The launch of Google Buzz has set various parts of the technology blogosphere afire -- and for all the right reasons: it does introduce a number of interesting social features that could make our email experience more social (whether it has to be more social is a different question).
However, what tech pundits have mostly overlooked is a peculiar privacy choice made by Google's designers: unless you tinker with Buzz's settings, a partial list of your most-emailed Gmail contacts might be automatically made public (see this post over at Silicon Alley Insider; it appears that contacts those who already had a Google Profile account before Buzz are at risk; also see this excellent and very angry post at CNet for additional background. UPDATE: Google has promised to fix some of these problems).
Yes, that's right: without you ever touching Google Buzz's privacy settings, the entire world may know who you correspond with (yes, including that secret lover of yours and that secret leaker at the White House).
This could be an extremely uncomfortable and tragic privacy disaster for Google, potentially of the same magnitude that Beacon was toFacebook. I certainly don't have many concerns about those who are cheating on their spouses or are leaking sensitive information to journalists-- they will survive (even though the future of whistle-blowing does not look very bright in our increasingly overexposed information environment).
Nevertheless, I am extremely concerned about hundreds of activists in authoritarian countries who would never want to reveal a list of their interlocutors to the outside world. Why so much secrecy? Simply because many of their contacts are other activists and often even various "democracy promoters" from Western governments and foundations. Many of those contacts would now inadvertently be made public.
If I were working for the Iranian or the Chinese government, I would immediately dispatch my Internet geek squads to check on Google Buzz accounts for political activists and see if they have any connections that were previously unknown to the government. They can then spend months on end drawing complex social circles on the shiny blackboards inside secret police headquarters.
But potential risk from disclosing such data extends far beyond just supplying authoritarian governments with better and more actionable intelligence. For example, most governments probably already suspect that some of their ardent opponents are connected to Western organizations but may lack the evidence to act on those suspicions. Now, thanks to Google's desire to make an extra buck off our data, they would finally have the ultimate proof they needed (if you think that this is unrealistic, consider this: the Iranian authorities have once used membership in an academic mailing list run out of Columbia as evidence of spying for the West).
It's business decisions like this that make me very suspicious of Google's highfalutin rhetoric about their commitment to defending the freedom of expression. From a business perspective, such decisions do make some sense -- how else, after all, can Google Buzz compete with Twitter and Facebook, who are already light years ahead of Google in terms of building up their user base -- but the ethics of such business decisions is extremely shoddy, to say the least. If Google executives are really committed to defending the freedom of expression, then they must be inhabiting a dreamworld, where freedom of expression somehow always survives despite horrendous attacks on privacy.
The relationship between privacy and free speech has been a subject of contentious debate between legal scholars -- with people like Eugene Volokh arguing that excessive protection of privacy, no matter how appealing, could also harm free speech -- but what I often found puzzling about such arguments is that they don't seem to account for the fact that, without privacy, it's also very hard to exercise one's right to free expression. Isn't freedom of expression of a rather limited value when one is conversing under constant electronic surveillance? For anyone interested in how we should think about privacy in the digital age -- and why it still matters -- I highly recommend Helen Nissenbaum's new book Privacy in Context: Technology, Policy and the Integrity of Social Life.
I am yet to hear a Google executive mention privacy as one of the values that are constitutive of the freedom of expression. Whenever theytalk about the latter, they always make it very clear that privacy inhabits a completely different universe. I think they operate on a very flawed logic, which makes all their other efforts on this front look very insincere. Moreover, I think it is likely to cause Google much more damage in the long run: what's the point of protecting the email accounts of Chinese human rights activists if you tell the rest of the world who those people are talking to?
Seen from this perspective, a recent decision by the Iranian government to ban Gmail and create their own national email system -- something that must have been inspired by Turkey's Anaposta project-- does not sound that bad. After all, it's probably better to have activists stop using Gmail than to watch them expose their connections to government's agents. I can only hope there will be enough anger in the technology community to force Google reconsider their decision to disclose information that is extremely sensitive and should never be disclosed without prior consent from its users; in the future, all similar sensitive data decisions like should be "opt-in" not "opt-out" by default.
Otherwise, all their promises about their stance on freedom of expression is just empty talk. Their recent partnership with NSA does not make Google look any more trustworthy; Chris Soghoian, an expert on information security, made a hilarious point on Twitter: "How do I sign up for the Iranian government's new emailservice? At least they are not in bed with NSA."
LOIC VENANCE/AFP/Getty Image
Wired Italy's efforts have paid off: the Internet has been shortlisted as a candidate for the 2010 Nobel Peace Prize (along with dissidents and human rights activists from Russia and China). Here are five reasons why the Nobel committee should not give the award to this quirky candidate:
Reason 1: It doesn't deserve it. Simply put, there are worthier technologies. Why not award the prize to the book, the telegraph, the radio, the syringe, the mobile phone, the Xerox machine, the pacemaker, or the water pump? Arguably, they have had a much greater impact on society - and many of them are still changing the lives of many people all over the world, particularly those in the "bottom billion". How about 5 billion people who are not yet online? Aren't there technologies which are more universal and life-changing?
In short, if the impetus behind the Internet's nomination is to recognize technology's (often) positive role in development and democratization, there are much better candidates. Discussions of the Internet's social and political impact in the popular media and the blogosphere are already so ahistorical - it's as if it's so unique we don't need to know anything about history, anthropology or sociology of societies which technology is supposedly remaking - that bestowing a Nobel prize on the Internet would only make matters worse.
Reason 2: It could kill Internet activism in authoritarian states. Scared by the prospect of yet another Twitter revolution, authoritarian governments are already getting very suspicious of Internet users. If in the past, bloggers were written off as some "geeks and freaks" - at best irrelevant, at worst kind of crazy - now Internet users are primarily perceived as a threat. Democratic forces would arguably have much more success with the Internet if they were still perceived as "geeks and freaks'. Now, of course, they can't do it as the government sees them as a political force. Most of these fears are, of course, bogus: the only reason why authoritarian governments are so scared is because of overblown reports in the Western media.
Internet activists would have a much easier and safer existence if the Internet got "Nobel Cutest Cat Award" and regained its reputation as a hangout place for "geeks and freaks". Let's work towards that goal. Yes, this would also involve the US State Department being somewhat less vocal about all the great work they do with social time; at times, it looks as if the State Dept's social media team interprete the term "open government" just a tad too literally - can't they act without leaking everything to the press for a change?
Reason 3: It would undermine the reputation of the Nobel Peace Prize. Why reward people who were acting solely in commercial interest and it just so happened that their product/invention was used for some noble purpose? Take Twitter: when the "Twitter revolution" in Moldova happened, most of Twitter's senior executives probably couldn't place that country on the map. A few months later, however, they were already saying inane things like "Twitter has become more a triumph of humanity than a triumph of technology". I wouldn't be surprised if Twitter would now take an even more aggressive line and try to rewrite history, arguing that they helped to spearhead the protests in Moldova or Iran.
But the Voice of America Twitter isn't: commitment to world peace does not rank high on the list of Twitter's objectives (for all the good reasons - they are in the business of making money, after all - leave the world peace to Bono). Don't we want to award this prize to someone who at least WANTS a more democratic and peaceful future and WORKS towards it? I'm all for leverage the unexpected consequences of technology - especially the positive ones - but we are not awarding "Nobel Most Random Good Deeds" prize.
Reason 4: It would stifle a very important and still unfolding debate about the Internet's broader impact on society. If the Internet gets the Nobel, it would further advance techno-utopian babble about the "hive mind" and ultimate peace that already occupies so many of the pages of Wired magazine (not to mention blog posts and tweets!). The debate about the democratizing potential of the Internet - both in authoritarian and democratic contexts - is far from over, and while I tolerate the possibility, however abysmal, that the Wired school of thought may be right, I think we've got good 20 or 30 years of debate ahead of us before we can say anything conclusively.
The dangerous rise of direct democracy, the paralysis of the political process under the pressure of over-empowered grassroots movement, the polarization of public debate, the end of the national conversation, not to mention new opportunities for surveillance and control - the Internet may be directly or indirectly responsible for all of these activities (the original assumption of Wired Italy - that the Internet will "destroy hate and conflict and to propagate peace and democracy" - is even more contentious). We don't know for sure - but this is no reason to stop the inchoate debate. If anything, we are not spending enough time talking about these issues in an intelligent manner; chances are we'd be talking about them even less if the Nobel goes to the Internet.
Reason 5: It would convince world leaders that politics is secondary to technology. In one of my columns about Google's decision to pull out of China, I brought up the concept of 'computational arrogance': Google's unshakable belief that given enough engineers, all global problems are solvable. In Google's case, it's probably a healthier ideology to have than 'philanthropic arrogance' - a naive belief that throwing enough money at an issue would eventually solve it, so prevalent in Western governments and international development institutions - but it's still false (this, probably, explains the failure of Google.org). But it's not just technology companies who inhabit this dream world.
Let's face it: most people in positions of power don't get the Internet. We definitely don't want some World Bank bureaucrat drawing false conclusions from the Wired-like enthusiasm about what the Internet can do. It may ultimately be an inept comparison, but I am increasingly noting similarities between the rhetoric of open government folks and those who were pushing for the establishment of elections as the means to democratize authoritarian states. Elections, like open data, are necessary but almost never enough.
Chances are that given enough time and resources, authoritarian leaders will learn how to trick their "online monitors" just like they have learned how to trick their "electoral observers". It does not mean we shouldn't be trying to make authoritarian regimes more transparent (and, hopefully, even more accountable, hardly the same thing) - but the success of those campaigns depends on factors that have nothing to do with the Internet - and this is where we need to concentrate most of our effort. Technology is the easiest (and most predictable) part of this equation.
Two unrelated news stories coming out of Iran last week piqued my interest, revealing (once again!) inherent tensions in how authoritarian governments view the Internet.
As the prospect another wave of anti-government protests - scheduled for February 11 - looms large, it appears that the Iranian authorities decided not to take any risks with new models of Internet censorship. The cable cut in southern Iran has left roughly 30% of the country without access to the Internet.
According to Bloomberg News, Moussavi's camp immediately accused Iranian authorities of deliberately obstructing Internet activities of the opposition (ironically, they did it via the Internet - through Moussavi's web-site). This seems like a plausible explanation even to my skeptical eyes: while cutting cables may be more expensive than conventional Internet filtering, but it's certainly more effective (no proxy server can go around cut cables!).
But that's not all: the Guardian reports than an Iranian technology company - owned by the government - has launched the country's first online supermarket. The e-supermarket currently offers 2,500 grocery and household items at competitive prices and operates only in Tehran (also, it wouldn't work on Fridays, the Islamic day of rest). According to the Guardian, the site is launched by Rouyesh Technical Centre, a technology group linked to Jahad-e Daneshgahi, a quasi-state institution that has been heavily promoting a host of other technologies (including cloning) in Iran.
The launch of the online supermarket prompted an interesting reaction from The Next Web blog: "You can't tweet or poke but you can buy fresh tomatoes!" This, I think, does a good job at summarizing the authoritarian approach to the Internet: let users drown in online consumerism and Internet entertainment but prevent them from getting involved in any unsanctioned political activities. This new social contract seems to be working okay...
Well, at least Iranians would now enjoy one kind of "Internet freedom": the freedom to shop online. Such freedom may, of course, eventually lead to other demands that may indirectly benefit democratization - for example, there is a strong historical argument to be made that the rise of consumerism in 18th century has greatly abetted the process of democratization in both the United States and Western Europe - but I think it would probably take longer than we think and other factors (less conducive to democracy) may completely change the game in the meantime.
"Behind what America calls free speech is naked political scheming. How did the unrest after the Iranian elections come about?" said the editorial, signed by Wang Xiaoyang.
"It was because online warfare launched by America, via Youtube video and Twitter microblogging, spread rumors, created splits, stirred up, and sowed discord between the followers of conservative reformist factions."
"We're afraid that in the eyes of American politicians, only information controlled by America is free information, only news acknowledged by America is free news, only speech approved by America is free speech, and only information flow that suits American interests is free information flow," it said.
The People's Daily also denounced a May ban on Microsoft's instant messaging services to nations covered by U.S. sanctions, including Cuba, Iran, Syria, Sudan and North Korea, as violating the U.S. stated desire for free information flow.
It's not often that I agree with an editorial in The People's Daily but they've got a point on all of these issues. The last one - the US ban on instant messaging services - simply stinks and Clinton did herself a disservice by not even mentioning it in her speech. Isn't it ironic that now it takes a Chinese propaganda outlet to pressure Washington to lift a ban on the use of American technology in Cuba and Iran?
Yes, you heard it right: the Chinese government is campaigning to let Iranians and Cubans use MSN, Skype, and other fancy Web2.0 tools. If this what it takes to finally get American diplomats to address the issue, I'd like to see more such editorials. Should we leave it to the Chinese to promote Internet freedom?
Here is a first round of reflections on Clinton's speech on Internet freedom:
1. I was taken aback by how much Cold War rhetoric she managed to work into it. Multiple references to 1989, fall of the Berlin Wall, the rise of the Information Iron Curtain (as Friedmanesque a metaphor as it gets). It's as if the last 20 years and globalization did not happen. The view of authoritarianism that she articulated in the speech smacked of a memo written by a bunch of confused Kremlinologists. I guess no sane American politician would ever acknowledge that information could be the opium of the masses, but acting as if today's Russians, Iranians, or Chinese are totally cut off from information/travel/globalization is kind of silly. The very thought that authoritarianism can survive in the age of information abundance scares the bejesus out of American policy-makers, so they simply prefer to skirt it. I doubt that such self-denial would pay off in the long run.
2. The problem with such an anachronistic view of authoritarianism -- which supposedly relies on a very rigorous system of censorship -- is that it doesn't explain countries like Russia or Egypt, where there is technically very little censorship per se (I bet that Russian has less Internet censorship than Australia or the United Kingdom). Unfortunately, I didn't hear anything about the evolving nature of Internet control (e.g. that controlling the Internet now includes many other activities -- propaganda, DDoS attacks, physical intimidation of selected critics/activists). If we keep framing this discussion only as a censorship issue, we are unlikely to solve it.
3. Clinton was too soft on Chinese leaders, essentially granting them the right to censor whatever they'd like simply because they have "different views." I doubt that would go well with the Republicans and others who have chided the White House for being too soft on human rights. Her remarks about the need to incorporate Internet freedom into corporate social responsibility for American companies working in authoritarian countries are valid, but I doubt it would help to solve the problem: local Chinese companies will simply fill in the gaps. Anti-censorship tools are not going to help either, because Chinese Internet companies delete content at its root (a point that Rebecca MacKinnon made during Wednesday's panel).
4. Clinton's remarks about the need to go after those who initiat cyber-attacks also puzzled me. She is probably unaware of the numerous campaigns launched by American hacktivists on the websites of the Iranian government. Will those be persecuted too? The U.S. government really needs to develop and then adopt a more coherent view on the ethics of cyberwarfare; otherwise, the U.S. State Dept will be accused of duplicity. We can't be tolerating cyberattacks in one context and criticizing them in another context (I wrote more about it here).
5. I'll give Clinton credit for pointing out that authoritarian states are also avid consumers of new technologies, which they use to repress and identity dissent. But she could have developed this idea much further (see my Prospect piece for more details on this phenomenon), pointing out numerous fallacies in how we think about the liberating potential of information ... Instead she just framed it as the typical "technology is neutral; we are not" kind of debate. On top of that, she threw in al Qaeda and terrorist networks, which undermined the bigger point (I think).
6. The speech made it obvious that State Department officials do not have a coherent view on online anonymity. On the one hand, they want to crack down on intellectual property theft and terrorists; on the other hand, they want to protect Iranian and the Chinese dissidentss. Well, let me break the hard news: You can't have it both ways and the sooner you get on with "anonymity for everyone" rhetoric, the more you'll accomplish. I am very pessimistic on the future of online anonymity in general -- I think there is a good chance it will be eliminated by 2015 -- and this hesitance by the State Department does not make me feel any more optimistic.
7. Clinton also didn't mention the most obvious reform the State Department can push forward: making it easier for American tech companies to operate in authoritarian countries that currently have U.S. trade sanctions imposed on them. This is a very important issue that I've touched upon on this blog and elsewhere several times (see here and here). We can't possibly expect Internet freedom to flourish in such countries if the U.S. Treasury continues imposing silly rules -- which American tech companies tend to interpret too over-zealously -- while the U.S. State Department does nothing but talk about "Information Iron Curtains". Why don't they lift up for their own curtains for a change?
8. Overall, I was disappointed with the speech -- it lacked depth. I didn't sense any coherent intellectual vision underpinning the State Department's digital strategy (sorry, I refuse to buy into "21st Century Statecraft" concept -- what other model of statecraft are they expected to work with, the one from the 18th century?). It's great that they are going to launch a grant competition but foundations have been active in this space since early 2000s -- and I would venture to say that the situation with Internet freedom has only gotten only worse.
But that aside, what's the broader strategy here? I didn't sense one. All the Cold War-era rhetoric makes me think they are clinging to the old view "let's make information available and see what happens," which I think is a very passive (and often dangerous) way of going about it. I doubt they would be able to topple the Iranian regime with an
P.S.: One final point that I forgot to make in my initial analysis is that the announcement that the State Department would now be giving grants in the field of new media doesn't strike me as very important. The U.S. government has already been funding a lot of new media /Internet work: via embassies, USAID/Internews, quasi-government institutions like the National Endowment for Democracy, various desks at the State Department. I think it would be somewhat disingenuous to suggest that the U.S. government knows what to fund and how to fund it -- philanthropy, especially on all things Internet, is very challenging and I am not sure that any government can develop the intellectual skills required for it in just a matter of weeks (this explains why we haven't yet seen many stories of remarkable success here -- unless, of course, you consider purely PR-driven efforts like the Bush-era Alliance of Youth Movements a success). I'd say that instead of spending millions of dollars on another series of grants, why don't they ship the entire State Department -- along with all embassy staff -- to new media training courses? Otherwise, they will continue shooting in the dark.
Joshua Roberts/Getty Images
Unlike many other honorable members of the technology blogosphere, I am not too excited about Google's ultimatum to the Chinese government (if you have been living in a cave or are not on Twitter: Google wants to either stop censoring search results on Google.cn or shut down their Chinese shop altogether).
Of course, all companies make mistakes, and Google's executives may have discovered that they blundered when they decided to offer a censored version of Google.cn. I grant them the right to to fix the situation.
But to wrap their decision in the melodramatic rhetoric of cyberattacks on Chinese human rights activists? Give me a break. Their supposed naivete about whom they were dealing with just doesn't sound very convincing. Are we really supposed to believe that, until they experienced cyberattacks on the email accounts of the Chinese human rights activists, they thought that their counterparts in the Chinese government were all good and well-meaning chaps who would never think of such a thing?
I won't be surprised if it turns out that cybercriminals in virtually every country wage cyberattacks on Gmail and other Google services. This is now what Internet companies should be expecting: cyberattacks just happen. Is Google going to threaten to leave from all those countries, too, even if it doesn't censor the Web there? If other companies were ready to shut down their shops in China or Russia every time they come under cyberattacks, they would all be done in their first months of operation.
Google justified its limited presence in China by saying that the company provides some kind of a public service. ""While removing search results is inconsistent with Google's mission, providing no information (or a heavily degraded user experience that amounts to no information) is more inconsistent with our mission" is what they said in Jan 2006. I just don't see how pulling out of China -- assuming the Chinese authorities don't bow down to Google's pressure -- would be consistent with that earlier stance.
If the logic is that Google can't guarantee the security of its Chinese users, well, they are really in bad shape and should close their shop everywhere. If, on the other hand, they completely changed their minds about the ethics of their involvement in China and now think that a little bit of censorship is evil in itself and clashes with Google's mission, then what's the point of framing it as a cybersecurity issue?
Here is my very crude and cynical (Eastern European) reading of the situation: Google was in need of some positive PR to correct its worsening image (especially in Europe, where concerns about privacy are mounting on a daily basis). Google.cn is the goat that would be sacrificed, for it will generate most positive headlines and may not result in devastating losses to Google's business (Google.cn holds roughly 30 percent of the Chinese market).
All the talk about cybersecurity breaches seems epiphenomenal to this plan; it may simply be the easiest way to frame Google's decision without triggering too many "why, oh why?" questions. Besides, there is no better candy for U.S. media and politicians than the threat of an all-out cyber-Armageddon initiated by Chinese hackers. I can assure everyone that at least a half of all discussions that Google's move would spur would be about the need to make America more secure from cyberattacks. No better timing to throw more terrorism-related meat to the U.S. public ("what if they read Obama's email?").
Now, if you believe that Google was wrong to censor the Web in China in the first place, I doubt you'll suddenly become a fan of their work -- they still don't seem to recognize that censoring the Web in China may have been wrong for ethical reasons and frame it simply as a business decision (based on new security threats). You'll probably think that they are now doing the right thing for the wrong reasons.
If, on the other hand, you believe that they did the right thing in China by offering their limited service (rather than no service at all), I don't see how this move could make you feel good either: all it took to get Google to shut down their "public service" was to launch a bunch of cyberattacks (so, should we expect that, instead of direct censorship, authoritarian governments would now simply launch cyberattacks on their targets and force them to leave under psychological pressure?). Thus, you'll probably think that they are now doing the wrong thing for the wrong reasons.
So, I don't really understand all the enthusiasm about Google's move. Can anyone really make a coherent argument that by threatening to leave China because of cyberattacks, they are doing the right thing for the right reason? I'd very much like to hear it.
I doubt that Mark Zuckerberg's recent pronouncement that the age of privacy is over will win his company many friends among European governments and lawmakers. France, for once, is already working on a time machine, so that they could go back to that wonderful time when we everyone used Minitel and privacy was as ubiquitous as malware.
According to BBC, the French are debating a new law that would give Internet users the option to have old online data about themselves deleted. Remember those embarrassing photos you shared with all your Facebook friends when you were college? Under the new law, you would finally be able to have some of your dignity back.
The article is scarce on details about how this law would be implemented. It appears that the companies storing such data (e.g. Facebook or MySpace) would be required do delete such data after a certain period of time set by law (it would still be up to the user to decide whether to keep or delete such data though). This approach has a lot in common with the suggestions that Victor Mayer-Schoenberger made in Delete: The Virtue of Forgetting in the Digital Age, where he argued that users should be able to set expiration dates on their data (or data that somehow can compromise them - like photos from a party) and adjust them accordingly, should they want to keep the files for longer than originally envisioned.
In his book, Mayer-Schoenberger concedes that this idea is still extremely hard to implement without reinventing how we currently produce and share data, for expiration dates could only be effective if all copies of a given file can also be destroyed. That we'll arrive at such technology anytime soon does not seem likely to me: the age of privacy may not be over, but the age of piracy is not. If the recent trends are anything to go by, we are not likely to leave piracy (made possible by cheap and easy copy-making) behind us anyt time soon.
So what else could we do, given that expiration-date-technology capable of destroying all copies is not an option? This is an easy one: make offensive information harder to find. After all, it's the fact that our data is findable - most commonly through search engines - that makes us really concerned.
It's likely that one of the indirect consequences of such law would be a bailout of the Search Engine Optimization industry, especially the sectors dealing with personal reputation. Found something about yourself that you do not like? Well, you can hire the services of such companies and they'll make sure that this information is demoted to the very last search page.
This is already possible now as a commercial service, but if the government and the law-makers given their blessing to such practices and subsidize them, we may be soon be having a completely different Internet. It's quite telling that two of such companies are quoted in the BBC piece. They are the ones who'll really profit from such concerns over the right to forget; the web-site of one of them - a company called Reputation Squad - is worth checking out in detail.
Europe seems to be getting serious about Internet regulation, for better or worse. France, for example, is also working on another initiative aimed at restraining the Internet giants - a so-called "Google tax". The German minister of justice recently lashed out at Google, suggesting the company rethinks its approach to data protection - or the German lawmakers would need to step in. It's too bad that the US - a country that has most influence on the Internet companies - is lagging behind. The age of privacy may be over but the governments wouldn't accept their defeat without a good fight.
Evgeny Morozov, originally from Belarus, is a visiting scholar at Stanford and a Schwartz Fellow at the New America Foundation.