So, that’s it for today’s live (or lagging behind live) blogging of the ONI conference on freedom of expression and the Internet (and more particularly, filtering and the release of the ONI data). I hope that it has been useful to readers - and I’ll tidy up / add links / etc later on. It has been an excellent and stimulating conference, with a very diverse attendance.

There’s an interesting debate at the Oxford Union tonight, where many of the conference speakers will participate (report from Tobias). I won’t, however; now I’m off to put my fate in the hands of First Great Western to get me back to Gatwick airport. Eep. (Update: it all worked out fine).

Some highlights from the final plenary session (there’s some great live-updating going on on the screen - by Jonathan Zittrain - so here’s hoping that that ends up being blogged, as there’s no incentive to keep up with a much better job!). Other good blogging: Tobias.

One thing that’s emerged is that the conference and much of the prior research has been focused on State-mandated technical filtering - that is to say, excluding discussion on ‘private filtering’. (Personally I have a huge interest in this area, especially in the context of restrictive terms of use. I had some useful side conversations on the topic of social networking and censorship). It was noted that we today are only touching on part of the issues. (Indeed it was suggested that looking at corporate censorship would increase the credibility of ONI, meaning that it wouldn’t be seen as a tool of American - and Canadian - hegemony, focused on the evils of non-US governments…).

Another issue is the question (mentioned in the notes below) of how much data should be made available - the problem that a study of filtering produces information that is valuable for the would-be filterer. There’s no easy answer. (Ethan Zuckerman mentioned that even the existence of public discussion on filtering can encourage non-filtering states to start doing it).

There’s been a few useful reminders from the floor on the importance of history - i.e. restriction of access to information is nothing new (and indeed, there’s no guarantee that ‘the Internet’ is the modern version of the photocopier for Soviet dissidents or the fax machine for Tianamen Square, as one contributor remarked). That’s an important cyberlaw issue - there was a world before TCP/IP and HTML (and GooTube), believe it or not…

Naturally enough, some people have mentioned the need to bring together different approaches - including measurement, circumvention tools, activism and law. (However this is not all perfect - for example, circumvention is at its nature anti-State in that it challenges control and surveillance etc).

A controversial one is whether there should be ‘best practice for filtering’, which has been criticised - we’re just on the surface of it but it highlights a point that I’ve wondered about over coffee: we really need someone to stand up and defend filtering (whether from a State-power perspective or in theory). Not because I agree with it, but we need it in the debate. Unfortunately those who defend things like Chinese government filtering tend not to register for this sort of event. (Just heard a couple of brief mentions of child pornography and filtering, which is a start - and a proposal (devil’s advocate, I think) of a market for credits in filtering…)

Great mirth came from the unintended consequence of the press work, meaning that there was gleeful coverage in the Zimbabwean press (Zimbabwe not filtering therefore “clean bill of health” - the same article accidentally took an alphabetical list (that didn’t include Zimbabwe) as a ranking).

(I think).

Further migration later, but broadly speaking we’re back in business!

Here I am at the second workshop of the day, on international responses to Internet filtering. About 30 (very engaged) people, chaired by John Palfrey (who is also blogging this - there’s multitasking).

Avon Edward Foote wondered if there was support at the table for an approach that varies expectation according to FoE history. I.e. an algorithm / benchmarks, because expectations have to match up with form of government.

From this we led to discussing ‘Internet exceptionalism’ and definitions of freedom of expression. My contribution was on how we can reject pure exceptionalism but need to recognise that there can be different points of control and different configurations to the system. (It’s close to - and I alluded to - the ideas I discussed in my Harold Innis paper on monopolies of knowledge and how the arguments remain similar, but the tools and methods - whether legal or technical - can vary).

From this the group went on to consider different methods of engagement:

Formal - treaty, national legislation (Global Online Freedom Act - disallowing US companies from doing certain things) or governments. NGO/IGO-type response, applying pressure, litigation, activity before IGF (this being a good example of a ‘new forum’ for freedom of expression/media discussion.).

Put technologies in the hands of activists (giving them ‘west coast code’ responses).

Twitter (get an activist to update it frequently, keep doing it until something happens - then (obviously) the feed stops and you know that something is wrong!) - this is a fascinating suggestion.

Developing a new treaty is very slow.

Rhetorical action - one of the reasons why states want Internet is economic development, can this be tied to freedom of expression?

John Palfrey: “Learn from the network that we are studying”

Very important to communicate with activists on why discussing filtering is important to them.

A speaker proposed ongoing professional monitoring of Internet filtering - in response another person said that this sort of international organisation should not just monitor but should also be doing some advocacy. Palfrey mentioned the Citizen Media Law Center. A BBC employee drew attention to the World Service Trust’s survey of ‘media development’ in sub-Saharan Africa and how it would pick up some of these issues.

Forum at UN level to bring together ISPs, Internet Regulators - the IGF, chartered by WSIS - can approach the debate in a different way.

Michael Hull (U of T) made a very interesting contribution included how American citizens (ordinary people) love the idea of ‘freedom’ and therefore are very interested (e.g. in Psiphon etc), more so than anywhere else. You can appeal at a rhetorical level (coupled with ‘help your friends and family’). Give people something to do about the problem and you’ll see something happen. (An Amnesty speaker added more information on the importance of diasporic communities, e.g. people who go to work in Silicon Valley try to support the development of online community ‘back home’ and realise the problems).

One of the roles of ONI is to get information out there so that others can work on it - i.e. not to be totally imperialist about it and preaching from the West, but providing information that others (in all parts of the world) can build on!

The Psiphon team got some interesting responses from filtering companies asking to be exempted from the workaround (and were told where to go) - in fact, this was more prevalent than complaints from governments by far!

Some discussion on data and methodology for monitoring filtering broke out. “High-impact URLs” are collected; note the box on new ONI site to test/submit URLs. One of the biggest problems is how to stop governments using ‘lists of blocked URLs’ as easy methods to create their own lists. Evgeny from Translations Online gave the great suggestion of a real-time map or graph (visualisations) of filtering and blocking (both sites and locations). Apparently the ONI has always wanted this, still working on it. (One of the first Berkman projects was a Chinese proxy where you could see for yourself what is blocked…it was popular, but it’s not the most reliable).

A speaker from Amnesty gave some points on how ‘web 2.0′ etc has human rights uses that were not designed in - so we need be aware of how ‘other’ things can be used to get around filtering…

And we’re done, with Palfrey mentioning that the results of the ONI work are leading today’s International Herald Tribune.

The first workshop I attended was on circumvention - and it was a real roll-call of the various projects involved in providing for circumvention of filtering and blocking. We had Peacefire, Anonymizer, TOR, Psiphon, DynaWeb, Tactical Tech and more…

Note: this post needs links, but is otherwise mostly complete

Some highlights:

Peacefire - two tools, CGI-proxy on Windows machine (if you have a friend outside that you can run through). Second one is emailing out new circumvention sites (assumes infiltration, so only works for a while).

Dynaweb - Having problems in sustaining the network (finance needed).

Psiphon (personal proxy system, similar to other projects) - collapsed into one, installable application (for the uncensored application) and info forwarded to the colleague in the censored country. Upcoming - support for YouTube/GMail. Has to parse/rewrite for the user and this was difficult. Virtually you have to offer such service for every

Tor: anonymity network - 800 volunteer servers around 100k to 200k users. Funded by US Navl Research Lab, EFF, VoA, etc. Plan: Take volunteer users, give them a button, sign up as ‘bridge’ volunteer - China connects to bridge to rest of Tor network - 10kb/s (nothing on broadband) simple passthrough. 30,000 volunteers. How do we let the good guys get access without letting the bad guys learn all the addresses. We should separate the two parts - (a) relay and (b) discovery.

Gives us idea of the arms race - China not cracking down on every possible approach - just the more popular!

How do we solve the discovery problem. 1 - private bridge (social network) - you can give multiple and as long as one is reachable, they can then report the errors (and automated through client). 2 - open sign up is dangerous. The smarter approach is to divide the bridge operator into different pools. Limit through time, resources, etc. Email list approach (every three days).

US filtering companies are better at blocking than the governments. (Hardly a surprise!)

Commercial entitles also blocking anonymizer etc. Anonymizer’s CEO said that businesses who want to reach them often can’t (due to corporate filtering) so they circulate an alternative URL!

James (author of CGIProxy) spoke: script first written in 1996 (when China/Singapore announced first intention)…demonstrated for magazine, then returned to it. Basically it is similar to psiphon etc - freely distributable to anyone - anyone can then install their own, with small technical help. Javascript support, works pretty well for most of the email services. Very modifiable, written in Perl, open-sourced etc.

I asked about problems that emerge from the tightening of restrictions on users in ‘uncensored states’ (i.e. the people who will act as bridges/friends for those in the censored states). I.e. if ISPs restrict things like filesharing, servers, connection-sharing etc they can (and do) restrict your ability to do pass-through by contract/terms of use. Michael (Citizen Lab, U of T) explained how the Psiphon project tries to keep it simple, but that they need to build ‘bigger friends’. (I discussed this problem in more detail with Nart Villeneuve after the session - it’s related to data retention, the power of ISPs, etc in that it does have the potential - if there is a will - to be a problem. Protections include market power (people won’t go with restrictive ISPs), neutrality legislation, continuing to keep it simple, advocacy, etc.

A very interesting point: “Encryption is allowed because it helps e-commerce” - so we need a case for circumvention that is not just about circumvention! i.e. legitimate use that can allow a Chinese user to point to a non-restricted use. A few people mentioned that circumvention/anonymising should be built in as a default - and that ‘Western’ users should use the software too as a normal, everyday thing (even as simple as a proxy to protect against spyware).

Anonymizer mentioned that the utilisation (of their software) by commercial interests has gone from 1-2% to 80% of revenue!

On anti-anti-circumvention techniques, it was noted that developers don’t necessarily want to show all their tricks until it is needed - hold back as long as you can while being effective.