Already the birds are chirping (they're not tweeting anymore) about WikiLeaks and its Cablegate affair, how it came to be, how it got blocked, how it got filtered, DDoS'ed, removed from Amazon's cloud service, PayPal, MasterCard, Visa, how its founder became wanted by the Interpol and arrested for sex crimes, how a 16-year old boy was arrested for DDoS'ing etc. etc., so I won't bother you with this. Also I am not really interested much in what the cables say and whether they should have leaked or not.
No, this post is about what I think we have to watch out after Cablegate.
In all honesty, I think that traditional media and the general public will get bored with WikiLeaks and forget about it in about a months' time. That is unless WikiLeaks has some pretty well-planned and well-timed tricks up his sleeve (which still may be the case).
But only then things will start to become interesting! And not so much in diplomacy – sure, diplomacy will again become more secure, pick its words wiser and in general be more discreet again, but that is nothing new. I think the consequences will be a lot severer and with a wider impact …and it could be even more dangerous, that it will (try to) be done silently. Not just for the openness' sake, but because what is at stake.
So, the cat is out of the bag. While everyone is running after it (whether they claim to see a kitty or a tiger), let us stop, sit down and watch what the bag and the people chasing the cat are doing …
Legislation – privacy, anti-terrorist, national security, copyright, ACTA, SHIELD, Digital Agenda¶
Probably the first and if carefully watched, most visible issue will be the legislation.
After the national security fiasco that resulted in Cablegate most governments around the globe (with the US at its front) will be hard-pressed to "do something about it". Because neither police, nor court, nor governement can (or rather should) operate against the law and current law does not direcly criminalise WikiLeaks, they will have to change the law.
Apart from privacy considerations, such laws could have a huge impact on copyright and freedom of speech. Just like how anti-terrorist and child pornography laws can strengthen surveillance and internet filtering, so can anti-WikiLeaks legislation. Actually in this case the laws could be direcly aimed at diminishing freedom of speech and privacy. And once the pandora's box is open, it would be very likely that in time both government and commercial interests would broaden the scope of filtering and spying. The common denominator here is censorship.
Initially I thought it would take cca. two months before governments would silently start pushing for laws that would try to "prevent another WikiLeaks" – this is also the reason why I did not finish this article before. But it apparently in the US senator Liebermann has already proposed a law directly aimed at WikiLeaks. The so called SHIELD Act is directly aimed at amending the Espionage Act in a way that would make WikiLeaks fall under espionage and therefore a criminal activity.
All this only means that it is already high time we watch for the laws that are being planned – be it about anti-terrorist, anti-piracy, national security, ICT or even copyright. All could be (mis)used for trying to "prevent another WikiLeaks" and used to.
And let us not forget that ACTA is still hanging above our heads. This is not the time to get sidetracked. In fact, we should fight harder to stop ACTA! Chances are that governments might try to pass it as soon as it can in the wrong fate it would prevent future such affairs.
We need to remember that this problem was not triggered by Cablegate, it merely put it in the limelight. The issue of law not adapting to new technology – and obviously the internet demands an even greater paradigm shift then the printing press, radio and television put together – has been present ever since internet came to be and is not limited just to privacy. In fact I would dare to argue that anything less then rethinking copyright, other "intellectual property rights", privacy, "ownership" of data and bits and many other laws together as a whole, would be idiocy. I would go as far as to claim that to some degree we would have to rethink our social, political and economic systems as well.
This may sound a bit extreme, but the harsh reality is that in current system where more and more laws are made and amended it is increasingly harder to see the bigger picture. In relation with that also changes in law are mostly only made as reactions to specific issues. And when addressing such a broad paradigm shift with such a narrow-sighted reactionist legislation the problems can only escalate.
Bottom line: we need to keep an eye on ACTA, SHIELD, privacy, public access, national security, anti-terrorist, copyright and other IPR laws. The ideal, though sadly not likely, solution would be to sit back and rethink the whole system.
Technology – new internet, filtering, spying, cloud computing etc.¶
When state of the art technology and law are not going hand-in-hand, there are always two solutions – either adapt the law or break the technology.
Since the start of the internet it was said that the internet cannot be controlled. While ultimate control may indeed be impossible in the internet as we know it, there are those who wish it would be so and will try hard to make it happen. Therefore we have to watch out how the future of the internet technology will evolve. Even if currently it is not possible, future technology could at the very least immensly cripple net neutrality and freedom of speech.
From time to time we hear reports about pushes to make the future Internet (whether Internet2 or other project) technically easier to control. Whether it is an issue only for the tin-foil-hatted or a real potential major risk is debatable, but if we learnt something in the past few weeks it is that anything is possible. How far such networks are already developed and how likely they are to go mainstream is again debatable, but this is an option we have to keep in mind.
For example only a few days ago the UN CSTD made a very contraversial decision to create a Working Group on Improvements to the IGF with a membership made up only of governments.
Of course as EU Commissioner Cecilia Malmström has noted, governments will have to protect themselves and more importantly vital infrastructure against cyberattacks. But again the crucial bit is to figure out what to protect, how and in what the implications will be on the society in general.
For even the thickest heads, Cablegate finally made it very clear, it is that when depending on cloud computing is risky, you are at the mercy of ToS of the service provider.
Even before WikiLeaks, there were criticisms that the current DNS system is too centralised and that a new P2P DNS system would have to be made. Of course a top-down DNS system and domains brings predictibility and compliance, but questions arise if this is still the best solution. If DNS was more dispersed we could (at least for a while) give power to admins who could use it arbitrarily as was the case with spam black and gray listing in the 1990's. On the other hand though we see that ICANN has been criticised over and over again by different stakeholders that it is overpowered, abusive of it and not neutral in its decisions. In my humble opinon, DNS would be harder to solve in a P2P environment, but a solution would be possible. I not a network expert, so I will leave this question to them. What I can add here is that I think that even if ICANN's current job was done by an apolitical professional international NGO (e.g. made from already existing national academic computer networks like SURFnet and ARNES), it would be a lot better.
Then there is also the question of blocking websites. Technically speaking there are many methods (by IP, on DNS servers, etc.) but whichever large-scale method or combination thereof will always bring false negatives and false positives. Imagine it like spam filtering – although GMail Yahoo Mail have a ton of users cooperatively teaching the filtering AI, it is still subpar compared to a simple custom Bayesean filter you can set up in your e-mail client. So in both cases the only way to get it done right is to have the end user set up and teach its own filters. But this does not suit the idea of top-down censorship (whether by state or business). Apart from the false positives and false negatives problem, an immense (and increasingly so) issue is that if country was actually to make a
halfquarter-way effective blocking/filtering system, it would open the Pandora's box. The moment such an (insanely costly) system would be up and legal, the commercial content businesses would start lobying for making use of it to globally block everyone and everything that would allegedly infringe their IPRs. And once we are there, all goes as long as money flows.
When using technology (or code if you will) instead of legislation, we also have to keep in mind that code is not law and therefore should not replace it. If that happens we not only lose the benefits of a legal prosecution – believe it or not, they are huge, we just take them for granted – but also the ebility to appeal, benefit of doubt, of saying your side of the story. Using technology instead of law is worse then the inqusition!
Society – proprietarisation, consumerism¶
From the social perspective, we see an increasingly bigger move towards consumerism and proprietarisation of intangible goods. Even though proprietarisation of intangible goods (via copyright and other "IPRs" and much was said about that already) is a grave issue, an even bigger issue in the future could be consumerism.
You can consume a sandwich or a glass of wine (although I would rather enjoy them), but you cannot consume music, art, thoughts, feelings or a bitstream. The internet can be used, but cannot be consumed. If that was the case, with more people using the internet, the scarcer it would be, but exactly the oposite is true. The same holds for many other things – tangible and even more so intangible.
Consuming something means that after doing so it does not exist anymore, therefore anything that can be consumed has to be by definition possible to have and destroy. Anything that can be consumed ergo has to be property.
Because of this "buy once – use/destroy once, buy another" nature, consumerism is an ideal state of mind for the content industry.
But us take a thought experiment to see what can happen if we continue to let it go wild.
Imagine that in the near future a piece of digital data would be consumable (via complex DRM, ToS, laws and/or whatever) and therefore property. Not just internet, but also any bitstream or string of bits as an "materialised" form of information is intangible, not a scarce good and is not destroyed upon use. What is then the difference between that and an also intangible idea? The internet in nature is so intangible that if that were to happen, one could well imagine that mere thoughts, ideas, dreams —even life – could be deemed as consumable. And if these could be property of someone, there is just a small step to transfer the property to your thoughts, dreams, feelings …life to someone via their ToS.
This may sound crazy now, but then again, copyright, patents, other "IPRs" and related rights are very close to this.
So let us stop acting as consumers of the internet and its services and start acting as what we are: customers and users! At the very least we should read the ToS and PP and do not use the service if we do not agree with them.
It is not about Jullian Assange or WikiLeaks¶
These problems existed well before WikiLeaks, but Cablegate brought it more to public attention. And here I mean both leaking of confidential information as well as censorship.
There are already first direct spin-offs of WikiLeaks emerging: OpenLeaks, BrusselsLeaks and IndoLeaks. But more importantly, as Bruce Schneier analyses nicely, the issue is not WikiLeaks (or any *Leaks project), but in national security on one side and on the other the push for more open government. Which website or medium or technology is irrelevant.
It is not (just) about internet¶
Without a doubt the internet has immensly changed our lives. It has penetrated our lives so much, that we take it as an everyday thing – no-one really calls it the "cyberspace" anymore (at least no-one who uses it often). Can you imagine a life without online shopping, e-mail, IM, VoIP, social network sites, reading news and articles online, modern banking (cash machines, credit cards, quick wire transfers, online banking), knowing when the next train or bus will arrive etc.?
And this is exactly the gist of the problem – the battle for net neutrality is not a battle just for freedom on the internet, but a battle for freedom of speech in general.
To support this claim, I would like to point out that the internet is (and technically always was) a two-way communication. Many even argue that the internet is by design a P2P system and here I would agree. But even if we put P2P aside, it is clear that therefore the internet cannot be called a medium, which is a one-way means of communication only.
The question of the future of the internet has a lot to do with the generation gap.
Basically there are three generations involved.
The eldest generation I would call here the pre-internet generation. It consists of people who were born well before the internet era they either do not use it or think of it as a medium. There are of course exceptions here in the form of internet pioneers, early adopters and those who adapted to it, but on average they do not think of the internet as their turf.
The youngest generation I would like to call the (for the lack of a better term) cyber-born. These are kids who were already growing up with and on the internet, they feel it is their world and cannot possibly imagine a life without it. Internet an integral part of their lives, so much that they (almost) cannot protest outside it.
And then there is generation of cyber-grown. This is the generation of those who spent a considerable part of their youth without the internet and a considerable part online, remembers dial-up, Usenet etc. – my generation. What is special about this generation is that they remember the life before the internet, yet have started using it so early on in their lives that it is second nature to them – in a way we are a generation of cyber-amphibians.
What is happening lately more and more often is that we see a clash of the generations. Let us analyse the current WikiLeaks-related events a bit from this perspective. After the pre-internet generation started to block WikiLeaks, cut its revenue stream etc., the cyber-born protested by grouping online, "like-ing" on social networking sites, flaming, DDoS'ing – that is their version of protest: respectively of public gatherings, singing/screaming together, wearing banners and at the very end throwing bricks and burning cars. Now the pre-intenet generation will respond (or already has) by calling them (cyber-)terrorists, criminals etc. As you can well imagine, the misunderstandings between these two generations due to and regarding the internet are enormous and can very well escalate.
In many ways you could compare the fight for net neutrality, freedom of the user (be it by movements for free software, open source, free culture etc.) to the hippie and punk movements of the previous century. The major difference though is that those were fighting for new freedoms, while the current battle is about already existing ones.
But here is where my generation comes in – as the only generation which understands both worlds, we are the ones who can try to mediate between these two, we are the ones who can slowly push for better laws, better understanding and in general stop the war on internet before it happens! A lot is at stake and if we do not want our children to live in an even more Orwellian society then already we do, we have to do something about it.
…And remember to "like" is not enough!