With the recent news of the ham-fisted filtering of Wikipedia for over 95 percent of British Internet users by an unelected and unaccountable industry/government hybrid body, it seems like a good time to turn our attention to the issue of the fight against child pornography here in the U.S., and in particular, the freedoms we are willing to hand over along the way.
In this blog post, I will argue that the the time has come for President-elect Barack Obama to appoint a child pornography czar, whose office can take over the tasks currently performed by the powerful yet oversight-free organization: The National Center for Missing and Exploited Children (NCMEC).
However, before we begin, let me state that I, along with the rest of the civilized world, believe that child pornography is a Bad Thing (TM), and those who create or traffic in it are evil people. However, just as one can still support the troops while criticizing the war, I too have an objection to the way we're fighting this war. Actually, to be more accurate, I support the war on child porn, but object to the fact that it's been outsourced to Blackwater NCMEC. But in any case, I'm getting ahead of myself.
The National Center for Missing and Exploited Children
NCMEC was created by a congressional mandate in 1984, and coordinates the the efforts of law enforcement personnel, social service agency staff, elected officials, judges, prosecutors, educators, and elements of both the public and private sector to fight against all forms of child exploitation.
While NCMEC was created by Congress, is mostly funded by the U.S. government (and in particular, the Department of Justice), and plays a key role in assisting the FBI in its fight against child pornography, the organization isn't part of the U.S. government. It is, instead, a nonprofit, and thus not subject to the Freedom of Information Act, the Privacy Act, or limited by constitutional protections guaranteeing free speech, due process, and freedom from unreasonable search and seizure.
NCMEC's power
The National Center for Missing and Exploited Children already wields significant power as an unofficial Internet regulator, some of it granted by Congress, but most of it achieved through "consensual" agreements with Internet service providers. Consider these examples:
NCMEC acts as a clearing house for information and reports on child pornography. Thanks to the Protect Our Children Act of 2008, which was signed into law by the president in October, Internet service providers are now obligated to provide NCMEC with reports on any suspected child pornography that they detect on their networks. Failure to report such information to NCMEC is a crime.
As a result of a quasi-secret deal signed between NCMEC and the major cable companies earlier this year, NCMEC now provides these Internet providers with regularly updated lists of objectionable Web sites run by those cable customers. Upon receipt of a suspect URL, the ISPs immediately remove the files from the Web, with no appeal process for the owners of the Web sites. Oh, and as an added bonus, the ISPs are forbidden from mentioning NCMEC's name when notifying their customers of the takedown.
In June 2008, New York Attorney General Andrew Cuomo and NCMEC strong-armed several major ISPs into terminating their customers' access to Usenet news groups--due to the fact that a few hundred (of the tens of thousands of total Usenet groups) contained child pornography.
Likewise, just a few weeks ago, Craigslist was forced into a deal with 40 state attorneys general and NCMEC in which the site agreed to take steps to root out certain sexually themed or "erotic services" listings. Why NCMEC was concerned about consenting adults selling sex-related services via Craigslist remains unclear.
No oversight, no problems?
The sad truth is that no company can say no to NCMEC. Faced with the possibility of a press conference (perhaps even with an AG or two standing nearby) held in order to criticize the company's noncompliance with an anti-child porn project, any rational company would buckle. The bad PR from not doing so is simply too great.
NCMEC performs an extremely important task, one that has no doubt saved hundreds of children, and I'm glad that I don't have to do it. However, it is also rather strange to entrust this job to a private organization. If this is such an important task, why not give it to the FBI?
The answer to this might be the benefits that come from not being a federal agency: the complete lack of oversight or any requirement for transparency. NCMEC is able to sign secret deals with ISPs and strong-arm companies into cooperating without fear that a FOIA wielding public-interest lawyer or activist will unearth any information on the group's tactics or methods.
Criticism and fear
Over the past several weeks, I've spoken to a number of experts in the field of Internet law and policy. Many of those have strong feelings about NCMEC, but due to the extremely sensitive nature of the child pornography issue, few would go on record to voice their criticism.
Adam Thierer, a senior fellow at the libertarian Progress and Freedom Foundation told me that:
"Despite having the best of intentions, NCMEC has attained a level of authority over the Internet that should now qualify it for closer government scrutiny. The organization should either be covered by the Freedom of Information Act and other relevant government oversight laws and processes, or it should be converted entirely into a federal agency so that it is accountable for its actions as an Internet regulator."
John Morris, senior counsel for the Center for Democracy and Technology voiced similar concerns, telling me:
"We have very significant concerns about the outsourcing of prosecutorial and investigative functions to a non-government entity. And we believe that those functions should only be done (by those subject to) the First and Fourth Amendments, the Privacy Act, and The Freedom Of Information Act."
Other than these two gentlemen, no one else would go on the record.
Reform via a czar
Given its status as a sacred cow, we cannot expect any politician pay heed to calls to overhaul NCMEC or subject it to oversight. However, what we can do, is call for the nationalization of the National Center for Missing and Exploited Children.
Think of it this way: We have a drug czar, a war czar, a copyright czar, and will likely have a cybersecurity czar and car czar under the next administration. Why not throw a child porn czar into the mix? Nationalize NCMEC, make all of its workers federal employees, with good health care and job security, and perhaps even expand its budget--after all, it does good work, right?
NCMEC's job is simply too important to be entrusted to a nonprofit group--such a task can only be performed by a fully trained and funded law enforcement agency (one, which conveniently enough, is subject to the Freedom of Information Act, congressional oversight, and constitutional requirements for due process.)
Best of all, if anyone criticizes this call for a child exploitation czar, we can turn the trump card against them, and accuse them of not caring about the children.
On August 31, Lakshmana Kailash K. was arrested in Bangalore, India, and charged with posting insulting images of a revered historical figure on the Internet. The police claimed that he had uploaded disrespectful images of Chhatrapati Shivaji, the Indian equivalent of George Washington. Free speech, it seems, does not extend to that sort of thing in India.
No dissent allowed on Orkut.
(Credit: Skip The Budgie / Flickr)Normally, this wouldn't be a press-worthy story. After all, India is not the first country to take a hard line against Internet free speech. The Thai military regime blocked the entire YouTube Web site earlier this year after a single video posted to the site depicted a woman's feet touching the head of the country's king. Likewise, Turkey also recently blocked YouTube for a video insulting the country's founder.
So what makes this interesting? First, Mr. Kailash was alleged to have posted the pictures to Orkut, Google's redheaded stepchild of a social-networking site. Once Google divulged the IP address of the photo-uploader to the Indian authorities, the police sought the customer's identity from Airtel, one of the country's main telecommunication companies. This is where things get interesting. It turns out that the ISP gave the police the wrong information, and after three weeks behind bars, Mr. Kailash was released.
A police spokesperson was quoted by the Indo-Asian News Service as blaming the ISP for giving out the wrong information. "It is not our fault and Lakshmana should take Airtel to court and not us."
When contacted for comment, a Google spokesperson told me that, "Google has very high standards for user privacy and a clear privacy policy, and authorities are required to follow legal process to get information. In compliance with Indian legal process, we provided Indian law enforcement authorities with IP address information of an Orkut user." This was the only comment that Google's PR people would give me in response to a lengthy set of questions that I sent over. In particular, I asked if they had received a court order for the information, or merely a polite request from the police. Their response leaves things very hazy.
So what are the lessons to learn from this incident?
Given that Mr. Kailash didn't actually post the photos, I can't provide him with any advice for protecting his privacy on the Internet. All I can suggest is that he hire a very good lawyer, and attempt to take Airtel to the cleaners. If we assume, however, that Airtel eventually handed over the identity of the real "criminal," then perhaps some advice can be offered.
Internet crackdowns: First China, India next?
(Credit: ItzaFineDay / Flickr)Internet users: If you live in a country that does not respect freedom of speech and where you can get jailed for posting social commentary or otherwise subversive information to the Internet, technology can help you. Likewise, if you live in a country where the major telecom companies have willingly (and for a good profit) sold out their customers' privacy to large-scale illegal government surveillance, privacy-enhancing technologies can keep you safe.
The most important utility in any privacy-concerned Internet user's toolbox should be Tor, an anonymizing Web proxy. Based on technology originally designed by the U.S. Naval Research Labs, funded at one point by the Electronic Frontier Foundation and later by Voice of America, Tor has support from a strange yet wide variety of private and public groups. The EFF has published a guide to blogging anonymously, which is primarily based on Tor. Simply put, had the Indian Orkut user signed up for his account and posted the insulting photographs using Tor, neither he nor any other innocent Airtel customers would be locked up.
While this incident didn't come anywhere close to dissidents fighting for democracy, some strong parallels can be drawn between Google's decision to hand over IP addresses to Indian police, and that of Yahoo, which has handed over the IP addresses of pro-democracy activists to the Chinese authorities on multiple occasions. As a result of the company's snitching, Yahoo is facing a lawsuit, and a U.S. congressman has proposed legislation to make the company's actions illegal. Interestingly, the Global Online Freedom Act, which was proposed by Representative Christopher Smith (R-NJ) in 2006, could also cause problems for any future India-based snitching by Google, should it ever become law.
The bill, if passed into law, would prohibit any U.S. Internet company from providing any foreign official of an Internet-restricting country information that "personally identifies a particular user...except for legitimate foreign law enforcement purposes as determined by the Department of Justice." Companies that violated this prohibition could be sued in U.S. courts by those foreigners whose information they divulged. Fortunately for the Internet giants, the bill has been stuck in committee since 2006 and doesn't show any signs of life.
- prev
- 1
- next
