Highlights and Challenges
- In May, OTF began reviewing and responding to the 112 concept notes submitted during the May 1 round for the Internet Freedom and Core Infrastructure Funds. The OTF team was extremely efficient in its work processing all received concept notes and ultimately inviting 13 applicants to submit full proposals. Applications that were not invited to full proposals but showed some promise were provided with substantial constructive feedback to foster transparency and to help applicants better understand what OTF is looking for in a successful submission.
- The first two projects selected for funding through OTF’s inaugural Technology at Scale Fund solicitation were contracted and began work. The Technology at Scale Fund is OTF’s newest fund which will support mature internet freedom technologies that directly serve USAGM entities. Psiphon and NthLink, both veteran circumvention tool providers, are continuing to provide USAGM language services with vital censorship circumvention support. Through Tech at Scale OTF has achieved greater transparency into the operations of these tools on behalf of USAGM and achieved cost-savings without compromising the level of service provided.
- In May, the Chinese Communist Party announced plans to enact national security legislation in Hong Kong, bypassing Hong Kong’s Basic Law and the local legislature to insert legislation to criminalize secession, foreign interference, terrorism and subversion against the central government. In response to this announcement, OTF worked quickly with local partners, technologists, and digital security experts to build on efforts started during the 2019 protests to prepare Hong Kong citizens for CCP-imposed censorship and surveillance. OTF has already surged support to leading circumvention tools in Hong Kong to provide access to circumvention solutions for over 3 million users. OTF has also begun deploying a variety of security solutions for users in Hong Kong, including secure messaging, secure file storage, secure email, and secure operating systems, to ensure that journalists and civil society organizations in Hong Kong are able to protect the full scope of their operations from CCP surveillance – and offline retaliation. In addition, OTF has launched new digital security and rapid response efforts in Hong Kong to ensure users have the support and resources they need to respond to increasing censorship and surveillance threats, and has deployed new censorship detection probes to monitor and analyze increasing censorship.
- OTF also concluded evaluation and selection of this year’s class for OTF’s Information Controls Fellowship Program (ICFP). The new class will be announced soon, once selected fellows have completed compliance review and contracting.
- In May, OTF participated in a proposal review panel for an internet shutdown-resistant P2P technology solicitation by the Internet Freedom Team at the State Department’s Bureau of Democracy Human Rights and Labor. OTF provided comments and votes as part of our effort to share expertise and ensure deduplication of funding across USG internet freedom funders. In May, OTF also briefed and participated in DARPA’s RACE project principal implementers meeting. RACE (short for” Resilient Anonymous Communication for Everyone”) is a multi-year program to create a system capable of avoiding large-scale compromise and able to exist completely within a given network environment while preserving privacy, confidentiality and integrity.
- Working with MBN staff and outside developers, OTF helped to facilitate the integration of circumvention technology into MBN’s forthcoming mobile app to ensure that MBN can supply content to its audiences even in the face of censorship.
- In light of the dramatic implementation of COVID-premised internet censorship going on around the world, OTF expanded its Rapid Response Fund in March to support emergency interventions to protect against increased COVID-related internet interference, blocking, targeting or surveillance. OTF has continued to receive numerous COVID-related rapid response requests through this fund and is prioritizing the review and execution of all COVID-related requests.
Notable Programmatic Highlights
- The Geneva research team’s paper on using Geneva to evade censorship from server-side has been accepted to appear in ACM SIGCOMM 2020. The paper reports on 11 different packet manipulation strategies that can be run on a server outside the censoring regime to help clients “get out” of censorship – without user-side deployment. This will help those who do not already have access to anti-censorship software, as well as users who do not even know they were being censored in the first place. By relying on machine-learning to process and discover new censorship attack vectors, the project has already identified new ways to circumvent censorship in China and other highly censored internet environments.
- As part of the Tor Browser update, Tor integrated Snowflake, a user friendly mechanism to overcome censorship. Snowflake is based on the use of temporary WebRTC proxies which allows for continued operation when a user is behind a NAT. This provides Android users a new resilient technique as censors continue to evolve their tactics.
- This month OTF published an article on Senior ICFP fellow William Tolley’s research diagnosing and disclosing critical vulnerability in Virtual Private Networks (VPNs). Working with professors from Berkley’s International Computer Science Institute, Tolley discovered a new class of vulnerability for VPNs – revealing that attackers on the same network as a victim can determine if the victim is using a VPN to connect to a specific website, potentially exploiting the vulnerability to quickly scan a list of banned or targeted websites and determine if someone on the network is accessing them. This is important as it illustrates that the most vulnerable populations are those who are most susceptible to being exploited by this vulnerability.
- OTF also published an article on ICFP fellow Alexei Abraham’s research concerning information manipulation on social media in the Middle East. Analyzing data from the summer of 2017, Alexei found that Twitter in the Middle East is no longer a tool of liberation.While Twitter users in the region often coalesced around hashtags promoted by bots, that occurred far more frequently with smaller hashtags, while larger hashtags tended to draw up enormous support from real users. As a result, repressive regimes in the region appear to be working behind the scenes to sway the discourse in their favor by employing spies within the platform and blackmailing influencers.
- The Tor Project concluded their project to improve the usability of Tor Onion Services and launched a new Tor Browser version with the implementations of this work on June 1st. The new version makes it easier to use Tor Onion Services, a tool that website administrators can use to provide their users with anonymous connections that are metadata-free or that hide metadata from any third party. Tor Onion Services are often used by media organizations and news outlets to protect their audiences, such as Deutsche Welle and the BBC.
- Azerbaijan Internet Watch tracked 9 cases of individuals being arrested for online activities, 4 brought in for questioning for the same activity, 3 doxxing incidents and 3 hacking attempts, along with tracking a massive DDOS attack against the country’s only remaining independent news agency. The project is also tracking an individualized Internet shutdown that targets the head of an opposition political party.
- To help activists stay connected during the internet shutdown in Burundi, DIFP fellow Neil Blazevic spun up an instance of the Outline VPN and distributed it to contacts in Burundi during Election shutdown. He has also continued supporting digital security trainers in Uganda to design a COVID-19 threat and needs assessment tool for creating appropriate assistance plans that best match the needs of Ugandan CSOs.
- DIFP Fellow Cristian Leon is working closely in Bolivia to strengthen communication channels and information management. During the COVID-19 pandemic, activists in Bolivia have seen an increase in device seizure and other targeted attacks against those who are critical of the government online, leading to increased concern about digital safety measures and how people can keep themselves safe.
- DIFP Fellow Oriana H has developed a fully remote digital security training for Latin American activists, including how to conduct their own risk assessments, and checklists to easily walk through improved digital security practices. Working alongside other Latin American digital rights organizations, she has been collaborating on research and documentation on digital security risks resulting from government tracking under the premise of COVID-19 management that could be abused in closing and closed environments in the region.
- The PiGuard project creates “out of the box VPN” servers which allow encrypted connection for at risk users in MENA, Africa and Easten Europe by embedding WireGuard on Raspberry Pi and creating a network of monitored WireGuard nodes. In May, the project published the PiGuard image which is ready for audit. Their first PiGuard local node has been tested functional under a simulated server shutdown situation.
- Ayanda, an open source Android library that makes it easy to create offline peer-to-peer networks between nearby Android devices, has finished refactoring as to stabilize discovery, pairing and communication. In addition the Ayanda team also began an open-source Wiki Documentation for Ayanda.
As we reported in April, OTF has been granted 501(c)(3) status. However, we await the official tax-exemption letter from IRS communicating such status, which has been delayed as a result of Covid-19. Under guidance of outside counsel, we are currently preparing registrations to file in the District of Columbia, which are contingent upon receipt of the official letter from the IRS. OTF is also preparing to file a trademark with the USPTO to secure registration for Open Technology Fund.
Additionally, OTF is implementing the privacy policies drafted by pro bono privacy counsel along with employment policies suggested by our Human Resources consultant and outside employment counsel. As a newly independent organization, we continue to refine our compliance policies in a way that supports our open and competitive application process, is compliant with 2 CFR 200, and is efficient for our team to execute. OTF is also in the process of identifying permanent office space outside of RFA and negotiating lease terms.
Finally, we continue to foster our Legal Lab network of pro bono counsel who support our projects with legal capacity building and risk mitigation as they implement and deploy their tools and technologies.
On April 20, 2020, the OTF team previously working in the Radio Free Asia corporation became official employees of the OTF corporation. Corporate policies, Standard Operating Procedures, operational and programmatic workflow processes and inventory were finalized and implemented with the OTF employees on April 20, 2020.
In May, OTF also began recruiting for six additional positions in order to scale up OTF’s programmatic and operational support staff to fully meet the needs of the new organization. In order to provide appropriate technical due diligence, management, and oversight of OTF’s expanded programmatic portfolio, OTF will hire three additional technical experts – a Chief Innovation Officer, Technologist, and Program Manager. In addition, in order to effectively provide critical digital security support to USAGM’s five broadcast networks, OTF will hire a Digital Security Coordinator. The Digital Security Coordinator will be responsible for providing direct digital security guidance, support, and technical expertise to the USAGM networks enabling implementation of tools needed by USAGM journalists, sources and audiences. Lastly, OTF will hire an Accounting Manager to support OTF’s CFO and an Outreach and Communications Manager to support external communications and partnership development for the new organization.
This month, the new OTF CFO worked closely with the USAGM Budget Team to identify areas for immediate improvement in OTF financial reporting. Together, OTF and USAGM designed a new template for the monthly financial report that accompanies the SF-425. This template provides transparency between obligations and expenditures, and aligns easily with OTF’s US GAAP requirements. The new template was used for the April 2020 monthly reports.
In addition, the OTF CFO began the competitive process for selecting accounting software for long-term use, to replace the temporary use of Quickbooks and manual excel spreadsheets currently in place during the transition period. The criteria for the new software includes the ability to integrate smoothly with the OTF secure WebApp and the ability to account for funding and costs across multiple dimensions to automate the process of reconciling funds and reporting on costs across from multiple funding years and program areas.
Finally, RFA concluded its active OTF finance operational support on May 31. Starting June 1, the OTF organization is responsible for payment of all OTF contracts, including those established prior to FY20. For contracts related to prior year funding, the final balance of all OTF contracts as reported by RFA is under auditor certification in June; upon the conclusion of the auditor’s assessment of remaining OTF contract balances and related funding, the process for transferring prior year funds from RFA to OTF will commence.
Outreach and Communications Report
Despite COVID-19 stay-at-home restrictions and a current vacancy in the role to lead OTF’s outreach and communications operations, with the help of USAGM’s Office of Congressional Affairs, OTF was able to provide several briefings to key Congressional committees and staff, including SASC and HASC on OTF’s overall operations and approach and HFAC Ranking Member McCaul’s office on OTF’s China strategy. OTF also briefed the Embassy of Japan on OTF’s operations and work in China at their request.
Details about all OTF programs are available on our website at https://www.opentech.fund/ and if you’d like more updates about internet freedom you can subscribe to our email list on the bottom left corner of our homepage.