The Evolving Landscape of Internet Control

Over the past two years, we have undertaken several studies at the Berkman Center designed to better understand the control of the Internet in less open societies. During the years we've been engaged in this research, we have seen many incidents that have highlighted the continuing role of the Internet as a battleground for political control, including partial or total Internet shutdowns in China, Iran, Egypt, Libya, and Syria; many hundreds of documented DDoS, hacking, and other cyber attacks against political sites; continued growth in the number of countries that filter the Internet; and dozens of well documented cases of on- and offline persecution of online dissidents. The energy dedicated to these battles for control of the Internet on both the government and dissident sides indicated, if nothing else, that both sides think that the Internet is a critical space for political action. In this paper, we offer an overview of our research in the context of these changes in the methods used to control online speech, and some thoughts on the challenges to online speech in the immediate future

Mapping Digital Media: Freedom of Expression Rights in the Digital Age

Assesses the Internet and the World Wide Web as a platform for freedom of expression, ways to address the jurisdictional vacuum, and new tools to promote freedom of expression as well as new threats. Calls for standards on how to protect it online

Craigslist, the CDA, and Inconsistent International Standards Regarding Liability for Third-Party Postings on the Internet

This Comment explores the nature and purpose of the Communications Decency Act (CDA), the legislative upbringing, and the application of the CDA to Craigslist. It compares the CDA to approaches taken abroad through legislation and judicial proceedings. It explains, contrary to the one other commentator to broach the subject matter, how the CDA continues to provide robust protection to Craigslist. Finally, it explores potential avenues for redrafting the CDA as well as the difficulties and trade-offs associated with implementing such change

Israel-Sino relations through the prism of advocacy groups

Advocacy for the state of Israel – in the sense of attempting to favourably shape public and elite perceptions and discourses about the Jewish state and the nature of its conflict with the Palestinians and the surrounding Arab states – has been, and continues to be, of pivotal concern to both the Israeli government and pro-Israeli organisations operating in the United States and elsewhere. What underlines this advocacy – understood here to unfold through multiple media, academic, and political spaces – is a desire to [1] reinforce political (and cultural) identification and support for Israel and its narrative, and [2] more pressingly, to contain alternative critical discourses about the state and its role in various Middle Eastern conflicts. Although the US has been the main focus of these advocacy efforts – which is a natural byproduct of its position as a global hegemonic empire, the susceptibility of its political system to special interests, and more significantly, due to the presence of a sizable and influential Jewish American community sympathetic to Israeli and Zionist interests – there are signs of a nascent and increasingly sustained Israeli/Zionist advocacy effort directed at China (amongst other theatres) that, while conditioned by a unique Chinese cultural and political topography, seeks to influence prevailing attitudes and perceptions amongst Chinese scholars and political elite in ways conducive to the preservation and maximisation of Israeli interests over the long-term. This paper is interested in examining this advocacy within the Chinese context, and argues that there are two distinguishable forms of advocacy

Session on Geoblocking Tools and the Law at Law, Borders, and Speech Conference at Stanford Law School

Professor Marketa Trimble appeared on a panel at the Law, Borders, and Speech Conference hosted by The Center for Internet and Society at Stanford Law School on October 24, 2016. The session defined and discussed geoblocking and its implications for internet users, government, and private companies. A video of the session is available here. Additionally, Professor Trimble\u27s presentation is available here

Evidence-based Cybersecurity: Data-driven and Abstract Models

Achieving computer security requires both rigorous empirical measurement and models to understand cybersecurity phenomena and the effectiveness of defenses and interventions. To address the growing scale of cyber-insecurity, my approach to protecting users employs principled and rigorous measurements and models. In this dissertation, I examine four cybersecurity phenomena. I show that data-driven and abstract modeling can reveal surprising conclusions about longterm, persistent problems, like spam and malware, and growing threats like data-breaches and cyber conflict. I present two data-driven statistical models and two abstract models. Both of the data-driven models show that the presence of heavy-tailed distributions can make naive analysis of trends and interventions misleading. First, I examine ten years of publicly reported data breaches and find that there has been no increase in size or frequency. I also find that reported and perceived increases can be explained by the heavy-tailed nature of breaches. In the second data-driven model, I examine a large spam dataset, analyzing spam concentrations across Internet Service Providers. Again, I find that the heavy-tailed nature of spam concentrations complicates analysis. Using appropriate statistical methods, I identify unique risk factors with significant impact on local spam levels. I then use the model to estimate the effect of historical botnet takedowns and find they are frequently ineffective at reducing global spam concentrations and have highly variable local effects. Abstract models are an important tool when data are unavailable. Even without data, I evaluate both known and hypothesized interventions used by search providers to protect users from malicious websites. I present a Markov model of malware spread and study the effect of two potential interventions: blacklisting and depreferencing. I find that heavy-tailed traffic distributions obscure the effects of interventions, but with my abstract model, I showed that lowering search rankings is a viable alternative to blacklisting infected pages. Finally, I study how game-theoretic models can help clarify strategic decisions in cyber-conflict. I find that, in some circumstances, improving the attribution ability of adversaries may decrease the likelihood of escalating cyber conflict

Hitting Refresh: Regulating internet speech in the 21st century

By the mid-1990s, the internet had taken new form outside of its original military applications and became commercially available at an unprecedented rate. Western democracies recognized that such a new frontier, therefore, necessitated regulation. Their shared goal was to restrict objectionable content while simultaneously creating a pathway for this nascent industry to blossom. With this in mind, both the U.S. and European Union enacted linearly different and mutually exclusive regulatory regimes to govern “online intermediaries,” or sites like Facebook and Twitter that merely host the speech of their users. The E.U. enacted aggressive content removal statutes, while the U.S. offered nearly blanket immunity to these sites in the hope that the marketplace of ideas would dilute objectionable content. Using the U.S. and Germany as case studies, this thesis argues that, twenty years later, neither pathway emerged particularly victorious in their quest to curb the dissemination of radicalizing content. I find that the failure under the German preemptive framework derives from a contradictory monitoring obligation and lack of oversight by the European Commission on the state. Conversely, I find that the failure under the American deregulatory framework is rooted in a contradictory allocation of jurisdiction and a lack of oversight by the state upon intermediaries. By scrutinizing the incentive structures of both countries’ regulatory regimes, this thesis challenges the way Western democracies conceptualized and continue to conceptualize the internet and points out how neither extreme has responsively moderated internet speech

2007 Circumvention Landscape Report: Methods, Uses, and Tools

As the Internet has exploded over the past fifteen years, recently reaching over a billion users, dozens of national governments from China to Saudi Arabia have tried to control the network by filtering out content objectionable to the countries for any of a number of reasons. A large variety of different projects have developed tools that can be used to circumvent this filtering, allowing people in filtered countries access to otherwise filtered content. In this report, we describe the mechanisms of filtering and circumvention and evaluate ten projects that develop tools that can be used to circumvent filtering: Anonymizer, Ultrareach, DynaWeb Freegate, Circumventor/CGIProxy, Psiphon, Tor, JAP, Coral, and Hamachi. We evaluated these tools in 2007 -- using both tests from within filtered countries and tests within a lab environment -- for their utility, usability, security, promotion, sustainability, and openness. We find that all of the tools use the same basic mechanisms of proxying and encryption but that they differ in their models of hosting proxies. Some tools use proxies that are centrally hosted, others use proxies that are peer hosted, and others use re-routing methods that use a combination of the two. We find that, in general, the tools work in the sense that they allow users to access pages that are otherwise blocked by filtering countries but that performance of the tools is generally poor and that many tools have significant, unreported security vulnerabilities. The report was completed in 2007 and released to a group of private sponsors. Many of the findings of the report are now out of date, but we present them now, as is, because we think that the broad conclusions of the report about these tools remain valid and because we hope that other researchers will benefit from access to the methods used to test the tools. Responses from developers of the tools in question are included in the report