Tag Archives: Surveillance

In Jordan, the “Invisible Hand” Blocks Internet Archive

by Reem Al Masri

Adam Senft (Citizen Lab), Jakub Dalek (Citizen Lab) and Baraa Hassaniya (Jordan Open Source Association) contributed to the reporting. Translation was completed by James Cain.

Read the original post in Arabic.

Imagine a museum for the Internet; this is the closest description of the website “Internet Archive”. Of the tens of thousands of books available on the website free of charge, we found more than 127 thousand books in Arabic, most of which were original manuscripts. Books of Islamic jurisprudence and interpretation digitized by libraries of American and Canadian universities were also made available through Internet Archive. The website satiates a nostalgia that infects us from time to time to revisit coverage of Arabic websites of big events such as the coverage of the assassination of Rafiq Al-Harari in 2004, or to return to forums that vanished from the face of the internet such as Abu Mahjoob forum.

In October of last year, the non-profit foundation Internet Archive, along with the wider world, celebrated the 20 year anniversary of the founding of the website which aims to preserve memories of the internet and prevent digitally generated content from disappearing. 

The only ones who did not celebrate this occasion were internet users in Jordan. 

Since the beginning of the year 2016, internet browsers would simply display a message confirming the unavailability of the site, seconds after typing  its address www.archive.org , regardless of the service provider or method used. 

The website became available once again in February of the year, according to a statement received by 7iber from Chris Butler, the Office Manager of Internet Archive. In the meantime, during the four-month-long period from September 2016 to January 2017, the team at 7iber attempted to uncover the technical or legal causes which made a global website like this one unavailable to internet users in Jordan. There were two scenarios to explain the phenomenon: Firstly, there were technical issues within the website itself which impeded us, and other users across the world from accessing it. As for the second possibility, it was that the website had been blocked by the Media Commission in Jordan, as we’ve grown to expect, practicing its powers granted by the 2012 amendments to the Press and Publications Law

However, a third scenario was awaiting us. 

How can we technically  prove that the website was blocked? 

For us to begin research into the second scenario, we had to first confirm that there were indeed no technical issues within the website itself (scenario 1). We needed to find technical evidence of the block after succeeding to get on the website using Tor browser or a VPN. In collaboration with Citizen Lab and the Jordan Open Source Association, we ran a number of tests starting on November 17th 2016 on the network using the application WireShark. The application records all the traffic sent and received by a device when it connects to the internet. The results of the test revealed that devices which attempted to connect to the website Internet Archive were failing to complete the operation known as a “TCP handshake”, which is normally completed whenever a connection is created between two devices. This is something which can be taken as a clear indication that the website had been deliberately blocked. (For more technical details on this test please refer to the attached file).

The test results matched what Chris Butler, Office Manager at Internet Archive, had previously told 7iber in a statement: “reports reached us from two different users, the first of them in February 2016 and the second in March of the same year, both regarding the users’ inability to access the website from Jordan. The complainants had tried to access the website from a range of telecom company networks (Umniah, Zain, and Orange) only to find they were still unable to access the site”. Butler continues that after Internet Archive pursued the issue and were in touch with the Commission in December of last year, the website became available once again in the last days of January of this year. 

We ran a second test on the network once the website was available again, and the results now showed the successful completion of the TCP handshake, and the possibility of sending and receiving packets between the site’s server and testing device. This all confirmed that the website had been blocked before and that now the block had been lifted. 

The website was blocked centrally, but who blocked it and why? 

In November of 2016, at the time the website was still blocked, we directed a number of questions to the three entities through which a website blocking process normally has to pass: The Media Commission, which sends the decision to block the website to the Telecommunications Regulatory Commission (TRC), which in return disseminates it to telecom companies to enact it. 

Assuming that telecom companies have the most knowledge of their networks and are careful to carry out blocking decisions to avoid legal liability, we thought that they are the most capable of explaining the unavailability of the website on their networks. We got in touch with two companies (Zain and Orange) last November. The public relations employees in both companies seemed happy to cooperate with the media. After formally sending them our questions, Orange stopped replying to the numerous attempts made by 7iber to receive an explanation.  As for Zain, their response after several attempts to get an answer was that “the employee responsible for the block is on a family holiday, and there is not anybody else able to take his place and answer this question”. The public relations employee then dismissed our subsequent inquiry: “What if you were to receive an order to block a website whilst the relevant employee was on holiday?”

The reasons behind the telecom companies’ delays in replying to our questions may well have been purely bureaucratic through which inquiries from non-advertising media simply gets lost. However we were not the only ones being ignored in this way. Butler told us that Internet Archive had also repeatedly tried to contact OrangeZain, and Umniah throughout April 2016 in order to clear up the complaints which he had received,  without a single reply. The website also tried to contact the Ministry of Communications and the National Centre of Information Technology only to find the same level of disregard. 

As for the Telecommunications Regulatory Commission (TRC), despite their efficiency in communicating with 7iber, their responses to us seemed to answer another question, one we weren’t asking: “The Telecommunications Regulatory Commission is not the entity which issues the decisions but rather it is the entity which enforces the decisions the block sites as issued by the Media Commission, furthermore the Commission does not receive reasons behind the blocking of any website, and this is the same in the context of Internet Archive”.

When we tried to return to the original question: “Did the TRC carry out the dissemination of the decision to block the website Internet Archive?” the TRC responded with the same answer. We then asked the TRC whether it would be possible to supply us with all blocking decisions that they passed in year 2016, and their reply was that “the TRC is unable to disclose that given that these decisions are temporary and not fixed”.

The only place left to look for an answer was the Media Commission, the sole entity legally authorised to issue decisions to block websites as according to the amendments of the Press and Publications Law of 2012. The director of the Media Commission, Mohammad Quteishat, confirmed to us that at the end of last November, and after looking at all the blocking decisions in 2016, “there was not one which pertained to the website Internet Archive”.

Why did the website become available?

In February 2017, after the website was available, we contacted Chris Butler again. According to Butler, Internet Archive communicated with the Media Commission in January of this year to try again to inquire about the reason for the site’s blocking following all the previous failed attempts to contact telecom companies. The response from the Media Commission was that they would look into this issue, stressing that the blocking decision had not been issued by the Commission. Butler says that the commission got in touch with him at the end of January announcing that the website was “now” available in Jordan according to the following email: 

Again, we asked the director of the Media Commission, Mohammad Quteishat, about the reason for the site’s return to Jordan after being blocked for almost a year. However, Quteishat assured us that “the website was not blocked on the Commission’s network, at least as provided by the National Centre for Information Technology [gov ISP]”

And as for what the Commission wrote in its message, that the website “Is now available”, it did not insinuate for Qutaishat that “that the website was blocked,” according to what he told 7iber. As for our request for an explanation of the technical reports proving the blocking of the website, and the coincidence of the availability of the website shortly after Internet Archive contacted the Media Commision, he said: “I cannot answer. We did not have any hand in the blocking or the unblocking of the website, the website was not ever blocked according to a report from the follow-up committee.”

The third scenario: The invisible hand

The website Internet Archive was blocked quietly in Jordan, and then unblocked quietly. Despite the obscurity of the reasons behind the availability of the website, the story lay in discovering the extent of absurdity that the process of blocking websites in Jordan has reached. This absurdity is first structural. It began in the 2012 amendments of the Press and Publications Law, which the government is convinced has been effective in regulating online media. However, until now, the scope of the sites made subject to the Press and Publications Law remains controversial because it goes against the technical nature of network, that cannot define sites into “local” and “global”. The absurdity is also manifested through the administrative authority given by the law to the director of the Media Commission, allowing him to use his own discretion to identify which websites can be categorised under “electronic news website”. As for Internet Archive, it all points to the worst-case scenario: There is a parallel entity outside any radar, with influential central powers over the network, able to jump above the remit of the Media Commission and telecoms, and block or unblock websites centrally. 

“We’re appreciative that the Commission appears to have helped get us back online in Jordan,” Chris Butler told 7iber.  But despite what the Commission wrote in their email to him, that the website was “currently” available, Butler was hoping “they would reply to our follow-up questions and that we could clearly understand why the website was blocked at the level of the backbone”. 

“If the Government censored the site, they should say so,” he says. “If they claim to not have censored it, it would be helpful to have an explanation what the issue was and how it was resolved by the work that the Media Commission referred to.”

This story also reminds us of the absence of minimum transparency in the blocking process, even the legal and visible one. Telecom companies, the Telecommunications Regulatory Commission and the Media Commission keep blocking decisions locked in their drawers, without feeling obliged to make them public to citizens. 

According to Issa Mahasneh, president of the Jordan Open Source Association, the owner of a blocked website has the right to know which entity issued the decision to block that site, so that they may be able to challenge that decision. “So, for example, if a website was mistakenly blocked or blocked in a way which was illegal, then the owner would request compensation for losses from the entity which caused it this damage,” he says.

Neither we, nor Chris Butler, or the director of the Media Commision know who blocked the Internet Archive. However, what we know is that there is a parallel window for blocking websites, through which an “invisible hand” practices its authority and draws for us the Internet that it wants us to use, without any accountability. 

Attached file explaining the technical tests: 

We conducted network measurement tests on the ISP Orange, to determine if the website of Archive was blocked. In order to do this, we accessed http://www.archive.org in a web browser while collecting a packet capture using Wireshark. The page failed to load in the web browser, eventually returning a “The connection has timed out” error message.

In the packet capture, we can see in more detail why the page failed to load. The first step, the domain name resolution, completed normally. In response to our DNS query, we received the IP address 207.241.224.2, which is the correct IP address for Archive.  This is known because this IP address is in the ASN of Archive.

However, all traffic sent to this IP address did not receive a response. The testing client began the process of establishing a connection with the Archive server by initiating the 3-way TCP handshake. After sending the initial SYN packet, the testing client does not ever receive a response. The client tried sending this SYN packet repeatedly, and not receiving a response it eventually gave up.

These tests were repeated multiple times, and at no point did the testing client ever receive a response from the Archive server. This is highly suggestive of deliberate filtering.

New Report: An Overview of Internet Infrastructure and Governance in the Phillippines

The Cyber Stewards Network is pleased to announce the release of a report titled “An Overview of Internet Infrastructure and Governance in the Philippines.” The report outlines the key actors, regulatory structures, and challenges facing the development of the information and communication technology (ICT) sector in the country, as well as privacy and security concerns.

The report begins by outlining the political context of the Philippines and then describes the regulatory landscape and mandates of various organizations responsible for decision-making, as they relate to the establishment and operations of ICTs.

Throughout the document, key issues relating to access, privacy, and human rights more broadly are flagged. In particular, the report identifies gaps in state capacity and ICT leadership as germane to policy issues in the Philippines, including a lack of coordination among state agencies and the government’s absence from multistakeholder fora like the Internet Governance Forum. Finally, the report explores issues related to communications surveillance, online piracy, and anti-obscenity initiatives.

Key Findings

  • The absence of an overall, nationwide access strategy for information and communications technology means that basic elements of this access have not been put in place.
  • Rapid advances in technology have outpaced policy and legislative arrangements on many levels, as suggested by the Supreme Court’s decision on libel provisions of the Cybercrime Prevention Act.
  • Unlike some of its Southeast Asian neighbours, the Philippines does not have a history of content controls, though recent developments suggest that content controls could be on the horizon, including anti-obscenity and anti-piracy initiatives, as well as the use communications surveillance tools by the government.

Based on these findings, the Foundation for Media Alternatives made recommendations for future improvement, which are briefly outlined below.

Recommendations

  • Support and build up champions of a progressive ICT agenda among current and future government officials.
  • Build a new ICT masterplan that incorporates a clear Internet governance framework, one that is developed in close consultation with various stakeholders, including civil society.
  • Develop the capacity of key institutions governing the ICT sector, including the Department of Information and Communications Technology and National Telecommunications Commission, by ensuring their financial viability and enabling them to respond to regulatory challenges.
  • Produce a post-2015 ASEAN ICT master plan in a consultative environment, both at the national and regional levels.

Read the full report (PDF).

This research was made possible by the generous support of Hivos Southeast Asia.

Research and writing was completed by Al Alegre, Nica Dumlao, Jamael Jacob, Jessamine Pacis, and Randy Tuano of the Foundation for Media Alternatives (FMA), and Irene Poetranto, Adam Senft, and Amitpal Singh of the Citizen Lab at the Munk School of Global Affairs, University of Toronto.

Thanks also to Masashi Crete-Nishihata, Ron Deibert, and Jacqueline Larson.

Paradigm Initiative Nigeria releases “Digital Rights in Africa” report

Cyber Stewards Network partner Paradigm Initiative Nigeria (PIN) has released the 2016 Digital Rights in Africa report, reviewing governments restrictions on Internet freedom this past year. The report analyzes 11 documented shutdowns across the continent, and a number of legislative developments that threaten digital rights.

PIN  goes on to identify common trends in the Internet shutdowns, including orders to private telecommunications companies and Internet providers to cut citizens off from the Internet. This, the report explains, is the result of very few individuals having broadband access, with most customers using mobile networks. These shutdowns often coincide with moments of political significance, including elections. These are often justified by references to national security, or even preventing students from cheating on exams.

The report provides an account of key events in over 25 countries in the continent, and concludes with strategies on mobilizing against digital right abuses.

Read the full report.

Cyber Stewards Network partners at the 2016 Internet Governance Forum

Cyber Stewards Network partners ran workshops and participated in programming at the 2016 Internet Governance Forum in Guadalajara, Mexico, held from December 6-9. In addition, several Cyber Stewards Network partners launched the 2016 Global Information Society Watch publication, a report to which they had contributed. Paradigm Initiative Nigeria also launched a report at the IGF, titled “Digital Rights in Africa,” reviewing governments’ restrictions on Internet freedom on the continent in the past year.

Cyber Stewards network Partner Asociación por les Derechos Civiles (ADC) hosted a two part workshop. The first session, about Data Protection Systems in Latin America, involved participants sharing concerns regarding the practice of collecting personal data from citizens, which has been carried out by both governments and the private sector. In addition, the regulatory frameworks of the Region and international standards for the protection of personal data were examined. The second session focused on biometrics and surveillance technologies, held in tandem with Privacy International. ADC shared their work on biometrics technologies used at the state level in Argentina, and discussion followed on the different uses of the technology, whether in migration management or by security agencies. Other organizations invited, including Derechos Digitales, shared their strategies for research and advocacy, and identify potential collaboration opportunities.

Donny BU of ICT Watch also co-organized the Indonesia Open Forum in tandem with the Indonesian Ministry of Foreign Affairs. The session investigated the effect of social media on democracy in Indonesia, and the ways it can be harnessed as a tool for strengthening civil engagement. Participants discussed ways to improve access for underrepresented groups such as youth and women. Read more information on the workshop.

Representatives from the Centre for Internet and Society and CIPESA were also in attendance at the IGF.

Citizen Lab and Cyber Stewards Network at 2015 APrIGF workshops

The Citizen Lab and its network of cybersecurity researchers and advocates in the global South, the Cyber Stewards Network, will be participating in the Asia Pacific Regional Internet Governance Forum (APrIGF) on July 1-3, 2015, at the Macau University of Science & Technology, Macau. The conference aims to provide a platform for multi-stakeholder discussion on key Internet governance issues that are unique to the Asia Pacific region, and how solutions can be translated to the international level.

The workshop entitled “Surveillance trends, challenges and opportunities in the Asia Pacific” will explore trends in communications surveillance in the region, government responses to civil society criticisms of these practices, and the manner in which the expansion of these technologies can be managed with respect for the rule of law and human rights. The workshop will draw extensively on Citizen Lab research into information controls, such as commercial spyware software FinFisher, whose command and controls servers have been located in 36 countries, including Australia, Brunei, India, Indonesia, Malaysia, Pakistan, Singapore, and Vietnam. Findings from research on Italy-based Hacking Team and Canadian firm Netsweeper, whose products are also sold to law enforcement agencies worldwide, will also inform the discussion.

Communications Officer and Researcher Irene Poetranto will be joined by Shahzad Ahmad, Country Director of Bytes for All Pakistan, Donny Budhi Utoyo, Director of ICT Watch, Pirongrong Ramasoota, Professor at Chulalongkorn University, and Ritu Srivastava, Programme Officer at the Digital Empowerment Foundation.

In a separate roundtable workshop entitled “Online Threats and Chilling Effects to Journalism in the Asia Pacific,” Irene Poetranto will join Andrew Lowenthal of EngageMedia, a non-profit organization focused on using citizen media initiatives to influence social reforms. The workshop will discuss digital security threats to journalists, such as interception and surveillance of their communications, along with methods to cope with these threats.

Further information on conference programming and schedules can be found on the 2015 APrIGF website.

ICT Watch, SAFENET, and EngageMedia hosted discussion and movie screening

On May 16, Southeast Asia Freedom of Expression Network (SAFENET), an organization initiated by ICT Watch, and EngageMedia hosted a discussion on digital rights issues and screened Citizenfour movie in Jakarta, Indonesia. Citizenfour, a documentary film released in 2014, outlines the events surrounding Edward Snowden’s NSA whistleblowing. The film investigated the NSA’s mass collection of public data, and the lack of oversight and transparency in the process. Discussion following the film focused on how everyday citizens can safeguard themselves against privacy intrusions.

Members of the public focused on state sponsored surveillance in the Asian cultural context, where privacy often takes up a different meaning than Western conceptions of the term. Participants cited different parameters for privacy as shedding light on the manner in which users interact with social media platforms such as Facebook.

Read more about the event.

 

IMG-20150513-WA012

Pakistan’s Dawn newspaper interviews Shahzad Ahmad regarding cybercrime legislation

Pakistani newspaper DAWN interviewed Shahzad Ahmad, a Cyber Stewards Network partner and director of Bytes for All. Ahmad spoke on the topic of cyber crime in Pakistan, in particular regarding a new bill, the Prevention of Electronic Crimes Act 2015 (PECA), which has been criticized as violating Pakistan’s commitments to universal human rights standards.

Shahzad Ahmad told Dawn that he was disappointed with the government’s failure to make citizens a part of the process when drafting the bill. “Unfortunately, our incumbent government has shown a tendency to discuss, debate and implement critical legislation behind closed doors. In practice, what this means is that those who’ll be affected by this new legislation are kept out and their voices shunned,” he said.

Ahmad called for the government to establish Privacy Commissioners to oversee the government’s handling of this issue, given that judicial oversight has been ineffective or simply absent. He noted that this would be a critical step towards ensuring that everyday citizens are engaged with cyber crime issues and related policies, and reducing the likelihood of enforcement agencies misusing authority. In addition, Ahmad explained that as a signatory to the United Nations convention on human rights, Pakistan needs to establish a national human rights institution, which would serve as a body that can receive and remedy citizen complaints.

Read the full article.

 

Bytes for All convenes 2015 Pakistan Cyberspace Conference

The 2015 Pakistan Cyberspace Conference, a two day conference (February 26-27) hosted by Bytes for All, convened government officials, human rights activists, media professionals, and business leaders to discuss a range of issues related to cyberspace in Pakistan. The conference sought to encourage government officials to formulate informed policy on cyberspace issues, in light of input from civil society and business leaders.

Panel discussions focus on five topics, including “The Media and the Internet: Opportunities and Obstacles” and “Surveillance, Privacy  and the State Security Narrative in Pakistan.” Deibert weighed in on the panel entitled “Cyber Warfare: A New Battleground,” moderated by Shahzad Ahmad, Director of Bytes for All, and includes speakers such as Mushahid Hussain Syed, the Chairman of the the Pakistani Senate Standing Committee on Defence; Ammar Jafri, the Chairman of Cyber Security Task Force of Pakistan; Aamir Atta, the editor of ProPakistani.com; and Quratulain Zaman, an author with Global Voices. Panelists discussed the possible shaping of online space into a new battleground for military, intelligence and corporate agencies.

When asked about ways in which the global community is responding to increasingly invasive technology based surveillance, Ahmad offered the example of evidence-based public interest litigation. In particular, Ahmad cited Citizen Lab research revealing the presence of FinFisher Command and Control servers in Pakistan [PDF], which in turn prompted legal action by Bytes for All.

Citizen Lab Director Ron Deibert was also in attendance, and delivered a keynote address outlining how online censorship in Pakistan has been used to suppress political dissent and free speech. In the same vein, he explained that governments throughout the world have had “backdoors” built into major telecommunications companies for easy access to consumer information. Deibert concluded his remarks in the keynote by placing emphasis on the fact that “for a truly open, free, [and] secure cyberspace, individuals and societies will actively have to strive for it.”

Read more about the 2015 Pakistan Cyberspace conference, including attendees and schedule. A live Twitter feed of the conference can be found on Bytes for All’s Twitter account.

Media Coverage: Daily Times.