In 1999, Microsoft founder Bill Gates made a confident prediction: "There'll be two types of business in [future]: those online and those out of business". Gates’ saying became popular, but little has changed. Today we say about a person without any taint of irony: "If you aren’t online, you do not exist". Global network has covered all aspects of our life and we do not even admit that it can be suddenly taken away or our freedom to use it will be somehow restricted.
Last December, Dubai hosted the International Telecommunication Union (ITU) conference. For two weeks, representatives of 144 countries, including Ukraine, discussed the new regulations designed to facilitate the interaction among communication networks worldwide and to ensure universal accessibility for their users.
Main discussion flared up because of the joint proposal of Russia, China, Algeria and the United Arab Emirates for obtaining sovereignty over the Internet. Although that proposal was not supported by the conference participants, the document was voted for by 55 countries, including almost all of the European Union. The cause was the earlier adoption of the Deep Packet Inspection (DPI) technology at the World Telecommunication Standardization Assembly. According to the updated regulations, the government shall decide whether to implement the innovation, which allows analyzing and blocking Internet traffic.
Ukraine had supported the document, but the event did not receive adequate media coverage and the decision went unnoticed. ForUm sorts out what Ukraine voted for and what Internet users should expect in a year.
Who is Big Brother?
Contrary to popular belief, the Internet is not controlled over by any country or structure since it is technically impossible. Global network exists due to cooperation of Internet service providers and software developers, who are independent in their actions and tend to be competitors in the market. They are guided solely by the recommendations of international organizations, which are not legally binding and do not affect their local policy. Among them, there are mainly non-commercial public organizations as ICANN, W3C, IETF.
The International Telecommunication Union (ITU) refers to an entirely different category of organizations. It was founded as the International Telegraph Union in 1865 and has been the specialized UN agency since 1947. The ITU membership comprises 193 countries and more than 700 members, including representatives of research and production enterprises, public and private communications providers, broadcasters, regional and international organizations.
However, exclusively government institutions are eligible to vote in the ITU. Until recently, the main ITU activity was distribution of the radio frequencies and satellite orbits due to nominations and countries. However, last December, the Union decided to amend its regulations, which had not been updated since 1988.
Participants discussed various amendments a fortnight. As a result, the ITU received an authority to make recommendations on Internet governance. Despite the following wave of media rumors a la "UN takes control over the Internet", it’s beyond the ITU scope. As ForUm learnt from one of the Ukrainian telecom market pioneer, NetAssist CEO Maksym Tuliev, the ITU has no relevant technical leverages.
"It’s impossible to take Internet in a single pair of hands. Currently there is no structure, which can simultaneously instruct something to Russia, China and Honduras. To do this, all the companies worldwide have to agree to comply with the documents, issued by one organization, for example, from the United States. In fact, neither the U.S. nor the UN, nor ICANN has technical ability to press on any network. All they exchange data packets directly, not through some single center," the expert says.
Digital war
It is practically impossible to monopolize the Internet, but to "divide" it is not difficult. Thus, during the Dubai conference a serious dispute broke out because of the claims of some countries to establish national segments of the Internet based on the new routing schemes. The main impetus for the conflict settlement was dissatisfaction with the ICANN structure, which is engaged in the distribution of IP-addresses and domain names. Despite the fact that ICANN has the status of "international non-profit organization", analysts believe it is influenced by U.S. government agencies, thus violating the right of states to implement their own information sovereignties.
"I do not believe anyone can take control over the Internet. However, those streams of information that are now being collected and analyzed, to put it mildly, for research purposes, are domain of Americans. So, ICANN model looks very strange against the background of recent events involving Snowden," director of the Coordination Center for TLD RU Andrei Kolesnikov expressed his opinion to ForUm.
Obviously, this dissatisfaction led to the fact that Russia, China, Algeria and the United Arab Emirates lobbied the items designed to allow states to influence the content distribution in the network and to introduce the digital sovereignty within the state borders. Russia even made the controversial proposal to make ITU a major Internet regulator.
Under pressure from European countries and the United States, a number of such items was not included in the updated document, and 55 countries did not signed it because of disagreements. Finally, the updated resolution provided the government of each country with the right of free choice in matters related to controlling the Internet.
We may only guess about how the countries will use this right. The regulations also contain a controversial Article 5B, which states: "Member States should endeavour to take necessary measures to prevent the propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services. Member States are encouraged to cooperate in that sense". Despite the fact that this article refers to spam, opponents of the innovation believe that this formulation can justify censorship.
"From European point of view, spam is content. In order to classify the message as spam on the Internet, in e-mail or in SMS, it is necessary to scan it. This implies its reading by a man or a machine. You can not say about the information that it is spam without reading it," chairman of the Public Council of ICANN Olivier Crépin-Leblond wrote in his report on the Dubai conference. The updated regulations put on vote by ITU Secretary-General Dr. Hamadoun Touré at the last minute became the result of two weeks of debate.
The document was adopted by a simple majority, despite the claims that it would be considered only by the vast majority of participants. The head of the U.S. delegation left the conference room during the signing. Canada, Great Britain, Denmark, Poland, Sweden, Japan, Moldova, Georgia, Armenia, and, to everyone's surprise, Belarus refused to sign the document as well. At the same time, China, Iraq, Vietnam, Russia, Kazakhstan and Ukraine supported the signing.
Officially, the new regulations will come into force in January, 2015. During this time, some countries may change their mind, and those, who remain of the same mind, will continue be guided by the agreement that was reached 24 years ago. The ITU cannot force them to sign the document.
Why does Ukraine need new ITU regulations?
We tried to sort out what were the reasons for Ukraine's decision to vote for such a controversial document, and how it will influence the fate of ordinary Internet users. As we mentioned before, only government agencies have the right to vote in the ITU. In Ukraine, such a mission is assigned to the State Service for Special Communication and Information Protection of Ukraine.
Ukrainian delegation at the Dubai conference was led by head of the State Service for Special Communication and Information Protection Hennady Reznikov. However, a participant in all discussions was director of the communication development strategy department of the State Service Oleksandr Baranov, who refused to comment on Ukraine’s decision.
However, as journalist and director of the European media platform Oksana Prykhodko explained to ForUm, the official position of our country was prepared by the State Service for Special Communications and approved by the Foreign Ministry.
"According to the technical specification, Ukrainian delegation at the Dubai conference was required to adhere to a compromise position.
This position was changed in just the past few days. What can we do now? Document has to pass ratification. In addition, all participating countries should give consent for system to start working. Still, we must speak openly about what happened," the expert believes.
The main problem of Ukraine became the opacity of the procedure itself. Thus, in many countries, the official position was openly formed in the course of numerous discussions. As chairman of the Public Council of ICANN and the UK delegation participant Olivier Crépin-Leblond told ForUm, the British delegation consisted of 30 people, including representatives of various ministries and government agencies, British Telecom, private IT companies and public organizations. Although not everyone could vote, every delegation member played a role in decision-making.
The Ukrainian delegation consisted only of representatives of the State Service for Special Communication and members of the National Commission for state regulation in field of communication and information. According to Oksana Prykhodko, public organizations were refused participation in the conference.
ForUm also received the official response from deputy chairman of the State Service for Special Communication and Information Protection of Ukraine Oleksandr Korneyko, which says that by participating in the World International Telecommunication Conference, Ukraine fulfilled its obligations of ITU member and received a substantial amount of technical information on global trends in the development of the telecommunications market. As the chairman noted, this information will be used for the introduction of new technologies and the formation of long-term plans of the research work in the online sphere. The official does not specify what new technologies he means.
What is DPI?
Everything would be fine but for Y.2770: Deep Packet Inspection (DPI) standard, which, according to statements in the press, was introduced at the Dubai conference. However, as ForUm learned, it was secretly passed one week before the conference, at the World Telecommunication Standardization Assembly (WTSA- 12). What is this standard?
The main function of the DPI is control over the Internet traffic. If DPI-equipment is installed, the Internet provider gets possibility to filter information, which does not meet the specified criteria. In other words, provider can block certain resources, and determine who uses the prohibited content.
"The main task of DPI is analysis and blocking of flowing Internet traffic. This technology allows blocking certain resources and searching for "unreliable people". For example, DPI has long been used in Saudi Arabia. It is used for combating pornography. However, their goal is not to block access to such a website, but to arrest a person, who uses it," Maksym Tuliev explains.
Director of the communication development strategy department of the State Service for Special Communication and Information Protection of Ukraine Oleksandr Baranov adds: “DPI system is not dangerous for ordinary users. It enables telecommunications operator to plan its actions by itself, nothing more. It is a professional tool for telecommunications operators. They do not engage in censorship and viewing the transferred messages”.
Despite the information published in the ITU blog on 6 December 2012, which says that the approved standard Y.2770 does not allow access to users' personal information, the probability that the DPI will be used for spying can not be excluded. In addition, the specified standard, according to the ITU new rules, adopted by Ukraine, is now officially permitted on the territory of our country.
According to Oleksandr Korneyko, administration of the State Service does not intend to initiate introduction of ITU recommendation for DPI in Ukraine at the legislative level.
According to the document, Internet service providers will be required to establish technical means necessary for the implementation of search operations in their networks for their own money. Besides, providers will be required to facilitate covert investigation and provide temporary access to things and documents that contain information about the caller, as well as information on the provision of telecommunication services. The approved document was sent to the Justice Ministry for state registration.
So what happened? Will Internet users be controlled? If law enforcement agencies suspect you of committing a crime, then yes, you will be controlled according to the new rules. But in fact, as deputy chief of the information society and media strategies research department of the National Institute for Strategic Studies under the President of Ukraine Dmytro Dubov told ForUm, Internet providers has always had such a possibility.
"I do not think something will be fundamentally changed for the worse after introduction of the DPI standard. In general, it simply formalizes and makes officially the already applied technologies. ITU has just openly stated the thing, previously implemented by some providers. Now search queries and e-mails of users can be checked more deeply. Using any electronic communication systems, we must be aware that they can be viewed any time," the expert considers.
According to Maksym Tuliev, Internet providers will not be happy with this innovation, as it will not help them attract customers, but only create additional expenses. "Such expenditure is not subject to compensations from the budget. The only way to solve the problem is to increase prices for Internet users.
Today, Ukraine has the cheapest Internet in the world. Under such circumstances, providers have means neither for installing DPI- equipment at their own expense, nor for developing the network. We calculated that after the mandatory implementation of the new standard, our provider will have to double or even treble the price to make profits," the expert said.
The law enforcement agencies have their own opinion. According to estimates of the Interior Ministry of Ukraine, the number of cyber crimes in the country is growing every year. Only for the first half of 2013, there were registered 1878 Internet frauds. Meanwhile, cybercrime detection makes up only 50%.
Obviously, mandatory installation of DPI-equipment by providers will greatly simplify the work of law enforcement agencies. However, as chief of department for combating cybercrime of the Interior Ministry of Ukraine Maksym Litvinov said at the IV Ukrainian forum on Internet Governance, users will always advocate for anonymity on the Internet, even if they suffer from it.
What every user should know
What else we should be ready for apart from sharp rise in prices for Internet access and control on part of the law enforcement agencies? For example, for the fact that with the introduction of DPI standard it will become possible to detect and block viral software and pirate sites, to identify copyrighted content, to identify users, illegally handing out the licensed content, personal targeting (advertising mechanism) and the like.
DPI standard is not officially used in Ukraine so far. However, users should be aware that with the expansion of the sphere of influence of the global network, a year earlier or later we will inevitably face the advent of state sovereignty and state law in the Internet, which will increasingly resemble the classic human rights in any state. You may like it or not, but the process is already running.
However, now it is difficult to guess what exactly Ukraine will filter. Theoretically it is possible to predict the block of extremist and pornographic websites, but something that we do not guess may be prohibited. We can also assume that due to the pursuit of profits Internet providers will simply take money from users for the same pirated content. However, as Maksym Tuliev told us, limits of DPI capabilities depend on educational boundaries of users. Therefore, most likely, IT-specialists (in contrast to ordinary users) will find quickly the way to circumvent these mechanisms.
Well, the last thing Internet users worth knowing is that advertising specialists get unprecedented opportunities with the DPI introduction. The system will help them collect and analyze data about the websites, which a user visits, and form his consumption profile. Thus, analyzing web traffic, advertisers will accurately identify their target audience, based on the specific needs of each user, which will help them greatly increase the profit from the sale. Users, respectively, will have to endure intrusive advertising in all possible manifestations.
"Theoretically, it may be explained that the DPI is used to fight crime, child pornography or piracy. But it's a double edged sword. After all, you can simply sell access to advertising companies, which will know what you are going to buy tomorrow, using traffic analysis," independent Internet expert Oleksiy Sorokin says.
Users should be very careful with what they leave behind on the Internet and sometimes they should even abandon using modern technologies.
"Internet user simply has to understand that any information he leaves about himself, even search queries in any browser, does not disappear. You can’t protect yourself against this, you just need to take it into account," Dmytro Dubov advises.
Today, it becomes obvious that such a large sphere of modern life, like the Internet, needs a certain control. Another thing, how this control is performed. Only if Ukraine takes a European approach to the issue of global network management, users will have a hope for a truly independent Internet.
Anastasia Pika
ForUm
Source:
http://en.for-ua.com/analytics/2013/12/27/150045.html