10 there is a deeper layer of control: For IXPS, see “Internet Exchange Map,” TeleGeography, http://www.telegeography.com/telecom-resources/internet-exchange-map/index.html; Brice Augustin, Balachander Krishnamurthy, and Walter Willinger, “IXPS: Mapped?”, Internet Measurement Conference, November 2009, http://www-rp.lip6.fr/~augustin/ixp/imc2009.pdf. The University of Toronto’s IXmaps is a tool that allows researchers to examine the route(s) that data packets take to travel across North America. The tool can be found at: http://www.ixmaps.ca.
11 In 2002, Mark Klein, a twenty-year veteran technician with AT&T: Mark Klein’s personal statement about discovering the AT&T eavesdropping facility was published in “Wiretap Whistle-Blower’s Account,” Wired, April 7, 2006, http://www.wired.com/science/discoveries/news/2006/04/70621. The Electronic Frontier Foundation has documented the case at “Hepting v. AT&T,” https://www.eff.org/cases/hepting.
12 In a May 2012 article: Sam Biddle outlines the physical elements of the Internet that could be targeted in “How to Destroy the Internet,” Gizmodo, May 23, 2012, http://ca.gizmodo.com/5912383/how-to-destroy-the-internet.
13 The cause of the severed cables is unknown: The 2008 severing of cable systems in the Mediterranean Sea is detailed in Asma Ali Zain, “Cable Damage Hits One Million Internet Users in U.A.E.,” Khaleej Times, February 4, 2008, http://www.khaleejtimes.com/DisplayArticleNew.asp?section=theuae&xfile=data/theuae/2008/february/theuae_february121.xml. See also Andrew Blum, Tubes: A Journey to the Center of the Internet (New York: HarperCollins, 2012).
14 a defunct and wayward Russian satellite: The 2009 satellite collision is detailed in “Satellite Collision Leaves Significant Debris Clouds,” Orbital Debris Quarterly News 13, no.2 (2009). The Kessler Syndrome is discussed in detail in Burton G. Cour-Palais and Donald J. Kessler, “Collision Frequency of Artificial Satellites: The Creation of a Debris Belt,” Journal of Geophysical Research 83 (1978): 2637–2646. See also Daniel H. Deudney, “High Impacts: Asteroidal Utilization, Collision Avoidance, and the Outer Space Regime,” in ed. W. Henry Lambright, Space Policy in the Twenty-First Century (Baltimore: Johns Hopkins University Press, 2003).
15 Space is also an arena within which state intelligence agencies: The literature on American and Soviet space assets developed during the Cold War is sparse because of secrecy. Some important exceptions are Jeffrey Richelson, America’s Space Sentinels (Lawrence: University of Kansas Press, 1999); William E. Burrows, Deep Black: Space Espionage and National Security (New York: Random House, 1986); James Bamford, The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America (New York: Doubleday, 2008); and Ronald J. Deibert, “Unfettered Observation: The Politics of Earth Monitoring From Space,” in ed. W. Henry Lambright, Space Policy in the Twenty-First Century.
3: BIG DATA: THEY REAP WHAT WE SOW
1 Big Data: They Reap What We Sow: On big data, see danah boyd and Kate Crawford, “Critical Questions for Big Data: Provocations for a Cultural, Technological, and Scholarly Phenomenon,” Information, Communication, & Society 15, no.5 (2012): 662–679; and David Bollier, The Promise and Peril of Big Data, Aspen: The Aspen Institute, 2010, http://www.aspeninstitute.org/sites/default/files/content/docs/pubs/The_Promise_and_Peril_of_Big_Data.pdf.
2 Malte Spitz had virtually every moment of his life tracked: The Malte Spitz timeline can be found in Malte Spitz, “Six Months of My Life in 35,000 Records,” http://www.malte-spitz.de/blog/4103927.html.
3 IBM predicts that in 2013, we will be producing five exabytes: IBM explains big data in “What is Big Data?,” IBM, http://www-01.ibm.com/software/data/bigdata/. See also “200 Million Tweets Per Day,” Twitter, June 30, 2011, http://blog.twitter.com/2011/06/200-million-tweets-per-day.html. In “Gigatweet/Counter,” GigaTweet, November 6, 2011, http://gigatweeter.com/counter, the tweet-tracking service determined that as of November 6, 2011, 29,700,500,268 tweets had been created. GigaTweet’s counter has since stopped due to “technical changes in the way Twitter generates their tweet IDS.” See also Alex Hudson, “The Age of Information Overload,” BBC, August 14, 2012, http://news.bbc.co.uk/2/hi/programmes/click_online/9742180.stm.
4 mobile data traffic more than doubled: Cisco’s latest global mobile data traffic forecast can be found in “Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2011–2016,” Cisco, 2012, http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white_paper_c11–520862.pdf
5 Simply by collating the number, location, and frequency of search queries: More on Google Flu Trends can be found at “Tracking Flu Trends” Google Official Blog, November 11, 2008, http://googleblog.blogspot.ca/2008/11/tracking-flu-trends.html.
6 Researchers at Stanford University are testing an app: The M-Maji water app has been discussed in Sarina A. Beges, “In Kenyan Slum, Mobile Phones Pinpoint Better Water,” Program on Liberation Technology, October 26, 2012, http://liberationtechnology.stanford.edu/news/in_kenyan_slum_mobile_phones_pinpoint_better_water_20121026/.
7 The big-data market stood at just over $5 billion: David Floyer, Jeff Kelly, and David Vellante list IBM, Intel, and HP as the current big-data market leaders (by revenue) in “Big Data Market Size and Vendor Revenues,” Wikibon, May 29, 2012, http://wikibon.org/wiki/v/Big_Data_Market_Size_and_Vendor_Revenues.
8 Customized dating and vacation ads: Claude Castelluccia, Mohamed-Ali Kaafar, and Minh-Dung Tran examine the privacy concerns generated by the practice of tracking users’ online behaviours in “Betrayed By Your Ads!: Reconstructing User Profiles from Targeted Ads,” (Paper presented at the 12th Privacy Enhancing Technologies Symposium, Vigo, Spain, July 10–13, 2012), http://dl.acm.org/citation.cfm?id=2359017.
9 A tracking-awareness project: More on the Collusion tool is provided on Mozilla’s website at “Introducing Collusion: Discover Who’s Tracking You Online,” http://www.mozilla.org/en-US/collusion/. The Wall Street Journal has documented the widespread use of tracking technology and what this type of surveillance means for consumers and society in its “What They Know” series: http://online.wsj.com/public/page/what-they-know-2010.html.
10 The small print included with many applications and/or service contracts: Tom Kelly investigates fourteen popular mobile apps and documents the type of personal information and data the apps can access in “Free Apps ‘Can Spy on Texts and Calls’: Smartphone Users Warned of Privacy Dangers,” Daily Mail, February 27, 2012, http://www.dailymail.co.uk/sciencetech/article-2106627/Internet-firms-access-texts-emails-pictures-spying-smartphone-apps.html.
11 Facebook’s European headquarters is in Dublin, Ireland: Ireland has strict privacy laws to which Facebook must adhere, as reported in Kashmir Hill, “Max Schrems: The Austrian Thorn In Facebook’s Side,” Forbes, February 7, 2012, http://www.forbes.com/sites/kashmirhill/2012/02/07/the-austrian-thorn-in-facebooks-side/.
12 Over the years, Facebook’s default privacy settings: A timeline documenting changes to Facebook’s privacy policy can be found in Kurt Opsahl, “Facebook’s Eroding Privacy Policy: A Timeline,” Electronic Frontier Foundation, April 28, 2010, https://www.eff.org/deeplinks/2010/04/facebook-timeline.
13 caught uploading members’ mobile phone contacts: In 2012, many major app companies were sued in a class action lawsuit for selling mobile apps that uploaded users’ address book data without their knowledge or consent. Companies included Path, Twitter, Apple. Facebook, Beluga, Yelp, Burbn, Instagram, Foursquare, Gowalla, Foodspotting, LinkedIn, Electronic Arts, Kik Interactive, and more. See “Tons of Companies Sued in Class Action Lawsuit over Uploading Phone Addressbooks,” Tech Dirt, March 20, 2012, http://www.techdirt.com/articles/20120316/00561518126/tons-companies-sued-class-action-lawsuit-over-uploading-phone-addressbooks.shtml. See also Julia Angwin and Jeremy Singer-Vine, “Selling You on Facebook,” Wall Street Journal, April 7, 2012, http://online.wsj.com/article/SB10001424052702303302504577327744009046230.html?mod=WSJ_WhatTheyKnowPrivacy_MIDDLETopMiniLeadStory; Nick Bilton and Nicole Perlroth, “Mobile Apps Take Data
without Permission,” New York Times, February 15, 2012, http://bits.blogs.nytimes.com/2012/02/15/google-and-mobile-apps-take-data-books-without-permission/; “Now Twitter Admits ‘Harvesting’ Users’ Phone Contacts Without Telling the Owners as Apple Announces Crackdown,” Daily Mail, February 16, 2012, http://www.dailymail.co.uk/sciencetech/article-2101934/Apple-moves-stop-Facebook-Twitter-accessing-iPhone-users-address-books-permission.html; “Statement of Justin Brookman,” Before the Senate Judiciary Committee, Subcommittee on Privacy, Technology, and the Law, Hearing on Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones, and Your Privacy, May 10, 2011, https://www.cdt.org/files/pdfs/20110510_mobile_privacy.pdf; and Lito Cruz, Andre Olober, and Kristopher Welsh, “The Danger of Big Data: Social Media as Computational Social Science,” First Monday 17, no.7 (2012), http://www.firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/3993/3269.
14 U.S. Federal Trade Commission found that Facebook had engaged in: The FTC accused Facebook of deceiving “consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public.” This was documented in Dominic Rushe, “Facebook Reaches Deal with FTC Over ‘Unfair and Deceptive’ Privacy Claims,” Guardian, November 29, 2011, http://www.guardian.co.uk/technology/2011/nov/29/facebook-ftc-privacy-settlement.
15 freedom of information request to find out more about the secret agreement: Electronic Privacy Information Center’s (EPIC) executive director, Marc Rotenberg, believed that the Google–NSA agreement covered more than just the Google breach, and that both Google and the NSA were in talks before Google found out that it had been compromised in a computer attack. See Adam Gabbatt, “Google Teams Up with National Security Agency to Tackle Cyber Attacks,” Guardian, February 5, 2010, http://www.guardian.co.uk/technology/2010/feb/05/google-national-security-agency-cyber-attack; and Jaikumar Vijayan, “Google Taps NSA to Safeguard Its Data,” Computer World, February 4, 2010, http://www.pcworld.com/article/188557/google_taps_nsa_to_safeguard_data.html.
16 Network operators and service providers vary: See “Retention Periods of Major Cellular Service Providers,” United States Department of Justice, http://www.wired.com/images_blogs/threatlevel/2011/09/retentionpolicy.pdf.
17 Polish NGO Panoptykon found that Polish authorities: Panoptykon discusses the effects of Poland’s data retention policies in “How Many Times Did the State Authorities Reach Out for Our Private Telecommunications Data in 2011? We Publish the Latest Research,” Panoptykon, March 4, 2012, http://panoptykon.org/wiadom-osc/how-many-times-did-state-authorities-reach-out-our-private-telecommunications-data-2011-we.
18 find a way to integrate as much data as possible: The Total Information Awareness system is discussed in Shane Harris, The Watchers: The Rise of America’s Surveillance State (New York: The Penguin Group, 2010). The Washington Post has been documenting the national security buildup in the United States that has occurred since 9/11 in “Top Secret America,” blog, http://projects.washingtonpost.com/top-secret-america.
19 As former CIA director David Petraeus explained: Petraeus’s remarks at the 2012 In-Q-Tel CEO Summit are available at “Remarks by Director David H. Petraeus at In-Q-Tel CEO Summit,” Central Intelligence Agency, March 1, 2012, https://www.cia.gov/news-information/speeches-testimony/2012-speeches-testimony/in-q-tel-summit-remarks.html.
20 In 2012, the Hamburg Commissioner for Data Protection and Freedom of Information: German data protection officials accused Facebook of “illegally compiling a vast photo database of users without their consent,” and demanded that Facebook destroy all archives of files based on facial recognition technology. See Violet Blue, “Why You Should Be Worried About Facial-Recognition Technology,” CNET, August 29, 2012, http://news.cnet.com/8301-1023_3-57502284-93/why-you-should-be-worried-about-facial-recognition-technology/.
4: THE CHINA SYNDROME
1 “In China, the Internet came with choke points built in.”: The OpenNet Initiative has documented Chinese cyberspace controls in “China,” in Access Contested: Security, Identity, and Resistance in Asian Cyberspace, eds. Ronald Deibert, John Palfrey, Rafal Rohozinski, and Jonathan Zittrain (Cambridge: MIT Press, 2012), 271–298. See also Milton Mueller, “China and Global Internet Governance: A Tiger by the Tail,” in eds. Deibert et al., Access Contested, 177–194; and Greg Walton, China’s Golden Shield, International Centre for Human Rights and Democratic Development, 2001.
2 Contrary to the principles of network neutrality: Network neutrality is a term coined by Tim Wu. For Wu, “Network neutrality is best defined as a network design principle. The idea is that a maximally useful public information network aspires to treat all content, sites, and platforms equally.” See Tim Wu “Network Neutrality FAQ,” http://timwu.org/network_neutrality.html and “Network Neutrality, Broadband Discrimination,” Journal of Telecommunications and High Technology Law 2 (2003). See also Lawrence Lessig and Robert W. McChesney, “No Tolls on the Internet,” Washington Post, June 8, 2006, http://www.washingtonpost.com/wp-dyn/content/article/2006/06/07/AR2006060702108.html; and Milton Mueller, Net Neutrality as Global Principle for Internet Governance (Syracuse: Internet Governance Project, 2007).
3 The Chinese version of Skype: The TOM-Skype investigation is documented in Nart Villeneuve, “Breaching Trust: An Analysis of Surveillance and Security Practices on China’s TOM-Skype Platform,” Information Warfare Monitor, September 2009, http://www.infowar-monitor.net/2009/09/breaching-trust-an-analysis-of-surveillance-and-security-practices-on-china’s-tom-skype-platform/. See also John Markoff, “Surveillance of Skype Messages Found in China,” New York Times, October 1, 2008, http://www.nytimes.com/2008/10/02/technology/internet/02skype.html?pagewanted=all.
Years after the release of the Citizen Lab’s TOM-Skype research, researchers from the University of New Mexico found the exact same content-filtering and interception system on TOM-Skype. Their research is documented in Jedidiah R. Crandall, Jeffrey Knockel, and Jared Saia, “Three Researchers, Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and Surveillance (Paper presented at the USENIX Workshop on Free and Open Communications on the Internet, San Francisco, California, August 2011), available at: http://www.cs.unm.edu/~crandall/foci11knockel.pdf. Citizen Lab and UNM are now working together on a study of several Chinese-marketed chat clients and will publish our results in 2013.
4 Researchers at Cambridge University, for instance, once demonstrated: See Richard Clayton, Steven J. Murdoch, Robert N.M. Watson, “Ignoring the Great Firewall of China,” Journal of Law and Policy for the Information Society 3, no. 2 (2007). Psiphon was invented in the Citizen Lab, and released in December 2006 at an event called Protect the Net. The project was funded by the Open Society Institute as part of the Citizen Lab’s CiviSec Project. Psiphon was spun out of the University of Toronto as an independent Canadian company. Read more about Psiphon at http://psiphon.ca. Karl Kathuria, in Casting a Wider Net (a study undertaken in 2011 while a Citizen Lab/Canada Centre visiting fellow), combined ONI, Psiphon, and BBC media data to develop policies for global broadcasters whose content is filtered in censored jurisdictions: http://munkschool.utoronto.ca/downloads/casting.pdf.
5 Code words, metaphors, neologisms: Xiao Qiang, editor of the China Digital Times, has been compiling a glossary of terms used by creative Chinese netizens to bypass China’s online censors in “Grass-Mud Horse Lexicon,” China Digital Times, http://chinadigitaltimes.net/space/Introduction_to_the_Grass-Mud_Horse_Lexicon.
6 Often ignored is the connection between China’s domestic controls and the international dimensions of its cyberspace strategy: Masashi Crete-Nishihata and I examine the international and global mechanisms that facilitate the growth and spread of cyberspace controls in “Global Governance and the Spread of Cyberspace Controls,” Global Governance: A Review of Multilateralism and International Organizations 18, no. 3 (2012): 339–361.
7 Evidence of GhostNet-like compromises now surface almost weekly: Jameson Berkow reported
on the Nortel breach in “Nortel Hacked to Pieces,” Financial Post, February 25, 2012, http://business.financialpost.com/2012/02/25/nortel-hacked-to-pieces.
8 It’s unlikely that China would benefit in an armed conflict: On China’s military strategy, see Timothy L. Thomas, Dragon Bytes: Chinese Information-War Theory and Practice (Fort Leavenworth: Foreign Military Studies Office, 2004). See also U.S.-China Economic and Security Review Commission, 2012 Report to Congress, 147–169; and Desmond Ball, “China’s Cyber Warfare Capabilities,” Security Challenges 7, iss. 2 (2011): 83–103.
9 Part of China’s international strategy revolves around setting: On China’s technology industry development, see David Chen, Stephen Schlaikjer, and Micah Springut, “China’s Program for Science and Technology Modernization: Implications for American Competitiveness,” January 2011, http://www.uscc.gov/researchpapers/2011/USCC_REPORT_China’s_Program_forScience_and_Technology_Modernization.pdf; and Steven P. Bucci and Derek Scissors, “China Cyber Threat: Huawei and American Policy Toward Chinese Companies,” Heritage, October 23, 2012, http://www.heritage.org/research/reports/2012/10/china-cyber-threat-huawei-and-american-policy-toward-chinese-companies. By the end of 2012, a fifth of all computers in the world will be manufactured in Chengdu. See Ambrose Evans-Pritchard, “Hi-tech Expansion Drives China’s Second Boom in the Hinterland,” Telegraph, November 25, 2012, http://www.telegraph.co.uk/finance/comment/9701910/Hi-tech-expansion-drives-Chinas-second-boom-in-the-hinterland.html.
10 a regional … security alliance called the Shanghai Cooperation Organization: An overview of the Shanghai Cooperation Organization can be found in Andrew Scheineson, “The Shanghai Cooperation Organization,” Council on Foreign Relations, March 24, 2009, http://www.cfr.org/publication/10883/shanghai_cooperation_organization.html; Thomas Ambrosio, “Catching the ‘Shanghai Spirit’: How the Shanghai Cooperation Organization Promotes Authoritarian Norms in Central Asia,” Europe-Asia Studies 60, no.8 (2008): 1321–1344; and Human Rights in China, Counter-Terrorism and Human Rights: The Impact of the Shanghai Cooperation Organization (New York: Human Rights in China, 2011), http://www.hrichina.org/research-and-publications/reports/sco.
Black Code: Inside the Battle for Cyberspace Page 26
