Apply
My Apply
My Apply

Studying Information Control Diffusion: an Agenda for Further Research

| By: Valentin Weber

As an OTF Information Controls fellow, Valentin Weber studied the spread of authoritarian technologies from China and Russia to other countries around the world. Here, Weber reflects on his research and the need for more focus on these issues, offering specific ideas for further research on the increasing adoption of information controls tools and techniques, and their impact on societies worldwide.

We are in a state of crisis when it comes to surveillance diffusion, as Ron Deibert, Director of the Citizen Lab, put it. Surveillance and censorship technology and techniques are diffusing internationally without any significant hurdles. In a recent Open Technology Fund report I laid out the export of Chinese and Russian information controls to 110 countries.

Diffusion China:Russia map.png

Despite the months-long investigation, the report just scratched the surface. Much more research needs to be done. In the following lines I identify further avenues for research on this topic.

The need for continuous monitoring

While my report is just a snapshot in time, we need continuous monitoring of the diffusion of information control technology and techniques. Hereby the monitoring of technique sharing through training is just as important as that of tracing technology exports.

Measuring the effects of surveillance/censorship exports

The recent OTF report covers most countries, but not in-depth. It measures data points and surveillance occurrences, but it does not analyse the impacts of technology, law, and technique diffusion on a country level. To give a few examples:

With the help of Vasilis Ververis, Nguyen Phong Hoang and Marios Isaakidis we were able to detect Huawei surveillance middleboxes with the fingerprint “V2R2C00-IAE/1.0.” We found these particular middleboxes in Colombia, Cuba, Italy, Mexico, Nigeria, Pakistan, Spain, and Turkey. However, there are many more additional fingerprints to be discovered. In addition, we need to learn more about how this technology is being used and get a better grasp of the extent of technical guidance that is provided by a particular company that supplies surveillance middleboxes.

Furthermore, the OTF report notes that in Kenya, "safe city" technology is being deployed by Huawei. But what is the impact of a "safe city" on civil society, the economy, and crime rates?

A recent CSIS policy brief illustrates how Huawei’s claims are inconsistent with public data when it comes to curbing crime in Kenya. While Huawei states crime decreased by 46 percent in 2015 compared to 2014, public figures show that crime decreased by a smaller percentage in Nairobi and actually increased in Mombasa. While such investigative work as done by CSIS is important it leaves important questions open. While this analysis helps to give a perspective to Huawei’s claims it does not tell us about the impact of a "safe city" on crime rates. It might be that the increase in reported crime in Mombasa is actually a consequence of more monitoring and hence more crime being discovered. In order to find an answer, more in-depth and on-the-ground research needs to occur.

My recent report also covers the imitation of Chinese and Russian techniques by other countries. Uganda for instance intends to mimic China’s Great Firewall by centralising its internet infrastructure. But what does that mean? Which ministries are involved? What is the role of ISPs in this process? Which are the institutional bodies where civil society can exert pressure to instigate change and force the government to abandon plans? Research in this case needs to be strategic in the way that it uncovers information that can be used to produce action.

Another case in point where more research is needed is in the analysis of the effects of cybersecurity laws. Thailand and Vietnam passed laws imitating China’s 2017 cybersecurity law. An excellent analysis as to the content of the Vietnamese law has been published, but what does the law mean in practice? To what extent and how is it being implemented? Research that I have co-authored with Vasilis Ververis, Marios Isaakidis and Benjamin Fabian shows that despite the fact that VPN laws are as draconic in Russia as in China they have not been implemented that harshly in Russia compared to China. Hence it is crucial to know how laws are implemented once they were passed. Researchers also need to study how cybersecurity laws are being abused. This will help to pressure lawmakers into tweaking laws that makes them less prone to abuse. The cybersecurity law in Thailand, for instance, was criticised for being too broad in nature, using words such as “severe cyber threat” to justify seizing hardware without a court order. But how should those laws be specified? What words shall be used instead of “severe cyber threat”?

In addition to this, more research has to be directed towards studying the effects of media training by Chinese entities, such as the China Public Diplomacy Association. Do participants usually have a positive, negative, or mixed experience? What happens during the media trainings? Do people retain their relationship with Chinese media agencies after having concluded the programme? One foreign participant in one of China’s training programmes states that during the training in China “I always wrote what I wanted to write, and I never felt they were meddling with my perception of the facts.” On the flipside, another participant exposed strongly opinionated views in a piece for China Daily during the traineeship, defending the China-Pakistan Economic Corridor against “Western propaganda.”

Concluding thoughts

In a nutshell, we first need to know where exports have occurred to. Hence the need for continuous monitoring. We then know where to measure impacts. Once we have a better idea of the impacts of information control exports, we can create regulation to reign in the global surveillance crisis.

Valentin was a 2019 ICFP Fellow at the Berkman Klein Center for Internet & Society. Read more about his ICFP research.

--

About the program: OTF’s Information Controls Fellowship Program (ICFP) supports examination into how governments in countries, regions, or areas of OTF’s core focus are restricting the free flow of information, impeding access to the open Internet, and implementing censorship mechanisms, thereby threatening the ability of global citizens to exercise basic human rights and democracy. The program supports fellows to work within host organizations that are established centers of expertise by offering competitively paid fellowships for three, six, nine, or twelve months in duration.

Interested in becoming an ICFP fellow? OTF is currently accepting applications for the next ICFP cohort until February 24, 2020. The application and additional information is accessible from the ICFP home page.