Rights Wire

The Human Rights Blog of the Leitner Center for International Law and Justice


Leave a comment

Using technology to fight terrorism and ensure human rights (part 2 of 2)

By Shruti Banerjee

Recent terrorist attacks in San Bernardino, Brussels and South Carolina have led government officials to increase pressure on major tech companies to take greater measures to help security agencies monitor terrorist activities. This has led to a vigorous debate on the issues of corporate responsibility, individual privacy rights and the government’s ability to monitor terrorist activities. This is the second post in a two-part series about technology, terrorism and human rights. This post will analyze the various positions in this debate, and consider the how the government and tech companies can work together to effectively combat the root causes of radicalization and terrorism while still upholding fundamental human rights.

THE ENCRYPTION DEBATE

With the rise of internet communications, terrorist groups have been using email, messaging applications, online forums and other internet tools to recruit members and plan attacks. Many government officials have firmly argued that tech companies must take greater measures to provide security agencies with data that will help them monitor this extremist activity.

But even if many companies wanted to comply, private messaging systems such as WhatsApp and iMessage automatically encrypt messages, meaning that they are secretly encoded and cannot be read without a key. Thus, companies cannot turn over messages to law enforcement because they have no mechanism of retrieving them. This predicament has sparked a fierce debate over how to monitor and combat terrorist activities on the internet. Many officials argue that tech companies there should create a backdoor—a way for a “secure” system to be accessed through coding or other vulnerabilities—in various applications for law enforcement officials to use when investigating criminal activity.

However, critics, including many leading figures in the tech industry, caution that creating a backdoor to encrypted applications may open a whole new can of worms. Tech companies point out that if any backdoor exists, hackers will eventually find it and reduce data security for all individuals. The BBC notes that if major companies were required by law to introduce back doors, terrorists would simply utilize other platforms, such as free add-on applications that automatically encrypt messages. This would make gathering information even more difficult for security agencies. A backdoor would leave services for innocent individuals far less secure, while dangerous people would be operating on systems that are even harder to gain access to. Furthermore, tech companies such as Microsoft, Google, Apple and Yahoo vowed to protect the privacy of their users from government surveillance by making encryption a default option after the NSA surveillance scandal in the US and UK. Opening up a backdoor would backslide on their promise and endanger individuals’ right privacy on the internet.

Aside from privacy and security concerns, the efficient use of these back doors would also be a challenge. While implementing a system that scanned every online message for extremist or terrorist keywords and hate speech is technically feasible, with approximately 1.3 billion internet users around the world, the number of cases that could be labeled as potential threats would be overwhelmingly high. This type of wide-scale reporting to authorities would be an immense undertaking for tech companies like Facebook, according to the BBC.

CURBING TERRORISM IN OTHER WAYS

Despite the impasse between the government and tech companies on the encryption debate, there are still a myriad of ways tech companies can and do cooperate with the government to help tackle terrorism. For example, Alan Woodward, a cybercrime consultant, says that encrypted messages can be useful in combating terrorist attacks because they still reveal metadata, such as information about who talked to whom and for how long. He explained that metadata was used to arrest the attackers who carried out the attacks in Paris in November 2015. Security agencies can use link analysis to figure out communication patterns and identify potential threats or sources of information.

Internet Protocol addresses (IP addresses), unique identifying numbers assigned to any devices connected to the internet, are also important in the fight against extremism and terrorism. Tracing the IP addresses of recruitment messages and their followers can help intelligence agencies determine the identities of supporters and potential recruits. Tech companies such as Google have complied with the government’s requests for IP address information and if tech companies continue to help track encrypted messages and IP addresses, they could contribute immensely to the fight for security.

When it comes to website content, tech companies could work to block, delete or monitor extremist and hateful content. Companies such as Google do not allow hateful content that incites violence or extremely “graphic or gratuitous” violent content on their platforms. This is usually taken to include violent videos of beheadings used by the Islamic State of Iraq and Syria (ISIS) as scare tactics and recruitment messages. However, since there is no algorithm that can prevent the uploading of violent or extremist content, companies are largely dependent on users to flag inappropriate content, which is typically removed within a few hours. Similarly, other tech companies do not have a mechanism to stop the creation of new extremist websites. While Europe is developing a police team specializing in monitoring ISIS terrorist activities and blocking jihadi sites online, developing a way to quickly delete or prevent the creation of these sites may be helpful. In instances when leaving websites or forums up may be helpful, tech companies and the government could work to monitor or infiltrate extremist groups to gather intelligence, as has already been done by Ghost Security Group, a hacker group committed to the fight against extremism.

HUMAN RIGHTS IMPLICATIONS

As human rights advocates have pointed out, if tech companies are pressured to lessen encryption, create backdoors for the government to investigate terrorist activities and hand over user data, it could be problematic for the basic privacy and free speech rights of many individuals. Many notable factors make it hard for the people to believe that turning over more data to the government will actually make society safer. Firstly, there has been significant mistrust of the government after the U.S. National Security Agency surveillance scandal was exposed by Edward Snowden. After this leak, governments around the world considered and passed pieces of legislation allowing for widespread surveillance of their populace. To address this issue, the United Nations General Assembly adopted resolution 68/167 in December 2013, which reaffirmed internet and technology users’ right to privacy in the digital age.

Secondly, even if the government is given users’ data, there is a good chance that they will not use it. Daryl Johnson, former Analyst at the U.S. Department of Homeland Security, pointed out that right-wing extremist groups were not being monitored effectively (or at all) in the U.S. despite the sharp increase in domestic terrorism carried out by right-wing groups. Right-wing terrorists, such as Dylann Roof and Timothy McVeigh, are known for leaving hateful online manifestos and plans of action. This information was public and the government had full access to it. Instances like these indicate that even if the government is granted access to personal information of individuals, there is no guarantee this data will be analyzed effectively and accurately.

Moreover, several national laws, such as the U.S. Patriot Act, already offer the government significant access to the online activities of individuals and have been criticized for their overreach and lack of privacy protection. After the Charlie Hebdo attacks, France passed a sweeping surveillance bill, similar to the U.S. Patriot Act, to which the U.N. Human Rights Council voiced serious concern for its lack of oversight. Prime Minister Manuel Valle responded to the passage of this bill by saying, “France now has a secure framework against terrorism.” The most recent attacks in Paris, which took place after this law went into effect, suggest that sweeping surveillance powers do not function as a “secure framework against terrorism.” Rather, tech companies and the government need to work together to create a safer system that helps monitor hate speech and terrorist recruitment methods while protecting individual privacy rights.

WHAT WE CAN DO

It is clear that reactionary measures will not prevent future terrorist attacks. U.S. Government forces killed Osama Bin Laden, but now has to contend with ISIS. Hundreds of jihadist sites and accounts have been shut down, just to see more accounts opened. The U.S. and France passed bills granting the government sweeping surveillance powers, which did not prevent the most recent attacks in Paris and San Bernardino. While we focus on foreign terrorist threats, right-wing extremist groups are allowed to organize with almost no oversight and consequences. Effectively combating terrorism will require a two-pronged approach: (1) the government must attack the root of the problem by understanding the socioeconomic conditions which create terrorist breeding grounds, promote recruitment and allow for certain threats to go overlooked; and (2) the government and tech companies must find a way to work together to enhance security and stop hateful speech while simultaneously protecting privacy and free speech rights.

David Mair, a cyber-terrorism researcher at Swansea University, told the BBC that poverty, social exclusion and a lack of positive role models for young Muslim men all drive radicalization. Tackling these core issues will help the West overcome credibility issues with potential extremist recruits and engage individuals in more meaningful ways. He explained that extremist groups are reaching out to alienated young men in the West and offering them an opportunity to join a brotherhood in Syria where they can fit in. Mair argued that this propaganda can be countered by demonstrating why life under ISIS is not utopian and how the religious arguments made by these extremist groups are false. The government must also act to counter the drastic increase in hate crimes against Muslims after the Paris attacks. These bias crimes further exacerbate racial and religious tensions, and promote further radicalization instead of combating the root of the problem.

In line with these actions, spreading truthful facts and thwarting hate speech is also necessary in combating terrorism. After a recent attack on a Planned Parenthood, the Governor of Colorado noted that it was time to tone down the rhetoric that “is inflaming people to the point where they can’t stand it, and they go out and they lose connection with reality in some way and commit these acts of unthinkable violence.” We must do more to monitor and stop right-wing extremism and hate speech that incites violence.

Responding with force after lives have been lost is a reactionary measure that will not eradicate the root of the problem. Our methods to combat terrorism have been failing, and we need to start attacking terrorism comprehensively, from implementing new ways to track terrorist activity online to preventing radicalization and the socioeconomic conditions that foster terrorist breeding grounds. Tech companies and the government can also work together to implement creative mechanisms that monitor important data and thwart hate or extremist speech. If tech companies keep moving in a socially-responsible direction and the government begins to effectively and accurately analyze the data they have, then the internet can become a powerful tool in preventing future terrorist attacks in a rights-respecting way. This type of private-public partnership, coupled with policies promoting education, health care, economic stability and human rights, will be the only effective way to prevent terrorism.

Shruti Banerjee is a 2L at Fordham Law School.

The views expressed in this post remain those of the individual author and are not reflective of the official position of the Leitner Center for International Law and Justice, Fordham Law School, Fordham University or any other organization.

Photo Credit: Yuri Samoilov/Creative Commons


Leave a comment

Exploring the links between technology, terrorism and human rights (part 1 of 2)

By Shruti Banerjee

The recent terrorist attacks in Belgium and France as well as the rise of right-wing violence in the U.S. have raised many questions about the role tech companies and internet service providers play in monitoring terrorist recruitment and activities. While some terrorists, such as Dylann Roof, who shot nine African-Americans in a South Carolina church, leave blatant manifestos online , others, such as the Islamic State in Iraq and Syria (ISIS) and right-wing groups in Europe, use the internet in more nuanced ways to recruit members and plan attacks. To effectively prevent terrorist activity we need to examine each of these methods.

This is the first in a two-part series about technology, terrorism and human rights. This post will explore how the internet has been used by terrorist groups to recruit members and plan attacks. A second post will discuss the corporate responsibility of tech companies in national security and human rights issues. It will also explore how people are using the internet to combat terrorism and how we can continue to prevent radicalization leading to attacks.

ONLINE RADICALIZATION AND RECRUITMENT

Understanding how technology has transformed the way we communicate is particularly important in an era when internet communication and mass messaging have been used as tools by militant organizations such as ISIS and domestic right-wing terrorist groups to promote their message and recruit new members.

Recruitment methods used by extremist Islamic groups are more nuanced and refined than blatant proclamations to support terrorist organizations. David Mair, a cyber-terrorism researcher at Swansea University, collaborated with the University of Massachusetts’ Center for Terrorism and Security Studies to analyze jihadist messages in online terrorist magazines. He notes there are key differences in ideology that drove messaging – most notably between the Islamic State and Al-Qaeda: while ISIS’ propaganda promotes the creation of a state governed by Sharia law, Al-Qaeda’s message typically focuses on jihad against oppressive western nations and promoting individuals to act alone in planning and executing attacks. These recruitment and attack planning methods are fundamentally different and require separate countering strategies, Mair said.

Muslim extremists have used various types of subtle propaganda to recruit members, such as promoting news stories of Western oppression and disguising extremist sites as religious sites. In an interview with the BBC, Sajid, a 16-year-old student in London whose brother was radicalized discusses how he was almost radicalized too. He opened a fake twitter account to learn more about ISIS after his brother left for Syria to join them. He told BBC over an encrypted chat application that he was surprised that no one in ISIS actually told him to support ISIS or move to Syria. The process of radicalization happened when he watched videos and encountered messages about Sunni oppression. This propaganda is used to incite anger in its viewers and create a community. Sajid said he caught himself becoming “heart-hardened” by this propaganda, but was eventually able to reject ISIS’s message. “After reading about Shia crimes against local Sunnis, I remember watching a video of an execution of an Iraqi soldier and thinking, ‘Good.’ This shocked me afterwards…I questioned my conscience, and my results were that I did not support ISIS with my heart at all,” Sajid said in the interview.

This type of subtle propaganda makes it more difficult to discern and dissuade potential recruits because actual news of attacks can be used as propaganda. Since it would pose a freedom of speech issue to censor these types of news stories, governments have a hard time cracking down on radicalization and recruitment. Monitoring and curbing extremist propaganda becomes even more complicated when it comes to religious messages aimed at recruiting young women and men. Extremists target young adults through websites posing as educational in nature, Sara Khan, Director at the anti-extremist group Inspire, explained to BBC News in an interview. Youth innocently searching for information about their faith can be unaware they have stumbled across extremist groups, Khan said. These recruitment sites often utilize religious language to convince the reader that their view is the proper interpretation of Islam. They exploit religion to recruit youth who have not learned much about their faith and cannot critically analyze the extremist interpretation.

Xenophobia in western countries and promises of a utopian state are other tools used by terrorists to recruit members from the west, Qari Asim, Senior Imam at Makkah Mosque in the United Kingdom, said in an interview with BBC. He recently visited Calais, a make-shift refugee camp in France, and met refugees who fled ISIS-controlled regions. These refugees explained that some young Muslims are leaving Britain to join ISIS because they didn’t feel like they belonged in England. According to Asim, ISIS is running a “sophisticated media strategy” to promote an anti-establishment view that appeals to many young people. He and his group are actively trying to prevent recruitment by utilizing social media strategies to engage with young people and spread truthful messages exposing the unpleasant realities of life under ISIS and combating xenophobia in the west.

Right-wing terrorist groups in Europe and the United States have used similar nuanced methods to spread their propaganda. Right-wing groups use the internet and technology to recruit members, create “virtual communities,” organize demonstrations and campaigns and promote violence. Like religious extremist organizations, these groups are targeting the youth and using the anonymity of the internet as cover. Essentially, they are trying to gain support by promoting “distorted accounts of social circumstances” on the internet, according to a report by the domestic intelligence service of Germany, Bundesamt für Verfassungsschutz (BfV). This report goes on to explain that controversial topics, such as immigration policy, are covered from an ideological point of view, making the intentions of the extremist less obvious to many readers.

Furthermore, right-wing extremist groups are often allowed to organize and disseminate their propaganda without much push-back from the government. In fact, the U.S. government has tended to focus on foreign terrorist threats, despite how domestic terrorism has killed more Americans since 9/11. Especially in the U.S., there is virtually no monitoring of right-wing extremist groups. The wide availability of this right-wing extremist propaganda and manifestos on the internet has led to radicalization and even attacks, such as Benjamin Smith’s shooting spree targeting minorities in Illinois and Indiana in 1999.

MASKING THEIR TRACKS

Extremists are cautious about internet security while using social media, blogs and video sites to recruit members and mobilize. ISIS militants avoid using high-profile communication companies, such as iMessage or WhatsApp, Peter Sommer, a digital forensics expert, told the BBC. Rather, terrorists efficiently find systems that offer its users simple ways to use encryption, a way of encoding messages so that only authorized people can read them, Sommer said. BfV reported that right-wing extremist circles have also started offering internet “security trainings” to teach others how to encrypt data.

Similarly, jihadi bulletin boards are filled with posts about free application add-ons to encrypt messages, Alan Woodward, a security expert, told the BBC. These encrypted messages pose a large hurdle for government agencies trying to monitor extremist activities and prevent attacks. The availability of encrypted systems makes the government security agencies crackdown “absolutely pointless” because terrorist are using off the record protocol, providing them end-to-end encryption, Woodward explained. This means that it is incredibly difficult for anyone, including tech companies providing these services, to intercept and decode the message.

Going after big tech firms would not entirely solve the problem, Woodward said, because even if these companies stopped providing off the record protocol, there are numerous sites providing free add-ons to encrypt messages. Since these encrypted messages are significantly harder to monitor than open manifestos, this has led to a contentious debate between tech companies who provide these services and the government who needs to stop terrorist activities about the responsibility of private companies in the fight against terrorism.

CONCLUSION

From New York to Bombay and Paris to Beirut, we can all fall victim to the devastation caused by terrorism, which poses a significant threat to security, stability and human rights. Our socioeconomic status and borders cannot protect us, leaving us all united under a common threat. The pervasiveness of this threat makes it even more important to understand how we can effectively stop it. This could mean countering the various recruitment methods used by extremist groups or urging the government and tech companies to work together to monitor terrorist activities on the internet. The second post in this series will discuss the debate between tech firms and the government over access to encrypted messages, privacy concerns and collaborative, rights-respecting solutions to some issues posed by terrorism.

Shruti Banerjee is a 2L at Fordham Law School.

The views expressed in this post remain those of the individual author and are not reflective of the official position of the Leitner Center for International Law and Justice, Fordham Law School, Fordham University or any other organization.

Photo Credit: Bernardo R/Creative Commons


Leave a comment

“How I learned to stop worrying and love the Stuxnet”: U.S. and China seek common ground in regulating cyberwarfare

By Meric Sar

“Dr. Strangelove: Of course, the whole point of a Doomsday Machine is lost, if you keep it a secret! Why didn’t you tell the world, EH?

Ambassador de Sadesky: It was to be announced at the Party Congress on Monday. As you know, the Premier loves surprises.”

Dr. Strangelove, 1964

Chinese President Xi Jingping’s recent visit to U.S. may be paving the way for the super powers to enter into a mutual arms control agreement in relation to cyberwarfare, the first of its kind. Considering cyberwarfare and its regulation have grave implications for freedom of expression, the right to privacy, net neutrality and security of persons, human rights advocates should keep a close eye on this development.

On Sept. 25, in a press conference, President Barack Obama and President Xi declared their governments’ mutual intent to establish greater cooperation in fighting cybercrime. They vowed to refrain in the future from harboring malicious cyberactivities targeting the other’s information and communication systems. Remarkably, the parties also declared their interest in exploring the prospect for an international code of conduct applicable to states in relation to cyberwarfare.

This comes after the world witnessed the rapid development of cyberwarfare methods in the last decades. The risks posed by cyberwarfare makes its disruptive potential perhaps only comparable to nuclear weapons. Indeed, the dependency on information and communication technologies at all levels of modern life—from the power grid to satellites, banking systems and medical facilities—makes a cyberapocalypse a scary possibility when governments are willing to spend vast resources on malicious technologies to gain the upper-hand in a wartime scenario.

“YOU SHALL NOT HACK YOUR NEIGHBOR!”

Although it is premature to talk about a conclusive agreement, the common agenda of the U.S. and China at the recent talks had three main points: (1) greater executive cooperation in information sharing; (2) a greater commitment in policing domestic perpetrators of cyberattacks and refraining from providing any support to these groups; (3) and developing an international code of conduct for states to follow in relation to the regulation of cyberwarfare.

Both countries are already on the way to creating an executive system for information sharing and mutual assistance in the investigation of cybercrimes concerning malicious activity identified by either side. Furthermore, they will establish a high-level joint dialogue mechanism with the involvement of the intelligence community, which will be charged with the monitoring and reviewing this system.

Moreover, both heads of state also declared their commitment to “making common effort to further identify and promote appropriate norms of state behavior in cyberspace within the international community,” and agreed to create a senior experts group to develop a framework with the July 2015 report of the U.N. Group of Governmental Experts in the Field of Information and Telecommunications in the Context of International security in cyberspace in mind.

The U.N. experts report reflects a multilateral understanding on certain norms, the majority of which were proposed by the U.S. Some of these include that states should not knowingly damage each other’s critical infrastructure using cyberattacks, should not target each other’s cyber-emergency responders in case of an emergency, and should assist other nations investigating cyberattacks and cybercrimes launched from their territories.

THE COSTS OF CYBER-WARFARE

In its simplest form, a cyberattack is conducted for purposes of espionage with an aim to break into someone else’s IT system, most often with an aim to retrieve trade secrets and other confidential information. Although cyber-espionage may seem to be a simpler form of cyberwarfare, its asymmetrical nature makes it particularly troublesome for an economy like that of the U.S., which relies heavily on advanced technological know-how. A single act of cyber-intrusion may result in tremendous losses in the form of leaked trade secrets and intelligence. Often, the financial impact of the attack will greatly outweigh the marginal costs necessary to facilitate such an act, which can be orchestrated by few hackers with modest resources. Furthermore, using moderate technical measures, the source of a cyberespionage attack can easily be cloaked. An important characteristic of the internet in China is that telecommunications infrastructure enabling online access routes are mostly owned by the government. This makes it essential for U.S. to gain access to the monitoring capacities of the Chinese government to be able to investigate and punish cyberattacks by Chinese individuals targeting U.S.

According to the chief of the NSA, General Keith Alexander, the loss of industrial know-how and related intellectual property through cyber-espionage constitutes the “greatest transfer of wealth in history,” as U.S. companies reportedly lose about $250 billion per year through intellectual property theft, and $338 billion due to cybercrime in general. Recently, China was also identified by the F.B.I. as the chief suspect for various cyberattacks, which exposed sensitive personal information of millions of U.S. government employees. The massive scale of the economic loss and national security vulnerability associated with cyber-espionage originating from China makes it an utmost priority for Obama administration to pull China into a fair game.

“ZERO DAY” WARFARE

Although some commentators are skeptical about whether China can be trusted to honor its commitment to refrain from state-sponsored cyber-espionage, an international regime of stability with regards to cyberspace is equally indispensable for a country like China, especially considering its ever-growing reliance on information technology systems to be able to sustain its economic development. This is where “zero day” cyberwarfare, the exploitation of unpatched software vulnerabilities that cannot be defended against, poses disturbing risks for China. Thus, China may greatly benefit from stronger cooperation with U.S. authorities and their unmatched capabilities in cyberwarfare so that it can develop state-of-the-art defense mechanisms.

A “zero day” attack is a form of cyber-sabotage that exploits a previously unknown (or undisclosed) vulnerability in a computer application. Often the developer of the application may not be aware of a “zero day” vulnerability in the software or application that he or she has designed. It is known as a “zero day” vulnerability because once the flaw becomes known and exploited, the developer of the computer application has zero days to mitigate its exploitation.

Normally, when a cybersecurity expert reveals a “zero day” vulnerability in a particular software, he or she should communicate the vulnerability to the software’s developer so that the developer can devise a method to fix the vulnerability and protect its clients from abuse. Avoid doing this, and the unfixed vulnerability will render other computers installed with the same software prone to attack from criminal hackers, corporate spies and foreign intelligence agencies, who may have obtained the knowledge of the vulnerability through other means.

A cyberattack that uses “zero day” vulnerabilities of operating systems could seamlessly take down a whole factory or nuclear plant. The most famous computer virus using “zero day” exploits was discovered in 2010, and was given the name Stuxnet. Stuxnet is believed to originate from a secret collaboration between the U.S. and Israeli governments. It was designed to damage certain nuclear facilities in Iran by infiltrating the targeted computers at the facilities in an effort to curb Iran’s nuclear enrichment activities. The virus relies on previously unknown vulnerabilities of operating systems, and can spread across a computer network without notice, infecting all the computer systems it encounters. The virus stays dormant until it reaches its target computer, at which point it can be activated to disrupt the computer’s system without revealing itself to the victim. Reports claim that the concept for Stuxnet originated from the renowned cyber-strategist General James E. Cartwright, who was the head of the U.S. Strategic Command, the agency responsible for nuclear deterrence, under the Bush Administration.

“DON’T ASK, DON’T TELL!”

Disturbingly, for a long period of time the N.S.A. followed a deliberate “nobody but us” policy restricting its officers from disclosing any “zero day” software vulnerabilities they reveal in the software they are using. Under this policy, when a NSA employee uncovers a “zero day” vulnerability on a piece of software (e.g. in the current version of Microsoft Windows), he or she has to keep the information secret in order to afford U.S. authorities a security hole in the systems of its adversaries that are using similar software. This policy has given U.S. government considerable advantage in “zero day” warfare methods.

Although the U.S.’ “nobody but us” policy may sound like an effective strategy to secure the upper hand for “offensive” purposes, it is far from convincing as a policy for maintaining “security” at home. Instead of encouraging transparency and timely dissemination of information to stakeholders in public and private industries in order to tackle technological vulnerabilities in a coordinated fashion, the NSA’s strategy relies on obscurity and informational asymmetry, rendering the national security itself open to abuse by malicious insiders or hackers.

The advances of the U.S. in “zero day” cyberwarfare do not mean that the U.S. has the sole monopoly over such tools either. In fact, Stuxnet is open source technology—meaning that currently anyone can download the source code and modify it for their own purposes.

A BEHAVIORAL EQUILIBRIUM

The current state of cyber-affairs can be compared to the intense period of nuclear armament that preceded the Limited Nuclear Test Ban Treaty, the signing of which took 18 years following the Hiroshima disaster. Perhaps we are approaching a behavioral equilibrium for super-powers in a way resembling the logic of the Cold War. Considering the mounting current costs and future risks for both China and the U.S. posed by an unregulated cyberspace with irresponsible actors, there is a large incentive for establishing rules that are internationally respected.

Cyber-attacks do not only target governments and corporations. NGOs and activists are also regular targets of such attacks. However, U.S.-China discussions thus far have failed to address such non-commercial civilian concerns. An international treaty on cyberspace may be an important first step. However, without addressing important civil issues such as free speech and net neutrality, international cyberspace law will not go far from merely representing the “policing” concerns of governments and intellectual property corporations. We must be wary of such a scenario as it will likely cause the internet to lose its truly “international” character and result in the fragmentation of internet into “fiefdoms” behind national walls.

Meric Sar is a Staff Writer for Rights Wire.

The views expressed in this post remain those of the individual author and are not reflective of the official position of the Leitner Center for International Law and Justice, Fordham Law School, Fordham University or any other organization.

Photo credit: Chris Robers/Defence Images