Black Code: The Battle for the Future of Cyberspace by Ronald J. Deibert
Ron Deibert’s book title should probably have the word “tour” in it somewhere, as that is the primary purpose of this book. He covers a whole variety of topics surrounding the fragile nature of the world wide web as we know it. Some of the topics include:
– the next 5 billion (quote – “North Americans and Europeans make up less than 25 percent of Internet users”)
– BlueCoat and similar technologies
– points out how in “liberal democratic countries we are lowering the standards around basic rights to privacy just as the centre of cyberspace gravity is shifting to less democratic parts of the world”
– the unlawful practice of “other requests” (quote — “Christopher Parsons found that in 2010 the RCMP contacted ISPs for user name and address information more than 28,000 times without a warrant, with the ISPs complying nearly 95 percent of the time.”)
– wiretaps (quote – “In the early 2000s, I toured an IXP in downtown Toronto and saw row upon row of high-tech equipment, endless servers stacked on several floors. Down one long hallway there were hundreds of what appeared to be randomly distributed red tags attached to the equipment. I asked the tour guide, “What are the red tags?” He replied nonchalantly, “Oh, those are the wiretaps,” and moved on.”)
– the problematic term of “lawful access”, often used in Canada
– the terrible state of Terms of Service
– cyberwar (unlike Thomas Rid he thinks it will take place)
– digital arms brokers
– DDOSs as political protest (he thinks not)
– Hacktivism and “reactionary phenomenon like Anonymous”
The tour also introduces a lot of organizations that are active in the “defense” of the internet (from differing angles of course). Some orgs that are new to me include:
- Shadowserver Foundation
- Alliance for Telecommunications Industry Solutions
- European Telecommunications Standards Institute (ETSI)
- IMPACT (the International Multilateral Partnership Against Cyber Threats)
I found this book pretty beneficial in its description of official, governmental organizations involved in defending/controlling the web. I am much more familiar with the unnofficial and academic groups.
For people who have been following this field for some time, there might not be a lot of new information, but Black Code does add nuance and layers information in a nice package. Coming from a professor and being based on reports from Citizen Lab, I thought it would be more academic in its approach, and was sort of disappointed. The footnotes are fairly sparse, and he does not spend a lot of time in lengthy, academic definitions of certain terms (eg. there is no mention of Buzan when he talks about “securitization”). I suppose it is trying to be a more general book, and that is an important goal.
Professor Deibert has been able to bring some of the deep academic work they have been doing at the Citizen Lab to a wider audience. The book is very accessible, and easy to recommend to your non-cypherpunk friends. Moreover, at least in my case, it should pique interest in reading more Citizen Lab publications for those interested in diving deeper.
Forgive the digression, but back in 2005 when I was at grad school I started working on a master’s thesis around the Iranian clergy’s use of the internet. I had to change topics because for personal reasons. But had things played out different, I would have loved to do some work at Citizen Lab. Maybe, if I ever go back for a PhD, I might still get the chance.
The final chapter might be the most interesting to watchers of the field, for it is here that Deibert proposes solutions, or at least a framework for solutions. Recently, Evgeny Morozov tried to promote a third way:
we must confront the question not only in the economic and legal dimensions but also in a political one
Deibert proposes a fourth: the civic network. These are the forums that governments, corporations, universities and civil rights groups are invited to to hash out solutions to social problems. Deibert argues for a “stewardship” model of governance for the net, based on three principles: mixture, division and restraint. Through civic networks a mixture of actors with different roles and responsibilities come together, but no single actor has a controlling stake (division), and the citizens restrain the traditional poles of economic and legal power.
I agree that citizen action is imperative (lest we be doomed as serfs to the feudal lords of consumer technology, to paraphrase Bruce Schneier), and it seems that Deibert also feels that individual citizens are kept in the dark. He writes:
It is not only that we know less and less about the technical systems upon which we depend, the problem is deeper than that. We are actively discouraged, by law and the companies involved, from developing a curiosity about and knowledge of the inner workings of cyberspace. … herein lies an enormously important paradox, one that sits at the heart of our technologically saturated world: we have created a communications environment that is utterly dependent on existing (and emerging) technologies, and yet, at the same time, we are actively discouraging experimentation with, and an understanding of, these technologies.
Even though he describes the internet as a “totally immersive environment”, entwined in everyone’s lives whether they want it or not, he maintains that the solution is to depend on a priesthood of “stewards” representing citizens at multi-actor talk shops. This may seem a lukewarm solution to the empowered activists in the room, wanting to inflame and empower the “people” to rise up (cue the cypherpunk call to arms “freedom through encryption”). However, in light of the complacency we have seen over the past six months (and more!) it might just be the most realistic chance we have on the road from information serfdom.
As much as Edward Snowden could be considered a latter day Paul Revere, and the people should heed his warnings, we have seen a terrible lack of anger sweep our nations. It is up to us to not only protect ourselves through our technological prowess, but also to engage with other power actors to ensure encrypted, distributed and ultimately safe infrastructure for ourselves and the general populace in the global north and beyond. It is a tour of duty. Black Code is a book that illustrates it well, and hopefully will empower more to join our cause. Spread it around.