10 Nov 2014 | China, News and features, Tibet
![Photo: Wolfgang H. Wögerer, Vienna, Austria [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0) or CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons](https://www.indexoncensorship.org/wp-content/uploads/2014/11/Vienna_2012-05-26_-_Europe_for_Tibet_Solidarity_Rally_158_Lobsang_Sangay.jpg)
Lobsang Sangay at a solidarity rally for Tibet in 2012 (Photo: Wolfgang H. Wögerer, Vienna, Austria [CC-BY-SA-3.0 or CC-BY-SA-3.0], via Wikimedia Commons)
It was not, to say the least, what he had been expecting. Just a few weeks earlier, Sangay had become Tibet’s new political leader, taking over all political authority from the Dalai Lama after winning an election held among exiled Tibetans all across the world. It had been his first day in parliament in Dharamsala, where the Central Tibetan Administration (CTA) is based, and his entire cabinet had just been unanimously approved — a cause for celebration.
Yet that same day, a top-secret memo about an upcoming visit to the US had somehow been obtained from the government’s computers, and leaked into the public domain. “Everything was supposed to be very confidential, and the memo was only meant for three people in Washington DC,” Sangay tells Pao-Pao.
His assistants recommended cancelling the trip altogether. “It’s all out,” they told Sangay. “Nothing is a secret.” Their worries were not unwarranted. The Chinese government had started pressuring the American politicians listed in the memo to cancel their meeting with Sangay. Still, he pushed ahead. “I said: ‘We are going to Washington DC, on the same dates as described in the memo, and we are meeting with the same people as in the memo. That’s the only way we can respond to Beijing’s bullying.’”
Security upgrade
In the end, the visit went ahead as planned. But the attack was a shock to Sangay. “First of all, that Beijing is so capable of penetrating our computers that they can get at even our very confidential memos,” he says. “But also, that when I came back to the office, they were logging into every computer in the office and trying to shut it down, trying to track down which computer was affected with a virus and how they stole the secret memo. The whole place was shut down.”
It wasn’t the first time that the Tibetan administration had found itself under Chinese cyber attack. In 2008, the large-scale cyber spying operation Ghostnet managed to extract emails and other data from the CTA. Ghostnet also affected other Tibet-related organisations, as well as embassies and government organisations across the world. A year later, ShadowNet was employed, which researchers from the Infowar Monitor (IWM) at the University of Toronto called a form of “cyber espionage 2.0”.
The IWM researchers were able to establish that the hackers worked from within China, but they have been hesitant to link these hackers to the Chinese government due to a lack of direct evidence. However, an American cable released by Wikileaks describes a “sensitive report” that was able to establish a connection between the attackers’ location and the Chinese army.
The 2011 attack propelled Sangay to tighten the administration’s digital security. “At the time, there was a different mindset about it: ‘Oh, we can’t do much about it, Beijing can do whatever it wants,’” he recalls. Sangay, who was an outsider to Tibetan politics and had spent the sixteen years before he was elected at Harvard Law School, didn’t agree. “I thought that we could upgrade our security to a certain level. Now, even if we have a virus, it’s only on one computer, we can isolate it.”
But while the CTA’s office might no longer grind to a halt when a computer is infected, attacks have continued unabated. In 2012, a Chinese cyber attack infiltrated at least 30 computer systems of Tibetan advocacy groups for over ten months. In 2013, the CTA’s website Tibet.net was compromised in a so-called watering hole attack, which allows hackers to spy on and subsequently attack website visitors.
Greg Walton, an internet security researcher at Oxford University, is concerned at the growing number of these watering hole attacks. When they are combined with attacks that exploit software vulnerabilities, he argues that “there is essentially no defence for the end user, and no amount of awareness or training will mitigate the threat.”
Sangay does not believe that absolute security is possible. “Beijing is still, I am sure, trying to steal things. And I am sure they are successful, in some sense. But we also have to try to make it a little more difficult,” he says. “I assume my email is being read on a daily basis. The Pentagon, the CIA, multinational companies are all being hacked, and they are spending hundreds of millions to protect themselves.”
Sangay throws up his hands: “Poor me! My administration’s budget is around 50 plus million dollars. Even if I would spend my whole budget to protect my email account, that still wouldn’t be enough.”
No attachment, please
Sangay does believe that many problems can be avoided with a few basic precautions. He uses very long passwords for instance, and changes them often to prevent hacks of his own email account. And, he says: “You always have to follow Buddha’s message. What would Buddha say if you send him an email? ‘No attachment please!’” Sangay laughs. “One of the cardinal sins in Buddhism is attachment. Well, Buddha’s lessons, who said that 2,500 years ago, are still valid.”
Holding himself to “Buddha’s teachings” has prevented Sangay from getting his computer infected many times — although there have been some close calls. Take for example the time Time magazine’s editor Hanna Beech emailed him, a week prior to a scheduled interview in Dharamsala.
“She sent me the ten questions she would ask me. I found that very generous, journalists sending me questions ahead of time!” Sangay was about to download the attachment — but then he paused. “I grew a bit suspicious, so I decided to write back to her to ask if it was really her.” Beech said it wasn’t.
The attack was sophisticated, but not uncommon, Sangay says. “We get that on a daily basis, literally; some Tibetan support group or someone from our office sends an email that will contain a virus.”
Strengthening bonds
For the Tibetan government, digital communications have offered Chinese hackers a welcome point of attack. But Sangay also emphasises the positive sides of the internet: “Despite the [Great] Firewall, information breaks through, and is exchanged. That is happening, and that is not something that the Chinese government or any other government can prevent.”
He points to the 2008 protests in Tibet as one example. In the protests, which some dubbed “the cellphone revolution”, written reports, videos and photos from eyewitnesses were able to make their way to the rest of the world via mobile phones.
Additionally, the internet has allowed the Tibetan Central Administration in Dharamsala, home of about 100,000 Tibetans, to strengthen its bonds with the approximately 50,000 exiled Tibetans living elsewhere. Sangay says that the exile community — “scattered across some forty countries” — keeps in touch mainly through the internet.
“The internet has been very vital. The other day, I was speaking to Tibetans in Belgium. I asked them how many log in to Tibet.net, our website, and how many watch Tibetan online TV. About 40% raised their hands.” Tibetans from inside Tibet even manage to send Sangay “one-off messages” via Facebook from time to time. “Things like: ‘I wish you well’, from Facebook accounts that are immediately deleted.”
Dangerous, but helpful
Tibetans inside and outside of China now also communicate constantly via WeChat, but that is not without danger. A year ago, two monks in Tibet were arrested and jailed after posting pictures of self-immolations via the chat app. “Many say it’s very dangerous, because it’s an app by a Chinese company,” Sangay concedes. Still, he also considers it “very helpful and informative” as long as it is used to discuss safe topics.
The Tibetan administration consciously abstains from contacting Tibetans inside China “for fear that we might jeopardise them,” Sangay says. “We get a little less than 100,000 readers to our website every month, and we know many are from inside Tibet and China as well. We know it’s happening, but we really don’t make deliberate efforts [to contact them], and we also don’t keep track.”
Skyping with Woeser
Since Sangay was elected, it has been too risky for him to keep in touch with Tibetans in China via the internet. But before his election, like many others, he was in touch with those inside China almost every day. During his years at Harvard, he often Skyped with the famed Tibetan blogger and activist Tsering Woeser.
“It almost became an everyday ritual. I would go to the office, and then at a particular time I would log on and we would talk for half hour or more. Because her Tibetan wasn’t good, I became her unpaid, amateur Tibetan language teacher.” Sangay laughs as he recalls Woeser’s unsuccessful attempts to crack jokes in her — at the time — mediocre Tibetan.
Unfortunately, Sangay says he “had to stop talking to her for fear that I might endanger her”. But he still admires her work: “She is a good source of information. She compiles information from inside and shares with the rest of the world. She is very bold.” He considers bloggers like her an invaluable resource for those who want to know what life in Tibet is really like.
So will the internet ultimately be a force for good or evil? Sangay doesn’t know. “It all depends on who uses it. For good, if more good people use it.” On the one hand, he is in awe at how nowadays “in zero seconds, at almost zero cost, you can send vast volumes of information”. But he worries about the security side of the internet. “Ultimately, the [power] dynamic is so asymmetrical. One has wealth, and control over access to stronger and better technology, and one doesn’t.”
That, of course, is a power dynamic that the Tibetan leader has long ago gotten accustomed to. “I think the David and Goliath battle will go on, even on the internet,” Sangay says. “Ultimately, if David will prevail, we will have to see.”
This article is also available in Chinese at Pao-Pao.net
This article was posted on 10 November at indexoncensorship.org with permission from Pao-Pao.net
21 Aug 2014 | Digital Freedom, Digital Freedom Statements, News and features, Uncategorized
Tributes to James Foley were placed at the War Correspondents Memorial in Arlington National Cemetery (Photo: Cynthia Rucker/Demotix)
On Thursday, after a video emerged of U.S. photojournalist James Foley being beheaded by Islamic State (ISIS) militants, the Metropolitan Police in London suggested that anyone who watched the video could be committing a crime. This takes us well beyond the realms of the #ISISmediablackout being urged by social media users, many of them journalists themselves, and does go to the heart of why censorship of such material is deeply problematic.
Questions of free speech and free expression are rarely clear-cut: the human rights laid out in the Universal Declaration frequently grate up against one another. Balancing the right to a privacy, for example, with the right to free expression and the public‚s right to know can be a high wire act; as is the balance between protecting children online from exposure to graphically violent or sexual content, and full-scale censorship.
And so deciding whether sharing, or even watching, a video of a criminal act, created as a deliberate piece of propaganda, rightly raises important questions. Are those disseminating this information playing into the hands of propagandists, so furthering their cause? Or are they raising awareness of their practices to a wider audience, leading to a better informed public? It is understandable that Twitter should want to respect the wishes of James Foley’s family by encouraging people not to share it. It is also understandable that Twitter and others would not want to be seen to be promoting propaganda that potentially glorifies terrorism and acts of horrific violence. It is also understandable that many social media users want to encourage an ISIS blackout, arguing that by sharing the Foley video, sharers simply give the group the oxygen of publicity and encourage more such acts.
But there is a difference between individuals exercising their right not to view or share the video, and companies such as Twitter — or indeed the police force — denying people the right to view it. If the Met police is right that just by watching the video individuals are committing a crime (and they have yet to show how or why this is), then David Cameron has broken the law. Barack Obama has also seen the video. As have I. As have a number of the journalists writing about the video in today’s papers: something they needed to do to be able to describe its full horror to others. We should not feed the flames of the propagandists by mindlessly sharing their videos, but nor should we make the mistake of assuming that global corporations, or indeed police forces, should decide who sees what. Because that simply plays into the hands of all those who want to end societies in which dissent and difference is tolerated; the kind of societies that celebrate and cherish the work of men like James Foley.
This article was posted on August 21, 2014 at indexoncensorship.org
20 Aug 2014 | Digital Freedom, News and features, Turkey Statements
IGF 2013 was in Indonesia. This time Turkey plays host.
This year’s Internet Governance Forum (IGF) — a high-profile, United Nations-mandated annual conference on issues surrounding governance of the internet — is taking place in Istanbul, Turkey. But Yaman Akdeniz and Kerem Altiparmak, two renowned Turkish internet rights advocates, are boycotting it. Here they explain why.
Between May 2007 and July 2014 Turkey blocked access to approximately 48,000 websites subject to its controversial Internet Law No 5651. Although the law is ostensibly aimed to protect children from harmful content, from the very beginning it has been used to prevent adults’ access to information. In February amendments made to the legislation extended blocking provisions to include URL-based blocking of internet content. The same amendments compelled all internet service providers (ISPs) to be part of an association for access providers to centrally enforce blocking orders within four hours of receipt. It also introduced one-to-two-year data retention requirements for hosting companies and all ISPs. Furthermore, subject to new provisions, ISPs are required to take all necessary measures to block alternative access means such as proxy websites and other circumvention services including, possibly, VPN services. The amended version of the law also shields staff from the Presidency of Telecommunications and Communication (TIB) from prosecution if they commit crimes in their work for the telecoms authority.
In March access to both Twitter and YouTube was blocked arbitrarily and unlawfully by the TIB. With both blocking orders the government aimed to prevent the circulation of graft allegations ahead of local elections to be held on 30 March. During the blocking period, the authorities also ordered major ISPs to hijack Google and OpenDNS’s DNS servers, tampering with the DNS system to surveil communications, as well as to prevent users from circumventing blocking orders. Turkey’s constitutional court stated that the blocking of Twitter by TIB constituted a grave intervention on the freedom of expression of all Twitter users. Furthermore, in a 14-2 majority judgment, the court decided that the YouTube ban infringed on freedom of expression protected by the constitution.
However, despite these strong rulings, Twitter decided to implement its country withheld content policy for Turkey and started to block access to certain Turkish accounts and individual tweets. It was reported in June that Twitter complied with 44 out of 51 court decisions since they visited Ankara on 14 April, and the US-based social media platform continues to aid and assist Turkish authorities in censoring political content.
Facebook has also banned the pages of a number of alternative news sources, including Yüksekova Haber (Yuksekova News), Ötekilerin Postası (The Others’ Post), Yeni Özgür Politika (New Free Policy), Kürdi Müzik (Kurdish Music), and other groups related to Kurdish movements. The site has also been criticised for removing several pages related to the Peace and Democracy Party (BDP). Regardless of the above-mentioned constitutional court decisions, access to popular platforms such as Scribd, Last.fm, Metacafe, and Soundcloud is currently blocked from Turkey. Access to WordPress, DailyMotion, Vimeo and Google+ has in the past year been blocked temporarily by court or administrative orders. A number of alternative news websites that report on Kurdish issues, including Firat News, Azadiya Welat, Dengemed and Keditor, remain indefinitely blocked. In total it is estimated that 200 websites are banned indefinitely for their pro-Kurdish or left wing content.
Over the past year, many people have received suspended sentences and fines for their social media activity, usually on charges related to terrorism, blasphemy, or criticism of the state and its officials. In the crackdown following the Gezi Park protests of June 2013, dozens of people were detained over their social media posts. Criminal investigations and prosecutions were initiated subject to Articles 214 and 217 of the Turkish criminal code concerning incitement to commit a crime and disobey the law, as well as miscellaneous provisions of Law No 2911, on demonstrations and public meetings. In September 2013, pianist and composer Fazil Say was given a suspended sentence of 10 months and court supervision for insulting religious values in a series of tweets. Such criminal investigations and prosecutions have a chilling effect on all social media platform users.
In addition to widespread blocking of websites and content as well as criminal investigations and prosecutions to silence political speech, the Turkish authorities are also building surveillance infrastructure, which includes the deployment of deep packet inspection systems to monitor all forms of communications unlawfully.
Therefore, we have decided to boycott IGF 2014 hosted by Ministry of Transport, Maritime and Communications and coordinated by the Information and Technologies Authority. We also confirm that we will not be taking part in the IGF.
Yaman Akdeniz & Kerem Altiparmak
This edited version of the statement has been republished with permission from the authors. You can find the original and fully referenced statement here.
5 Aug 2014 | Australia, Digital Freedom, News and features, Politics and Society
(Image: Shutterstock)
A piece of proposed legislation in the senate in Australia is attempting to wrestle with the legacy of the Snowden leaks with potential implications for media freedom.
In late 2013 information was released to the world that revealed the depth and breadth of the covert architecture in place to monitor and harvest personal data. The unprecedented capabilities and actions of surveillance agencies the world over ignited debate around the nature of privacy in our digital age. But the emergence was not manufactured by the security apparatus or by governments; it was the result of leaked information being published by the press.
Now, a new law proposed by Attorney-General, George Brandis, the National Security Legislation Amendment Bill (no.1) outlines a number of reforms to “modernise and improve” Australia’s capabilities to tackle national security threats. If passed, it could have significant implications for Australian media.
The creation of Special Intelligence Operations (SIO) – covert operations that offer limited immunity for its participants to engage in unlawful conduct – as well as the expansion of computer access warrants are among the sweeping reforms contained within the bill.
Further reforms outline new offences for “unauthorised dealings with an intelligence-related record, including copying, transcription, removal and retention”. But as highlighted by publications such as The Guardian, the Australian Lawyers Alliance (ALA) and members of the opposition, including Greens Senator Scott Ludlam, the bill opens up the possibility for criminal culpability to lie beyond the security operatives dealing with intelligence-related records, to journalists and media outlets who report on information they receive about SIOs. The bill’s explanatory memorandum states that the offence applies to:
“[D]isclosures by any person, including participants in an SIO, other persons to whom information about an SIO has been communicated in an official capacity, and persons who are the recipients of an unauthorised disclosure of information, should they engage in any subsequent disclosure.”
The transcript of the bill’s second reading demonstrates Brandis’s opinion of Snowden, dismissing him as a “so-called ‘trusted insider’” (he has previously referred to the NSA whistle-blower as an “American traitor”). But while he has stated that the bill is not intended to threaten media outlets or limit media freedom, the wording of the bill has set alarm bells ringing. Quoted in The Guardian, ALA spokesperson Greg Barns stated that this bill “takes the Snowden clause and makes it a Snowden/Assange/Guardian/New York Times clause.”
He goes further, explaining how the structure of approving SIOs, threatens media coverage: “ASIO [Australian Security Intelligence Organisation] could secretly declare many future cases to be special intelligence operations. This would trigger the option to prosecute journalists who subsequently discover and report on aspects of these operations.” This lack of clarity in the wording of the bill, as well as the limited oversight as to how the bill can be used – political appointees have the final say – sets a precedent for potential restrictions on media freedom both in Australia and, as a template for action, globally.
The size and scale of the surveillance network, involving governments worldwide, most notably the “five eyes” countries, the US, UK, Canada, New Zealand and Australia raises uncomfortable questions, with no forthcoming answers. The reforms proposed by Brandis seem to suggest that the best way of satisfying these questions is to ensure they are not asked in the first place.
Restricted by inadequate whistle-blower protections, due in part to his status as a private contractor, as well as the national security implications of the leaked documents, reaching out to the media provided to be the sole outlet for Ed Snowden. But it seems now that it could be the media who will be punished for such inadequate protections.
After two readings in the Senate, the bill is poised to be debated in September. And although Brandis has set his sights elsewhere, having mentioned data retention in an interview to ABC, the precedent set by Australia, were this bill to pass, could resonate throughout the world. Scott Ludlam outlined his concern: “I can’t see anything that conditions it or carves out any public interest disclosures. I can’t see anything that would protect journalists.”
This concern does not seem to be shared across the political spectrum. The Australian Prime Minister, Tony Abbott called on journalists for a “sense of responsibility, a sense of national interest”, and the Liberal senator, Cory Bernardi went further by stating that “we need to make sure the press are free to report within the constraints of what is in, I’d say, the national interest”.
Would protecting national interests include the refusal to publish information surrounding the allegations that the Defence Signals Directorate, or DSD, (now called the Australian Signals Directorate) attempted to monitor the calls of the Indonesian president, his wife and senior politicians? What about the DSD’s desire to share harvested online data (or “unminimised” metadata) with other governments without any privacy restraints?
If decisions such as these are left to those who define the role of the press as one of propagating national interests, then the freedom that Bernadi speaks of is surely no freedom at all.
This article was published on August 5, 2014 at indexoncensorship.org
