The year 2013 has been an important one for the global online community following the critical leaks of sensitive information by National Security Agency (NSA) whistle blower Edward Snowden.
In 2013 we also witnessed the sad demise of Aaron Swartz who committed suicide in a tangle of laws, legal lingo and threats of long term jail sentences. Swartz had a mission of making locked research and educational data freely available – including to the developing world – which gave real meaning to the expression “Education for All”.
More locally, South Asia too, had its own share of cyberspace security breach news, the imposition of surveillance technologies and other aggressive governmental tactics to keep citizens on a leash. Both Indian and Pakistani states seemed more interested than ever before to employ surveillance and censorship mechanisms.
Stepped up efforts
This past year, Pakistan was in the news for its citizen-hostile plans and achievements in cyberspace. Citizen Lab’s research analysis found that the country’s premier network, Pakistan Telecommunication Company Ltd (PTCL), hosts a FinFisher server. FinFisher is a product suite from Gamma International UK, which helps governments apply state-operated surveillance through its capabilities as an IT intrusion and remote monitoring system.
Pakistan’s vibrant online community also fought against a ban on IMDB (an authoritative database of movies); the ban was reversed by the Pakistan Telecommunications Authority (PTA) after an outcry on social media.
Sadly, the same approach didn’t work in the case of YouTube, which was banned back in 2012, and still remains so, even after a huge uproar both on social media and in the Lahore High Court. In recent developments, Pakistan’s IT minister is in talks with Google to offer localised YouTube in the country. Minister of State IT and Telecommunications Anusha Rehman says that a localised version of YouTube would make it convenient for the state to block any sensitive content. However, it would also give the government the means to implement its usual strategy of suppressing dissident views, curtailing any critique of the military and censoring criticism of politicians.
If that wasn’t enough, netizens had to suffer another blow as Pakistan saw an unprecedented case of blasphemy, in which a boy was alleged to have posted non-believing and obscene content on his Facebook account. In the absence of clear cyber laws, this case not only had a chilling effect on normal Internet users, but also created an urgent incentive for civil society to push more strongly for appropriate cyber laws.
2013 showed that the fears of the most sceptical privacy activist were, if anything, too modest.
The ‘national security’ excuse
In the aftermath of 9/11, Pakistan and India both have used terrorism as an excuse for all kinds of infringement of civil liberties. While the Pakistani government and military are concerned about a possible influx of fighters from Afghanistan and their strongholds in the FATA region, India complains that Pakistan is harbouring ‘terrorist’ organisations that act against the Indian state. For over a decade, citizens have seen their rights curtailed and eradicated with national security cited as the justification and excuse.
Although the voice of civil society in India is a powerful one, it has yet to result in any significant reform where Internet surveillance is concerned. The Indian government has a Central Monitoring System (CMS) in place which allows officials to retrieve content from any type of electronic communication in “real time” without engaging the service providers’ assistance. This secretive, multi-million dollar project is expected to go fully operational in 2014, despite not having been reviewed by parliament.
Recent news revealed yet another aggressive surveillance technology called Network Traffic Analysis system (NETRA). NETRA will intercept Internet communications to trigger any content containing keywords like “bomb”, “blast”, “kill”, etc. NETRA is being termed as the Indian government’s first attempt at mass surveillance. While CMS and phone tapping focused on predetermined targets, NETRA aims to scan tweets, Facebook status updates, emails, blogs, and even chat transcripts and voice over traffic all over the Internet.
As mentioned, none of these mass surveillance systems have been reviewed by parliament and thus set a dangerous precedent in a democratic country as these systems and tools directly affect the average Indian citizen. It is important to mention here that the Indian government did roll out a 2013 National Cyber Security Policy in an attempt to provide a cyber security blueprint for the country. However, the document still remains a paper draft and hasn’t been implemented.
Just like Pakistanis, albeit a little less severe, Indian netizens also suffer intermittent website blockages. From PirateBay to Vimeo, quite a few websites were blocked by ISPs in 2013, including the nonprofit care.org.
According to Google’s Transparency Report 2013, the Indian government made more requests for user data from Facebook and Google than any other country except the United States during the first half of the year. This is a strong indicator of the government’s increasing interest in tracking its citizens electronically.
The 2013 Norton Report showed India as one of the top five countries in the world for the number of cybercrime incidents. In another disturbing finding, over half of Indian children using Internet face cyber bullying or online harassment. The research was conducted by Microsoft and studied 25 countries for cyber bullying in 2013.
India is set to reach 330 million Internet users in 2016, according to government statistics. In that context, the deployment of aggressive, real-time systems to monitor and control citizens is not only economically draining but also exposes the government to some critical threats. No matter how secure governments and agencies claim to keep national data, there is always the risk of back doors that could make national data more vulnerable than ever before.
Probably the most powerful message of 2013 was simply this: The world’s best resourced and funded intelligence organisation, the NSA, was shown to have lost control of an almost unimaginable quantity of its most sensitive data. When our governments claim that they are protecting national security by capturing and storing all the information they can, our reaction should be one of disbelief.
2013 showed that the fears of the most sceptical privacy activist were, if anything, too modest. In 2014, governments must be challenged to end abusive surveillance and restore civil liberties.
Nighat Dad is a director at Digital Rights Foundation, Pakistan. She is also an independent development consultant, a researcher and a lawyer with extensive experience in cyber laws.
Follow her on Twitter: @nighatdad