WebProNews

Tag: Clean IT

  • CleanIT Gets Rid Of Browser Surveillance, Opts For Terrorism Button In Browsers

    In September of last year, we brought you word that the European Union was working on a proposal called CleanIT to stop the spread of terroristic content online. The plan called for a number of outlandish proposals such as browser-level surveillance and requiring all Internet users to go by their real names when using online services. Since then, the plan has gone through some changes, including the removal of the more worrisome proposals.

    Ars Technica reports that the final CleanIT report has been published ahead of its final conference on Wednesday. The report discusses methods in which the government, private companies and individuals can help reduce the proliferation of terroristic content on the Internet. The report suggests that EU member states work together to decrease the amount of terroristic content online, while Internet companies should “state clearly in their terms and conditions that they will not tolerate terrorist use of the Internet on their platforms.”

    So, you’ve seen what the government wants itself and companies to do, but what should you, the model EU citizen, do? The report calls for a reporting mechanism to be built into Web browsers so citizens can flag terrorist content:

    Challenge:
    While content portals (like social networks, image or video portals) can offer ‘flagging’ opportunities, other platforms (like hosted websites) often lack such a mechanism. Moreover, there is not one international, user-friendly reporting mechanism available to all Internet users, irrespective of which part of the Internet they are using at the moment they notice what they think is terrorist use of the Internet.

    Best practice:
    A browser-based reporting mechanism could be developed to allow end users to report terrorist use of the Internet.

    In essence, the CleanIT group wants to put a little panic button at the top right of your browser that’s for terrorist reporting. If you see a terrorist Web site, you click the button and the URL is sent away to the Internet police. What could possibly go wrong?

    As Ars Technica puts it, “plenty” could go wrong. The main concern is that nobody can agree on what constitutes terroristic content. Is it a blog post of somebody using violent rhetoric? Is it the Twitter account of a known terrorist cell? Does anybody even have the right to remove such content, or does it fall under free speech protections? Can people abuse the reporting system to have content removed without due process? These are questions that the group will have to answer at its conference on Wednesday.

    The proposals will also face some serious scrutiny at the conference as it has already been reportedly criticized by lawyers, civil rights groups, and even the peer reviewers that evaluated the final report. One of the peer reviewers criticized the CleanIT report saying that it “does not clearly explain how the objective is to be reached… Therefore I have substantial doubts if it possible to achieve the desired objective this way.”

    As the peer reviewer points out, stopping the flow of terroristic content on the Web, or any content for that matter, is incredibly difficult. The U.S’s Bipartisan Policy Center said just as much in a report it published last year about terroristic content online. The report said that the best chance of stopping terrorism online is to reduce the supply and demand for such content. Drawing attention to it, which CleanIT’s proposal may very well do, is only going to further the cause of those who use the Internet to recruit and communicate with other terrorists and ne’er-do-wells.

  • Leaked Clean IT Document Is Frightening

    Europe can not catch a break. Somebody in government is constantly trying to push some kind of law or treaty to regulate the Internet. The technology has those in power running scared and they need something to convince the general public that they should be allowed to control it. After ACTA failed, they’re now going for the terrorist angle.

    EDRI got their hands on a leaked copy of the Clean IT project. It’s a proposed European Commission project that would turn the European Internet into a gigantic surveillance system. There’s more to it, but it would be appropriate to say that somebody’s been reading up on their Orwell recently.

    So, what’s the goal of Clean IT? The government wants to stop terrorism, and they think that terrorists are using the Internet to coordinate attacks. The goal, according to the official Web site, is to prevent terrorists from using the Internet. The official draft document also says that “any action taken to reduce the terrorist use of the Internet, will respect fundamental rights and freedoms, including access to the Internet, freedoms of assembly and expression, privacy and data protection.”

    That all sounds pretty good, but policy makers are known masters of spin. Now, let’s take a look at the proposed policies that are present in the leaked version of Clean IT. Here’s the major talking points from EDRI:

    Removal of any legislation preventing filtering/surveillance of employees’ Internet connections

    Law enforcement authorities should be able to have content removed “without following the more labour-intensive and formal procedures for ‘notice and action’”

    “Knowingly” providing links to “terrorist content” (the draft does not refer to content which has been ruled to be illegal by a court, but undefined “terrorist content” in general) will be an offence “just like” the terrorist

    Legal underpinning of “real name” rules to prevent anonymous use of online services
    ISPs to be held liable for not making “reasonable” efforts to use technological surveillance to identify (undefined) “terrorist” use of the Internet

    Companies providing end-user filtering systems and their customers should be liable for failing to report “illegal” activity identified by the filter

    Customers should also be held liable for “knowingly” sending a report of content which is not illegal

    Governments should use the helpfulness of ISPs as a criterion for awarding public contracts

    The proposal on blocking lists contradict each other, on the one hand providing comprehensive details for each piece of illegal content and judicial references, but then saying that the owner can appeal (although if there was already a judicial ruling, the legal process would already have been at an end) and that filtering such be based on the “output” of the proposed content regulation body, the “European Advisory Foundation”

    Blocking or “warning” systems should be implemented by social media platforms – somehow it will be both illegal to provide (undefined) “Internet services” to “terrorist persons” and legal to knowingly provide access to illegal content, while “warning” the end-user that they are accessing illegal content

    The anonymity of individuals reporting (possibly) illegal content must be preserved… yet their IP address must be logged to permit them to be prosecuted if it is suspected that they are reporting legal content deliberately and to permit reliable informants’ reports to be processed more quickly

    Companies should implement upload filters to monitor uploaded content to make sure that content that is removed – or content that is similar to what is removed – is not re-uploaded

    It proposes that content should not be removed in all cases but “blocked” (i.e. make inaccessible by the hosting provider – not “blocked” in the access provider sense) and, in other cases, left available online but with the domain name removed.

    In essence, Clean IT wants to punish you for using the Internet as it was intended. It would require you to use your real name in all online communication. It would punish you for linking to “terrorist content” (whatever that means), and it makes no distinction between linking for educational or malicious purposes.

    Clean IT has proven itself to be bad. What does it mean for Europe though? Nothing yet, but that could change. Europe has proven to be more accommodating to sweeping surveillance programs, but the Internet community may surprise us with another continent wide protest. They were able to successfully kill ACTA, and they may just be able to kill Clean IT as well.

    Beyond that, the biggest obstacle to Clean IT’s passage is the Internet itself. All these programs require ISPs and social media networks to take on the duties of surveillance. Such programs cost too much and those running ISPs tend to have something resembling moral fiber when it comes to privacy. Facebook and Twitter would obviously reject having their services turn into surveillance systems as well.

    Since the original publication of EDRI’s report, the Clean It project has published a conversation between the project’s manager, But Klaasen, and tech writer, Glyn Moody. Klaasen says that the leaked document are just suggestions, but never really clarifies beyond that. He does invite Moody and any other interested parties to attend meetings on the matter. It’s encouraging, but Moody nails it by saying that it’s worrying that the ideas present were even considered.

    We’ll continue to watch the progress of Clean IT. If it does prove to be successful, you can bet a similar program will be proposed for the U.S. It’s already rumored that the NSA and other agencies collect civilian communications, but a Clean IT-like project would allow them to work in the open.

    Here’s a copy of the draft Clean IT project, courtesy of TechDirt:

    cleanIT_sept2012