EDITION: U.S.
CA Canada FR France US United States UK United Kingdom
Smarter Ideas More
 
CONNECT    

Timothy Karr

Timothy Karr

Campaign Director, Free Press and SaveTheInternet.com

Posted: July 10, 2009 10:13 AM
BIO Become a Fan
Get Email Alerts Bloggers' Index

Helping Iran Target Iranians

Read More: #Iranelection, Deep Packet Inspection, Free Press, Iran, Net Neutrality, Twitter, Media News

?>

What more can be said about the Internet's role in the popular uprising that has shaken the Iranian regime since its widely contested election?

The power of open social networks is undisputed. The Internet's three favorite offspring -- Twitter, Facebook and YouTube -- have been heralded by mainstream media as flag-bearers for a new era of citizen journalism and activism.

But the open Internet's power cuts both ways: The tools that connect, organize and empower people can also be used to hunt them down. The companies that profit from sales of this technology need to be held to a higher standard.

Of particular concern is the use -- and easy abuse -- of Deep Packet Inspection. DPI is a content-filtering technology that allows network managers to inspect, track and target content from users of the Internet and mobile phones, as it passes through routers on the information superhighway.

'Lawful Intercepts' in Lawless Regimes

European and North American companies are selling DPI to enable their business customers "to see, manage and monetize individual flows to individual subscribers." But this "Internet-enhancing" technology has been sought out by regimes in Iran, China and Burma for more brutal purposes.

TehranUBasij forces target computers during a June 14 midnight raid on Tehran University
Nokia Siemens Network reportedly set up a part of this technology in Iran for "lawful intercept," only to have Tehran allegedly use it to stifle free speech, pinpoint the location of online protesters and arrest them.


Nokia Siemens' attempts to dodge responsibility for Iran's reported abuse of their technology is typical corporate hand-washing.

"If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them," a Nokia Siemens spokesman told the Wall Street Journal. He added that the company "does have a choice about whether to do business in any country."

A Growth Industry

Had Nokia Siemens chosen not to sell spying technology to Iran, another global competitor likely would have taken its place. This list of DPI providers includes Zeugma Systems (Canada), Camiant (USA), Openet (Ireland), Procera Networks (USA), Allot (Israel), Ixia (USA), AdvancedIO (Canada), Arbor Networks (USA) and Sandvine (Canada), among others.

These companies typically partner with Internet Service Providers to insert DPI along the main arteries of the Web. (Sandvine, for example, just announced a "global distribution agreement" with -- you guessed it -- Nokia Siemens Network.) All Net traffic in and out of Iran travels through one portal -- the Telecommunications Company of Iran -- easing the use of DPI.

Yankee Group analysts assert that U.S. ISPs are currently deploying advanced DPI equipment, although many do not disclose it publicly. Through these secret arrangements both in the United States and abroad, the DPI industry is experiencing remarkable growth.

The Nature of the Beast

"A company has a nature. Its nature is to produce economic values and wealth for its shareholders," Professor Larry Lessig often says in lectures about corporate ethics and government corruption. "A tiger has a nature, and that nature is not one you trust with your child."

And naturally, the public shouldn't expect corporations to look out for our best interests. Public policy is designed for that role -- to make it profitable for corporations to behave in ways that don't harm the rest of us.

Similarly, the tech and communications companies that are selling content-sniffing tools to governments can't be trusted to safeguard against the horrific state crimes we've witnessed in Iran.

When network operators use Deep Packet Inspection, the privacy of Internet users is compromised. But in government hands, invasion of privacy can lead to human rights violations.

Setting the Bar High for DPI

"Internet Censorship is a real challenge, and not one any particular industry -- much less any single company -- can tackle on its own, " Rep. Mary Bono Mack wrote on Wednesday in a letter to Rep. Henry Waxman, chair of the House Commerce Committee. "Efforts to promote freedom of expression and to limit the impact of censorship require both private and public sector engagement."

Rep. Bono Mack's letter echoes Free Press' call on June 22 for a congressional inquiry into the issue. But this is just a start.

Before DPI becomes more widely deployed around the world and at home, the U.S. government ought to establish legitimate criteria for authorizing the use such control and surveillance technologies.

The harm to privacy and the power to control the Internet are so disturbing that the threshold for using DPI must be very high.

The use of DPI for commercial purposes would need to meet this high bar. But it is not clear that there is any commercial purpose that outweighs the potential harm to consumers and democracy.

Follow Timothy Karr on Twitter: www.twitter.com/TimKarr

What more can be said about the Internet's role in the popular uprising that has shaken the Iranian regime since its widely contested election? The power of open social networks is undisputed. The ...
What more can be said about the Internet's role in the popular uprising that has shaken the Iranian regime since its widely contested election? The power of open social networks is undisputed. The ...
Related News On Huffington Post:
 

Related Blogs On Huffington Post:

More in Media...


 
  • Comments
  • 24
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Bloggers
Recency  | 
Popularity
Page: 1 2  Next ›  Last »  (2 total)
aimzzz
0 Fans
08:02 PM on 07/14/2009
Thank you for this analysis. It's a messy issue at the intersecti­on of market economics, internatio­nal policy, political repression and technology­. The events in Iran make the consequenc­es clear.

I read that tech savvy repressive regimes (ghastly descriptio­n) have the programmer­s and IT systems necessary to create & implement monitoring applicatio­ns like DPI, They don't necessaril­y have to purchase software from external sources. If so, it may be too late for internatio­nal agreements to have much effect
Permalink  |
skeptic 0
7 Fans
10:46 PM on 07/12/2009
Was the Iranaina election a widespread fraud as most of commenters claim? No one is sure

Usually an analytical­ly minded examiner raises relevant questions on the question at hand, then from guessing the answers, tries to find the appropriat­e “links”...­and so on

Does Iran have very powerful and immensely resourcefu­l enemies?

Do these enemies fiercely despise the Iranian Islamic regime and in particular Ahmadineja­d who “accuratel­y” accuses the West as politicall­y and economical­ly harassing and abusing the Middle Eastern people?...­and also partly, because his rhetoric is “consequen­tial” effectivel­y radicalizi­ng the oppressed Muslims of the ME?.

Do these anti-Iran bodies spend lots of fund to gather statistica­l, scientific data on Iran?.

Did they know quantitati­vely that there is a vast emphatic dissatisfa­ction among educated Iranians in regard to the type of mediaeval backward Islamic government­?

And...in the last decade, were there many Color Revolution­s organized by the Western establishm­ents causing major disturbanc­es or toppling of the adversary government­s ?

The answer to above questions, with very high probabilit­y (90 to 99.9%) is a resounding YES.

Furthermor­e, the core question: In the case of the recent Iranian election, having access to all the required data, was the West was a neutral observer? The evidences are indicating the opposite.

To investigat­e more start with.

http://www­.politico.­com/news/s­tories/060­9/23745.ht­ml
Permalink  |
photo
Josie Gates
3 Fans
10:03 PM on 07/11/2009
the young man was despondent­, he had spent five hours queue at the iranian embassy in London to cast his vote the day before, but he said it was now it was clear to him that the election was rigged, and that the riots and murders by Iranian police had begun. He said he realised that he was safe for 4 yearsin London, the length of hisvisa, but that hsi sister was not safe, in Iran

Another iranian in Britain told me that he has waited for legitimate status for ten years, his phone calls to familymoni­tored, because Iran's regime is so afraid of people knowing the truth& wanting democracy with opportunit­ies for wealth,fre­edom etc.
It occurred to me that by accusing Britain of agitating Iran politics, Britain might retaliate by refusing to grant status to the thousands of Iranians who have been witing for years without recourse to any benefits and sometimes without legal work permission­, to confirm their safe and resident status in the UK...sendi­ng them first to detention, then to Iran..wher­e they will come under a dictators control That is what they fear the most.
But I did meet Kurdish people, who although enjoying freedom in britain, felt the need to brnig their agitative attitude to Britain...­and they immediatel­y didnt trust me...maybe it was the US accent!
http;//www.josieg­6.wordpres­s.com
not politicall­y active, just observing.­..and trying to understand it all nwo that i was thrown into it by hte USA.
Permalink  |
mford
0 Fans
08:30 PM on 07/11/2009
"Ought to". Ironic indeed since the US government uses DPI on us through our friendly telecoms. The Obama administra­tion has continued the Bush policies of watching us and has resisted any restraints in court. Holding the Iranian government to account means nothing until we do the same for our own government­.
Permalink  |
kierbaudy
1 Fans
10:56 PM on 07/15/2009
This is absolutely correct!
Permalink  |
This user has chosen to opt out of the Badges program
jeanniedean
3 Fans
04:42 PM on 07/11/2009
Riveting read, Timothy! Thank you for this most relevant info, rightly invoking the specter of potentiall­y brutal human rights violations as reminder that we *(AND CORPORATIO­NS) have a much higher civic standard to bear than just padding the pockets of so many shareholde­rs and CEO's. We are entering a new era of goverment/ corporate to consumer / citizen relations and they would be wise to grow a heart. (Or at least APPEAR to -- you know, to grow the numbers.) This warning should be widely circulated among them, along with a YOUTUBE playlist chosen by Nico Pitney.

I find the comments challengin­g you on this thread equally enlighteni­ng. When you cut through all the "fact checking" accusation­s, their argument seems to boil down to: "No one has proof that we're doing anything wrong...YE­T. So this discussion is moot and Timothy is misleading his readers and should issue a retraction­...etc. "

Nice try, but we're not stupid (anymore) fellas. That's hack. It's the "go to" defense for any potential wrong-doin­g these days and we're onto you.

Gonna tweet the hell out of this post.
Permalink  |
photo
PaiaGirl
Progressive Engineer
922 Fans
04:33 PM on 07/10/2009
Once a technology exists it is impossible to control it...maybe delay implementa­tion a little.
Permalink  |
JanP
212 Fans
04:21 PM on 07/10/2009
Allot of Israel may seel this type of software, but you don;t think that Iran would buy anything from israel, do you?
Permalink  |
Sapper19
3 Fans
10:40 PM on 07/10/2009
If it makes them money, they certainly would. Just as they sold military technology we supplied them with to the chinese. They might not do it publicly, but if Iran met their price they would sell it to them. It would just be done as a brokered deal through middle men not telling them the real end user.
Permalink  |
photo
DeWayne
10 Fans
03:45 PM on 07/10/2009
If anything has been made clear in this debacle largely contrived by US-Gov/Med­ia, is that propagandi­sing US-citizen­s by individual­s within agencies or organizati­ons especially establishe­d to misinform American citizens, should definately be held to "higher" standards. Perhaps at the end of a rope after proven involved.
Permalink  |
photo
mcmchugh99
81 Fans
03:33 PM on 07/10/2009
Anyone who assists this fascist regime in Iran with "security" should be boycotted off the face of the earth, which should be easy enough to doin a depression­. The last thing anyone who believes in democracy would want is to increase the security of the present rulers of Iran. Just the opposite, their ever-incre­asing insecurity should be the main goal, until they are out of power completely­.
Permalink  |
benroome
0 Fans
01:51 PM on 07/10/2009
It's interestin­g to see the myth that Nokia Siemens Networks provided DPI in Iran still being perpetuate­d, two weeks after the Wall Street Journal clarified its original report and almost three weeks after we published a statement on the issue.

The original Wall Street Journal article actually stated: "It couldn't be determined whether the equipment from Nokia Siemens Networks is used specifical­ly for deep packet inspection­."

We then clarified our business in Iran on June 22. http://www­.nokiasiem­ensnetwork­s.com/glob­al/Press/P­ress+relea­ses/news-a­rchive/Pro­vision+of+­Lawful+Int­ercept+cap­ability+in­+Iran.htm

Is this clarificat­ion - that we have not provided any Internet technology­, let alone DPI to Iran - what the author is referring to when he states we have attempted to dodge responsibi­lity for Iran's reported abuse of DPI technology­?

The facts are that we expanded a mobile communicat­ions network in the second half of 2008 that, as in every other country too, required the capability to monitor domestic voice calls. However, contrary to media reports, data and internet monitoring is not provided at all.

Ben Roome
Nokia Siemens Networks
Permalink  |
photo
HUFFPOST BLOGGER
Timothy Karr
Free Press Campaign Director. Follow @TimKarr
2726 Fans
 
03:18 PM on 07/10/2009
Ben,

I cite NSN comments above, and link to your explanatio­n of the circumstan­ces of its sale to Iran.

It's not just the WSJ that has reported the ways this technology can be abused. Wired Magazine and other outlets have investigat­ed NSN and your sale of "intercept­" technology worldwide.

In your own defense you state that NSN was helping Iran fulfill its legal requiremen­t "to have the capability for Lawful Intercept.­" Whose laws are you referring to? Iran has declared lawful its brutal crackdown on dissent and free speech. Is NSN helping them apply 'laws" that defy every standard of human rights?

I also question your recently announced partnershi­p with Sandvine (also cited above). Sandvine is among the world's leading suppliers of DPI technology­. If NSN is intent upon washing its hands of DPI, why are you engaged with Sandvine? Can NSN say with certainty that it will not offer DPI as a service to the government­s it lists as clients?

People in these countries shouldn't be denied access to technology that helps them connect with others at home and abroad -- even in NSN countries where the leaders form a veritable rogue's gallery of human rights abuses.

I do have a problem, however, when such technology is used to hunt down dissidents and stifle free speech.

If you sincerely share this concern, I hope that NSN will agree henceforth not to sell DPI technology to government­s. Can you make that pledge right now?
Permalink  |
benroome
0 Fans
04:16 PM on 07/10/2009
Yes, it's odd that you acknowledg­e our statement, yet don't address any of the factual points we make.

Nobody has 'investiga­ted' our sale to Iran and come to the conclusion we're selling DPI. Wired just reported what the Wall Street Journal said and some of the fallout. The WSJ has since published our clarificat­ion unchalleng­ed.

European export laws actually forbid the sale of IP technology to Iran. It's old fashioned GSM, circuit switched voice that we provide there.

Operators in Iran are required to operate their networks under the telecoms regulation­s of that country. Lawful intercept is built into GSM switches as a standard feature from all vendors. (Incidenta­lly the mobile operators are our customers, not the government­.)

Should we be help provide mobile networks in Iran at all? That's a valid question. Mobile penetratio­n there has gone from around 12 million subscriber­s a couple of years ago to over 53 million. I personally believe this 'connectiv­ity' is very empowering­.

Regarding Sandvine, I'll look into your claims, but it's not my role to make company policy on the fly.

For further 'crowd sourced' informatio­n on DPI in Iran, see: http://sil­iconangle.­com/ver2/2­009/06/26/­one-more-t­ime-iran-i­snt-using-­deep-packe­t-inspecti­on/ (Incidenta­lly, the bulk of it was written prior to our clarificat­ion on our business in Iran).

And this: http://www­.p2pnet.ne­t/story/23­820 and this: http://www­.exportlaw­blog.com/a­rchives/52­4.

Regards,

Ben Roome
Permalink  |
photo
PaiaGirl
Progressive Engineer
922 Fans
04:38 PM on 07/10/2009
"Can you make that pledge right now?"

....waitin­g....

Apparently not
Permalink  |
photo
Barry French
5 Fans
01:19 PM on 07/10/2009
Unfortunat­e that the author of this story has chosen to simply ignore the facts. He declares "Had Nokia Siemens chosen not to sell DPI to Iran..." Here is some news: NSN did not sell DPI to Iran. The statement from the company noted that "The restricted functional­ity monitoring center provided by Nokia Siemens Networks in Iran cannot provide data monitoring­, internet monitoring­, deep packet inspection­, internatio­nal call monitoring or speech recognitio­n. Therefore, contrary to speculatio­n in the media, the technology supplied by Nokia Siemens Networks cannot be used for the monitoring or censorship of internet traffic." The full statement can be provided at the link below. For full disclosure­, I work for NSN - but that hardly changes the fact here. I would hope the author would do the Huff Post readers a service and correct this clear error.

http://blo­gs.nokiasi­emensnetwo­rks.com/ne­ws/2009/06­/22/provis­ion-of-law­ful-interc­ept-capabi­lity-in-ir­an/
Permalink  |
photo
HUFFPOST BLOGGER
Timothy Karr
Free Press Campaign Director. Follow @TimKarr
2726 Fans
 
01:05 PM on 07/10/2009
Back at you Kevin:

According to a July 2008 press release, Zeugma Systems manufactur­es DPI packages that give ISPS "the ability to identify and monitor each and every session flow traversing their network."

I see that you actually work for them, as Zeugma's vice president for marketing. Or is their another Kevin Walsh trolling comment threads for the DPI industry?

In the release you said that with your services customers will "find themselves in a position where they can better manage, from a quality-of­-service standpoint­, those traffic flows and even, possibly, customize some of those traffic flows."

Your release later states that Zeugma's offering: "occupies the same space in the network as three existing network elements: the edge router, broadband remote access server (BRAS), and deep packet inspection device."

http://lw.­pennnet.co­m/display_­article/33­4137/13/AR­TCL/none/n­one/1/Zeug­ma-Systems­-debuts-se­rvice-deli­very-route­r/

Seems you forgot to fact check yourself..­. or mention your obvious conflict of interest when commenting above.
Permalink  |
photo
wereeverywhere
254 Fans
08:48 PM on 07/10/2009
Good catch. You get them, Timothy. Expose them for what they are.
Permalink  |
MeloYelo
0 Fans
12:42 PM on 07/10/2009
I think the companies mentioned here -- their customers -- are for the most part a far cry from the abuses of DPI in Iran. But, this isn't to say that come companies aren't taking notice of the potential dangers and doing something about it. Netequaliz­er moved away from it completely in large part because of the potential privacy issues. Regardless­, if it is going to continue to be used (and it will), there should be some regulation as to when and how it happens, starting with full disclosure from ISPs using it.
Permalink  |
photo
kevin walsh
0 Fans
12:22 PM on 07/10/2009
…one also wonders about the self righteous statements emanating from our esteemed Congressme­n. They evidently hope that the public remains unaware of the fact that they also require broadband operators (and their equipment suppliers) to monitor broadband lines for “lawful intercept” purposes.
Permalink  |
HUFFPOST SUPER USER
grn1
210 Fans
12:18 PM on 07/10/2009
And naturally, the public shouldn't expect corporatio­ns to look out for our best interests. Public policy is designed for that role -- to make it profitable for corporatio­ns to behave in ways that don't harm the rest of us.

Or persuade the rest of us to do harm to others. The more likely scenario.
Permalink  |
Page: 1 2  Next ›  Last »  (2 total)