June 28, 2019
|Governance Tier Element||Changes|
|Laws & Regulations||4|
|Architecture Tier Element||Changes|
|Application & Presentation||3|
Australia: In the wake of the horrific Christchurch attack, Australia passed a law to impose large fines for social media companies—and for their executives, jail time—should they not rapidly remove “abhorrent violent material” from their platforms. Terrorist attacks, murder, attempted murder, torture, rape, and kidnapping are all grounds for punishment under the law, a notable legal imposition on the hosts of online content. Yet, critics—including internet rights organizations and tech companies—are concerned that “the legislation is riddled with ambiguities that makes its legal effect and effectiveness uncertain,” as Evelyn Douek writes.
China: The Cyberspace Administration of China released draft “Data Security Management Measures” in supplement to several elements of the Cybersecurity Law implemented in 2017. DigiChina has translated the text here, which includes specifications around how companies report data collection to the government, particularly when the data is sensitive. This is the latest law impacting data collection on the internet in China. And on a more network-focused note, traffic from Europe was once again rerouted through China Telecom, in another instance of possible hijacking of the Border Gateway Protocol that routes global internet traffic (read my previous analysis on BGP hijacking here).
Egypt: The country instituted regulations that allow Egypt’s Supreme Media Regulatory Council to block websites, and social media accounts exceeding 5,000 followers, if deemed a national security threat. Prohibited topics include “anything inciting violating the law, public morals, racism, intolerance, violence, discrimination between citizens or hatred.” Critics note how these controls of online content are already restricting political speech.
Ethiopia: The government blacked out the internet—Telegram, Facebook, Twitter, and other online services, thus impacting both content and online applications—after a semi-botched military coup where the president of the Amhara region, his top adviser, and the country’s army chief were shot dead by Amhara’s security chief. The Ethiopian government has said it is back in control of the region. NetBlocks’ executive director Alp Toker argued that “switching off access will only delay and radicalise critical voices as the government is likely to realise when the shutdown ends and Ethiopia's internet users start coming back online.”
India: The country’s proposed data protection law is heading to parliament sometime in the next couple of weeks. Much debate centers around the data localization elements of the proposal—which would require certain kinds of data on Indian citizens to be stored within India’s borders—with supporters claiming such justifications as pushback against Western big tech firms, and critics raising such fears as weak checks and balances on government access to data. (In-depth analysis forthcoming). This could potentially impact online content and applications as well as session and network protocols that manage connections and route data.
Iran: The country’s national information network (ININ)—a domestic intranet that Tehran has long discussed—is 80 percent complete, marking another deeper push for internet fragmentation to occur not just on the ‘surface’ of the net in terms of filtering content, but in terms of physical isolation itself. Iran already engages in practices like censorship and doubling the cost of foreign websites compared to ones hosted on the domestic intranet, so pushing internet fragmentation to deeper levels like physical isolation and the construction of a domestic Domain Name System will likely only exacerbate internet freedom and access within the country.
Mauritania: After electoral controversy, Mauritania blacked out most internet communications within the country. Every consumer internet provider was impacted, with estimates ranging around 92 percent of online service unavailability. This followed mobile communications disconnections. Content and online applications are once again impacted here.
Russia: Vladimir Putin signed Russia’s national domestic internet bill into law, which, among other practices, seeks to consolidate government control over the physical hardware of the internet within Russia’s borders, and build out Russia-maintained protocols like a custom Domain Name System. (See our deep-dive on the law itself here and a discussion of technical feasibility here.) Meanwhile, 10 Virtual Private Network (VPN) providers have been given 30 days to comply with a website blacklist maintained by Russian internet regulator Roskomnadzom, aka Roskom (based on a law passed in 2017). And addressing an often under-discussed mechanism by which internet communications flow, the Kremlin is also requiring all foreign communications satellite companies who transmit to Russian citizens to pass their traffic through a ground gateway station (which is perhaps kind of odd, because it seems like most satellites do this already). The rules will enter into effect in six months’ time.
Sudan: The government once again cut off internet access amid widespread protests recently, during which soldiers killed dozens of peaceful demonstrators. This is another adverse government action against the availability of online applications and content as we see a rise in internet blackouts around the world.
United Kingdom: Following Australia’s passage of a law around “abhorrent violent material” on social media platforms, the U.K. government proposed new regulations against tech companies for online harms. The lengthy white paper that delineated this proposal detailed such topics as inciting violence online, distribution of child pornography, and spreading terrorist content. As with Australia’s law, critics once again expressed concern over censorship risks, as democracies continue to try and navigate balances between internet openness and moderating the flow of certain content.
United States: The House of Representatives passed the Save the Internet Act, which would restore the FCC’s 2015 protections of net neutrality. It is now in the Senate for approval, though Mitch McConnell has said it is “dead on arrival” and President Trump has said he will veto it if passed. Some could argue this is an effort to restore the U.S.’ long-standing support of internet openness domestically and on the global stage.
In other news, we published a deep-dive on South Korea’s new tool for filtering illegal online content; Max Seddon and Henry Foy wrote an analysis for the Financial Times on the Kremlin’s attempts to control the internet within its borders; I wrote for Wired about deepening internet fragmentation around the world; and in an essay for Project Syndicate, Shamel Azmeh argues that “rather than simply criticizing every interventionist Internet policy…those wishing to save the Internet should focus on countering the underlying trends that are prompting many of these measures (or that could be used as justifications for them).” On a broader geopolitical scale, I wrote about taking the long view on digital authoritarianism, and Samm Sacks and I wrote for The Atlantic about the rising global contest over data governance, including the flow of data online, as a key issue at the G20.
The former chief economic adviser on the House Foreign Affairs Committee Republican Staff published an op-ed about the proposed cyber bureau at State, and the problems the current setup would pose to tackling diplomatic and economic cyber issues like internet freedom. (Read our previous commentary about opportunities for State’s new cyber bureau.) Allie Funk from Freedom House writes in The Hill that “to combat the rise of digital authoritarianism, the U.S. must be a leader in advancing internet freedom, not instituting policies that undermine it.” And Homeland Security’s Chris Krebs speaks with CBS News and highlights, among many other cyber issues, the need to address the spread of digital authoritarianism around the world.