open technology institute – Techdirt (original) (raw)
Mozilla, Consumer Groups Sue The FCC For Its Attack On Net Neutrality
from the litigation-nation dept
Mozilla and several consumer groups say they’ll be joining 22 state Attorneys General in suing the FCC for its net neutrality repeal. While procedure dictates that lawsuits can’t be filed until after the FCC’s “Restoring Internet Freedom” order is posted to the federal register (which hasn’t happened yet), Mozilla notes that it petitioned the United States Court of Appeals (pdf) out of an abundance of caution, kickstarting the process to determine which court will finally hear the case:
“As a process note, the FCC decision made it clear that suits should be filed 10 days after it is published in the Federal Register, which has not yet occurred. However, federal law is more ambiguous. Due to the importance of this issue, even though we believe the filing date should be later, we filed in the event a court determines the appropriate date is today. The FCC or a court may accept this order or require us and others to refile at a later date. In fact, we?re urging them to use the later date. In either instance, we will continue to challenge the order in the courts.”
Mozilla’s lawsuit was filed the same day as coordinating lawsuits from consumer groups like Public Knowledge and Free Press. In a statement of its own, Public Knowledge notes it similarly filed its petition early as a preliminary and protective legal move:
“While we believe that under the best reading of the rules the FCC’s Order is not ripe for challenge until it is published in the Federal Register, in the past the judicial lottery — which determines which appellate court will hear a challenge to an FCC action — has been run based on premature petitions. Thus, to protect our rights, we have filed today.
In other words, this is a purely procedural move, and we would not object if all early-filed petitions were held in abeyance by the FCC and the lottery is conducted based only on challenges filed after Federal Register publication. Of course, we will file to challenge the FCC at that time, as well.”
The Open Technology Institute also says it also filed its own lawsuit against the FCC early, hoping to ensure a favorable court selection during the Panel on Multidistrict Litigation (MDL) lottery. All told, four of the net neutrality lawsuits were filed in the United States Court of Appeals for the District of Columbia Circuit, while the Free Press lawsuit was filed in the United States Court of Appeals for the First Circuit.
This is just the opening salvo in what will be a long-standing legal standoff between people who’d prefer the internet remain healthy and competitive, and ISPs eager to abuse a lack of competition in the broadband last mile to their own, additionally anti-competitive advantage. All of the lawsuits will attempt to prove that the FCC violated the Administrative Procedure Act by engaging in an “arbitrary and capricious” reversal of extremely popular policy without proving that the broadband market changed dramatically enough in just two years to warrant it.
As we’ve noted previously, the lawsuits will also focus on how the FCC turned a blind eye to identity theft and comment fraud during the FCC’s open comment period, and efforts by some group or individual to try and downplay the massive public opposition to the FCC’s handout to the telecom sector. Expect more details on the origins (and potentially funding) of these efforts as the legal fight moves forward over the coming months and years. Though some ISPs surely won’t be able to help themselves, expect ISPs to try and remain on their best behavior for a while to avoid undermining their arguments in court.
Should they win in court however, it can’t be understated how the attack on net neutrality is just one small part of an over-arching ISP lobbying effort to remove nearly all meaningful state and federal oversight of some of the least-liked, least-competitive companies in America. That involves efforts to pass loophole-filled fake net neutrality laws with one goal: preventing tough, real rules from being passed down the road by a less Comcastic Congress or FCC.
Filed Under: fcc, lawsuit, net neutrality
Companies: free press, mozilla, open technology institute, public knowledge
Report Says Backlash From NSA's Surveillance Programs Will Cost Private Sector Billions Of Dollars
from the screwed-by-the-government-even-as-it-screws-itself dept
The Open Technology Institute has put together a thorough paper detailing the many adverse effects the NSA disclosures have had, both on American businesses inside and outside of the tech sector, as well as on Americans themselves.
The Open Technology Institute is no stranger to the adverse side effects of the NSA’s pervasive surveillance. Its own open-source mesh network project (Commotion) was accompanied by this warning, prompted by the revelations of the Snowden leaks.
Commotion
Cannot hide your identity Does not prevent monitoring of internet traffic Does not provide strong security against monitoring over the mesh Can be jammed with radio/data-interference
So, how much will the NSA leaks cost American businesses? It’s tough to say. Although the OTI has done an incredible amount of research, it’s difficult to pin down exact losses. Any time an American company has its bid denied by a foreign country, the NSA’s actions have likely played some role. But this will very rarely be stated explicitly. This leads to a rather open-ended estimate of lost sales.
Nearly 50 percent of worldwide cloud computing revenue comes from the United States, and the domestic market more than tripled in value from 2008 to 2014. However, within weeks of the first revelation, reports began to emerge that American cloud computing companies like Dropbox and Amazon Web Services were losing business to overseas competitors. The NSA’s PRISM program is predicted to cost the cloud computing industry from 22to22 to 22to180 billion over the next three years.
Cloud services aren’t the only victims of NSA overreach. Hardware manufacturers are also seeing losses. Cisco, one of the first to complain about sales losses due to NSA leaks, was also the only company to have its logo splashed all over the internet when a leaked presentation contained a photo of NSA agents opening one of its boxes from an intercepted shipment. The NSA’s Tailored Access Operations (TAO) has subverted any number of companies’ products and Qualcomm, Microsoft and Hewlett-Packard have all reported dropping sales, according to OTI’s research.
Other direct effects are being felt as well. Germany is ending its long-running contract with Verizon and German companies are specifically excluding American businesses when seeking bids. The blowback from the NSA’s spying on Brazilian president Dilma Roussef cost Boeing a $4.5 billion contract for new jet fighters. (The contract went to Saab.)
Also directly affecting US companies is a future full of increased compliance costs as countries move towards data sovereignty. This means tech companies like Facebook and Google will need to build local data centers if they wish to keep citizens in affected countries as users. The European Parliament’s new data protection law could easily result in massive fines for US companies.
In March 2014, members of the European Parliament passed the Data Protection Regulation and Directive, which imposes strict limitations on the handling of EU citizens’ data. The rules, which apply to the processing of EU citizens’ data no matter where it is located, require individuals to consent to having their personal data processed, and retain the right to withdraw their consent once given. The deterrent fines are significant: violators face a maximum penalty of up to five percent of revenues, which could translate to billions of dollars for large tech companies.
Companies from outside of the tech sector are also facing downturns, thanks to the NSA’s activities. The cheapest and most convenient way for companies to reach customers (and vice versa) is taking a hit as wary citizens take steps to avoid leaving as large a digital footprint.
According to an April 2014 Harris poll, nearly half of the 2000 respondents (47 percent) have changed their online behavior since the NSA leaks, paying closer attention not only to the sites they visit but also to what they say and do on the Internet. In particular, 26 percent indicated that they are now doing less online shopping and banking since learning the extent of government surveillance programs.
The most harmful indirect side effect of the NSA leaks is a move towards Balkanization of the internet, an outcome that threatens both the structural integrity of the web as well as the public itself.
Data localization proposals also threaten the functioning of the Internet, which was built on protocols that send packets over the fastest and most efficient route possible, regardless of physical location. Finally, the localization of Internet traffic may have significant ancillary impacts on privacy and human rights by making it easier for countries to engage in national surveillance, censorship, and persecution of online dissidents.
It’s not just tech companies that are the collateral damage of the NSA’s programs. It’s also the American government itself. The entity that gave its official blessing for widespread, untargeted surveillance in the wake of the 9/11 attacks is now paying the price for its audacity. Not only did this negatively affect the US’s nominal position as the “head” of the open internet, but it’s also completely eroded the high ground on human rights the country held for so many years.
The damaged perception of the United States as a leader on Internet Freedom and its diminished ability to legitimately criticize other countries for censorship and surveillance allows foreign leaders to justify and even expand their own efforts. The long-term implications of destroying trust in the Internet through the hypocrisy of its greatest champion are detrimental to the interests of all democratic nations. Foreign governments and their populations are now wary not just of the United States government and companies, but of technology more generally.
It is apparent that the negative side effects of the NSA’s power and reach were never considered by anyone with the power to rein it in. Now that these programs have been exposed, the damage control has backfired, relying both on “it’s completely legal” (which implicates the US government and its oversight policies) and the always-vaguely-stated “terrorism threat” (which paints the agency and its supporters as disconnected fearmongerers). Now, the US is paying the price, with most of it being paid by those outside of any government.
The OTI suggests several remedies, most of which the NSA (and the administration) would likely fight every step of the way. Strengthening data protections (and extending those protections to foreign citizens) would be portrayed as allowing terrorists to escape detection and surveillance. Increased transparency is also suggested, but that hasn’t been welcomed by anyone at the administration level for the past 13 years. There’s no reason to believe a sea change is just over the horizon.
Also suggested is restoring trust in the NIST’s encryption standards and forbidding the NSA from installing hardware and software backdoors. The former is a long shot, but doable. Restoring trust always takes much, much longer than destroying it. On the latter, there’s no way the NSA will give up this surveillance tool without a (long) fight and there’s hardly any reason to believe it will ever give it up completely. After all, despite all the forced transparency, it still operates mostly in the dark.
OTI also calls for the NSA to stop making internet use more dangerous than it already is.
Secret stockpiling of previously unknown flaws irresponsibly leaves users open to attack from anyone who discovers the weakness. Consistent with the Review Group’s Recommendation, the U.S. government should establish and adhere to a clear policy to disclose vulnerabilities to vendors by default, and only withhold that information in the narrowest circumstances and for the shortest period of time possible—if at all.
As has been noted, this is a worldwide problem, greatly exacerbated by a number of private security firms which stockpile vulnerabilities to sell to intelligence and law enforcement entities (while at the same time selling protection against their stockpile of undisclosed exploits to other private companies). Stopping the NSA from doing this is only a small part of the problem. Governing the actions of private companies worldwide will be a much more difficult task.
The repercussions of the NSA’s programs will be felt for years. The cost to the United States’ reputation is already being felt. It can’t be quantified, but it is very noticeable. The final cost to American companies will undoubtedly be in the hundreds of billions. Destroyed trust takes a long time to rebuild and every day that passes without the NSA being seriously reined in (the USA Freedom Act, Dianne Feinstein’s Fake Fix) just makes it longer. Lost sales are hard to quantify, but there can be no doubt this will harm the US — on both a private and public level — for years to come.
Filed Under: costs, nsa, private sector, surveillance
Companies: open technology institute, oti
Wireless Mesh Networks, The NSA, And Re-building The Internet
from the exploring-all-the-avenues dept
One of the bitter lessons we learned from Snowden’s leaks is that the Internet has been compromised by the NSA (with some help from GCHQ) at just about every level, from our personal software and hardware, through ISPs to major online services. That has prompted some in the Internet engineering community to begin thinking about how to put back as much of the lost security as possible. But even if that’s feasible, it’s clearly going to take many years to make major changes to something as big and complex as the Net.
However, there’s an alternative approach to digital connectivity that has been around for a while, and that’s already being used around the world. Wireless meshes allow ad-hoc networks to be set up independently of the Internet’s main wiring by hooking together a local collection of suitable devices. Mesh networks can be thrown up and torn down quickly; devices can join and leave them dynamically; and they can recover from breaks in the wireless links by setting up alternative paths. They can either be run as local area networks, disconnected from the Internet, or hooked into it, allowing single or multiple links to be shared by the entire mesh.
One such wireless mesh comes from The New America Foundation’s Open Technology Institute, which describes itself as follows:
> The Open Technology Institute formulates policy and regulatory reforms to support open architectures and open source innovations and facilitates the development and implementation of open technologies and communications networks. OTI promotes affordable, universal, and ubiquitous communications networks through partnerships with communities, researchers, industry, and public interest groups and is committed to maximizing the potentials of innovative open technologies by studying their social and economic impacts – particularly for poor, rural, and other underserved constituencies. OTI provides in-depth, objective research, analysis, and findings for policy decision-makers and the general public.
Its Commotion project has just reached an important milestone:
> Open Technology Institute (OTI) announced today that it has completed Beta testing and upgrades of its groundbreaking mesh networking toolkit, and is launching Commotion 1.0 in time for the new year. The launch represents the first full iteration of the technology, which makes it possible for communities to build and own their communications infrastructure using “mesh” networking. In mesh networks, users connect their devices to each other without having to route through traditional major infrastructure. > > Commotion 1.0 is an open-source toolkit that provides users software and training materials to adapt mobile phones, computers, and other wireless devices to create decentralized mesh networks so they can connect and share local services. A mesh network can function locally as an Intranet, but when one user connects to the Internet, all users will have access to it as well.
Of course, neither Commotion nor other wireless meshes are proof against the NSA’s huge array of tricks and tools that we have recently found out about. Indeed, OTI provides an explicit “warning label” for its mesh:
> Commotion > > Cannot hide your identity > Does not prevent monitoring of internet traffic > Does not provide strong security against monitoring over the mesh > Can be jammed with radio/data-interference
But it’s important to remember that Commotion and the other wireless mesh systems were designed in a more innocent time, before we knew the extent to which we were being spied upon, and how much the basic protocols of the Internet had been compromised. Now that we’ve learnt about all those things, it would be good to use that knowledge to spur the creation of the next generation of wireless mesh systems with high levels of security and privacy, so that we can add them to our own collection of tools and tricks in the fight to build a surveillance-resistant Net.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Filed Under: commotion, infrastructure, mesh networks, privacy, security, wireless, wireless mesh networks
Companies: open technology institute, oti