From digital to physical

When the Internet became accessible to the general public, it was viewed as a “highway for information”. Even in the early days, the Internet had already a wealth of information, more easily obtainable than ever before, and in quantities even the largest physical databases had trouble to, and eventually couldn not match.

The Internet was not owned by anyone, which angered some, and delighted others. There were those who wished to exploit the web for what it did best: getting as much data as possible (regardless if private or not), while others had the opposite intent: restricting access to data and controlling it.

Over the NET, at your door

In 2006, a man named Peter Yuan Li was attacked by a group of men. Why? Presumably because Mr. Li (subsequently, Dr. Li) was a practitioner of Falun Gong, a spiritual movement, and an anti-censorship activist. Dr. Li maintained websites that criticise and go against the Chinese Communist Party (CCP) such as the Epoch Times, or of the book Nine Commentaries (series of essays criticising the CCP) that mainland Chinese are accessing through proxy technologies, in order to bypass the “Great Firewall”.

There is a catch however, Peter Yuan Li was a US citizen living in Atlanta at the time of the attack, and the assailants were believed to be CCP agents or thugs. The first reason this event is significant in Internet Censorship cases is due to its cross-country reach. Dr. Li was under the protection and juristiction of US laws, and yet the CCP managed to enforce their censorship in a country that is almost the polar opposite politics wise.

The second reason is due to the physical escalation of the situation. Usually electronic censorship is enforced by blocking network resources, it can all be done remotely without need for physical access if you control the network. However, since China does not control networks in US, they enforced the censorship by physical assault, and retrieved two laptops from Dr. Li containing resources and information he used for his activism. This also served as a demonstration that the Party can and will get you, Internet or not.

Sider on the web

When governments aren’t restricting data, then they are collecting it, and one of these examples is Kazakhstan. Nowadays, most of online privacy is assured using encryption, and encryption is accomplished using keys. These keys are validated by what is known as a certificate, and anyone possessing the certificate has access to the key and can decrypt content the key is associated with.

In 2015, the Kazakh government created such a certificate, that they named “national security certificate”, which the population would have to install on their devices for the government to be able to decrypt their secure (HTTPS / encrypted) internet traffic and thus spy on all Internet users. This plan was finalised in July 2019, where the certificate was rebranded as “Qaznet Trust Certificate” and Kazakh ISPs started requiring users to install this (root) certificate and intercepting all HTTPS traffic. Failure to install the certificate prohibits the user from accessing the Internet completely.

Following this action, organisations and companies providing web browsers such as Google and Mozilla announced that they would be blocking the Qaznet Certificate and asking users to use VPNs or use the Tor Network to access the Internet. The certificate mechanism is a core concept on which secure online communications are built on and is the reason why browsers and computers give multiple warnings and ask for confirmation about trusting certificates.

While the whole purpose of a root certification agency is to be large and “trusted” such as governments, Kazakhstan has made this a concept of the past, and has entered in the age of zero digital privacy. Once the government introduces a way to stop routed connections, no secure communication will be possible anymore.

Closing thoughts

While this was less an opinionated article and more about shortly summarising two cases that I think particularly stand out from the lot, it seems that a Net Neutrality is starting to derive from its original meaning.

While Net Neutrality used to signify that ISPs must treat all communciations equally (Khazakhstan abides by that in a twisted way), it now seems to also mean not having a tendency to dive into data restriction nor its antipode, data collection. And for the statisticians out there, doing both of them equally does not bring you to the center, it inverts the spectrum, which is topology, not statistics.