The real reason why Amazon cut off WikiLeaks

Dave Winer thinks he knows. And my guess is that he’s right.

Here’s how he tells it.

Today I got a promotional email from Kay Kinton, Senior Public Relations Manager for Amazon Web Services, entitled “Amazon Web Services Year in Review.” It contained a paragraph, quoted below, that explains how their government business grew in 2010.

“Government adoption of AWS [Amazon Wb Services] grew significantly in 2010. The Recovery Accountability and Transparency Board became the first government-wide agency to migrate to a cloud-based environment when it moved Recovery.gov to AWS in March 2010. Today we have nearly 20 government agencies leveraging AWS, and the U.S. federal government continues to be one of our fastest growing customer segments. The U.S. General Services Administration awarded AWS the ability to provide government agencies with cloud services through the government's cloud storefront, Apps.gov. Additional AWS customers include Treasury.gov, the Federal Register 2.0 at the National Archives, the openEI.org project at DoE’s National Renewable Energy Lab, the Supplemental Nutrition Assistance Program at USDA, and the Jet Propulsion Laboratory at NASA. The current AWS compliance framework covers FISMA, PCI DSS Level 1, ISO 27001, SAS70 type II, and HIPAA, and we continue to seek certifications and accreditations that make it easier for government agencies to benefit from AWS. To learn more about how AWS works with the federal government, visit: http://aws.amazon.com/federal/.”

Dave writes that “It makes perfect sense that the US government is a big customer of Amazon’s web services. It also makes perfect sense that Amazon wouldn’t want to do anything to jeopardize that business. There might not have even been a phone call, it might not have been necessary.”

This strikes me as being spot on. Amazon’s original reasons for dropping WikiLeaks always seemed feeble — and indeed unlikely to stand up in court. But the company’s decision has been useful in drawing attention to the underlying issue. Political discourse is increasingly conducted via cloud services like Amazon’s. That means that it’s moved into a space that is essentially private. As someone observed at the beginning of the WikiLeaks affair, it’s as if our political discourse had moved from the parks and streets and into shopping malls. And that means that important aspects of free speech will henceforth exist at the mercy of corporate whim. This is bad news for democracy.

The Assange interview

This and John Humphreys’s Radio 4 interview provide a fascinating case-study in the efficacy of different interviewing styles. Humphreys’s confrontational approach revealed interesting thngs about Assange’s personality. Frost’s softer style elicits much more information about WikiLeaks.

Porn, cash and the slippery slope to the National Security State

One of the most unsettling experiences of the last decade has been watching Western democracies sleepwalking into a national security nightmare. Each incremental step towards total surveillance follows the same script. It goes like this: first, a new security ‘threat’ is uncovered, revealed or hypothesised; then a technical ‘solution’ to the new threat is proposed, trialled (sometimes) and then implemented — usually at formidable cost to the public; finally, the new ‘solution’ proves inadequate. But instead of investigating whether it might have been misguided in the first place, a new, even more intrusive, ‘solution’ is proposed and implemented.

In this way we went from verbal questioning to pat-down searches at airports, and thence to x-ray scanning of cabin-baggage, to having to submit laptops to separate scanning (including, I gather, examination of hard-disk files in some cases), to having to take off our shoes, to having all cosmetic fluids (including toothpaste) inspected, and — most recently — to back-scatter x-ray scanning which reveals the shape of passengers’ breasts and genitals. It may be that we will get to the point where only passengers willing to stip naked are allowed to board a plane. The result: a mode of travel that was sometimes pleasant and usually convenient has been transformed into a deeply time-consuming, stressful and unpleasant ordeal

The rationale in all cases is the same; these measures are necessary to thwart a threat that is self-evidently awful and in that sense the measures are for the public good. We are all agreed, are we not, that suicidal terrorism is a bad things and so any measure deemed necessary to prevent it must be good? Likewise, we all agree that street crime and disorder is an evil, so CCTV cameras must be a good thing, mustn’t they? So we now have countries like Britain where no resident of an urban area is ever out of sight of a camera. And of course we all abhor child pornography and paedophilia, so we couldn’t possibly object to the Web filtering and packet-sniffing needed to detect and block it, right? A similar argument is used in relation to file-sharing and copyright infringement: this is asserted to be ‘theft’ and since we’re all against theft then any legislative measures forced on ISPs to ‘stop theft’ must be justified. And so on.

So each security initiative has a local justification which is held to be self-evidently obvious. But the aggregate of all these localised ‘solutions’ has a terrifying direction of travel — towards a total surveillance society, a real national security state. And anyone who expresses reservations or objections is invariably rebuffed with the trope that people who have nothing to hide have nothing to fear from these measures.

In the UK, a novel variation on this philosophy has just surfaced in Conservative (capital C) political circles. A right-wing Tory MP who is obsessed with the threat of Internet pornography has been touting the idea that broadband customers who do not want their ISPs to block access to pornography sites should have to register that fact with the ISP. (This is to ‘protect’ children, of course, in case the poor dears should mistype a search term and see images of unspeakable acts in progress.) Last Sunday a British newspaper reported that the communications minister, Ed Vaizey, is concerned about the availability of pornography and says he would quite like ISPs to do something about it for him. According to The Register, “he plans to call the major players to a meeting next month to discuss measures, including the potential for filters that would require those who do want XXX material to opt their connection out”.

The Register doesn’t take this terribly seriously, because it’s convinced that Vaizey is too shrewd to get dragged into the filtering mess that afflicted the Australian government. Maybe he is, but suppose he finds himself unable to hold back the tide of backbench wrath towards the evil Internet, with its WikiLeaks and porn and all. The implicit logic of the approach would fit neatly with everything we’ve seen so far. First of all, the objective is self-evidently ‘good’ — to protect children from pornography. Secondly, we’re not being illiberal — if you want to allow porn all you have to do is to register that fact with your ISP. What could be fairer than that?

But then consider the direction of travel. What if some future government decides that children should not be exposed to, say, the political propaganda of the British National Party? After all, they’re a nasty pack of xenophobic racists. And then there are the animal rights activists — nasty fanatics who put superglue in butchers’ shop doors on Christmas eve. Why should thay enjoy “the oxygen of publicity”? And then there are… Well, you get the point.

Stowe Boyd has an interesting post about another bright security wheeze which has really sinister long-term implications. Since terrrists and drug barons use cash, why not do away with the stuff and switch over to electronic money instead?

In a cashless economy, insurgents’ and terrorists’ electronic payments would generate audit trails that could be screened by data mining software; every payment and transfer would yield a treasure trove of information about their agents, their locations and their intentions. This would pose similar challenges for criminals.

Who would such a system benefit, asks Boyd?

Not the part-time sex worker, trying to make ends meet in a down economy. Not the bellman at the airport, whose tips might disappear after the transition to cards. Not the homeless guy I gave $2 to the other day, or the busker playing guitar in the train station. Or the Green Peace folks collecting coins at the park.

The ones that benefit are the those selling the cards and the readers. And the policy-makers who want to see the flow of cash to find — supposedly — drug lords and terrorists, but secretly want to know everything about everybody.

But this is the argument for pervasive surveillance again. In the name of security and safety, they say we should all accept the intrusion of the government into our private lives so that the state can be protected from its enemies. After all, they say, if we aren’t doing anything illegal, why should we care? What have we got to hide?

But we have the right to privacy in our doings. We don’t have to say why we want privacy: it is our right.

And the shadowy doings at the margins of people’s lives are exactly the point of privacy. The man funneling money to a child born to his mistress without his wife’s knowledge, or a woman loaning money to her brother without her husband knowing: they want anonymous cash.

Boyd thinks that cash is a prerequisite of a free society, and he’s right.

“Cash”, he says,

is not a metaphor for freedom, it is a requirement of freedom. A strong society that accepts human nature without moralizing will always have anonymous cash. Only totalitarian governments — where everything not expressly required is illegal — would want to monitor the flow of every cent.

.

“Net neutrality” — now that would be a good idea.

Dave Winer’s post about Net Neutrality reminded me of the story about Mahatma Gandhi arriving at Tilbury Docks in London and being asked by a reporter what he thought of Western Civilisation. “Ah”, said the Mahatma, thoughtfully. “Western civilisation — now that would be a good idea.”

The idea is that the transport layer, operated by telephone companies and cable companies, must transport all bits across their lines at the same rate and cost. Nice idea, but it’s hypocritical to demand that of their vendors when they don’t provide it to their users. For some reason they are never called on this hypocrisy by the tech press.

At the PDFleaks conference in NYC last Saturday I said that after Amazon booted WikiLeaks from EC2 that signaled very clearly that there is no such thing as net neutrality. Here’s a service provider, very analogous to Comcast and Verizon, that decided it wasn’t in its economic interest to carry a user’s bits. It wasn’t just about the level or cost of the service, they cut them off totally. Without adequate explanation of why. Saying they were doing something illegal is no explanation at all. That’s not for Amazon to decide, that’s for the courts. Due process is required to prove that something illegal is happening. And many legal experts believe that there’s nothing illegal about WikiLeaks.

Yep. That’s why one of the long-term implications of the WikiLeaks row will be a re-evaluation of the value and risks of cloud computing.

Biden loses it

I blogged yesterday about the contradictory hysteria implicit in the Obama Administration’s reaction to WikiLeaks. But it turns out that Vice-President Biden’s remarks on Meet the Press were even more absurd than we had been led to believe.

The US vice-president, Joe Biden, today likened the WikiLeaks founder Julian Assange to a “high-tech terrorist”, the strongest criticism yet from the Obama administration.

Biden claimed that Assange has put lives at risk and made it more difficult for the US to conduct its business around the world.

His description of Assange shows a level of irritation that contrasts with more sanguine comments from other senior figures in the White House, who said the leak of diplomatic cables has not done serious damage.

Interviewed on NBC’s Meet the Press, Biden was asked if the administration could prevent further leaks, as Assange warned last week. “We are looking at that right now. The justice department is taking a look at that,” Biden said, without elaborating.

It’s interesting, also, to see how Obama has been keeping out of this — so far, anyway. But if he thinks that the muck raked by Biden won’t stick to him, he’s wrong.

The Anonymous protestors are not zombies

As usual, Richard Stallman gets to the point.

Calling these protests DDoS, or distributed denial of service, attacks is misleading, too. A DDoS attack is done with thousands of ‘zombie’ computers. Typically, somebody breaks the security of those computers (often with a virus) and takes remote control of them, then rigs them up as a ‘botnet’ to do in unison whatever he directs (in this case, to overload a server). The Anonymous protesters’ computers are not zombies; presumably they are being individually operated.

No – the proper comparison is with the crowds that descended last week on Topshop stores. They didn’t break into the stores or take any goods from them, but they sure caused a nuisance for the owner, Philip Green. I wouldn’t like it one bit if my store (supposing I had one) were the target of a large protest. Amazon and MasterCard don’t like it either, and their clients were probably annoyed. Those who hoped to buy at Topshop on the day of the protest may have been annoyed too.

The internet cannot function if websites are frequently blocked by crowds, just as a city cannot function if its streets are constantly full by protesters. But before you advocate a crackdown on internet protests, consider what they are protesting: on the internet, users have no rights. As the WikiLeaks case has demonstrated, what we do online, we do on sufferance.

In the physical world, we have the right to print and sell books. Anyone trying to stop us would need to go to court. That right is weak in the UK (consider superinjunctions), but at least it exists. However, to set up a website we need the co-operation of a domain name company, an ISP, and often a hosting company, any of which can be pressured to cut us off. In the US, no law explicitly establishes this precarity. Rather, it is embodied in contracts that we have allowed those companies to establish as normal. It is as if we all lived in rented rooms and landlords could evict anyone at a moment’s notice…

Diplomatic and Internet protocols

Interesting openDemocracy piece by Luis de Miranda.

In what way are the Internet and diplomacy similar? Both are governed by very strict protocols, but their strictures are somehow each others’ opposites. Diplomatic protocol lives on the surface of things, a layer of varnish that actually allows all the treachery, hypocrisy and dirty dealings to go on. The protocol is theatre, while shenanigans play out in the shadows. The rigor of the Internet, on the other hand, operates in all that is invisible: the source code, the programming language standards, the networking standards (TCP/IP, HTML, RFCs). What is on the surface on the web is joyful chaos, depravity, free expression, every manifestation of the kaleidoscope of humanity. We have all been somewhat aware of the stuffy old world of diplomatic protocol, the attention to etiquette and to the rank of governments and their envoys. We are less familiar with the new world of digital protocol…

WikiLeaks and the Innovator’s Dilemma

Very thoughtful essay by David Rieff in The New Republic. He sees WikiLeaks as a disruptive innovation in the sense that Clayton Christensen used it to describe “business innovations that improve a product or service in ways that the market does not expect, usually either by lowering the price or redesigning for a different market or a different set of consumers”. At first glance, Rieff writes,

Wikileaks would seem to be far from this world of business innovation. And yet it isn’t. To the contrary, what Wikileaks does is exactly what a disruptive product does: As with nanotechnology, it supersedes the way information is made available to the general public; and, as with open source software, it challenges the idea of what the public can know and how it can know it.

In the former case, Wikileaks breaks the established transmission network of office holders and diplomats leaking some information to trusted journalists and pundits, who then transmit it to the public. And, in the latter, it insists that there is simply no such thing as proprietary information, which in the context of diplomacy means it does not acknowledge the state’s right to keep secrets. Here, the state is like Microsoft, with its closed-source technology, while Wikileaks is the open-source alternative.

And, again as with open-source software, there is no going back. Julian Assange may go to prison in Sweden, or even be extradited to the United States, and, though it is far less likely, Wikileaks itself may be shut down. But, for better or worse, the Wikileaks model is here to stay. For, as it turns out, the web is not just a place for shopping, or searching for pornographic images, or finding virtual communities of like-minded people, it is the new bloody crossroads of our politics.

This is another example of the thoughtful writing that has emerged as the implications of Cablegate begin to sink in. We really have passed an inflection point. When the history of this period comes to be written, my guess is that the last few weeks will be seen as the point where the established order finally wike up to the fact that it has a serious challenge on its hands.

Quote of the week

“In media history up to now, the press is free to report on what the powerful wish to keep secret because the laws of a given nation protect it. But Wikileaks is able to report on what the powerful wish to keep secret because the logic of the Internet permits it. This is new.”

Jay Rosen.

WikiLeaks: five expert opinions

The New York Times has a thoughtful set of contributions from various experts on the significance of the WikiLeaks disclosures.

Evgeny Morozov, a Stanford scholar who has a book about the “dark side of Internet freedom” coming out in January, ponders the likelihood that WikiLeaks can be duplicated, and finds it unlikely.

A thousand other Web sites dedicated to leaking are unlikely to have the same effect as WikiLeaks: it would take a lot of time and effort to cultivate similar relationships with the media. Most other documents leaked to WikiLeaks do not carry the same explosive potential as candid cables written by American diplomats.

One possible future for WikiLeaks is to morph into a gigantic media intermediary — perhaps, even something of a clearing house for investigative reporting — where even low-level leaks would be matched with the appropriate journalists to pursue and report on them and, perhaps, even with appropriate N.G.O.’s to advocate on their causes. Under this model, WikiLeaks staffers would act as idea salesmen relying on one very impressive digital Rolodex.

Ron Deibert from the University of Toronto thinks that the “venomous furor” surrounding WikiLeaks, including charges of “terrorism” and calls for the assassination of Julian Assange, has to rank as “one of the biggest temper tantrums in recent years”.

Many lament the loss of individual privacy as we leave digital traces that are then harvested and collated by large organizations with ever-increasing precision. But if individuals are subject to this new ecosystem, what would make anyone think governments or organizations are immune? Blaming WikiLeaks for this state of affairs is like blaming a tremor for tectonic plate shifts.

Certainly a portion of that anger could be mitigated by the conduct of WikiLeaks itself. The cult of personality around Assange, his photoshopped image now pasted across the WikiLeaks Web site, only plays into this animosity. So do vigilante cyberattacks carried out by supporters of WikiLeaks that contribute to a climate of lawlessness and vengeance seeking. If everyone can blast Web sites and services with which they disagree into oblivion — be it WikiLeaks or MasterCard — a total information war will ensue to the detriment of the public sphere.

An organization like WikiLeaks should professionalize and depersonalize itself as much as possible. It should hold itself to the highest possible ethical standards. It should act with the utmost discretion in releasing into the public domain otherwise classified information that comes its way only on the basis of an obvious transgression of law or morality. This has not happened.

Ross Anderson, who is Professor of Security Engineering at Cambridge and the author of the standard textbook on building dependable distributed information systems, thinks that the WikiLeaks saga shows how governments never take an architectural view of security.

Your medical records should be kept in the hospital where you get treated; your bank statements should only be available in the branch you use; and while an intelligence analyst dealing with Iraq might have access to cables on Iraq, Iran and Saudi Arabia, he should have no routine access to information on Korea or Zimbabwe or Brazil. But this is in conflict with managers’ drive for ever broader control and for economies of scale.

The U.S. government has been unable to manage this trade-off, leading to regular upsets and reversals of policy. Twenty years ago, Aldrich Ames betrayed all the C.I.A.’s Russian agents; intelligence data were then carefully compartmentalized for a while. Then after 9/11, when it turned out that several of the hijackers were already known to parts of the intelligence community, data sharing was commanded. Security engineers old enough to remember Ames expected trouble, and we got it.

What’s next? Will risk aversion drive another wild swing of the pendulum, or might we get some clearer thinking about the nature and limits of power?

James Bamford, a writer and documentary producer specializing in intelligence and national security issues, thinks that the WikiLeaks disclosures are useful in forcing governments to confess.

A generation ago, government employees with Communist sympathies worried security officials. Today, after years of torture reports, black sites, Abu Ghraib, and a war founded on deception, it is the possibility that more employees might act out from a sense of moral outrage that concerns officials.

There may be more employees out there willing to leak, they fear, and how do you weed them out? Spies at least had the courtesy to keep the secrets to themselves, rather than distribute them to the world’s media giants. In a sense, WikiLeaks is forcing the U.S. government into the confessional, with the door wide open. And confession, though difficult and embarrassing, can sometimes cleanse the soul.

Fred Alford is Professor of Government at the University of Maryland and thinks that neither the Web operation WikiLeaks, nor its editor-in-chief, Julian Assange, is a whistle-blower.

Whistle-blowers are people who observe what they believe to be unethical or illegal conduct in the places where they work and report it to the media. In so doing, they put their jobs at risk.

The whistle-blower in this case is Bradley Manning, an United States Army intelligence analyst who downloaded a huge amount of government classified information, which was made public by WikiLeaks. Whether or not Manning’s act serves the greater public interest is a contentious issue, but he has been arrested and charged with unlawful disclosure of classified data.

Some have compared the role of WikiLeaks to that of The New York Times in the publication of the Pentagon Papers several decades ago. WikiLeaks is the publishing platform that leverages the vast and instantaneous distribution capacity of the Internet.

The WikiLeaks data dump challenges a long held belief by many of us who study whistle-blowing — that it is important that the whistle-blower have a name and face so that the disclosures are not considered just anonymous griping, or possibly unethical activity. The public needs to see the human face of someone who stands up and does the right thing when none of his or her colleagues dare.

But he also thinks that “for better and worse, this changes whistle-blowing as we’ve known it.”