[governance] FW: [liberationtech] Online tools blocked in Syria. Its probably not what you think.

michael gurstein gurstein at gmail.com
Thu Aug 23 02:36:06 EDT 2012


Another instance of extra-territoriality, national policy and the Internet.

 

M

 

From: liberationtech-bounces at lists.stanford.edu
[mailto:liberationtech-bounces at lists.stanford.edu] On Behalf Of John
Scott-Railton
Sent: Tuesday, August 21, 2012 7:50 PM
To: Liberation Technologies
Subject: Re: [liberationtech] Online tools blocked in Syria. Its probably
not what you think.

 

Hi Rafal 

(and Libtech)

 

I'm a bit surprised. Is there a specific case where a license has been
denied, or were services are no longer offered because of export
restrictions? 

 

Thanks for the question. Some of these issues are articulated in the
petition text, and James Ball writing in the Washington Post on the 16th
wrote this much more clearly than I can:

 

http://www.washingtonpost.com/world/national-security/sanctions-aimed-at-syr
ia-and-iran-are-hindering-opposition-activists-say/2012/08/14/c4c88998-e569-
11e1-936a-b801f1abab19_story.html

 

To answer your question, here are two of things you can't get right now in
Syria:

 

Targeted Advertising Blocked

Problem:  Inability to do targeted advertising for users registered in
Syrian space. E.g. purchasing PSAs on security issues on Facebook. This
makes it difficult to do effective messaging on key issues,  or for other
groups providing information to direct, say, social media users to their
content.  

Current Ad-hoc Solutions:  Information provided in higher-cost, more
labor-intensive ways (e.g. trainings to small groups, other kinds of
messaging that hit much smaller, informal pools of people etc).

Mobile Apple App Store, Google Play both blocked

Problem:  Lack of access means inability to securely and straightforwardly
access a full range of tools in app stores, including mobile security tools,
connectivity solutions (e.g. VPNs) as well as news and information.
Bypassing these requires jailbreaking phones.

 

User Quote on Mobile in Conflict: " if an iphone user wants to stream a
protest or shelling he needs to jailbreak his phone or find a proxy that
they can use to download the app or jailbreak the iphone...then i send him a
cracked copy of the apps...[then] he then needs to upload it onto the phone
then he is able to use the vpn or streaming app"

 

Current Ad-hoc Solutions:  Unwieldy work arounds. Doesn't work for everyone,
phones must be made more vulnerable by being jailbroken.

 

There are many other issues, including access to Sourceforge, auto-updates
for Java, Windows Activation and so on. As the petition frames it, the
complexity of this issue stems from the roles played both by sanctions and
export licensure, and by companies own reluctance to undertake the legal
determination of whether their products are legal (e.g. under General
License #5). 

 

The end result is that Syrians don't have access to important tools.  Both
government and private sector actors / tool developers have an imperative to
address this, we think.  On the government end, we think that encouraging
better guidance and clarity and review of licensure for Syria is a natural
step, and a stronger signal to the private sector. Recent efforts to review
and ease sanctions on Iran are a good model to start with.

 

 

Anyway, I'm interested what prompted this petition as our organization is
about to embark on ramping up of a large-scale activity focused on Syria and
digital safety.

 

Good luck! 

 

Very best,

 

John

 






Many thanks

Rafal


Sent from my PsiPhone


On 2012-08-21, at 2:18 AM, John Scott-Railton <john.scott.railton at gmail.com>
wrote:

Hi All,

 

You're likely aware of US export restrictions intended to limit the Assad
Regime's access to monitoring and filtering gear.  But there is another side
of this coin: unintended and negative effects on Syrians' access to personal
communications and security technologies. This inadvertently compliments the
regime's own filtering efforts.

 

 A few hours ago, an online petition*  started circulating, requesting that
the Departments of Commerce and Treasury review and  streamline export
licensure, guidance and review to address the problem.  The petition is
hosted by Change.org <http://Change.org/> , and led by Dlshad Othman, a
Syrian opposition IT expert.

 

Please consider signing, and spreading the petition link:
www.change.org/syria

 

I've written a  quick summary.

 

TL;DR for Libtech:

 

-Some key software and online services, including security tools, aren't
making their way to Syrians. 

- Even if the tools are exempted under the letter of the law

-Syrian digital activists don't understand why this is happening, given
official statements from the US that say these tools should be available.  

- Last week, the Washington Post laid out the problem: Washington Post
Article
<http://www.washingtonpost.com/world/national-security/sanctions-aimed-at-sy
ria-and-iran-are-hindering-opposition-activists-say/2012/08/14/c4c88998-e569
-11e1-936a-b801f1abab19_story.html> 

-Sanctions are complicated, and the process of licensure is quite long.  It
can be resource consuming, even for big players.

-Penalties for violations are severe

-Companies' risk-averse compliance regimes are partly responsible for why
many tools currently legal under the letter of current law, or whose
legality could be quickly determined, have not been made available to
Syrians.

-Companies will benefit from clearer signals and guidance from Departments
of Commerce and Treasury 

-A new general license is needed: it should give clearer and more explicit
exemptions on personal communications and security technologi balancing
legitimate concerns over cryptography and financial transactions with the
need to protect the safety of at-risk populations

- For specific licenses, a more streamlined process also needs to be
implemented, giving clearer formal and informal guidance to companies, and a
faster case-by-case licensing mechanism for companies and NGOs 

 

 

* (full disclosure, I'm involved) 

 

 

 

Best,

 

John Scott-Railton

 

 

 

John Scott-Railton
www.johnscottrailton.com <http://www.johnscottrailton.com/> 

PGP key ID: 0x3e0ccb80778fe8d7
Fingerprint: FDBE BE29 A157 9881 34C7  8FA6 3E0C CB80 778F E8D7

 

--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20120823/754be255/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list