The promotion of "darknets" is one response to corporate surveillance of personal data. But there is a better way to ensure privacy online, says Becky Hogge.
By Becky Hogge
"People who want to hide their activities online already have the tools to do so. We're just giving those tools to the general public." These were the words of Rickard Falkvinge, chairman of Sweden's Piratpartiet (Pirate Party), when he revealed that the political party dedicated to copyright reform would be supporting a controversial new commercial "darknet", Relakks. "Until we have changed the laws to ensure that citizens' right to privacy is respected, we have a moral obligation to protect citizens from the effects of current routine surveillance", says Falkvinge.
So, for a fee of €5 per month, Relakks offers to provide that protection increasingly being eroded from our civil liberties. The workings of the system – called a darknet because it obscures identifying information about the origin of the traffic that flows through it – are fairly simple. Subscribers use browser-based software to route their internet traffic through a secure connection to Relakks's servers, based in Sweden, before they make a connection to the public internet. This makes all their dealings online difficult to trace: the IP addresses associated with the traffic – numerical identifiers for every machine on the network – can be followed only as far back as Relakks, and not to an individual subscriber's internet service provider.
Asking internet service providers to reveal the name and home address of peer-to-peer file-sharers through their IP address is the tactic rightsholder lobbies like the Recording Industry Association of America and the British Phonographic Industry use in their pursuit of those responsible for copyright infringement online. But although the Pirate Party's stance on peer-to-peer file-sharing of copyrighted materials has been the focus of the news coverage associated with the launch of Relakks, subscribers could also use the anonymising service for all sorts of online activity: ordinary web browsing; text messaging like instant messenger and internet relay chat, and the fledgling telephony services like Skype that use the internet to make voice calls.
An anonymous passion
Falkvinge rightly points out that darknets, like Relakks, are more often associated with users taking part in malicious activity, such as black-hat hackers trading stolen credit-card details or paedophiles swapping illegal images of children.
A New York Times reporter recently infiltrated one such circle to reveal how safe paedophiles feel in these anonymised environments – openly discussing their attraction to children, swapping information about how to get jobs working with children through summer camps and foster-care schemes, and supporting one another in getting through moments of guilt about their obsessions. The report makes gruesome reading.
But other news reports have revealed how important privacy is becoming for everyday citizens, too. First, there's the National Security Agency wiretapping scandal, a warrantless, mass communications surveillance operation secretly authorised by President George W Bush as part of the "war on terror" – to the outrage of the American public – and revealed by the New York Times in December 2005. Although the focus in the news is on telephone calls, the programme is thought to encompass email and even web browsing activity.
Then there's the recent scandal over web-search information released by the research arm of AOL. In August 2006, it was discovered that AOL, once the biggest internet service provider in the United States, had released three months' worth of search requests in a database intended for the interest of academics. Although AOL had obscured the IP addresses that could have easily revealed the origins of the search requests, the company's claims that this anonymised the data were laughable once the chilling detail of the search histories was revealed.
One Georgia, United States resident was able to identify herself as searcher number 4417749 just from the list of search terms associated with that unique identifier. Other searchers, such as those who regularly searched for "how to kill your wife", were understandably less willing to come forward. AOL may have removed the database as soon as the blogosphere helped them realise their mistake, but it was too late: the information had already been mirrored all over the net, with some enterprising coders even providing handy search interfaces across the database for would-be voyeurs.
The cost of privacy
So, should we all be using Relakks? The level of detail that stored digital communication can reveal about our personal lives means the old adage that we shouldn't mind people looking if we haven't got anything to hide is starting to wear a little thin. Just as those of us in the western world have learned to shred letters from banks before we throw them away to prevent identity scavenging, should we now be considering online anonymisation as the next sensible step in information housekeeping?
If the answer is yes, then we should be careful who we trust to help us anonymise. Although Relakks comes with the endorsement of Sweden's Pirate Party, it also comes with a key point of failure. Your IP address might well be obscured to the rest of the communications network, but Relakks must know who you are, not least so they can charge you €5 per month. Just as legal pressure can be put on ISPs to reveal where you live, so Relakks could be forced by the courts to reveal your identity. Indeed, the pressure may not even have to be that legal, as the May police seizures of Swedish bittorent trader the Pirate Bay makes clear. Putting the sanctity of your right to privacy in the hands of a commercial company isn't ever going to be that clever, after all.
More sophisticated anonymising services have been available for some time. One such is The Onion Router (Tor), so called because it obscures the origin of internet traffic by routing it in randomly through layer upon layer of servers across a specially designed network. The nature of Tor, which relies upon people volunteering their own bandwidth to the project to become part of the Tor network, means that traffic across Tor can be slow and that using it for high-bandwidth services, such as downloading or streaming media, is discouraged. Further, the process of installing and operating Tor, like installing and operating Linux, has been designed with the tech-literate geek in mind, and might be a little tricky for mainstream users to get their heads around.
But before we go shopping for total anonymity, it should be noted that allowing internet users such anonymity has significant downsides. Most clearly, it removes accountability in community environments, and can be an effective tool in wanton vandalism, either in collaborative environments like Wikipedia, or communication forums like internet relay chat (IRC) networks.
Indeed, both Wikipedia and Freenode, a popular IRC network, have enforced bans on users of Tor after articles have been consistently vandalised or communications channels disrupted by nefarious trolls. The Pirate Party's support of the launch of Relakks should be interpreted not as endorsement for the crypto-anarchy of total net anonymity, but rather as a clever way to open a debate about privacy on the net.
Ensuring our right to privacy online will take a lot more than €5 per month. What's required is a call for control of the vast trails of data that we leave about ourselves to be taken out of corporate hands and for surveillance laws to be made in an open, democratic and accountable environment.
|This article originally appeared on openDemocracy.net under a Creative Commons licence. To view the original article, please click here.|