Last November, volunteers with a group called Pakistan for All filmed a man wandering the streets of Karachi wearing a cloth-covered cardboard box over his torso. The box was painted on four sides with YouTube logos, a silver TV antenna affixed to the top. He held a hand-painted sign: “Hug me if you want me back.”
Using The Jackson Five’s “I Want You Back” as a soundtrack, filmmaker Ziad Zafar created a short and cheeky video featuring men, women, and children hugging the YouTube mascot in locations around Karachi. “God, please let them open YouTube,” one young man said to the camera. Another complained that his personal channel was now inaccessible: “I used to have so many videos.”
YouTube has been blocked in Pakistan since September 2012, when Google, the video platform’s parent company, turned down a Pakistani government demand to censor the now infamous “Innocence of Muslims” movie trailer, which triggered outrage—and in some cases deadly violence—across the Islamic world.
Some of Pakistan’s more tech-savvy Internet users, mainly university students and hard-core denizens of Internet cafés, have figured out how to use what are known in the technical world as “circumvention” technologies (specialized software tools and services including “proxy” services and virtual private networks or VPNs) to get around the blockage. But these people are a dedicated minority.
In Pakistan, the ban has made it more difficult for families to share videos of pets and children with relatives overseas, and for small businesses to advertise their products and services cheaply. But Zafar says that the government’s wholesale censorship of YouTube has also deprived civil liberties groups like Pakistan for All—which he described in an email as a “citizens collective working to organize against religious and state fascism”—of their most effective channel for disseminating information. “While we strive to fight terrorism, we have to remain extra vigilant about our civil liberties, so many of which have been eroded in the past decade. In the case of the Internet, this has started happening relatively recently.”
Commercial sovereigns like YouTube’s parent company, Google, are the new arbiters—sometimes censors, sometimes champions—of a large and growing percentage of citizen speech all over the world.
Public frustration over YouTube censorship in Pakistan is just one of many points of worldwide friction between old and new information sovereignties: sovereign nation-states versus globally networked commercial “sovereigns” of cyberspace. These commercial sovereigns like YouTube’s parent company, Google, are the new arbiters—sometimes censors, sometimes champions—of a large and growing percentage of citizen speech all over the world.
YouTube has no physical presence in Pakistan. The Pakistani government has no control over which videos appear on the service or who uploads those videos. Indeed, prior to the decision to block YouTube in 2012, Pakistani Internet users’ interactions with YouTube were not “governed” by their own government. Instead, a private form of governance, exercised by the platform and its parent company through terms of service, privacy policies, community guidelines (including rules about hate speech, gratuitous violence, pornography, etc.), and the decisions of Google’s engineers, programmers, and designers, became the sole arbiter of what Pakistani users and viewers could or couldn’t do on the site.
Google’s decision that the “Innocence of Muslims” video did not violate its own rules on hate speech was a de facto act of governance. As are its daily decisions to remove pornographic or violent content, even though such content is not illegal in many of the jurisdictions it serves, including the United States, where it is headquartered. By agreeing to the company’s terms of service when creating an account, users have consented to this private system.
The global reach of Google, Facebook, and other corporate giants has been illustrated by two Internet mapping projects based on publicly available data from the web analytics company Alexa. Twice yearly since 2009, the Italian social media strategist Vincenzo Conseza has published a “World Map of Social Networks,” assigning a color to each country based on which social networking platform is most popular there. Over four years, Conseza’s map evolved from a multicolored mosaic to a sea of blue, representing Facebook: “[Zuckerberg’s] baby is the dominant social network in 127 out of 137 countries analyzed,” Conseza writes.
The map displays only five other splotches of color, covering ten countries: QZone in China, run by the Chinese company Tencent (Facebook is blocked in China); Cloob in Iran, which also blocks Facebook; the Russian-language platforms Vkontakte and Odnoklassniki (most of the Russian-speaking former Soviet empire does not block Facebook, but Russian networks dominate for other reasons, including commercial and cultural ones); and the Latvian social network Draugiem, which has managed to hold its own due also to linguistic reasons and those of commercial strategy.
The second map, published in September 2013 by the Oxford Internet Institute and called “The Age of Internet Empires,” reflects the “evident dominance of two companies,” using a different color for the website most frequently visited in each country. Countries where Google is the most visited website were colored red and countries where Facebook is most popular were colored blue. Most of the world is a sea of red and blue. Only six countries on the planet were assigned any other color: China (where, in addition to Facebook, many Google search results are blocked, rendering the site difficult to use) is colored green, representing the Chinese search engine Baidu. Russia is orange, reflecting the dominance of Yandex, the Russian search engine and web portal.
The second-most-visited websites in each country further illustrate Google’s global power. According to the study, among the fifty countries where Facebook was the most visited website, thirty-six had Google as the second-most-visited site, and the remaining fourteen countries had YouTube (owned by Google). Indeed, a month before their map and report were published, on August 16, 2013, a five-minute outage of Google services caused a 40 percent drop in world Internet traffic.
Unfortunately, the spread of Google and Facebook—along with other digital empires, including Yahoo!, Microsoft, and Twitter—hasn’t resulted in equal online freedom for all users. These companies could not have achieved such power and reach, and would not be able to continue to expand, without making a variety of compromises with the sovereign governments of physical nation-states. The result has been a complex web of arrangements regarding censorship and surveillance based on linguistic, religious, political, and legal environments.
Not only did Google turn down Pakistan’s request to censor “Innocence of Muslims,” it turned down those of eight other governments. But it complied with India’s request to censor the very same video, along with similar requests from seven other countries: Indonesia, Jordan, Malaysia, Russia, Saudi Arabia, Singapore, and Turkey.
The countries in which Google agreed to block domestic access to the trailer were among the sixty-one in which YouTube has rolled out “localized” versions, meaning that Youtube has placed its content under that country’s legal jurisdiction. It has chosen to do this for reasons including: to avoid being blocked; to set up an office or hire staff in a given country; and to carry out commercial transactions (such as advertising sales) locally.
In Pakistan, Google has no offices. In India, it has four operating under an Indian subsidiary, Google India Private Limited. According to Google’s transparency report, which documents the number of requests the company receives from various governments and what percentage it complies with, Google receives a substantial number of government requests (court orders as well as “other” executive and police orders, etc.) from India. India has asked to remove content from a range of different services, including Web search, Orkut, Picasa, Gmail, Google Docs, and others. Between January and June 2013, Google received sixteen court orders requesting removal of forty-two pieces of content in India, and complied with 38 percent of those requests. During the same period, Google received 147 other requests (executive, police orders, etc.) to remove 672 pieces of content, and removed 18 percent of those. Fifty-six of those latter requests were for the removal of 423 YouTube videos. Of those requests, eighteen were honored with the removal of some or all items “in accordance with local law,” while in four other instances Google reports that video was removed because it was found to be in violation of YouTube’s community guidelines.
Google tailors its interactions with governments, choosing which services to place under whose jurisdiction based on commercial opportunities, legal risks, and its wish to promote a global brand image imbued with freedom [and] openness.
While YouTube is not localized for users in Pakistan, Google’s search engine is, at google.com.pk (managed from an office in another country). According to Google’s transparency report, since 2009 Google has complied with three requests from Pakistani authorities to remove content that violated Pakistani law. In the January-June 2013 reporting period, it received and complied with one request, with the reason listed as “adult content.”
In addition to censorship requests, Google also receives requests from governments to hand over information related to the accounts and activities of specific users, including the contents of accounts, communications, and other private information. These are also documented in Google’s transparency report, which indicates that it has neither received nor entertained any surveillance requests from Pakistani authorities. India is different. From January to June 2013, Google received 2,691 requests for data pertaining to 4,161 users. It complied with 64 percent of those requests—which means that 36 percent of the time Google’s lawyers determined that the company had the right under Indian law not to comply.
Google thus tailors its interactions with the governments of different countries, choosing which services to place under whose jurisdiction based on commercial opportunities, legal risks, and its wish to promote a global brand image imbued with freedom, openness, and globally interconnected communications.
Pakistan’s free speech and human rights advocacy community is concerned that if Google localizes YouTube in Pakistan, politically influential religious groups could manipulate the government’s censorship demands in a way that would squeeze out speech that contradicts a conservative Islamic worldview.
A Pakistani NGO, Bytes for All, has taken the government to court over its YouTube ban, arguing that the ban violates the Pakistani people’s constitutional rights to freedom of speech and access to information. As the case inches forward in the Lahore High Court, the executive branch is apparently feeling pressure—thanks to campaigns like Ziad’s video—to unblock YouTube before a court ruling is made. Late last year the minister of information technology, Anusha Rehman, announced plans for a new ordinance that would grant Google immunity from liability for blasphemous content posted by its users. This action, she claimed, would clear the primary obstacle for a localized version of YouTube: “Google will easily be able to block blasphemous content on the request of the Pakistan government.”
While Google has not commented publicly on these statements, people with inside knowledge of the situation insist a deal is not imminent. “There is no arrangement between the company and the government, unlike the perception the government is projecting,” Farieha Aziz, director of the nonprofit advocacy group Bolo Bhi, told the Index on Censorship in December.
Across the border in India, Google (alongside other global Internet giants) has faced off against the Indian government in heated court battles over censorship and is actively lobbying for reform of laws that it believes enable the government to demand overly broad censorship. For example, Section 69 of the 2008 Information Technology (Amendment) Act empowers the government to direct any Internet service to block, intercept, monitor, or decrypt any information through any computer resource. Company officials who fail to comply can face fines and up to seven years in jail. In April 2011, the Ministry of Communications and Information Technology issued new rules under which Internet companies are expected to remove within thirty-six hours any content that regulators designate as “grossly harmful,” “harassing,” or “ethnically objectionable”—designations that are open to a wide variety of interpretations and that free speech advocates argue have opened the door to abuse.
Google has made a different set of decisions about the terms on which it engages with India than it has about Pakistan. While this likely has much to do with the size and potential of India’s market, that is by no means the full explanation. If it were, Google would have tried harder to accommodate the Chinese government in exchange for access to the world’s largest and fastest-growing Internet market.
Between 2006 and 2010, Google ran a localized version of its search engine in China, but chose not to localize YouTube (which has long been blocked in China) or any of its other services. In exchange for not being blocked or otherwise disrupted by government-controlled Internet service providers, google.cn was obliged to operate under Chinese government censorship rules, which require the deletion of large volumes of political and religious content. However, in 2010, after suffering what it believed was a state-sponsored attack on its global email service, Google decided it was no longer in the company’s interest to censor google.cn in accordance with Chinese government requirements. The Chinese search service’s operations were relocated to Hong Kong, whose British-style legal system does not empower the same sort of sweeping political censorship demands.
Unlike China, India is a democracy. There, Google’s lawyers have spent countless hours fighting court battles in a judiciary system with a tradition of independence from the legislative and executive branches of government. The Indian press and blogosphere are engaged in fierce debates about domestic laws related to Internet censorship and surveillance, including what role global Internet companies should be allowed to play in India’s society and economy. A number of Indian nonprofits and law firms have defended free expression and privacy and are pushing for legal reforms. Compared to Pakistan, India’s political and legal institutions and traditions—while imperfect, as are those of any democracy—contain more robust checks and counter-balances against the possibility of a sudden military coup or a takeover of government by religious extremists.
Google’s calibrated approach to its international relations has evolved over the past decade, as it has expanded globally. Making their first forays into Europe in the late ’90s, Yahoo! and Google faced demands by the German and French governments to censor content related to Naziism and Holocaust denial—speech that is constitutionally protected in the U.S. but was made illegal in those countries by democratically elected legislatures.
But what about the laws of authoritarian governments that result in the violation of Internet users’ rights—as enshrined in the International Declaration of Human Rights and other international human rights law—to receive, create, and disseminate information critical of the regime?
But what about the laws of authoritarian governments that result in the violation of Internet users’ rights—as enshrined in the International Declaration of Human Rights and other international human rights law—to receive, create, and disseminate information critical of the regime? In 2005 and 2006, Yahoo! came under fire from human rights groups, the Western media, and the U.S. Congress when its China-based staff complied with government requests for the account information and email contents of several Chinese dissidents, who were then jailed. Around the same time, Microsoft was condemned for complying with demands to censor a Chinese blogger, and Google’s launch of google.cn in early 2006 was controversial.
In 2006, executives from all three of those companies began to attend a series of closed-door meetings convened by Harvard, Berkeley, and the Washington-based nonprofit Center for Democracy and Technology, sitting down for often heated discussions with representatives of human rights groups, socially responsible investment firms, and academic researchers with specialized country, technological, and legal expertise. The result was the launch, two years later, of the Global Network Initiative (GNI), built on a set of human rights principles that member companies pledged to uphold in the face of government demands that contradict international human rights norms related to free expression and privacy. Member companies signed on to a set of implementation guidelines and a process of independent assessment to certify whether the companies are implementing the principles to a meaningful degree. They also receive confidential advice from other GNI “multi-stakeholder” participants, including academic, NGO, and investor constituencies, on assessing human rights risks and dealing with mistakes.
Companies aren’t required to reject or ignore all government censorship and surveillance demands to be GNI-compliant. Indeed, even the human rights groups that belong to GNI recognize that nearly every country on earth occasionally makes demands that violate Internet users’ rights. If a company were to make a blanket commitment to never comply with any government censorship or surveillance requests, it would be able to do business precisely nowhere. That does not mean that companies are absolved of human rights responsibilities or of complicity in censoring speech and violating private communications in ways that go against international human rights law. Rather, GNI companies are expected to take a number of steps to minimize complicity in rights-violating censorship or surveillance. These include evaluating the human rights situation in a given jurisdiction before localizing any given product or service—and continuing to reevaluate that situation as circumstances change—implementing a process for assessing government requests, and being as transparent as possible with their users about what is being censored and at whose behest, and what data is being collected and how it is shared with whom.
Very few companies have formally joined the GNI. Aside from Google, Yahoo!, Microsoft, and Facebook, the remaining three members are not household names: Evoca, Procera, and Websense. A few other Internet companies with global operations, most notably Twitter, have developed policies that are similar to those of the GNI—specifically when it comes to managing decisions about which jurisdictions to operate in and how to handle government requests, as well as transparency reporting. But by not joining the GNI, there is no independent verification of their claims.
Despite its limited membership, the GNI and its member companies have managed over the past decade to develop what has come to be accepted as “best practice” (or perhaps “least bad practice”) regarding how global Internet companies should interact with governments.
Application of these “best practices” earned a passing grade for Google, Microsoft, and Yahoo! in a 2013 GNI assessment. This is not a perfect solution, but it does represent accountability against the ugliest type of digital imperialism in which the rights of a corporate empire’s most far-flung and powerless inhabitants are shunted aside as a result of opaque deals with authoritarian governments.
The credibility of such “best practices” was challenged in June 2013 when the former CIA analyst Edward Snowden started leaking detailed information about the extent to which NSA was spying on Internet users via corporate-run Internet and telecommunications services, including GNI members. U.S. law prevents U.S.-based Internet companies from including data about the number of NSA requests they receive. Furthermore, until the Snowden leaks rendered them moot, government gag orders prevented companies from telling the public that such requests existed at all; executives faced prison if they failed to comply.
In the United States, civil liberties and human rights groups, along with a handful of elected politicians, have been pushing for nearly a decade to reform surveillance-related national security laws, which many believe have produced a system that is opaque and lacks public accountability, and disregards the rights of Internet users living outside the U.S. Even so, the magnitude of the NSA’s collection and access—and the extent to which government agents have effectively “hacked” into corporate systems—is shocking.
While there has been debate as to whether NSA surveillance is in itself constitutional or sufficient to protect Americans’ privacy rights, what protections do exist only pertain to “U.S. persons”: U.S. citizens and others residing in the United States. Neither the law nor U.S. intelligence agency practices have made any pretense of respecting the privacy rights of non-U.S. persons, rights enshrined in Article 12 of the Universal Declaration of Human Rights and Article 17 of the International Covenant on Civil and Political Rights.
Viewed through the lens of the nation-state—whose job is to protect those who live within its borders—a legal distinction between “U.S. persons” and everyone else arguably makes sense. Viewed from the perspective of companies that are headquartered in the U.S. but whose long-term commercial success depends on international expansion, such a two-tiered (or two-class) approach to Internet users’ rights is poisonous.
Responding to the news that the NSA not only subverted encryption technologies used to protect user data from theft or snooping, but even tapped into companies’ communications cables, Microsoft General Counsel and Executive Vice President Brad Smith called the agency an “advanced persistent threat” to Microsoft’s business. After hearing government reassurances about processes that limit NSA access to data collected on Americans, Facebook founder Mark Zuckerberg quipped: “Oh, wonderful: that’s really helpful to companies trying to serve people around the world, and that’s really going to inspire confidence in American Internet companies.”
Last June, eighty-nine civil society groups from all over the world (including India and Pakistan) published an open letter to the U.S. Congress which, among other things, condemned the “contradiction” in the U.S. government’s stated commitment to applying international human rights norms to the global Internet while it simultaneously affords no privacy rights protections to non-U.S. Internet users. “Human rights are universal, and every government must refrain from violating them for all people, and not merely for its citizens,” they wrote. “We strongly advocate that current and future legal provisions and practices take this fact into due consideration.”
“Dear NSA, We Have Rights Too,” exclaimed a blog post by the Pakistani advocacy group Bholo Bhi, announcing that it had signed the open letter. According to one of Snowden’s leaks, Pakistan is the second-largest target of NSA surveillance, after Iran. In India—which is the fifth-largest target of NSA surveillance—the Bangalore-based Centre for Internet and Society (CIS Bangalore) asked: “How are Indians supposed to control their data, and thus their lives, when it is being stored in foreign servers and the U.S. has the ‘right’ to tap into that data?”
On January 17, President Obama said that his administration would work with Congress to change the law so that companies would have more scope to report on national security requests. He also committed to stop spying on the leaders of U.S. allied nations and suggested that protections for non-U.S. persons would be increased. Yet the White House gave no details, leaving companies and privacy advocates to conclude that they must now lobby Congress for substantial changes in the law.
Many governments have responded to Snowden’s NSA revelations with calls for “data sovereignty,” meaning that data belonging to their citizens should be stored within their borders. This could result in international Internet services fully localizing their operations to the extent that even their data servers must be located in that country. But while this might solve a jurisdictional issue, what does it mean for the privacy and freedom of expression of the people residing in that jurisdiction?
Civil society groups in many of these countries are concerned that the result will be a net negative. As Pranesh Prakash of CIS Bangalore wrote last June: “To the best of my knowledge, no Indian Web company has ever challenged the government in court over a privacy-related matter. Actually, Indian law is far worse than American law on these matters. In the U.S., the NSA needed a court order to get the Verizon data. In India, the licenses under which telecom companies operate require them to provide this. No need for messy court processes.”
Given how even the global giants tailor their services to different countries, the popular notion of a “borderless” global Internet has always been a myth.
Human rights advocates in India and Pakistan and many other parts of the world also worry that if the U.S. persists in its current practices, their governments will point to America as justification for opaque and unaccountable surveillance. Pakistan’s Bolo Bhi warns on its blog of “grave repercussions on policy and lawmaking in countries that have had a more ‘regressive’ view on these subjects. In all likelihood, advocates will be told: If they can, why can’t we?”
The answer, according to many of those who signed the letter to the U.S. Congress, is to convince a critical mass of governments to reform their practices according to a global standard. Last year a coalition of 354 groups from all over the world launched a set of thirteen “Necessary and Proportionate” principles on the application of human rights to communications surveillance. As of now, however, not one government has signed on to these principles.
Internet companies also share the blame in creating the gold mines of data. As the security expert Bruce Schneier puts it, “Surveillance is the business model of the Internet.” Companies like Google and Facebook, whose core services are free, profit by collecting and then selling information about users to advertisers.
Inadequate privacy protections are compelling people—from India and Pakistan to the United States and Western Europe—to limit the ways in which they use the Internet, thus affecting their ability to exercise their right to free expression.
Given how even the global giants tailor their services to different countries, the popular notion of a “borderless” global Internet has always been a myth. The reaction by governments to the Snowden revelations—followed by the desire of many of these governments to take advantage of the situation to assert greater sovereignty over their citizens’ digital lives—indicates it is likely that the “bordering” of the Internet will continue at an accelerated pace, even if global Internet companies continue to expand.
The good news from India and Pakistan is that a growing community of activists there are committed to holding everyone’s feet to the fire—in the courts and on the streets, through serious research and advocacy and through viral art. They are one part of an expanding global movement that—thanks to the Internet—increasingly coordinates and connects.
Rebecca MacKinnon directs the Ranking Digital Rights project at the New America Foundation. Author of Consent of the Networked: The Worldwide Struggle For Internet Freedom (Basic Books, 2012), she is co-founder of the citizen media network Global Voices Online and an adjunct lecturer at the University of Pennsylvania Law School. MacKinnon is a founding board member of the Global Network Initiative and serves on the board of directors of the Committee to Protect Journalists. In the late ’90s and early ’00s she was CNN’s bureau chief and correspondent in Beijing and in Tokyo. She now lives in Washington, DC.
To contact Guernica or Rebecca MacKinnon, please write here.