20th anniversary: A Declaration of the Independence of Cyberspace

Back on February 9, 1996, John Perry Barlow wrote his declaration of of the independence of cyberspace. The declaration pointed out the folly of trying to govern something thought to be virtually ungovernable at the time.
Cyberspace and is smart fusion really smart ?
Barlow first came to prominence writing lyrics for The Grateful Dead. His ethos came from the libertarian do your own thing ethic that underpinned much of the hippy movement. This probably come more naturally to Barlow than other people having grown up on a cattle ranch and being the son of the Republican politician.

By the time he wrote the declaration, he was already had published extensively about the internet. He was on the board of directors of The WELL – an online community that sprang out of Stewart Brand’s back to the land influence catalogue of useful things The Whole Earth Catalog (The WELL stands for The Whole Earth eLectronic Link). He contributed to Wired magazine (founded by aging hippies Kevin Kelly and Stewart Brand), Barlow’s essay Economy of Ideas published in the March 1994 issue provides a clear view of the thinking that prompted him to write the declaration. He had already founded The Electronic Frontier Foundation with by John Gilmore and Mitch Kapor in response to a series of actions by law enforcement agencies that led them to conclude that the authorities were gravely uninformed about emerging forms of online communication.

The declaration was a reactionary document, brought upon by the 1996 Telecommunications Act in the US. The act eventually resulted in consolidation of US media ownership.

I suspect the similarities in style between the declaration and the Doc Searl’s et al later Cluetrain Manifesto are an intentional nod to Barlow on cyberspace.

A Declaration of the Independence of Cyberspace

by John Perry Barlow <barlow@eff.org>

Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.

We have no elected government, nor are we likely to have one, so I address you with no greater authority than that with which liberty itself always speaks. I declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us nor do you possess any methods of enforcement we have true reason to fear.

Governments derive their just powers from the consent of the governed. You have neither solicited nor received ours. We did not invite you. You do not know us, nor do you know our world. Cyberspace does not lie within your borders. Do not think that you can build it, as though it were a public construction project. You cannot. It is an act of nature and it grows itself through our collective actions.

You have not engaged in our great and gathering conversation, nor did you create the wealth of our marketplaces. You do not know our culture, our ethics, or the unwritten codes that already provide our society more order than could be obtained by any of your impositions.

You claim there are problems among us that you need to solve. You use this claim as an excuse to invade our precincts. Many of these problems don’t exist. Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own Social Contract . This governance will arise according to the conditions of our world, not yours. Our world is different.

Cyberspace consists of transactions, relationships, and thought itself, arrayed like a standing wave in the web of our communications. Ours is a world that is both everywhere and nowhere, but it is not where bodies live.

We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth.

We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.

Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here.

Our identities have no bodies, so, unlike you, we cannot obtain order by physical coercion. We believe that from ethics, enlightened self-interest, and the commonweal, our governance will emerge . Our identities may be distributed across many of your jurisdictions. The only law that all our constituent cultures would generally recognize is the Golden Rule. We hope we will be able to build our particular solutions on that basis. But we cannot accept the solutions you are attempting to impose.

In the United States, you have today created a law, the Telecommunications Reform Act, which repudiates your own Constitution and insults the dreams of Jefferson, Washington, Mill, Madison, DeToqueville, and Brandeis. These dreams must now be born anew in us.

You are terrified of your own children, since they are natives in a world where you will always be immigrants. Because you fear them, you entrust your bureaucracies with the parental responsibilities you are too cowardly to confront yourselves. In our world, all the sentiments and expressions of humanity, from the debasing to the angelic, are parts of a seamless whole, the global conversation of bits. We cannot separate the air that chokes from the air upon which wings beat.

In China, Germany, France, Russia, Singapore, Italy and the United States, you are trying to ward off the virus of liberty by erecting guard posts at the frontiers of Cyberspace. These may keep out the contagion for a small time, but they will not work in a world that will soon be blanketed in bit-bearing media.

Your increasingly obsolete information industries would perpetuate themselves by proposing laws, in America and elsewhere, that claim to own speech itself throughout the world. These laws would declare ideas to be another industrial product, no more noble than pig iron. In our world, whatever the human mind may create can be reproduced and distributed infinitely at no cost. The global conveyance of thought no longer requires your factories to accomplish.

These increasingly hostile and colonial measures place us in the same position as those previous lovers of freedom and self-determination who had to reject the authorities of distant, uninformed powers. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts.

We will create a civilization of the Mind in Cyberspace. May it be more humane and fair than the world your governments have made before.

Davos, Switzerland

February 8, 1996

So two decades later, how does Barlow’s declaration stand in comparison that what’s actually happened? At first blush not very well. The digital economy outside China is dominated by an oligarchy of four main players: Amazon, Apple, Facebook and Google.

Scott Galloway’s presentation at DLD conference this year, highlights the winner take all nature of the online world. This is partially down to the nature of the online platform. Amazon grew to critical mass in the US as for a critical amount of time buyers didn’t need to pay state sales tax until state legislation started to catch up.

Zuckerberg and his peers marked a changing of the guard in Silicon Valley as yuppies took over from the the hippies.

Inside China there is a similar state-directed oligarchy of Alibaba, Tencent, Netease and Sina.

The oligarchy impact has been most pronounced in Europe, where consumer demand and a lack of effective competition saw Google go to 90+ percent in market share across the EU, when the US market share was less than 70 percent at the time.

Futurist and science fiction author Bruce Sterling summed it up rather well:

“Globalization” is over for 2016. We have entered an era of Internet Counter-Revolution. The events of 1989 feel almost as distant as those of 1789. The globalizing, flat-world, small-pieces-loosely-joined Internet is behind us, it’s history. The elite geek Internet could not resist those repeated tsunamis of incoming users.

It turned out that normal people like the “social” in social media a lot better than they ever liked the raw potential of media technology. In Russia and China in 2016, digital media is an arm of the state. Internet has zero revolutionary potential within those societies, but all kinds of potential for exported cyberwar. The Chinese police spy and firewall model, much scoffed at in the 1990s, is now the dominant paradigm. The Chinese have prospered with their authoritarian approach, while those who bought into borderless friction-free data have been immiserated by the ultra-rich.

In the USA it’s an older American story: the apparent freedom of Henry Ford’s personal flivver has briskly yielded to the new Detroit Big Five of Google, Apple, Facebook, Amazon, and, in last place, Microsoft.

In 2016, everything that looks like digital innovation, “big data,” “the cloud,” the “Internet of Things,” are actually promotional slogans that play into the hands of the GAFAM “Big Five.” Anybody who lacks broadband and a mobile OS is in deadly peril, especially the digital old-school likes of IBM, Cisco, Hewlett-Packard, Oracle… and the hapless TV networks, whose median viewer age is now in the 60s.

The GAFAM Big Five, the “Stacks,” will turn their wrath on the victims closest to them, well before they complete their lunge for control of cars and thermostats. However, their destiny is obvious. The rebels of the 1990s are America’s new mega-conglomerates. Google is “Alphabet,” Apple pruned the “computer” from its name, Amazon is the Washington Post. In 2016, that’s how it is, and in 2017, 189, 19, much more so.

So the not-evil guys are the new evil guys, but don’t be scared by this. It’s quite like watching the 1960s Space Age crumble from giant-leaps-for-mankind to launching low-orbit gizmos for profit. It’s comprehensible, it can be dealt with. Sure, it’s tragic if your head was in the noosphere, but if you have any historical awareness of previous industrial revolutions, this is really easy to understand. It’s already in your pocket and purse, it’s written on every screen you look at It could scarcely be more obvious.

Yes, Internet Counterrevolution is coming, much of it is here already, and it’s properly considered a big deal, but it’s not permanent. This too shall pass.

And this post hasn’t even touched on how government has looked to plug itself into all facets of online life in the interest of discovering terrorist plots, organised crime or paedophile rings. Assaults on cyberspace sovereignty are numerous, from Pakistan’s special editable version of YouTube to several governments looking for cryptographic backdoors.

At DLD 2016, you have a German politician talking about the mechanism of how the government needed to rollback citizen rights to privacy to give German start-ups a chance. In this winner takes all world, the beneficiaries are likely to be Google, Facebook Amazon and Microsoft rather than a local champion.

I started on this post in mid-January and scheduled it to go out on February 8, 2016. danah boyd also published on the declaration of Cyberspace and I recommend you go and check out here.

More information
Economy of Ideas | Wired 
The Cluetrain Manifesto
A Declaration of the Independence of Cyberspace | EFF
Bruce Sterling & Jon Lebkowsky: State of the World 2016 | The WELL
Pakistan lifts ban on YouTube after launch of own version | The Daily Star
John Perry Barlow 2.0 | Reason

PrivaTegrity: the flawed model of distributed keys

Dave Chaum’s idea to to try and balance between state actors demand for internet sovereignty and the defacto end of citizen privacy, with the need to address emotive causes such as terrorism, paedophile rings and organised crime got a lot of attention from wired.
Yesterday evening on a bus stop in Bow
The principle behind PrivaTegrity is that there would be a backdoor, but the back door could only be opened with a nine-part key. The parts would be distributed internationally to try and reduce the ability of a single state actor to force access.

However it has a number of flaws to it:

  • It assumes that bad people will use a  cryptographic system with a known backdoor. They won’t they will look elsewhere for the technology
  • It has a known backdoor, there is no guarantee that it can’t be opened in a way that the developers hadn’t thought of
  • Nine people will decide what’s evil
  • If you’re a state actor or a coalition of state actors, you know that you have nine targets to go after in order to obtain access by hook-or-by-crook. It was only Edward Snowden who showed us how extraordinarily powerful companies where bent to the will of the US government. The UK government is about to grant itself extra-territorial legal powers to compel access. There is no reason why a form of extra-ordinary rendition couldn’t be used to compel access, rather like Sauron in The Lord of the Rings bending the ring bearers to his will. Think of it as Operation Neptune Spear meets a Dungeons & Dragon quest held at a black site

More information
The Father of Online Anonymity Has a Plan to End the Crypto War | WIRED
Privategrity

Jason Matthews on trade craft and social engineering

Jason Matthews is a former CIA spy who used to run agents. He retired and became a novelist. In his Talk at Google he talks about the spy game, but its also interesting in terms of thinking about social engineering in a wider sense.

Tim Cook at The White House Cybersecurity Summit

Whilst on the surface this is a puff piece for Apple, but Cook uses the Obama administration’s call to cooperate making life easier for the intelligence industrial complex get access to consumer data and lays out an opposing vision.

He basically kicked Washington DC in the teeth, other significant companies just decided to turn up with a significantly less senior representative to send the same message.

Lady Gaga, the lawyer and the Irish Web 2.0 debacle

The Irish Independent ran the story of Ate My Heart Inc.; a company owned and controlled by popstar Lady Gaga who

‘demanded I roll over and hand over my ladyaga.ie domain name and trademark’

This action was taken against an Irish-based cookery blogger. This surprised me for a number of reasons:

  • The two brands and domains whilst similar couldn’t be mistaken for each other, giving the Ate My Heart legal team a relatively weak positon if it ever went to court
  • You would have a harder time differentiating the Lady Gaga brand from the many social accounts run by dedicated Lady Gaga fans
  • Lady Gaga and her management seem to be exceptionally savvy about the use and abuse of social media; and its power hence the LittleMonsters.com community that they run

It also reminded me of IT@Cork / O’Reilly Publications debacle that broke out over the use of web 2.0 in 2006. IT@Cork was a small local group interested in business technology who decided to host a session on web 2.0. They invited Tim O’Reilly along to speak alongside other representatives from web 2.0 firms. They were legalled by CMP who run the Web 2.0 Expo and Web 2.0 Conference with a cease and desist letter.

The subsequent online firestorm caused Tim O’Reilly to come back off holiday and broker a smarter solution.

Ate My Heart could have reduced their risk and had a win-win situation like O’Reilly eventually opted for, but instead went all in on a relatively weak legal position, hoping presumably that the blogger would buckle rather than publishing their letter online and calling them out, but they chose not to.

I guess the implicit message to Irish Lady Gaga fans were that they didn’t matter all that much.  From a PR perspective, something to keep an eye on in case clients take a similar gung-ho approach to reputation management through litigation; not everyone will be as lucky as Lady Gaga was on this occasion.

Archived from blog posts I wrote for PR Week

Network analysis and why people are so afraid of the Draft Communications Bill

This is going to be a convoluted long post, so I just decided to pick a point and start.

The Draft Communications Bill, what is it?

The Draft Communications Bill is a piece of legislation that builds upon work done by the European Union and the previous Labour administration. It is designed (as the government sees it) to maintain capability of law enforcement to access communications. It builds on a number of different pieces of legislation.

Communications Data Bill 2008 – sought to built a database of connections:

  • Websites visited
  • Telephone numbers dialled
  • Email addresses contacted

This data would be collected by internet service providers. The current government had described these plans at the time as Orwellian.

Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or public communications networks and amending Directive 2002/58/EC – requires data retention to identify users and details of phone calls made and emails sent for a period between six months and two years. This information is to be  made available, on request, to law enforcement authorities to investigate and deal serious crime and terrorism.

The UK already has used non-legislative means to force 95 per cent of internet access through a filtered system, predominantly BT’s Cleanfeed which blogs blacklisted sites or pages. It has been used to filter child pornography, there were discussions about using it to block content that was deemed to glorify terrorism and has the potential to block content in a similar way to other more authoritarian nations. In a well-known case Cleanfeed had blocked a Wikipedia page on The Scorpions Virgin Killer album originally issued in 1976.

In addition, the UK government had evaluated (and rejected) internet connections being filtered for pornographic content by default – apparently due to a lack of appetite from parents for content filtering.

The Digital Economy Act of 2010 allowed sites to be blocked and allowed prosecution of consumers based on their IP address which was problematic.

So there is already a complex legal and regulatory environment that the Draft Communications Bill is likely to be part of.

In essence, the Draft Communications Bill gives the capability to build a database of everyone’s social graph. Everyone you have called, been in touch with or been in proximity to.  It requires:

  • A wide range of internet services, not just ISPs to keep a record of user data for 12 months
  • That retained data to be kept in safe and secure way; just like say credit card information or user names and passwords
  • The ability to search, filter and match data from different sources allowing a complex near-complete picture to be built up of our digital lives. Which would be of interest to hackers, criminals, private investigators or over-zealous journalists (a la the recent News International phone hacking scandals)

What the government have been keen to stress is that the process would not look at the content inside the communication. If we use the analogy of the postal service, recording all the external information on an envelope or parcel, but not peaking inside. The reason for this can be found in a successful case taken by Liberty and other organisations against the UK government in 2008. Article eight of the European Convention on Human Rights focuses on respect for private and family life, home and correspondence.

During the 1990s, the UK government had intercepted calls, faxes and electronic communication placed internationally by people in Ireland via a specially built microwave communications tower in Capenhurst. The Electronic Test Facility was uncovered by Richard Lamont in 1999 and was subsequently covered by Channel 4 news and The Independent.

Once the Electronic Test Facility came out into the public domain, the court case followed.

There are concerns about how this information can be used indiscriminately to build up a Stasi-like picture of the UK population. This is more sensitive given the controversial  black list provided to the construction industry by The Consulting Association. Latent public anxiety about commercial services like Facebook and behavioural advertising also contribute to this mindset.

Why all the power?

Modern police work and intelligence work doesn’t look like Spooks, James Bond or Starsky and Hutch. In reality, it looks more like The Wire. Investigations revolve around informants and painstaking investigation work.

A key part in this is network analysis. Understanding the structure of  relationships between participants allows them to be caught. A key part in the film The Battle of Algiers shows how French paratroopers looked to break suspects to find out the structure of their terrorist cells. If they can break them fast enough before conspirators flee, the French could roll up the terrorist infrastructure. The film’s main protagonist who instigates this policy is a portmanteau of numerous counterinsurgency specialists including Jacques Massu, Marcel Bigeard and Roger Trinquier, all of whom had been involved in the French counterinsurgency campaign from 1954 – 57 which had successfully  rolled up Algerian separatist networks in the capital Algiers.

Move forward five decades and the US counterinsurgency work in Afghanistan and Iraq puts a lot of focus on degree centrality and social network analysis as part of its efforts to dismantle al-Qaeda and other fellow travellers.

Secondly, good operational security techniques from the use of stenography or encryption of communications if implemented well can be difficult even for governments to crack. If you know the network structure, this gives you two options to gain information on the communications:

  • Look at the communications metadata: how much is going on, where is it being sent to, is the volume larger or less than normal. These can all be used as indicators that something maybe happening, changes in power within an organisation (who is giving the orders)
  • Focus resources on cracking communications that would be deemed important, for instance those to a particular number

The all-up data picture would be deemed important to provide a better picture of network analysis. When I think about myself for a minute:

I have a range of different online identities, many of which are due to the limitations of the service on which they are held or when I set them up.

I have one main UK mobile phone number, but I have had different ancillary ones:

  • Work phones
  • Temporary PAYG numbers to sell things on The Gumtree and Craigslist
  • SIMs that I have used for data only on my iPad and smartphones over the years

Now, let’s do a thought experiment, imagine a gang of drug dealers each with a set of pill boxes like old people have labelled up for each day of the week. In each section of the box would be a SIM card. They would then swap those SIMs in and out of their phones on a regular basis making their communications hard to track if you were just following one number. They could be using regularly changed secondhand mobile phones so that the IMEI number changes as well.

The SIMs could be untraceable, they could be bought and topped up for cash if they were bought outside the UK. I can go into my local convenience store here in Hong Kong and buy and top-up them up for cash or a pre-paid credit card with no one asking to see my ID.

Untraceable UK SIMs could be acquired along with bank accounts from students going home, paid off electronically, perhaps even with the debit cards attached to the accounts and the accounts topped up with ATM deposits.

But if you interrogate a database once you have one or more numbers and look for numbers that appear on a network in the same location immediately after the number you know disappears you are well on the way to tracking down more of the mobile graph of the drug dealers.

Now imagine the similar principles being applied to messaging clients, email addresses or social networking accounts in order to provide the complete network analysis of the gang of drug dealers created in the thought experiment.

How does this fit in with the people?

Under the previous Labour administration councils were given wide-ranging surveillance powers that were used to deal with incidents such as putting the wrong kind of materials in the recycling bins. This annoyed and educated British consumers on privacy. The Draft Communications Bill smacks to many as a similar kind of snoopers charter.

The internet itself, has been political and has become political. If one goes back to the roots of the early public internet, one can see the kind of libertarian themes running through it in a similar way to the back to the land efforts of the hippies which begat the modern environmental movement. This was about freedom in the same way the American pioneers could go west for physical freedom the internet opened up a new virtual frontier where one could make one’s own fate. It was no coincidence that people involved in ‘the hippy movement’ like Stewart Brand and Kevin Kelly were involved in setting the political tone of the internet.  Or that the Grateful Dead have had an online presence since 1995.

When these freedoms have been overly curtailed or threatened, internet users have struck back; sometimes unsuccessfully. The Pirate parties that sprang out of The Pirate Bay | copyright discussion have had limited political success, which has misled many to believe that the internet isn’t a political issue. What they managed to do is highlight the issue and their concerns to a wider range of people, in a similar way to how far right movements put immigration on mainstream political agendas across Europe.

It is also coupled with a decline in trust in authority, partly due to the financial crisis and the cosy relationship with the media which came to light during the phone hacking scandal.

Even The Economist realised that something was going on and called internet activism the new green. It takes mainstream political systems a while to adjust to new realities. It took at least two decades for green issues to become respectable amongst mainstream politicians and it seems to be even harder for them to grasp the abstract concepts behind the digital frontier.

The signs are all there for a change in the public’s attitude; when you have The Mail Online providing critical commentary of the Draft Communications Bill and providing recommendations of encryption software readers can use to keep their communications confidential you know that something has changed.

How does this differ from what companies can derive anyway?

This is probably where I think that things get the most interesting.

Network analysis tools are available off the shelf from the likes of Salesforce.com, IBM or SAS Institute. They have been deployed to look for fraudulent transactions, particularly on telecoms networks, and are also used to improve the quality of customer service. Many of them get inputs directly from social network such as Twitter and Facebook.

Deep packet inspection software and hardware again is available off the shelf from a number of suppliers. Companies like Narus and TopLayer Networks pioneered deep packet inspection for a wide range of reasons from surveillance to prioritising different types of network traffic. The security implications became more important (and lucrative) after 9/11; now the likes of Cisco and Huawei provide deep packet inspection products which are used for everything from securing corporate networks, preventing denial of service attacks and in the case of Phorm – behavioural advertising.

Skyhook Wireless and Google have location data that services can draw down on providing accurate information based on cell tower triangulation and a comprehensive map built-up of wi-fi hotspots.

Credit information can be obtained from numerous services, as can the electoral role. If this data is put together appropriately (which is the hard part), there is very little left of a life that would be private anyway.

Companies are trying to get to this understanding, or pretend that they are on the way there. Google’s Dashboard shows the consumer how much it infers about them and information that consumers freely give Facebook makes it an ideal platform for identity theft.

One of the most high-profile organisations to get close to this 360 view of the consumer is Delta Airlines who recently faced a backlash about it.

So what does this all mean?

We should operate on the basis that none of our electronic information is confidential. Technology that makes communication easier also diminishes privacy.  The problem isn’t the platforms per se but our behavioural adjustment to them.

More information
Giant database plan Orwellian | BBC News
Directive 2006/24/EC (PDF)
Written answers on internet pornography – They Work For You
UK government rejects ‘opt in’ plans for internet porn – TechRadar
Internet Filtering: Implications of the “Cleanfeed” System School of Law, University of Edinburgh Third Year PhD Presentation Series TJ McIntyre Background Document for 12 November 2010 Presentation (PDF)
Councils’ surveillance powers curbed | The Guardian
The new politics of the internet Everything is connected | The Economist
Blacklist Blog | Hazards magazine
UK government plans to track ALL web use: MI5 to install ‘black box’ spy devices to monitor British internet traffic | Mail Online
Most UK citizens do not support draft Data Communications Bill, survey shows | Computer Weekly
How Britain eavesdropped on Dublin | The Independent
Cases, Materials, and Commentary on the European Convention on Human Rights By Alastair Mowbray
U.S. Army Counterinsurgency Handbook By U S Dept of the Army, Department of Defense
Draft Communications Data Bill – UK Parliament
Deep packet inspection (DPI) market a $2 billion opportunity by 2016 – Infonetics Research
Google Dashboard
Big Brother Unmasked… As Delta Airlines – smarter TRAVEL

Interview with cut-up artist Girl Talk

Girl Talk’s work sits at the intersection of art and intellectual property law, like The Avalanches his work is made up of lots of other people’s work. When does copyright infringement become a new work in its own right? Why is Andy Warhol art and sampling theft?

Girl Talk Interview — Some Conference 2012 from somehome.org on Vimeo.

The video is on Vimeo, so may not be available to all readers.