Law in the Internet Society

View   r6  >  r5  >  r4  >  r3  >  r2  >  r1
NikolaosVolanisFirstPaper 6 - 19 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Changed:
<
<
please do not review yet.
>
>
ready for review
 
Line: 21 to 21
  C. Being for-profit entities, these intermediaries are primarily concerned with minimizing losses, by avoiding governmental contempt which could lead to administrative penalties or other sanctions.

Changed:
<
<
D. In this context, when communications hardware and software is provided by commercial enterprises, asserting control over the latter through indirect regulation asserts influence over the specifications of hardware and software output. Thus, state digital surveillance and enforcement interests are better served through a top-down production process by commercial actors, whereas the commercial actors may achieve higher profits or preferable treatment by ensuring that their hardware and software complies with state-promoted specifications.
>
>
D. In this context, when communications hardware and software is provided by commercial enterprises, asserting control over the latter through indirect regulation asserts influence over the specifications of hardware and software output. Digital surveillance and enforcement interests are better served through a top-down production process by commercial actors, whereas the latter may achieve higher profits or preferable treatment by ensuring that their hardware and software complies with state-endorsed specifications.
  E. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.
Line: 30 to 30
 

2. Analysis

Changed:
<
<
Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating electronic communications code (as this allows for better enforcement and traceability), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation.
>
>
Our recent discussion regarding encryption technology not only demonstrates that the state can have an interest in regulating electronic communications code (as this allows for better enforcement and traceability), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation.
 A. + B. In the U.S., both the Arms Export Control Act (and the Traffic in Arms Regulations) as well as the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to national defense and law enforcement respectively.
Changed:
<
<
In the wake of widespread migration to digital telephony and data networks such as the net, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17) - or by using the government's power as a major consumer of cryptographic products to rig the market). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology. After all, due to consitutional concerns, the adoption of such technology was voluntary. However, the solution did not come from large commercial entities, but from small grassroots initiatives.
>
>
In the wake of widespread migration to digital telephony and data networks such as the net, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met considerable protest (see here for example), the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17) - or by using the government's power as a major consumer of cryptographic products to rig the market). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology. After all, due to consitutional concerns, the adoption of such technology was voluntary. However, the solution did not come from large commercial entities, but from small grassroots initiatives.
 C. + D. Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. The aforementioned examples demonstrate that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be incentivized or disincentivized by the state in adopting specific technological solutions or complying with governmental regulations. Although, for example, the IT-savvy community has argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile, still, companies in the business of producing encryption technology prefered to comply with government regulations, in fear of invoking government contempt (or worse). Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.
Changed:
<
<
The aforementioned cases indicate that the state may influence the supply of hardware and software by commercial entities, by effectively asserting indirect control over the commercial entities themselves. A final and more recent example may be that of Google and its political/business interaction with the Chinese government: Google adopts the technology mandated by brute political force; Chinese governmental concerns about information over the net are fully addressed (since they are embedded in computer code) and Google can access and profit from the Chinese market. It takes a couple of golden handshakes and historical or current politically sensitive issues like “Tiananmen Protests” or “Tibetan independence” are seamlessly purged from the Google search results.
>
>
The aforementioned cases indicate that the state may influence the supply of hardware and software by commercial entities, by effectively asserting indirect control over the commercial entities themselves. A final and more recent example may be that of Google and its political/business interaction with the Chinese government: Google adopts the technology mandated by brute political force; Chinese governmental concerns about information over the net are fully addressed (since they are embedded in computer code) and Google can access and profit from the Chinese market. It takes a couple of golden handshakes and historical or current politically sensitive issues like “Tiananmen Protests” or “Tibetan independence” are seamlessly purged from the Google search results. A similar story took place with Yahoo! in 2002
 E. In this context, communications software and hardware acquires a meaning that surpasses the field of engineering. It becomes a form of control and thus a focus of political contest and choice (p. 28). And in such political contest, free software (“free as in free speech”) acquires its full potential

NikolaosVolanisFirstPaper 5 - 18 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
please do not review yet.
Line: 31 to 31
 

2. Analysis

Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating electronic communications code (as this allows for better enforcement and traceability), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation.
Deleted:
<
<
A. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to national defense and law enforcement respectively. In the wake of commercial transition to digital telephony and data networks such as the net, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.
 
Changed:
<
<
Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. In this context, it demonstrates that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be appropriately incentivized or disincentivized by the State in adopting specific technological solutions or complying with governmental regulations. For example, at the start of the debate over the government’s intent to control encryption technologies, the IT-savvy community had argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile. Still, companies in the business of producing encryption technology prefered to comply with government regulations. Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.
>
>
A. + B. In the U.S., both the Arms Export Control Act (and the Traffic in Arms Regulations) as well as the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to national defense and law enforcement respectively. In the wake of widespread migration to digital telephony and data networks such as the net, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17) - or by using the government's power as a major consumer of cryptographic products to rig the market). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology. After all, due to consitutional concerns, the adoption of such technology was voluntary. However, the solution did not come from large commercial entities, but from small grassroots initiatives.
 
Changed:
<
<
The aforementioned cases indicate that the state may influence the supply of hardware and software by commercial entities, by effectively asserting indirect control over the commercial entities themselves. A final and more recent example may be that of Google and its political/business interaction with the Chinese government: Google adopts the technology mandated by brute political force; Chinese regulation is thus better enforced (embedded in computer code) and Google can now access and profit from the Chinese market. It takes a couple of golden handshakes and historical or current politically sensitive issues like “Tiananmen Protests” or “Tibetan independence” are seamlessly purged from the Google search results.
>
>
C. + D. Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. The aforementioned examples demonstrate that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be incentivized or disincentivized by the state in adopting specific technological solutions or complying with governmental regulations. Although, for example, the IT-savvy community has argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile, still, companies in the business of producing encryption technology prefered to comply with government regulations, in fear of invoking government contempt (or worse). Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.
 
Changed:
<
<
In this context, communications software and hardware acquires a meaning that surpasses the field of engineering. It becomes a form of control and thus a focus of political contest and choice (p. 28). And in such political contest, free software (“free as in free speech”) acquires its full potential
>
>
The aforementioned cases indicate that the state may influence the supply of hardware and software by commercial entities, by effectively asserting indirect control over the commercial entities themselves. A final and more recent example may be that of Google and its political/business interaction with the Chinese government: Google adopts the technology mandated by brute political force; Chinese governmental concerns about information over the net are fully addressed (since they are embedded in computer code) and Google can access and profit from the Chinese market. It takes a couple of golden handshakes and historical or current politically sensitive issues like “Tiananmen Protests” or “Tibetan independence” are seamlessly purged from the Google search results.

E. In this context, communications software and hardware acquires a meaning that surpasses the field of engineering. It becomes a form of control and thus a focus of political contest and choice (p. 28). And in such political contest, free software (“free as in free speech”) acquires its full potential

 


NikolaosVolanisFirstPaper 4 - 18 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
please do not review yet.
Line: 13 to 13
 

1. The Argument

Changed:
<
<
I will attempt to demonstrate how the interdependence of governmental and private commercial interests are detrimental for the development of communication networks and communications related software. My basic proposition is the following: A. State law enforcement interests mandate specific technological solutions which allow for increased traceability of the behavior of individuals over electronic communications networks. B. In order to achieve this purpose, the state has to engage either in regulation of technology directly (regulation by legislation) or indirectly by incentivising the providers of communications hardware and software to adopt a preferable techological solution. C. To the extent that these intermediaries are commercial enterprises, they are primarily concerned with minimizing losses, by avoiding governmental contempt which could lead to administrative penalties or other sanctions. D. In this context, if communications hardware and software is provided by commercial enterprises, asserting control over them through indirect regulation asserts influence over the specifications of hardware and software output. Thus, state digital surveillance and enforcement interests are better served through a top-down production process by commercial actors, whereas the commercial actors may achieve higher profits or preferable treatment by ensuring that their hardware and software complies with state-promoted specifications. E. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.
>
>
I will attempt to demonstrate how the interdependence of governmental and private commercial interests are detrimental for the development of communication networks and communications related software. My basic proposition is the following:

A. State law enforcement interests mandate specific technological solutions which allow for increased traceability of the behavior of individuals over electronic communications networks.

B. In order to achieve this purpose, the state has to engage either in regulation of technology directly (regulation by legislation) or indirectly by incentivising the providers of communications hardware and software to adopt a preferable techological solution.

C. Being for-profit entities, these intermediaries are primarily concerned with minimizing losses, by avoiding governmental contempt which could lead to administrative penalties or other sanctions.

D. In this context, when communications hardware and software is provided by commercial enterprises, asserting control over the latter through indirect regulation asserts influence over the specifications of hardware and software output. Thus, state digital surveillance and enforcement interests are better served through a top-down production process by commercial actors, whereas the commercial actors may achieve higher profits or preferable treatment by ensuring that their hardware and software complies with state-promoted specifications.

E. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.

 

Changed:
<
<

2. Supporting Material

>
>

2. Analysis

 
Changed:
<
<
Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating code (as this allows for better enforcement), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation. A. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to law enforcement. In the wake of packet switching telephony, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.
>
>
Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating electronic communications code (as this allows for better enforcement and traceability), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation. A. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to national defense and law enforcement respectively. In the wake of commercial transition to digital telephony and data networks such as the net, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.
 Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. In this context, it demonstrates that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be appropriately incentivized or disincentivized by the State in adopting specific technological solutions or complying with governmental regulations. For example, at the start of the debate over the government’s intent to control encryption technologies, the IT-savvy community had argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile. Still, companies in the business of producing encryption technology prefered to comply with government regulations. Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.

NikolaosVolanisFirstPaper 3 - 15 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
please do not review yet.
Line: 13 to 13
 

1. The Argument

Changed:
<
<
I will attempt to demonstrate how the interdependence of governmental and private commercial interests are detrimental for the development of communication networks and communications related software. My basic proposition is the following: A. State law enforcement interests mandate specific technological solutions which allow for increased traceability of the behavior of individuals over the net. B. In order to achieve this purpose, the state has to engage either directly in regulation of technology (regulation by legislation) or indirectly by incentivising the providers of communications hardware and software to adopt the preferred techological solution. C. To the extent that these intermediaries are commercial enterprises, they are primarily concerned with maximizing profits, by avoiding governmental contempt or administrative penalties. E. In this context, if communications hardware and software is provided by commercial enterprises, asserting control over them through indirect regulation ensures control of their hardware and software output. Thus, the State prefers commercial actors to better regulate the Internet (particularly since regulating individual behavior seems rather impossible), while the commercial actors may achieve higher profits by ensuring that their hardware and software complies with state-promoted specifications. F. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.
>
>
I will attempt to demonstrate how the interdependence of governmental and private commercial interests are detrimental for the development of communication networks and communications related software. My basic proposition is the following: A. State law enforcement interests mandate specific technological solutions which allow for increased traceability of the behavior of individuals over electronic communications networks. B. In order to achieve this purpose, the state has to engage either in regulation of technology directly (regulation by legislation) or indirectly by incentivising the providers of communications hardware and software to adopt a preferable techological solution. C. To the extent that these intermediaries are commercial enterprises, they are primarily concerned with minimizing losses, by avoiding governmental contempt which could lead to administrative penalties or other sanctions. D. In this context, if communications hardware and software is provided by commercial enterprises, asserting control over them through indirect regulation asserts influence over the specifications of hardware and software output. Thus, state digital surveillance and enforcement interests are better served through a top-down production process by commercial actors, whereas the commercial actors may achieve higher profits or preferable treatment by ensuring that their hardware and software complies with state-promoted specifications. E. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.
 

2. Supporting Material

Changed:
<
<
Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating code (as this allows for better enforcement), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to law enforcement. In the wake of packet switching telephony, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.
>
>
Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating code (as this allows for better enforcement), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation. A. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to law enforcement. In the wake of packet switching telephony, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.
 Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. In this context, it demonstrates that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be appropriately incentivized or disincentivized by the State in adopting specific technological solutions or complying with governmental regulations. For example, at the start of the debate over the government’s intent to control encryption technologies, the IT-savvy community had argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile. Still, companies in the business of producing encryption technology prefered to comply with government regulations. Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.

NikolaosVolanisFirstPaper 2 - 15 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Added:
>
>
please do not review yet.
 

NikolaosVolanisFirstPaper 1 - 05 Nov 2009 - Main.NikolaosVolanis
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="FirstPaper"

Arrested Development: musings on the interdependence of State and commercial actors in the development of communication software and hardware

-- By NikolaosVolanis - 05 Nov 2009

1. The Argument

I will attempt to demonstrate how the interdependence of governmental and private commercial interests are detrimental for the development of communication networks and communications related software. My basic proposition is the following: A. State law enforcement interests mandate specific technological solutions which allow for increased traceability of the behavior of individuals over the net. B. In order to achieve this purpose, the state has to engage either directly in regulation of technology (regulation by legislation) or indirectly by incentivising the providers of communications hardware and software to adopt the preferred techological solution. C. To the extent that these intermediaries are commercial enterprises, they are primarily concerned with maximizing profits, by avoiding governmental contempt or administrative penalties. E. In this context, if communications hardware and software is provided by commercial enterprises, asserting control over them through indirect regulation ensures control of their hardware and software output. Thus, the State prefers commercial actors to better regulate the Internet (particularly since regulating individual behavior seems rather impossible), while the commercial actors may achieve higher profits by ensuring that their hardware and software complies with state-promoted specifications. F. In this business-political embrace, grassroots software or hardware development may offset a drive towards excessive governmental control over the digital behavior of individuals.

2. Supporting Material

Our recent discussion regarding encryption technology not only demonstrates that the State can have an interest in regulating code (as this allows for better enforcement), but also that such control can be exercised through commercial technologies, when the latter are favored by regulation. In the U.S., both the Arms Export Control Act and the Communications Assistance for Law Enforcement Act (CALEA, enacted in 1994) dealt with the critical issue of cryptography and the danger that this technology may pose to law enforcement. In the wake of packet switching telephony, CALEA’s purpose was to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications operators and manufacturers of telecommunications equipment take necessary steps to ensure that their equipment and services support built-in surveillance capabilities, so as to allow state monitoring of communications traffic in real-time. Around the same time (1993), the U.S government developed and promoted an encryption device to be adopted by telecommunications operators for voice transmission, the “Clipper Chip”. The core of that concept was based on the ability of the Government to override the encryption technology at will (“established authority”), since the cryptographic key of every device bearing the chip would be put in governmental escrow. Although this initiative met strong consumer protest, the U.S. government continued to press for key escrow by offering incentives to manufacturers (e.g. by allowing more relaxed export controls if key escrow was part of the software exported - for a more detailed account, see here (pp.15-17)). Still, with the release and swift propagation of independent free software such as PGP and Nautilus (open source software which provided strong encryption without key escrow requirements), it became impossible for the U.S. government to effectively advance its preferred encryption technology.

Indeed, by enabling both confidentiality and identification, encryption technology can be perceived as both “liberating” and “oppressive” technology, depending on the actual parameters that define its use. In this context, it demonstrates that as software or hardware development becomes a commercial activity, it is produced by a smaller number of for-profit entities, which, in turn can be appropriately incentivized or disincentivized by the State in adopting specific technological solutions or complying with governmental regulations. For example, at the start of the debate over the government’s intent to control encryption technologies, the IT-savvy community had argued that such an artificial attempt to control the flow of information and to restrain it within the U.S. would be futile. Still, companies in the business of producing encryption technology prefered to comply with government regulations. Likewise, a company called Network Associates (the successor of the PGP software), originally a strong opponent of encryption regulation, started to offer products that adopted key recovery mechanisms for corporations. With regard to the hardware industry, Cisco provides us with another example of a company submitting to governmental incentives through regulation: In 1998, it announced a router that would enable encryption (thus providing encryption at the OSI network layer, not the application layer, as it is the case with software such as PGP), but which would contain a switch which would allow the government to override such encryption (p.71) so as to monitor internet traffic.

The aforementioned cases indicate that the state may influence the supply of hardware and software by commercial entities, by effectively asserting indirect control over the commercial entities themselves. A final and more recent example may be that of Google and its political/business interaction with the Chinese government: Google adopts the technology mandated by brute political force; Chinese regulation is thus better enforced (embedded in computer code) and Google can now access and profit from the Chinese market. It takes a couple of golden handshakes and historical or current politically sensitive issues like “Tiananmen Protests” or “Tibetan independence” are seamlessly purged from the Google search results.

In this context, communications software and hardware acquires a meaning that surpasses the field of engineering. It becomes a form of control and thus a focus of political contest and choice (p. 28). And in such political contest, free software (“free as in free speech”) acquires its full potential

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, NikolaosVolanis


Revision 6r6 - 19 Nov 2009 - 05:05:16 - NikolaosVolanis
Revision 5r5 - 18 Nov 2009 - 16:28:08 - NikolaosVolanis
Revision 4r4 - 18 Nov 2009 - 04:02:14 - NikolaosVolanis
Revision 3r3 - 15 Nov 2009 - 18:06:49 - NikolaosVolanis
Revision 2r2 - 15 Nov 2009 - 05:23:39 - NikolaosVolanis
Revision 1r1 - 05 Nov 2009 - 18:07:35 - NikolaosVolanis
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM