In a purported effort to cut down on "ID sharing" in Beijing's Internet cafes, the government will require that by the end of 2008, first-time visitors will have their picture taken and ID scanned before being allowed online, according to The Beijing News and the China Media Project.
Users were already required to show identification when they entered, a rule that has been spottily enforced at times but more strictly, by most accounts, since preparations for the Olympics began. David Bandurski at China Media Project writes:
The newspaper quoted Li Fei (李菲), a spokesperson for the Beijing Cultural Law Enforcement Agency, as saying the policy was aimed at preventing "ID sharing" (一证多用). The monitoring platform will allow enforcement officials to target any terminal at any Internet bar in the city to compare the user with registered information.
Perhaps this is indeed aimed at "ID sharing," but another piece that Bandurski quotes, an editorial in the China Youth Daily, sees the new policy as creating the potential for invasion of privacy.
In this monitoring system that renders users "naked," how will the freedom and privacy of citizens using the Internet be protected? The Beijing Cultural Law Enforcement Agency reassures us that these controls end with the enforcement team's monitoring platform and that we "have no need to be concerned about the leaking of personal information."
But aside from worrying that personal information might be leaked to others, we also worry that the freedom of our online communication and the privacy of our conversations will be betrayed by public power.
Under this platform of "monitoring of any terminal at any Internet bar in the city," won't monitoring mean that enforcement officials will have the right or the opportunity to view our chat histories? Can they not read our private correspondence at will? Won't any and all online behavior fall under the eyes of the enforcement officials?
If this is the case, then all Web users really are "entirely naked," if only before a limited number of enforcement personnel.
Read a fuller quote from the editorial in Bandurski's post.
Security researchers recently found that IM conversations on the Chinese Skype program were not only filtered, but also recorded on a massive, nonsecure, server. The possibility of surveillance flies in the face of Skype's supposed strong encryption, and has provoked outcry among privacy advocates.
Users of the TOM-Skype platform, marketed in cooperation with a Chinese company, were "regularly scanned for sensitive keywords, and if present, the resulting data [were] uploaded and stored on servers in China," according to the report by Nart Villeneuve. Voice communications may have been catalogged, but researchers reported they did not find recorded conversations.
It wasn't just TOM-Skype users who were affected. Any Skype user who communicated with a TOM-Skype user was vulnerable, according to the report. And it didn't appear that keywords were the only trigger. Other factors, possibly individual usernames, might have been used to catalog data.
Villeneuve has posted a Q&A on his website that outlines some of the most common questions. (h/t Rebecca)
Although TOM-Skype was designed to prevent transmission of some keywords, such as an un-redacted "f*ck," Skype had claimed the filtering happened before the message was encrypted for transmission to the receiver, Villeneuve writes in the Q&A. His findings, if true, would contradict this claim.
Free expression advocates have been sharply critical of eBay, Skype's parent company, for this behavior. Rebecca MacKinnon, a professor at Hong Kong University and an expert on Chinese internet restrictions, writes:
"While Skype claims to have fixed the problem, the fact that TOM-Skype was enabling surveillance and privacy breaches in such a shocking manner for a significant period of time demonstrates that eBay/Skype as a company has not placed enough emphasis on protecting users' rights and interests."
Aside from an outpour from censorship activists, this finding also shows that many messages that were logged without users' knowledge were available to a hacker because the servers storing the information were not secure. The report notes that the servers were probably compromised before what the researchers might consider their "benign attack."
In fact, evidence suggests that the servers used to store captyured data have been compromised in the past and used to host pirated movies and torrents (for peer-to-peer file sharing).
Obviously, people who want to communicate securely in China will need to use other technologies.
Sinobyte commenters have raised two good questions about Internet freedom during the Olympics, set for August 8 to 28 in Beijing. I'm going to give the best kind of answer available for each: an educated guess.
I had written about "free Wi-Fi," which hasn't yet really started working, but is slated to be available during the games in some key areas of the city.
Commenter DangerousOffender asks: How "free" will the access be? Will users be able to access the entire internet, or will it be censored?
I was referring, of course, to "free of charge," but this is a good question. In recent years, no public internet connection has been completely unfiltered. Censorship works in a few different ways: some Web sites are simply blocked at the IP level, making it impossible to access them without a proxy; certain sensitive terms in pages, if detected by filters, can cause the connection to be disrupted; and sensitive terms that appear as part of a URL can trigger a similar disruption.
In the lead up to the Olympics, many online limitations have been relaxed. Access to BBC News was restored. Blogspot has been unblocked, blocked again, and is presently available from this connection in Beijing. English Wikipedia is available, but Chinese Wikipedia is still blocked. After pressure from the International Olympic Committee, the Beijing committee has promised fewer restrictions, but since some ISPs do the censorship themselves to avoid trouble with authorities, any "opening" may not trickle down to every connection.
Rumor has it, anyway, that top hotels full of foreigners and journalists will have unfettered access. I doubt this will be a citywide phenomenon, let alone a national loosening.
JeffW42 asks: How monitored will it be? Will your e-mails be reviewed for "offensive" material, and username and password stored for later reference?
While we have some guesswork to do on censorship, there's even more to do on surveillance. Let's focus on capability and relevance.
Capability: Chinese authorities are viewed by many around the world in governments and other fields as highly capable in infiltrating computer systems. While the Chinese government denies it every time, U.S. authorities say attacks of various kinds have come from China. What's more important is this: We know the government has access to the gateways between China and the rest of the Internet. It should be assumed that, just as any traffic can be filtered for keywords, any traffic can be more closely monitored.
Relevance: The fact that authorities could capture your traffic does not necessarily mean your passwords could be captured. A properly configured SSL-based password system, standard on most websites, should make password capture very difficult if not impossible. Though I am not a security expert, my sense is that this sort of surveillance would be a very low priority for Chinese authorities.
On the question of reviewing e-mail for content, it seems highly unlikely that e-mail would be blocked. If you're planning a big protest or something, however, expect that you and your buddies are on some kind of list for closer monitoring. Simple measures can make all communication much more smooth and quick during high-filtering periods. Users of Gmail, for instance, found that while a normal HTTP connection was extremely slow during the recent unrest in Tibet, using SSL by typing in https://mail.google.com/ (the added "s" is the key) made the connection faster, and e-mails containing sensitive terms were delivered more consistently.
A little perspective
Much is made of China's Internet restrictions. A few things of note, before one seizes on this as unique. I'm not trying to argue that the restrictions are good, but I think a lot of people take this phenomenon and turn it into an anti-Chinese trope without placing it in a bit of a context.
- A study found that most Chinese approved of government controls over the Internet.
- Several students at elite universities I have met in Beijing had no idea there was any censorship.
- The U.S. government, for example, is not exactly free of programs to monitor its citizens' communications.
- China has a lot of surveillance cameras, but so does Britain.
Now, if you can get a visa to China, come on over and enjoy the games. I hear lots of the hotels are wide open.
- prev
- 1
- next
