Government Censorship and Surveillance

February 28, 2023

CS 195, Spring 2023 @ UC Berkeley

Lisa Yan https://eecs.link/cs195

1

LECTURE 07

Why Talk About Censorship and Surveillance?

You operate and live in a society.

• Public Safety vs Public Surveillance
• Software is supported by physical hardware and infrastructure.

​

You build technology (which does not exist in a vacuum).

• Data vs metadata
• Corporations vs Government

2

Quick disclaimer

We will talk a lot about the U.S. and China today.

• These are not the two countries that exist.
• However, they are among the most covered in U.S. media outlets.
• In particular, China has been U.S.’s direct competitor in global power for much of the last decade. This affects how media outlets cover national security topics in China (vs. in the United States)

As always, I welcome you to share your personal thoughts and opinions around such a hotly debated topic.

3

Public Safety vs. Public Surveillance

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

4

2022 Freedom on the Net Key Findings

Freedom House (a U.S. funded think tank) publishes a report every year.

• World internet freedom declined in 2022 for the 12th consecutive year.
• Governments are breaking apart the global internet to create more controllable spaces.
• China ranks as the worst environment for internet freedom for the 8th consecutive year.
• A record 26 countries experienced internet freedom improvements.
• U.S. improved marginally for the first time in 6 years (9th globally)
• Human rights hang in the balance amid a competition to control the web.

​

Freedom House: Explore the Map

• U.S. report link
• China report link

5

FreedomHouse, 2022 [link]

2022 Global Peace Index

Institute for Economics & Peace (an Australian funded think tank) publishes a Global Peace Index every year.

​

(lower score/5 implies more peaceful country)

• #1: Iceland 1.107
• #89: China 2.01
• #129: U.S 2.44
• #160: Russia 3.275

​

Global Peace Index: map

6

Poll Everywhere

What are some of your personal thoughts on the tradeoffs between public safety and government surveillance?

​

​

7

🤔

8

China: Overt Surveillance and Export

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

9

Power and Control

We live in a world of dramatic power imbalance. Power begets power.

​

​

​

10

NSA warrantless surveillance (2001–2007) (wiki)

The Cautionary Tale of Clark Kerr (LATimes)

State Power

State power is the power of a country to exercise authority within its borders.

• Fines, termination of employment
• Exile, torture, assassinations

​

“A compulsory political organization with continuous operations will be called a 'state' [if and] insofar as its administrative staff successfully upholds a claim to the monopoly of the legitimate use of physical force in the enforcement of its order.” - Max Weber

​

Arguably, power is a necessary evil. There are many bad actors out there who can only be compelled, or deterred, by force.

11

Chinese Internet Censorship

Internet access in China is heavily censored.

• Nearly all popular western websites are blocked: https://en.wikipedia.org/wiki/List_of_websites_blocked_in_mainland_China
• Content in SMS and social media is aggressively filtered.
• Even images of text are automatically scanned by OCR software and blocked if deemed inappropriate.
• Analysis of WeChat OCR filtering tool: https://citizenlab.ca/2018/08/cant-picture-this-an-analysis-of-image-filtering-on-wechat-moments/
• Includes filtering of relatively innocuous ideas like the fact that Xi Jinping vaguely resembles Winnie the Pooh. Messages with images containing the words 维尼 and 领导人 were filtered.

12

FreedomHouse, 2021 [link]

Chinese Internet Censorship, Covid19, and #我要言论自由

13

NPR, Feb. 2020 [link]

Chinese Internet Censorship

Users face real world penalties for violations.

• 2020: Entrepreneur/anticorruption activist Li Huaiqing sentenced to 20 years in prison for “inciting subversion of state power,”
• Evidence includes Li’s WeChat posts and private messages.”
• 2020: Property tycoon and party member Ren Zhiqiang sentence to 18 years for corruption
• published an online critique of Xi’s response to the pandemic.
• Dr. Li Wenliang “warned colleagues on social media in late December [2019] about a mysterious virus that would become the coronavirus epidemic and was detained by police in Wuhan on 3 January for “spreading false rumours”. He was forced to sign a police document to admit he had breached the law and had “seriously disrupted social order.””
• Hong Kong protests (Wikipedia): Revolution of our Times (documentary)

​

​

14

FreedomHouse, 2021 [link]

Export of Surveillance Equipment

“Made in China, Exported to the World: The Surveillance State” [NYTimes, 2019, link]

[The views expressed in this video are those of the authors]

15

Poll Everywhere

What are your immediate thoughts to this video?

16

🤔

17

U.S.: Covert Surveillance

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

18

Abuse of Power in the U.S.

Like all powerful countries, the American state has abused its power, both externally and internally.

19

Martin Luther King Jr.

In the 1960s, the FBI was deeply involved in trying to discredit Martin Luther King Jr.

• Through surveillance, determined that MLK was engaged in an extramarital affair.
• Infamously, they sent him a letter, supposedly from an admirer, which attempted to induce MLK to commit suicide.
• (no wonder there are conspiracy theories that the FBI was behind the assassination…)

Recommended viewing: Eyes on the Prize, Episode 10, “The Promised Land”:�Kanopy (UCB login)

20

Today

American Intelligence agencies have grown dramatically over the past century.

• Large growth after both the first and second world wars
• Especially large growth with respect to technology.

​

After 9/11, the power of intelligence�agencies was dramatically increased.

• Has resulted in serious abuse of power:�legalization of torture, entrapment of�supposed radicalized youth, etc.).

21

The NSA and Edward Snowden

The NSA has a large number of directorates including:

• Information Assurance Directorate: Ensures that domestic communications are safe.
• Signals Intelligence Directorate: Collects and analyzes data.

​

NSA collects information for various reasons:

• Understanding true political situation in other countries.
• For military advantage.
• For better international bargaining.
• Industrial espionage? (Link) (Link)
• Perhaps biggest public justification: Terrorism prevention.

22

The NSA and Edward Snowden

In 2013, Edward Snowden, an employee of an NSA contractor, leaked a large amount of information about the signals intelligence directorate.

• PRISM (Link): (the big kahuna), collection of lots of data from major platforms through legal compulsion
• EvilOlive (Link): American internet metadata
• Calls, emails, texts of Germans (Link)
• XKeyScore (Link)
• MUSCULAR (Link) - intercepting of data in company’s private data centers (back door version of PRISM)
• Cable taps (Link)
• Recording of all mobile calls in the Bahamas and Afghanistan (Link)

​

Timeline: BusinessInsider link

​

23

We will focus on leaks involving the internet.

Some Technical Details About The Internet (SIMPLIFIED!)

The Internet is both software and hardware!

• Your device likely connects to a WiFi Router
• WiFi routers connect to routers/switches via WiFis
• Which connect to Internet Service Providers (ISPs)
• ISPs typically connect to larger ISPs
• Eventually connections happen through undersea cables, satellites, etc.

Each level is a combination of dedicated hardware and software.

24

Internet Backbone Cable Interception

2013: Reveal that backbone providers gave free access to GCHQ (UK)/NSA:

• “BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. ”
• “Together, these seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet's architecture. GCHQ's mass tapping operation has been built up over the past five years by attaching intercept probes to the transatlantic cables where they land on British shores.”
• “This allows GCHQ and NSA analysts to search vast amounts of data on the activity of millions of internet users.”
• “This operation is carried out under clandestine agreements with the seven companies, described in one document as "intercept partners". The companies are paid for logistical and technical assistance.”

25

The Guardian, 2013 [link]

PRISM and MUSCULAR

The PRISM program is a way for the NSA to get information directly from “the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets”

• How? Legal orders made to companies under 702 of FISA Amendments Act.

26

WaPo, 2013 [link1, link2]

MUSCULAR

MUSCULAR was (is?) a program to covertly intercept unencrypted traffic inside Google and Yahoo networks.

• “From undisclosed interception points, the NSA and the GCHQ are copying entire data flows across fiber-optic cables that carry information among the data centers of the Silicon Valley giants.”

​

​

27

WaPo, 2013 [link1, link2]

Some Technical Details About The Internet (SIMPLIFIED!)

The Internet is both software and hardware!

• Your device likely connects to a WiFi Router
• WiFi routers connect to routers/switches via WiFis
• Which connect to Internet Service Providers (ISPs)
• ISPs typically connect to larger ISPs
• Eventually connections happen through undersea cables, satellites, etc.

Each level is a combination of dedicated hardware and software.

​

Data includes both the “actual” data�(like web page contents)

• It also includes metadata – the address�a packet needs to go to, time packet sent,�how long connection was, etc.

28

Metadata can be as revealing as the actual data!

IPv4 Packets

29

Could be encrypted

Surveillance in the Modern Era

Privacy advocates fear that ubiquitous data collection and dissemination (CCTV, Facebook, Google, mobile networks) have created a world that is at risk of Panopticism.

​

As Nick Weaver (EECS instructor) noted once upon a time: Reassuring how little abuse there was (e.g. stock trading, political surveillance, etc.).

30

Two takeaways of internet technology

• Metadata can be just as revealing as data.
• The internet relies on physical infrastructure, which can still be tapped.

​

Other incidents worldwide (many accidental):

• Egypt and the cut underwater Asia-Africa-Europe-1 cable: ArsTechnica, 2022 [link]
• How an Indonesian ISP took down the mighty Google for 30 minutes ArsTechnica, 2012 [link]
• Starlink and maintaining satellite internet access [link]

31

Open Question

How should the federal government balance surveillance with the privacy of its citizens?

32

Breakout [10 minutes]

How should the federal government balance surveillance with the privacy of its citizens?

​

Padlet:

https://tinyurl.com/cs195-lec07-surveillance

33

🤔🤔🤔

Attendance Code, 1-minute

https://eecs.link/cs195here

​

​

34

✅

Attendance closes at the end of lecture.

Please submit your bCourses assignment by ~end of class (5:00pm Pacific).

So far: Why Talk About Censorship and Surveillance?

You operate and live in a society.

• Public Safety vs Public Surveillance
• Software is supported by physical hardware and infrastructure.

​

You build technology (which does not exist in a vacuum).

• Data vs metadata
• Corporations vs Government

35

Up next

Surveillance Technologies and Local Police

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

36

Local Police Technologies

Citizen Virtual Patrol (Newark, NJ)

• Network of publicly owned cameras publicly accessible to anyone

​

Automatic License Plate Readers:

• Helps find stolen cars
• Laws on data storage and deletion widely vary,�from 3 minutes to never

ShotSpotter

• Acoustic center that detects loud noises (120-160dB) (metadata)
• Publicly traded (SSTI), based in Fremont, CA

​

Phone data Stingray,�predictive policing, etc…

37

NPR, 2020 [link]

ACLU, 2015 link

Many of these technologies are developed and maintained by private/for-profit corporations!!!

ShotSpotter

Ultimately, the technology does not particularly infringe on audio privacy.

However, it sets precedents on deployment, regulation, and state-corporate relations.

• Used as evidence in criminal cases
• Audio files are identified as gunshots by AI and human analysts
• AI classification informed by law enforcement customers
• E.g., testified that helicopter sounds reclassified at the request of police department
• Uses reports from police officers as ground truth
• High false positives (reporting gunshots when there are none)
• Chicago: 88.7% ShotSpotter alerts had no incidents involving a gun
• In marketing the product’s accuracy, could incite fear and false alarm (IVPM, link)
• Also, where to deploy this technology?

38

ACLU, 2020 [link]

ShotSpotter deployment

​

From the ACLU: Police pick neighborhoods based on where most shootings are

• overwhelmingly in communities of color
• already disproportionately have heavy police presence

​

• With false alarms, could lead to more unjustified over-policing in these communities.
• Could distort gunfire statistics and increase statistical justific

39

ACLU, 2020 [link]

U.S. Tech Corporate Presence in Authoritarian Governments

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

40

American Companies in China

Websites blocked in China:

• https://en.wikipedia.org/wiki/List_of_websites_blocked_in_mainland_China

​

Anybody want to guess why Bing is allowed to continue to operate?

• From the reading: https://www.bbc.com/news/world-asia-57367100

​

​

The history of Google and China is interesting!

• May inform how you treat your future career.

41

China and Google 2006-2010

Before 2010, Google offered a censored search engine at google.cn.

• 2006: launched google.cn
• “belief that the benefits of increased access … and a more open Internet outweighed our discomfort in agreeing to censor some results.”
• 2010: detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China…
• “we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists
• “accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties.”

42

Google, 2010 [link]

China and Google 2006-2010

Before 2010, Google offered a censored search engine at google.cn.

• 2006: launched google.cn
• “belief that the benefits of increased access … and a more open Internet outweighed our discomfort in agreeing to censor some results.”
• 2010: detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China…
• “we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists
• “accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties.”

43

Google, 2010 [link]

“These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.” [Link]

Two months later, Google decided to end its censored search product and forwarded users to its uncensored Hong Kong search engine google.hk, effectively exiting from the Chinese market. [Link]

• google.hk is inaccessible from mainland China.

44

China and Google? 2018/2019

2018: The Intercept leaked documents that suggested Google may be re-entering the Chinese market. [Link]

• “Documents seen by The Intercept, marked “Google confidential,” say that Google’s Chinese search app will automatically identify and filter websites blocked by the Great Firewall. When a person carries out a search, banned websites will be removed from the first page of results, and a disclaimer will be displayed stating that “some results may have been removed due to statutory requirements.”
• “The search app will also “blacklist sensitive queries” so that “no results will be shown” at all when people enter certain words or phrases, the documents state.”

​

45

The Intercept, 2018 [link]

Employee protest

For a long time, Google declined any official comment on this project.

• After the leaks, access within the company to documents related to the project were curtailed: “Everyone’s access to documents got turned off, and is being turned on [on a] document-by-document basis,” said one source. “There’s been total radio silence from leadership, which is making a lot of people upset and scared. … Our internal meme site and Google Plus are full of talk, and people are a.n.g.r.y.” [Link]
• Over 1400 employees signed a letter demanding more transparency, and at least five employees resigned in protest (including the guy from the article from this week’s reading). [Link]
• In 2019, Google told the U.S. Senate Judiciary committee that the project had been terminated.

46

The New York Times, 2019 [link]

China and Google 2018/2019: Jack Poulson

Jack Poulson (senior scientist who resigned):

• Was told: “We can forgive your politics and focus on your technical contributions as long as you don’t do something unforgivable, like speaking to the press.”
• “Complaints from a single rank-and-file engineer aren’t going to lead a company to act against its significant financial interests. But history shows that dissenters — aided by courts or the court of public opinion — can sometimes make a difference. Even if that difference is just alerting the public to what these companies are up to.”
• “Collective worker action has been a constant, if unappreciated, check on questionable projects at Google.”
• “If it is morally defensible, tech companies should have nothing to fear from discussions of the human rights implications of their work, whether that discussion happens in the boardroom or public square.”

47

The New York Times, 2019 [link]

BREAKOUT Question: ~10 Minutes

What should actions should be taken by an employee who disagrees with the company’s decision to participate in these technologies?

​

Padlet: https://tinyurl.com/cs195-lec07-worker

48

🤔🤔🤔

Closing Thoughts

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

49

Employee power and Sousveillance

You all have power!!! But harnessing it requires awareness.

• Listen to podcasts, talk to people
• Know who your engineers and customers are.

​

Surveillance:

• top-down, state observes people

Sousveillance:

• Bottom-down, people observe state
• Internet streams, videos posted to social media
• In the U.S., often around police brutality:
• George Floyd and Trayvon Martin among the most prominent
• Rodney King riots in Los Angeles, 1992 stemmed from a civilian video tape recording

50

Attendance Code, 1-minute

https://eecs.link/cs195here

​

​

51

✅

Attendance closes at the end of lecture.

Please submit your bCourses assignment by ~end of class (5:00pm Pacific).

[Extra] Turkey: A Case Study

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

52

Turkey: A Case Study [Bonus Content]

53

"The natural progress of things is for liberty to yield and government to gain ground." - Thomas Jefferson to Edward Carrington, 1788.

From Freedom House (link)

54

2012

2016

Turkey’s “freedom on the net score” has declined from 46 to 66 since 2012.

​

Government and Politics in Turkey

After World War I and a subsequent war of independence, the Republic of Turkey arose from the ashes of the ancient Ottoman Empire.

​

Foundation of the government was led by Mustafa Kemal Atatürk.

​

Three branch government:

• Legislature
• Executive: President (largely ceremonial), Prime Minister
• Judicial

​

The government is deeply secular (non-religious).

​

​

55

Recep Tayyip Erdoğan (Source)

In 1998, Istanbul’s mayor Recep Erdoğan was banned from public office and imprisoned for four months as part of a purge of perceived Islamist influence.

• Over 80 years, the military “has intervened four times to remove civilian governments that were thought to have lost control of the country or to have strayed from the principles of secularism or anti-Communism” (most recently in 1997)
• There is a widespread belief in Turkey (including by Erdoğan) that there exists a “deep state” which holds significant informal but real power.

​

In 2001, Erdoğan and others founded a new political party called the “Justice and Development Party” or “A.K. Party”.

• Swept the 2002 elections, claiming 2/3rds of the seats.
• Have been the dominant political faction ever since.

56

The AKP and Censorship of the Gezi Park Protests (Source)

Since taking power, the AKP has slowly ratcheted up censorship.

• In May 2013, 50 protesters took over Taksim Gezi Park, one of few remaining green spaces, slated for development.
• In response to brutal police crackdowns and previous disillusionment with the government, the protest grows out of control, eventually growing to include 2.5 million people.
• Traditional Turkish media outlets (much of which is close to the AKP) fail to cover the events, leaving social media to pick up the slack.
• Erdoğan calls Twitter “the worst menace to society”.
• Accuses unnamed foreign actors of inducing the protests. (Source)

�

57

The AKP and Censorship of a Corruption Scandal (Source)

In early 2014, several recordings were leaked on SoundCloud.

• In one, Erdoğan is “said to be heard talking about easing zoning laws for a construction tycoon in exchange for two villas for his family.“ (Source)
• In another, Erdoğan purportedly instructs his son to dispose of tens of millions of euros to evade a corruption investigation (Source).
• Erdoğan claims tapes are fabrications by an international conspiracy led by a US-based political rival Fethullah Gülen intending to destabilize the Turkish government (Source).
• In response, SoundCloud was banned (unclear for how long).

​

58

Other Internet Bans in Turkey (Source)

• In March 2014, Twitter was banned for failing to ban anonymous users posting links to evidence of corruption.
• Also in March 2014, Youtube was banned because of a posted video in which “top national security officials debated the possibility of faking an attack on Turkey in order to justify military intervention in Syria.”
• The Constitution Court overturned these bans in April and May citing that “the blanket blocking of entire platforms… violates freedom of expression provisions in Article 10 of the European Convention of Human Rights.”

​

59

Censorship in Turkey

Beyond simple censorship and filtering, Turkey has taken harsh actions against its citizens:

• College student Osman Garip was sentenced to a year in prison for insulting Erdogan repeatedly on Facebook.
• A Twitter user was sent to prison for 15 months for writing messages as “Allah” criticizing the Turkish government: “Here is very safe because there is no police.”
• Former Miss Turkey, Merve Buyuksarac, posted a satirical rewording of the Turkish national anthem on Instagram: “I am like a wild flood, I smash over the law and beyond. I follow state bids, take my bribe and live,” and was sentenced to 14 months of imprisonment, “suspended on condition that she not repeat any offensive remarks”. [Link]
• “At least 29 individuals face up to three years in prison for tweets that called on users to join protests, often by simply providing the locations of the protests” (regarding Gezi Park)

​

60

The Coup

On July 15, 2016, a portion of the Turkish Armed Forces attempted to seize control of the government while Erdogan was away. Physical infrastructure seized by plotters (bridges, airports, parliament, TV media).

​

Amazing role of social media (Link):

• When coup began, Facebook, Twitter, and Youtube blocked.
• Two hours later, opened back up, and social media campaign began to call Erdogan supporters into the streets.
• “The campaign reportedly included a direct text message from Erdogan to every mobile phone in the country. In what may have been the turning point of the entire affair, Erdogan was able to use his iPhone to broadcast a message to the Turkish people on FaceTime, demonstrating that he was still alive and fighting back.” (Link)�

61

The Aftermath

Government response was (naturally) harsh:

• Thousands of soldiers and judges arrested.
• More than 100,000 public workers (including police officers, teachers, soldiers, and others) are fired. [Link]
• Every university dean fired.
• 150 news outlets closed and others turned over to Erdogan loyalists who are now “avid cheerleaders for Mr. Erdogan and his policies.” [Link]

62

Erdogan’s End Game [Link] [Link] [Link]

Erdogan has long sought a rewriting of the constitution of Turkey.

• Key idea: Convert from a Parliamentary to Presidential system.
• First put forwards in 2005.

​

Until this January, did not have the 330 votes needed to rewrite constitution.

• January 20th, 2017: The AKP + far right nationalist party voted to rewrite constitution.
• National referendum on April 16, 2017 voted Yes. Takes effect in 2019.

​

Will be interesting to see how internet freedom evolves in Turkey in the coming years.

​

​

63

[Extra] TikTok, Huawei, WeChat

Public Safety vs. Public Surveillance

China: Overt Surveillance and Export

U.S.: Covert Surveillance

Surveillance Technologies and Local Police

U.S. Tech Corporate Presence in Authoritarian Governments

Closing Thoughts

[Extra] Several Case Studies

64

U.S. Officials Say Huawei Can Covertly Access Telecom Networks

Wall Street Journal, Feb 2, 2020 by Bojan Pancevski [Source]

• “U.S. officials say Huawei Technologies Co. can covertly access mobile-phone networks around the world through "back doors" designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.”
• “Intelligence shows Huawei has had this secret capability for more than a decade, U.S. officials said. Huawei rejected the allegations.”
• “When telecom-equipment makers sell hardware such as switching gear, base stations and antennas to cellphone carriers -- which assemble the networks that enable mobile communication and computing -- they are required by law to build in ways for authorities to tap into the networks for lawful purposes.”
• “U.S. officials said Huawei has built equipment that secretly preserves its ability to access networks through these interfaces, without the carriers' knowledge. “

65

Donald Trump extends Huawei ban through May 2021

The Verge, May 13, 2020 by Chaim Gartenberg [Source]

• “President Donald Trump has extended his executive order banning US companies from working with or buying telecommunications equipment from companies deemed a national security risk until May 2021, via Reuters.”
• “While the ban doesn’t explicitly call out specific companies, it’s been used to virtually shut down US operations with Chinese companies like Huawei, which can no longer sell products in the US or work with companies like Google or ARM for critical software and licenses.”
• “But since the order was issued in May 2019, the full ban hasn’t actually taken effect yet. While Huawei hasn’t been able to work with companies like Google on new devices, the company has gotten a series of temporary general licenses from the Commerce Department that have allowed it to still support existing hardware with software updates. “

66

WeChat threatens American values, but careless ban will make the world less free [WaPo OpEd 9/22]

• “PRESIDENT TRUMP has bestowed his “blessing” on the much-discussed TikTok deal. But absent such magnanimity, what happens to the Chinese messaging service WeChat? A federal court issued an injunction against the administration’s restrictions, which were... to take effect this past Sunday.”
• “WeChat has always been under greater threat of a ban in the United States than TikTok, and it also poses a greater threat. Where surveillance carried out via TikTok appears so far to be a hypothetical, on WeChat it is a documented reality — with the privacy of Chinese Americans in greatest danger.”
• “Where the picture of propagandizing and censorship on TikTok remains fuzzy, Xi Jinping’s regime very clearly shuts down WeChat users living in this country who don’t toe the party line. Authorities back home in China have knocked on the doors of U.S. users’ family members, evidently after observing critical comments on the app.”

67

WeChat threatens American values, but a careless ban will make the whole world less free

• “This puts the United States in a difficult position. Right now, China is getting away with exporting its censorship — depriving its citizens who travel here of the opportunity to experience a new place and a new culture by trapping them forever, and wherever, within its authoritarian digital borders.”
• “A U.S. ban, however, would mimic this bad behavior, and implicitly accept it as a model for the rest of the world that has not yet determined what kind of global Internet it will help build: a splintered system of national cyber-sovereignty, or one as open as the Web’s architects had hoped.”
• “A careless … ban on WeChat will make the whole world less free by depriving millions of people of the ability to communicate with their loved ones, [and] U.S. businesses of the ability to communicate with clients. The United States ought to ensure that any restrictions on freedom in the short run are part of a strategy to promote more freedom in the longer term.”

68

Trump Approves Deal Between Oracle and TikTok

New York Times, September 19, 2020 by Ana Swanson, David McCabe and Erin Griffith [Source]

• “President Trump said on Saturday that he had approved a deal between the Chinese-owned social media app TikTok and major American companies, an agreement that will delay the U.S. government’s threat to block the popular app in the United States over national security concerns.”
• “It’ll be a brand-new company,” Mr. Trump said. “It will have nothing to do with any outside land, any outside country.”
• “While Beijing has long banned American social media services, this is the first time that Washington has threatened to respond in kind. The United States has for decades embraced an open, largely unregulated vision of the internet. But in recent years, concerns about national security and geopolitics have led officials to bar Chinese technology from the networks, and now smartphones, used by Americans.”

69

TikTok

What are some potential security threats that TikTok presents?

• As Chinese media noted: Trump rally in Tulsa. Claim was that people used TikTok to make Trump’s Tulsa go badly. ByteDance (owner of TikTok) can push news that is positive in China.
• Children and minors are on TikTok. Handling that data is obviously sensitive.
• Examples of TikTok censorship. Free Hong Kong not mentioned on TikTok. No mention of Uyghurs.
• In U.S.: Will be push for stronger data privacy laws. Would be difficult to enforce if ByteDance controls the app from outside U.S. jurisdiction. Presumably everything gets dumped in a datalake.

70

Concerns with TikTok

• “Any time we talk about security, the first question is “security from what?” and “security for whom?” For some users, installing TikTok on their phone is a potentially dangerous move.”
• “There are people who may have concerns about China having access to their data who have not had the same concerns about the US or EU countries: student protesters in Hong Kong, Uighurs, Covid 19 researchers, executives at Fortune 500 companies concerned about theft of IP, journalists with sources in China that they want to protect, US government employees, military personnel stationed abroad.”

71

EFF, 2019 [link]

Concerns with TikTok

• “TikTok is not notably less secure than equivalent social media apps, though it has had its share of vulnerabilities, privacy violations, and dubious practices. But it is different from apps such as Facebook or Twitter in that it has employees in China, and its parent is subject to Chinese jurisdiction.”
• “Your data is vulnerable to pressure by the government of the country where it is physically located or where employees are located. Governments have a disturbing history of arresting employees to add pressure to their data demands.”
• “TikTok has said that they haven’t handed over any data to the Chinese government, but it’s reasonable to be skeptical of that claim. TikTok may be under a gag order that prevents the company from being honest about its data demands.”

72

EFF, 2019 [link]

Concerns with TikTok

• “For one thing, China vigorously censors foreign figures, and has banned any foreign app resembling TikTok. It is not, in other words, within the community of nations that adhere to liberal democratic freedoms on the internet, even very basic ones.”
• “TikTok and similar Chinese apps also pose identifiable national security risks. Government and market are intertwined in China, and Beijing may insist on companies’ turning over data. This is not a theoretical or trivial danger: China has reportedly compiled extensive profiles of tens of thousands of Australians, using data from TikTok and other social media sites, potentially for an intelligence advantage.”

73

Wired, 2020 [link]

The EFF’s Take on the TikTok Ban

• “It is ironic that, while purporting to protect America from China’s authoritarian government, President Trump is threatening to ban the TikTok app. Censorship of both speech and social media applications, after all, is one of the hallmarks of the Chinese Internet strategy. “
• “While there is significant cause for concern with TikTok’s security, privacy, and its relationship with the Chinese government, we should resist a governmental power to ban a popular means of communication and expression. “
• “Banning Americans from using the TikTok app would infringe the First Amendment rights of those users to express themselves online… While some may not consider TikTok integral to their own lives, these good-bye videos show how much TikTok means to its users.”

74

EFF, 2019 [link]

The EFF’s Take on the TikTok Ban

• “Even if the courts reviewed the ban as just a content-neutral restriction on the manner of speech, a complete TikTok ban is overly broad and not narrowly tailored to achieve the government’s national security purpose.“
• “ The vast majority of TikTok videos are not in any way related to national security, nor are their posters in substantially more danger of Chinese government spying than the users of other Chinese-owned technologies.“ [these include Riot Games (League of Legends) and GE Appliances]

75

EFF, 2019 [link]

From “The Progressive Case for a TikTok Sale“

• “WHEN THE UNITED States demanded in early August that TikTok be sold to American owners by this weekend, the backlash was vocal, loud, and widespread. Some felt the US had broken its commitment to internet freedoms, and become more like China or Saudi Arabia. Others saw it as President Trump’s personal revenge against an app whose users had wrecked his Tulsa rally and whose owners had refused to kiss his ring.”
• “Trump’s apparent motives are wrong-headed, but so is the tech-libertarian reaction.”
• “A hands-off approach was easier to defend in the 1990s, when the web was folksy and discrete, today’s giant tech firms were mere infants, and the proposed laws were crude. But the idea of leaving cyberspace alone has persisted, even as the idea that it is independent of nations and political communities has become absurd, and the consequences of tech neoliberalism have grown so stark as to engender popular resistance.”

76

Wired, 2020 [link]

From “The Progressive Case for a TikTok Sale“

• “A laissez-faire approach to data privacy has allowed the growth of business models based on attention capture, surveillance, and behavioral modification.“
• “Lax antitrust enforcement has allowed massive concentration of power in the tech sector.”
• “A general indifference to what happens on the internet has destabilized political and electoral systems, even allowing for foreign interference in democratic elections.”
• “In an era when the major platforms have nearly as much (if not more) influence and control over one’s life as any government, to say that they should get a free pass forever cannot be right.”

77

Wired, 2020 [link]

From “The Progressive Case for a TikTok Sale“

• “If tech neoliberalism has run its course, what are the alternatives? The first, long championed by China, is net nationalism, which makes the State the predominant authority over all things internet, and at bottom sees the network as nothing more than an instrument of state power.“
• “The natural reaction to net nationalism is to reassert the need for freedom, on the internet, from all government intervention.”
• “That’s not the only alternative, though. There is also the democratic tradition, which at its core holds that matters of great public importance ought to be decided by the people—and that popular sovereignty should control the excesses of both public and private power.”

78

Wired, 2020 [link]

From “The Progressive Case for a TikTok Sale“

• “Reasonable minds may disagree over whether an IPO or a sale to a US company is the best remedy. But most importantly, the TikTok controversy is an opportunity to think deeply about what the future of internet policy-making should be in this country. A continued principle of inaction cedes too much, amounting to a wholesale transfer of power and sovereignty to companies and foreign governments. In a democracy, government action is justified by public interest. That may sound like a simple premise, but it’s key to the idea of living in a free republic.”

79

Wired, 2020 [link]

Breakout Discussion

Is it reasonable for the United States to require TikTok to be sold lest they be banned from operating in the United States? Should WeChat be banned? How is this different than the Chinese approach to control of private platforms?

​

80

No disguising proposed TikTok deal is a dirty and underhanded trick

China Daily, September 23, 2020. No author name provided. [Source]

• “What the United States has done to TikTok is almost the same as a gangster forcing an unreasonable and unfair business deal on a legitimate company.”
• “The success TikTok has achieved — it is reportedly TikTok is expected to generate about a billion dollars in revenue by the end of 2020 — has apparently made Washington feel uneasy, and it has used national security as the pretext to ban the short video sharing app.”
• “China has no reason to give the green light to such a deal, which is dirty and unfair and based on bullying and extortion. If the US gets its way, it will continue to do the same with other foreign companies. Giving in to the unreasonable demands of the US would mean the doom of the Chinese company ByteDance.”

81

TikTok and the USA Today

TikTok Seen Moving Toward U.S. Security Deal, but Hurdles Remain

A draft agreement with the Biden administration to keep the Chinese-owned video app operating in the United States is under review. That could mean more wrangling.

https://www.nytimes.com/2022/09/26/technology/tiktok-national-security-china.html

​

82

BREAKOUT Question: ~10 Minutes

Should the US try to push TikTok towards being a “US Company”? Is it beneficial for the US to try to push out or exclude Chinese companies?

​

83

[Extra] More Slides

84

Full Take Audio and Metadata Collection

In 2014, it was revealed that the NSA was recording the audio of nearly every mobile call made in the Bahamas and (probably) Afghanistan (Link, Link)

• “The Bahamas is a stable democracy that shares democratic principles, personal freedoms, and rule of law with the United States… There is little to no threat facing Americans from domestic (Bahamian) terrorism, war, or civil unrest.” - State Department report [Link].
• Why the Bahamas? Conjecture in a Washington Post article: “The answer may lie in a document that characterizes the Bahamas operation as a “test bed for system deployments, capabilities, and improvements” to SOMALGET. The country’s small population – fewer than 400,000 residents – provides a manageable sample to try out the surveillance system’s feature.”
• In Afghanistan: Often unreliable mobile tracking information used for drone strike targeting (more in a later lecture, perhaps).

85

Yahoo Webcam Chat Interception (Link)

In a program codenamed Optic Nerve, the NSA and the UK equivalent (GCHQ) somehow intercepted Yahoo webcam chat videos.

• In 2008, captured video from 1.8 million yahoo users in 6 months.
• Stored one image for every 5 minutes of communication.
• “Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.“
• “Programs like Optic Nerve, which collect information in bulk from largely anonymous user IDs, are unable to filter out information from UK or US citizens.”
• “Unlike the NSA, GCHQ is not required by UK law to "minimize", or remove, domestic citizens' information from its databases.”

86

Key Leaks by Edward Snowden

PRISM (Link): (the big kahuna), collection of lots of data from major platforms through legal compulsion

EvilOlive (Link): American internet metadata

Calls, emails, texts of Germans (Link)

XKeyScore (Link)

MUSCULAR (Link) - intercepting of data in company’s private data centers (back door version of PRISM)

Cable taps (Link)

Recording of all mobile calls in the Bahamas and Afghanistan (Link)

​

87

The intelligence coup of the century

Washington Post, Feb 11, 2020 by Greg Miller [Source]

• “For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret.”
• “The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades, navigating waves of technology from mechanical gears to electronic circuits and, finally, silicon chips and software.”
• “The Swiss firm made millions of dollars selling equipment to more than 120 countries well into the 21st century… [including] Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.”
• “But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA… [which] rigged the company’s devices so they could easily break the codes that countries used to send encrypted messages.”

88

Fun read speculating about Crypto AG’s ownership from 2013: Link