telecom companies, the Telecommunications Regulatory Commission and the Media Commission keep blocking decisions locked in their drawers, without feeling obliged to make them public to citizens.
According to Issa Mahasneh, president of the Jordan Open Source Association, the owner of a blocked website has the right to know which entity issued the decision to block that site, so that they may be able to challenge that decision. “So, for example, if a website was mistakenly blocked or blocked in a way which was illegal, then the owner would request compensation for losses from the entity which caused it this damage,” he says.
Neither we, nor Chris Butler, or the director of the Media Commision know who blocked the Internet Archive. However, what we know is that there is a parallel window for blocking websites, through which an “invisible hand” practices its authority and draws for us the Internet that it wants us to use, without any accountability.
Attached file explaining the technical tests:
We conducted network measurement tests on the ISP Orange, to determine if the website of Archive was blocked. In order to do this, we accessed http://www.archive.org in a web browser while collecting a packet capture using Wireshark. The page failed to load in the web browser, eventually returning a “The connection has timed out” error message.
In the packet capture, we can see in more detail why the page failed to load. The first step, the domain name resolution, completed normally. In response to our DNS query, we received the IP address 184.108.40.206, which is the correct IP address for Archive. This is known because this IP address is in the ASN of Archive.
However, all traffic sent to this IP address did not receive a response. The testing client began the process of establishing a connection with the Archive server by initiating the 3-way TCP handshake. After sending the initial SYN packet, the testing client does not ever receive a response. The client tried sending this SYN packet repeatedly, and not receiving a response it eventually gave up.
These tests were repeated multiple times, and at no point did the testing client ever receive a response from the Archive server. This is highly suggestive of deliberate filtering.