Here’s my liveblog on the “Internet Freedom” debate, part of the wonderful Cambridge Festival of Ideas. Excuse the errors, will tidy up later. And here’s the blurb (from here):

The internet is holding governments to account by creating a platform for leaked information as well as for protest groups to freely talk. Join us to debate whether the internet can and should be controlled. Speakers include Herbert Snorsson, founder of; David Clemente, Chatham House; and Steve Murdoch, Computer Laboratory University of Cambridge.

Questions – is the Internet a force for good? Can it be used for evil? Can it be policed? Should things be kept secret? Should our data remain private? Should countries have a say on what is available?

Jim Killock – Executive Director, Open Rights Group

Jim introduces ORG, discussing the funding (mostly from members at £5 a month) and recent campaigns (e.g. privacy, Digital Economy Act). Internet freedom should mean, for example, that responsibility lies with sender and receiver but not with an intermediary (particularly ISPs), and this is under threat. But what are the benefits? Political and cultural participation (at unprecedented level) – and therefore power, transparency & accountability (not just re governments but re journalists and corporations), contributing to a ‘better sort of politics’. ORG and others hear that the Internet is unregulated, the Wild West, full of criminals and so on from some MPs and policymakers; others see it as television in the making. But really, the Internet is like society, the roads, the pub, a marketplace, a village green – reflects the world around. ORG argues for a rights-based debate to avoid the Internet being a negative place, e.g. mass surveillance (government or corporate), or intermediaries choosing what you see (biased search, advertisers gaining information, formal and informal censors, copyright owners having power). Who then are the enemies of Internet freedom? Top of the list are copyright lobby groups – who want to see traffic, snoop on customers, prevent access. But also state security apparatus (want more access to information that flows). More benign are those with legitimate worries about society (e.g. re anorexia, pornography) who end up in a position where they want ‘the Internet to stop doing these things’. These various enemies have given up targeting the user (more or less) and focus on the middle – to stop the network working like a network, placing new controls on it. Internet freedom can survive though because it is a value for all of us and it is becoming obvious what we get from it; the need for eternal vigilance is no different. Join the Open Rights Group.

David Clemente – Researcher, International Security Programme, Chatham House

(Personal opinion, not that of Chatham House). Agrees that this is a debate about power. States and others can be uncomfortable with how cyberspace challenges accepted notions of power, e.g. an ageing Senator looking for the off switch after a cyberattack. But this is increasingly less common. Ability to innovate (e.g. write an app!) affects distribution of power – and lines between transparency and secrecy that a government might draw. Wikileaks is an example of the US responding strongly even though it might have welcomed it if it was about Iranian secrets. Post-9/11 move in US military from need to know to need to share – over 1m people had access to these cables, produces benefits but can return to sting you. Wikileaks far surpasses e.g. Pentagon Papers in terms of volume; governments can collect a lot of data (but can also use it). Governments can still apply pressure e.g. on credit card companies which as we have seen has an impact on Wikileaks. Cyberspace ‘supercharges’ blurring of power lines but not all new. Khomenei distributed his message on audio cassette in the late 70s – now it’s even quicker. Yet there are still some things we would rather governments keep secret – trade negotiations? health and tax records? certain diplomatic conversations? can be argued to be necessary. A disclosure like Wikileaks can inhibit free conversations (e.g. between US diplomats and other states); various allegations were made re Afghan war log disclosure. Some leaking can be good, promoting ‘positive transparency’ (Tunisia?) – not necessarily that it caused a revolution but every little stone helps. In sum, the Internet is still relatively young – as John Naughton said, we wouldn’t have expected Gutenberg to tell us about the impact of printing 20 years after its invention.

Dr Steven Murdoch – Security Research, University of Cambridge

The key for Internet regulation is that it is made of cables which are managed/used by people, who can be influenced by governments. Extreme examples exist e.g. North Korea isolation, China blocking, Middle East religious reasons. But in the UK, a system that was accepted by ISPs for images of child abuse is now to be used [he’s referring to the latest instalment in the Newzbin case, reported here] for blocking access on copyright infringement grounds. The trend is away from blocking at source to blocking from accessing. Many have secrets – military, government, companies – but each employ individuals who would like to disclose. Others have discussed censorship as a response but surveillance is one too. Technologies like Tor can be used and are – for various reasons – secrecy, avoiding advertising tracking, but also human rights workers, law enforcement. Although users can be protected there is a trend towards building both censorship and surveillance into the system. Do we therefore have enough, too much or too little freedom on the Internet today – and we should think about this beyond Wikileaks, e.g. phone hacking, expenses, Tunisia.

Herbert Snorasson – (via Skype…)

While it’s important to protect secrecy of things like health records, there is a need to rebalance other issues (e.g. government negotiations) in favour of access to information. We need a variety of tools for this, FOI etc good but also a ‘crowbar’ e.g. Wikileaks tried this, but no single organisation can ever provide everything we need. The workload when I [i.e. Herbert] was there was insane. The work is important and needs to be done with the goals in mind. (Stopped after a couple of minutes due to tech issues etc but will participate in questions)


Chair (missed name, sorry – BBC journalist) sums up the debate, mentions the use of productivity software (i.e. blocking social network use at work) by Syrian government, and opens it up to the floor

How serious is the threat by Government to restrict social media during disorder?
JK: sorry that people like David Lammy overreacted in this way, but ORG and others provided alternative view. The debate then shifts from censorship to surveillance which still needs to be treated seriously, money has been allocated within Home Office for interception modernisation.
DC: notes Google’s publication of information about state requests with a very high number in the US.
HS: if David Cameron would block Twitter during riots, there would be a political cost…

What would a cyber attack on the UK look like?
SM: it’s a bit of a buzzword, but in many ways cyberwarfare is already happening (although not really for speech reasons, different goals). The sky isn’t going to fall.
Chair: notes event with Foreign Office next week in London which demonstrates level of concern and response e.g. to viruses targeted at government networks.
DC: US central command (in 2008) was attacked – but much of this is the human element (e.g. opening an email, picking up a USB stick in a car park)

Apple spying on its customers – to what extent are networks being used for this sort of purpose
JK: you have the right not to be snooped on and you should need to agree, but none of this is very transparent. Many online services are ‘free’ but they are selling advertising based on your data. Facebook hardly ever deletes anything. But social life, campaigning etc is important re Facebook – is this then consent or putting up with it? Also note behavioural advertising/cookies – at a bare minimum I should be able to see this but told no such right (information is about cookie not person)
HS: there is regulation of this through the European Union but many companies are based in the US and are exempt – the EU provisions are not perfect but go some way. But note Facebook has designated its office in Dublin (for non-US/Canada) and is therefore subject to EU regulation, they have been flooded with information requests under EU law.

Chair: notes Reddit campaign for Facebook data disclosure, file ten times the size you would normally get.
Ross Anderson (from the floor): judiciary has the chance to keep up with technology; US courts are open to lawsuits from private individuals and organisations
(missed name, ex-lawyer): Facebook is dominant so use should be made of European competition law…
JK: Wikileaks affair was demonstration of government not using proper legal procedures, leaning on private companies – this is the Wild West. And regulators (e.g. Irish DPC, UK ICO) have limited remedies and are reluctant to use them. Would also need to figure out if Facebook is dominant in a market and how that relates to data protection.