By SMART.
In times of social and political unrest, governments of mature and nascent democracies are increasingly tempted to reduce freedom of speech and unrestricted access to information, both offline and online.
It is undoubted that Internet and more broadly Information and Communication Technologies (ICT´s) can be conducive to a more effective protection and exercise of human rights across borders, facilitating freedom of expression and serving as a catalyst for social change, cultural diversity, political expression and democratic prosperity.
However, the opportunities for pluralism and diversity brought about by these technological developments are not risk-free. At the same time that the Internet has opened up a platform for journalists, bloggers, human rights defenders, political activists and citizens to make their voices heard, it has also allowed the use of sophisticated censorship and surveillance methods by non-democratic regimes to silent political criticism.
It is in that scenario that ICTs are an essential contributing factor for the creation of positive dynamics among citizens, freedom and democracy, as well as an unprecedented enabler of dialogue: a key element in society that requires ensuring that all parties can communicate, access and exchange information without restrictions, gateways or filters, and with appropriate privacy and security protections.
DG CONNECT, in close cooperation with other services (DG Development and Cooperation; DG Enterprise) and the European External Action Service (EEAS), has put in place the No-Disconnect Strategy. The goal of this policy toolkit is to provide on-going support to counter-censorship initiatives to facilitate the role of activists, political dissidents, bloggers, journalists and citizens living and/or operating in high-risk environments, making operational its commitment to uphold human rights and fundamental freedoms online.
This way, the No-Disconnect Strategy embraces the wider EU strategy for Human Rights. The No-Disconnect Strategy is part of the integrated response of the European Union to the events that unfolded in the Middle East and North African region during the Arab Spring to support and advance human rights and democracy in the region, as envisaged in the Joint Communication of the Commission and the High Representative of the Union for Foreign Affairs and Security Policy “A Partnership for Democracy and Shared Prosperity with the Southern Mediterranean” (COM(2011) 200)
Currently, the geographical scope of the Strategy is not limited to the aforementioned region, but operates at global scale given the fact that the implementation of the NoDisconnect Strategy is achieved in cooperation with other Services and through EU global instruments such as the European Instrument for Democracy and Human Rightsled by DG Development and Cooperation; and the EU Strategic Framework on Human Rights and Democracy, led by the European External Action Service.
1.2. Specific Context
Keeping track of worldwide developments in the area of cyber censorship and establishing the link between Internet restrictions and violations of human rights can be greatly enhanced by a global monitoring system to develop «cartography» of digital repression, capable of mapping events in the cyber-geography of Internet through intelligence gathering.
A truly European capability for situational awareness that provides near-real time monitoring and visualization tools to increase the understanding of the state of Internet censorship can help EU decision-makers to obtain high-quality information and fine-tune early-warning capabilities necessary to better perform their functions, particularly in those cases which may require EU integrated and multi-level intervention.
Information that is quick, actionable and contextualized can ensure that institutional actions are tailored to reality and that appropriate awareness is created on outstanding technological, political, social, legal, media, policy and human rights related cyber censorship issues.
Through targeted event monitoring, not only EU Institutions but also digital activists, bloggers, journalists, human rights defenders, the open source community, researchers as well as many other stakeholders involved in the area of digital freedoms and Internet openness, will gain full situational awareness of the threat landscape and type of environment in which they operate, in order to make sound decisions and put in place fast response schemes in the event of a wide array of restrictions : a sharp increase of human rights violations in a given region such as crackdowns on civil society ; the enforcement of Internet restrictive policies and regulations ; court cases and wrongful detentions/imprisonments ; cyber-attacks to servers hosting politically sensitive content ; or Internet connectivity shutdowns, among others.
One of the reasons behind this technological effort is that Internet and other ICT´s have become key instruments for tracking political events and media; for crisis management and mapping; for disaster response ; for monitoring; for the development of preventive capabilities and risk assessments ; or for the support of democratization processes.
These capabilities can also be applied to events affecting negatively the integrity of Internet infrastructure, like Domain name system (DNS) filtering, state sponsored attacks to cyber activists systems or filtering blanket laws, for instance, to address questions of overall Internet security, resilience and stability. Internet can potentially be used for purposes that are inconsistent with fundamental values as well as inconsistent with basic Internet resilience and stability principles, adversely affecting the performance of critical systems and diminishing Internet security and stability as a whole: it can be argued that blocking and filtering can impair the architectural principles of the Internet and cause harmful (collateral) effects to other systems.
The Cooperative Association for Internet Data Analysis (CAIDA) has also accomplished research in the field of country-wide Internet outages caused by censorship. Others have focused on studying the collateral damages of censorship by DNS injection.
Last but not least, monitoring Internet censorship and its environment, both at the level of network infrastructure / network traffic and “on the ground”, can reinforce EU´s evidence-based approach to policy making as well as support the implementation of a human rights based approach, whereby human rights considerations and indicators can be factored in the European Union´s Internet and ICT policy development activities, among others.
It is therefore a priority for the European Union to: a) ensure the availability of Internet and other ICT´s as well as their use without arbitrary interference; and b) gather the necessary data to construct a global view of the cyber geography of censorship and its dynamics through targeted monitoring.
1.3.Examples of organisations and existing projects in the area of Internet monitoring
The European Commission has funded several Framework Programme research projects in the area of Internet and event monitoring. In particular, the 7th Research Framework Programme (FP7) has provided support to projects like EVERGROW (www.evergrow.org) and LOBSTER (www.ist-lobster.org); ETOMIC (www.etomic.org) -subproject of EVERGROW-; DIMES (www.netdimes.org) ; MOME (www.ist-mome.org) ; MOMENT (“www.fp7-moment.eu/”); perfSONAR (http://www.perfsonar.net/ for network performance monitoring in federated environments, developing services acting as an intermediate layer between the performance measurement tools and the diagnostic or visualization applications; or TRAMMS -Traffic Measurements and Models in MultiService Networks- (http://projects.celtic-initiative.org/tramms/).
The European Parliament asks regularly the European Commission to implement pilot projects related to media freedom and pluralism. For instance, the European Commission was asked in 2013 to implement two pilot projects, on the Media Pluralism Monitoring Tool (09 02 07) and on a European Centre for Press and Media Freedom (33 02 10).
It is possible that pilot projects in this area could also be foreseen by the budget of the European Union in the following years.
The U.S. Cooperative Association for Internet Data Analysis (CAIDA) addresses topics related to Internet infrastructure level measurements and analysis to understand traffic trends affecting those infrastructures. Ark (Archipelago Measurement Infrastructure) is CAIDA’s active measurement infrastructure to reduce the effort needed to develop and deploy sophisticated large-scale measurements on a security-hardened distributed platform (http://www.caida.org/home/).
Most of the above mentioned initiatives and projects focus on monitoring Internet mainly at the lower OSI model layers. Lately the importance of collecting Internet data and information on traffic at higher layers and « on the ground » to obtain statistical data on Internet usage and usage of Internet applications, has grown considerably and currently attracts the attention of Internet researchers, advocates, industry, as well as of policy makers.
The European Commission has already launched in this context a study on « Statistical methodologies on Internet as a source of data gathering » – SMART 2010/0030, with the aim to test the feasibility of new forms of internet-based data collection that could enrich the efforts to monitor the take-up of ICT by social actors as well as the main impacts of ICT based applications and services ; and a study on « European Internet traffic: monitoring tools and analysis » – SMART 2012/0046, for the mapping of existing Internet monitoring tools and methodologies and to determine the sort of federated monitoring models that can be applied in Europe given the large amount of projects already active in the field.
2 OBJECTIVES
The tender “European capability for situational awareness” (ECSA) is aimed at providing to the European commission the necessary information to evaluate the feasibility of creating a European federation for cyber-censorship and human rights monitoring and the systems infrastructure necessary to that end. As such, the tasks of the study will address the definition of the governance framework and systems infrastructure that should govern and support the operations of a possible federation.
In order to translate reality into a cartography of cyber-censorship, the federation would be anchored in a dynamic platform -controlled from a dashboard-, where a federated network of partners Internet and censorship monitoring capabilities will aggregate a variety of clearly defined sets of data (including open data and big data) related to the location and intensity of cyber-censorship and surveillance in non-democratic countries or countries where human rights are most at risk.
The data gathering will have two tracks, the first one addressing restrictions/disruptions on internet and ICT infrastructure, access, traffic and content, overlaid with a second track of contextual data of political, social, legal, regulatory, policy, media or human rights nature, related to the internet or not. The reliable and near-real time information mashed-up in the dashboard will be presented in a user friendly manner and in different layers: interactive visualizations through live maps; alarms; subject-matter snapshot reports and geographical snapshot reports.
This type of capability is expected to enhance the early-warning, decision-making and policy making skills of EU policy makers and strengthen the level of situational awareness of stakeholders such as digital activists or human rights defenders. When drafting the offer, it is recommended that TENDERERS take into account the following long-term objectives or expected contributions of the tender “European Capability for Situational Awareness” to EU specific objectives:
− Enhancement of evidence-based policy making based on reliable information
− Support to the implementation of Human Rights-based approaches
− Reinforcement of early-warning capabilities and emergency response
− Optimization of resources and tailored targeted grant support in areas where human rights are most at risk in terms of cyber censorship
− Reinforcement of capabilities to ensure global Internet connectivity
− Ensure Internet security, resilience and stability
− Provide methods for network measurement
− Increase of situational awareness of actors affected by the complexity of cyber censorship, in particular of policy-makers, digital activists and human rights defenders
− Provide capabilities for crisis mapping A brief analysis of the current Internet monitoring ecosystem (including news/media, human rights, filtering and surveillance, traffic, security, legal or regulatory monitoring among others) suggests a rather scattered and haphazard scenario with several players (research centres, NGO´s, private sector or specific constituencies) but with little or no federation vision.
The results of individual projects could be stepped-up for the protection of fundamental freedoms online by means of a simple federation effort. The joint work of the various existing initiatives can play a decisive role in observing the complexity of cyber-censorship from and interdisciplinary and holistic point of view.
For that reason this study is expected to provide a detailed analysis of the different key constitutive elements of a targeted cyber-Censorship monitoring tool, provide recommendations on implementation and budget and present a small scale prototype or proof-of-concept use case with real data.
The tenderer will have to specify in the proposal:
• TASK 1: A list of Internet censorship monitoring organizations capable to constitute a Federation and a proposal for the structure of such Federation
• TASK 2: A catalogue of data sources and categories
• TASK 3: A proposal of a data governance framework, establishing the protocols that will govern the management of the data collected
• TASK 4: A list of necessary infrastructure, features and functionalities
• TASK 5: A set of recommendations on the implementation of the aforementioned tasks.
More specifically, the tasks to be performed under the contract are as follows:
Task 1 Internet censorship monitoring FederationTo develop a capability for situational awareness it is necessary that the monitoring activity is carried out by the collaborative work of a federated network10 of organizations with the relevant expertise and active in the field of Internet censorship monitoring (please see examples in Section 1.3). This federated network of organizations will act as data sources of a centralized system for further aggregation and processing.
The study should produce a complete and diverse list of existing projects and organizations which could be federated for the monitoring, collection and analysis of data related to Task 2. The list must be accompanied by an analysis of the different data sources and types of data collected by each organization or project, the methods employed, the tools or technological developments already in place, the type of expertise and the target groups.
This section of the study must also present a proposal for the structure of the Federation. At least, it shall contain a roadmap with the steps to create such federation; explain how the federation innovates, builds upon and complements other initiatives; provide a planning on how structural relationships will be ensured; present a membership scalability plan and a sustainability plan; indicate the allocation of rights, responsibilities and resources among members of the Federation; define the incentives for members of the federation; identify a common methodology for data gathering and processing based on open standards, protocols and API´s, and propose 5 individual members to constitute an “Advisory Group” that will guide the activities of the future federation during the execution of the contract.
For the purpose of this task (and to support the achievement of Tasks 2-4), the contractor will have to run a consultation targeting Internet (censorship, surveillance and security) monitoring on how to best achieve the objectives of this tender immediately after the start of the contract and during the first 4 months after the start of the contract, followed by the organisation of a workshop to showcase the results and gather additional input from attendees.
The results of the consultation and the workshop will be presented within the content of the First Interim Study Report. This section of the study must also present a proposal for proportional allocation of roles, responsibilities and resources among members of the federation.
This part of the study should be able to reply to the following questions, taking into account the context outlined in Section 1:
• What monitoring organizations, facilities and networks do exist primarily in Europe
(28 Member States)?
• What are the main monitoring capabilities of those existing initiatives?
• What sort of federated monitoring models can be applied in Europe and what is the
best way to implement them?
Task 2 Data Sources catalogue
Taking into account the results of the consultation, the study should produce a comprehensive list of data sources and categories to be monitored for the enhancement of human rights and effective exercise of fundamental freedoms online. Those data sources and categories will be main sources of information for the central monitoring system, and therefore ensuring their richness as well as the variety of the aggregators is a key requirement. While defining the list, Contractors will have to take into account the following conditions:
- The event monitoring activity and the data gathering will happen at two levels:
a) The first level relates to the “state of the Internet infrastructure, connectivity and access”, in order to have a near-real-time understanding of network disruptions and traffic alterations in the form of blocking; filtering; connectivity blackouts or slowdowns; power outages; cyber-attacks and security events including attacks on activists´ networks via Distributed Denial of Service attacks, spyware or malware; countries passing laws or applying measures with a negative impact on Internet infrastructure and on its resilience, security and stability; cyber censorship and surveillance technological developments; stateled cyber-attacks, etc.
This track must provide early-warning capabilities, enhance incident response schemes and ensure network connectivity in the event of disruptions, besides providing a new source of information about Internet security and infrastructure incidents. It shall
gather reliable data concerning the “cyber-geography” of Internet infrastructure, traffic, access and connectivity taking into account that Internet can potentially be used for purposes that are inconsistent with fundamental rights as well as inconsistent with basic Internet resilience and stability principles, thus adversely affecting the integrity of the Internet as a whole.
b) The second level relates to “what is happening on the ground”, to have a near-realtime understanding of events and developments taking place in connection with censorship and surveillance but from the perspective of human rights organizations, domestic and international media networks or outlets, legal, policy, research organizations and democracy advocates.
Monitoring activities will address locations where there are grave concerns over intense citizen surveillance or illegitimate censorship of the Internet and other electronic communication technologies and will monitor, for instance: laws and policies affecting the use of ICT for the exercise and protection of human rights; media freedom and pluralims constrains; relevant political events affecting digital freedoms; arrest of activists and journalists in connection to ICT blocked sites; different types of restrictions to freedom of expression; court rulings; illegal detentions; unrest in time of elections; crack-downs on protesters and a wide array of other human rights violations.
This track must provide early-warning capabilities, support evidence and human rights based approaches to Internet policy-making; enhance crisis prevention and management activities, support democracy building and advocacy campaigns and ensure that ICTs are at the disposal of human rights. It shall gather reliable data across actors and organizations directly involved in digital freedoms and the defense of human rights on the ground, as well as from research and academic institutions, legal centers or organizations, private security companies and media actors of all sorts.
- As indicated above, data can be gathered from a wide variety of sources to be defined, such as public sources using Open Data, Big Data and Scientific Data; from private entities, civil society, Academia, actors on the ground, etc. Without the intention of limiting the categories of data to the ones referred below, there are a number of data sets that at least should be monitored:
1. Technical data: Internet infrastructure measurement; connection speed; Internet routing data; correlation of routing data with other intelligence; jitter; traffic latencies; packed loss; packet interception; wrong query resolving; network connectivity shutdowns and slowdowns; state of “health” of the DNS and BGP systems; impact of implementation of DNS-level filtering and blocking measures; surveillance technology producers and trade operations; IP traffic restrictions; proxy censorship; Internet backbone performance; Denial of Service attacks; politically-motivated attacks; malware activity; attacks to activists or media networks; domain de-registration; server takedowns; URLs intervened; targeted redirections; network outages; or power grid failures; domains seized.
2. Internet tools data: restrictions on websites that provide e-mail or other applications like social networks; web hosting; search engines; translation services; VoIP services; circumvention tools; security software; anonymizers; security and privacy training materials; P2P file-sharing, chat or IMS.
3. Political data: unlawful restrictions applied to websites expressing views contrary to the government and government opposition groups; human rights related content such as advocacy, abuses, women liberties; freedom of expression; minority rights; religious movements; foreign policy; political transformations and elections; ethnic groups; history; economics; international organizations; NGOs, activists and human rights defenders; political parties and opposition parties; quality of governmental organizations and judicial system; elections data. 4. Conflict/Security data: armed conflicts; border disputes; extremist and separatist movements; government militias; military operations; cyber capabilities; cyberwar; data loss; hosting disruptions; malware; spyware.
5. Legal and Policy data: legislative developments related to censorship and surveillance; laws to restrict of freedom of expression; court rulings; possibilities to appeal; Internet rights; possibilities to report blocked content like whistle-blowing services; judicial system monitoring; IPR enforcement; Law Enforcement Agencies; arrests; Internet policy, abusive application and/or criminal defamation laws and disproportionate civil sanctions, including laws related to the criticism of politicians, abusive invocation of public morality or national security (including protection of the nation or national values or incorrect application of hate speech laws)
6. Business data: Internet and ICT industry practices affecting human rights; Business and Human Rights initiatives and guidelines; private censorship; or dualuse export controls.
7. Social/Human Rights data: sexual content; minorities and women´s rights; gaming; gambling; dating sites; drugs and alcohol; public health; sensitive or controversial history, art and literature; environmental issues; hate speech; LGBTI; sex education and family planning; pornography; activism; freedom of association; hacking or topics perceived as sensitive or offensive.
8. Media data: media intelligence; social networks; local and foreign press; media outlets; news and video platforms; freedom of expression and media freedom and pluralism; blogging domains; platforms and services; web hosting sites; satellite blocking or jamming; multimedia sharing platforms or restrictions on allocation of spectrum, harassment, intimidation and fostering of self-censorship, impunity for crimes against media actors, media ownership and/or concentration endangering the possibility of independent media.
This part of the study should be able to reply to the following questions, taking into the context outlined in Section 1 and in Section 2 – Task 1:
• What data sources and categories are necessary (including the ones referred to in
the text above and beyond those if appropriate), whether they are all accessible and
to whom are they available?
• What are the data sources and categories which the Federation proposed in Task 1
can provide and what are the gaps as compared to this analysis?
• How will the gathering of such data be organized?
Task 3 Data Governance Framework (Data Protocol)
The contractor should present a coherent proposal for the Data Governance framework applicable to the data gathered. The framework must be based on objective data governance standards to ensure the quality of the data collection, processing, storage, organization, access, display and communication.
At least, the data governance framework must determine applicable criteria to issues of: data collection; data ownership; data quality and quantity; processing; storage; digitalization; presentation; data verification; data security; anonymity; different types of access to data (roles); duration of access; restricted uses; fair and ethical uses; “do not harm” principle; responsibility for damages; disclosure obligations; enforcement; transparency vs. security; data retention or data loss. The contractors can propose the inclusion of additional factors in the data governance framework to ensure an efficient and safe governance of data resources.
The study should contain an analysis of the possibility to set up, on top of the open database, an additional layer of information for restricted use of the EU institutions and containing restricted EU information and sensitive or confidential information coming from operations on the ground. The contractor should make recommendations as regards this issue in Task 5.
In addition, the contractors should present a proposal for implementation of the suggested Data Governance Framework, clearly indicating the relationship of such data governance activities with the role of members of the Federation and the necessary software and hardware infrastructure (for this purpose it is necessary to align the content of this study task with the technical and infrastructure specifications, features and functionalities requested in Task 4).
This part of the study should be able to reply to the following questions, taking into the context outlined in Section 1 and in Section 2 -Task 1 and Task 2:
• What are the main elements that should be taken into account by an optimal data governance model?
• Are there data governance standards that can be used for this particular case?
• Do all data sets and sources need the same level of protection?
• What kind of security measures need to be put in place?
• How will data governance model be implemented among members of the Federation and what is the necessary infrastructure to make it operative?
To continue reading this great report. Please go to: http://cryptome.org/2013/09/eu-spying-plan.pdf