Security in cyberspace

University of Toronto professor Ron Deibert, the director of Citizen Lab, discusses the impact of the Edward Snowden revelations on the future of the Internet and calls for civil society to advance a security strategy for cyberspace “from the starting point of human rights and the rule of law” (Remarks by Professor Ron Deibert to the 2013 Internet Governance Forum High Level Leader’s Meeting, 22 October 2013):

We have to talk about Edward Snowden’s revelations. It is the elephant in the room. Everyone is wondering what impact these revelations will have: on forums like the IGF, on standard setting bodies like the IETF, and on Internet governance broadly.

We are clearly at a watershed moment.

My fear is that the reactions to these revelations are, in the short term, going to make matters worse. They will have a negative impact, I fear, for openness, human rights, and even for international security — as governments detach and seek to insulate themselves from the global network.

I worry that arguments for a “clean,” “healthy,” or even “ethical” Internet will be used in practice to stifle free expression and access to information.

I worry that what started out as a globally distributed network will be slowly subsumed and swallowed up by a system of nationalized controls.

Although I applaud efforts by governments to build confidence measures and norms in cyberspace, I worry that these processes will result in a condominium of the lowest common denominator, as long as they are processes undertaken behind closed doors and without the full participation of civil society.

I worry most of all about an escalating arms race in cyberspace, serviced by a growing market for censorship, surveillance, and computer network attack products and services that are directed by governments not only at each other, but also at their own citizens and at dissidents at home and abroad.

Capabilities are being put in the hands of policymakers they never before imagined: deep packet inspection, cell phone tracking, social network monitoring, that are being used to identify, isolate, and arrest civil society.

I fear the market for what some are calling “digital arms” — unconstrained as it is — will now explode as cyber security demands grow and governments seek to build their own signals intelligence programs. …

…I believe that civil society needs to put forward a security strategy for cyberspace from the starting point of human rights and the rule of law.

We have to begin by asking: security for whom? security for what?

Part of that process must involve a reasonable and open discussion about the rule of law enforcement and intelligence agencies in the world of Big Data and the Internet of Things.

At the very time that we are turning our digital lives inside out, entrusting our thoughts, actions, and intimate conversations to private companies, we are delegating power and authority to secure this space to some of the world’s most secretive and unaccountable national security agencies.

To be clear, law enforcement and intelligence agencies are essential to the protection of commerce, rights, and governance. But wholesale surveillance without independent judicial oversight is incompatible with liberal democracy and human rights.

Furthermore, we have to give meaning in the real world to the idea of “multi-stakeholderism.” The term is mouthed so often by those who do not practice what they preach that it has become an empty euphemism.

Finally, we have to lift the lid on the Internet and subject it from the bottom to the top, from the code all the way up to forums like this, subject them all to proper oversight, transparency, accountability, and legal restraint.

The Internet is ours — all of ours. It is what we collectively make of it. We need to remember that before it slips through our grasp.

Image credit: U.S. National Security Agency

Tags: Citizen Lab, Communications Security Establishment, Cyberspace security, Edward Snowden, Internet, National Security Agency, Ron Deibert, Signals intelligence