By ERIC E. SCHMIDT and JARED COHEN
The New York Times
OVER the next decade, approximately five billion people will become connected to the Internet. The biggest increases will be in societies that, according to the human rights group Freedom House, are severely censored: places where clicking on an objectionable article can get your entire extended family thrown in prison, or worse.
The details aren’t pretty. In Russia, the government has blocked tens of thousands of dissident sites; at times, all WordPress blogs and Russian Wikipedia have been blocked. In Vietnam, a new law called Decree 72 makes it illegal to digitally distribute content that opposes the government, or even to share news stories on social media. And in Pakistan, sites that were available only two years ago — like Tumblr, Wikipedia and YouTube — are increasingly replaced by unconvincing messages to “Surf Safely.”
The mechanisms of repression are diverse. One is “deep packet inspection” hardware, which allows authorities to track every unencrypted email sent, website visited and blog post published. When objectionable activities are detected, access to specific sites or services is blocked or redirected. And if all else fails, the entire Internet can be slowed for target users or communities.
In other cases, like in Ukraine, sites are taken offline with distributed-denial-of-service attacks, which overwhelm a server with digital requests, or else the routing system of the national Internet system is tampered with to make entire sites mysteriously unreachable. Entire categories of content can be blocked or degraded en masse; in Iran, we hear that all encrypted connections are periodically severed and reset automatically.
How common is each tactic? Reliable data can be scarce. Measuring patterns of censorship brings its own risks: If you repeatedly check whether “objectionable” content is being blocked, you risk becoming a target yourself.
And while the technologies of repression are a multibillion-dollar industry, the tools to measure and assess digital repression get only a few million dollars in government and private funding. Private and academic centers like the Citizen Lab in Toronto are building detection tools, but we are still in the early days of mapping the reach of digital censorship.
Of course, detection is just the first step in a counterattack against censorship. The next step is providing tools to undermine sensors, filters and throttles.
Again, the groundwork is being laid. For years, a vibrant community of engineers from San Francisco to Beijing have collaborated on circumvention technologies to shield dissidents from surveillance. One such tool, called Tor, has been used by tech-savvy dissidents around the world for over a decade.
Our travels have taken us to North Korea, Saudi Arabia and other countries grappling with repression. Yet when we meet dissidents and members of harassed minorities, we are surprised by how few of them use systems like Tor.
Trust is perhaps the most fundamental issue. In Iran, online bazaars sell services that promise secure access. Yet rumors swirl that these services are covertly provided by the Iranian government, and can be monitored or terminated at any time.
Scalability is another problem. One popular approach, virtual private networks, allow users in a repressively censored place like Syria to “proxy” the connections through a computer in a more open place like Norway. But when thousands of users connect to a single intermediary, the repressive government notices, and shuts them down.
The final challenge is usability. Engineers can build sophisticated algorithms, but they’re useful only if a member of, say, the Kurdish minority in Iran can figure out how to install them on her low-bandwidth phone.
None of these challenges are new. What is new is the possibility to overcome them — if we make the right public and private investments. For example, software using peer-to-peer algorithms lets users route an Internet connection through another computer without having to go through a V.P.N., helping to address the trust and scalability issues.
These algorithms don’t resolve the trust issue completely. How do you know you’re actually connecting to your friend, not a government agent? Ten years ago, this challenge would have been a deal breaker for many people. But today it’s possible to use networks like Facebook or Google Hangouts to verify one another’s identities similarly to how we do offline.
Obfuscation techniques — when one thing is made to look like another — are also a path forward. A digital tunnel from Iran to Norway can be disguised as an ordinary Skype call. Deep packet inspection cannot distinguish such traffic from genuine traffic, and the collateral damage of blocking all traffic is often too high for a government to stomach.
Finally, advances in user-experience design practices are a big, if not obvious, boon. The Internet is becoming easier to use, and the same goes for circumvention technologies — which means that activists will face less of a challenge getting online securely.
Much of the fight against censorship has been led by the activists of the Internet freedom movement. We can join this open source community, whether we are policy makers, corporations or individuals. Money, coding skills or government grants can all make a difference.
Given the energies and opportunities out there, it’s possible to end repressive Internet censorship within a decade. If we want the next generation of users to be free, we don’t see any other option.