Border control impossible on a borderless net

WIRED: Controlling the flow of information online is like attempting to stem a million holes in a million dams, writes DANNY…

WIRED:Controlling the flow of information online is like attempting to stem a million holes in a million dams, writes DANNY O'BRIEN

HOW MANY laws have you broken today? US internet company executives may rest easy knowing they are breaking three fewer laws than a week ago – but there are still plenty that might lead them into the courts.

On Monday, the US treasury department announced a loosening of the regulations governing exports to embargoed countries such as Cuba, Iran and Sudan. In this case, the “exports” were virtual. The treasury declared that services and software “incident to the exchange of personal communications over the internet” would now be permitted.

In other words, companies such as Facebook and Twitter will no longer risk hefty fines and potential prison sentences for letting Iranians use their websites.

READ MORE

It has always been a peculiarity of US law that, while the media was constantly highlighting the benefits of online tools for overcoming censorship in repressive regimes, the tools were often self-censored in those regions by their own creators.

Microsoft and Google prohibited the download of their own instant-messaging clients in Iran before the election protests out of fear of violating the US ban on trade with the regime. Last month, open-source software community website SourceForge announced it was blocking all users from Syria, Iran and Cuba to avoid liability under similar sanction regulations.

SourceForge quickly backed down from its blanket ban (it is now up to individual developers to decide whether the software they host on the site should be blocked). But it is an indication of the confusion over how websites should deal with border controls on a largely borderless internet.

Does every US site really have to check its users at the door to ensure they are not visiting from Iran? Does every US-based website that fails to do this – the vast majority – risk hundreds of thousands of dollars in fines?

The treasury department finally answered some of these questions last week by explicitly broadening the exceptions for sanctions to Cuba, Sudan and Iran.

From now on, any site whose services or software is “incident to” blogging, tweeting, instant messaging or any other form of online personal communication, and is free to the end user, can be served to those countries without an explicit licence.

The treasury’s statement brings these regulations in line with US secretary of state Hillary Clinton’s declaration last month that the US supports “global internet freedom”. It is clear that the push to reform the rules was led by the state department’s new approach to the internet.

But is this enough? After all, there are other prohibited countries, such as North Korea and Syria, whose regulations appear to affect online software just as sweepingly. Can US companies offer their services to Iran freely, but still have to constantly check for Syrian visitors? That is not as ridiculous a question as it might seem.

While the internet is tightly controlled in North Korea, internet use in Syria is booming.

The Syrian government has been clamping down in response and the authorities have been blocking sites (including at various times Facebook, YouTube and Amazon). Last year the country was number three on the Committee to Protect Journalists list of the worst countries to be a blogger, after the repeated arrests and harassment meted out to online journalists.

Nonetheless, the US has just sent an ambassador to the country after a five-year hiatus.

Those mixed signals mean that, for all the reassurance internet companies now have regarding Iran, Sudan and Cuba, there is no clarity on whether corporations need to put blocks in place to cope with Syria’s bad behaviour or loosen them in response to the US’s slowly warming relations.

Almost certainly, most companies do not care either way. Most websites do not even think of blocking potential customers, no matter where they are from.

At the very least, these changes in the regulations demonstrate that the Obama administration believes pursuing internet companies for nominal violations of its embargoes is not high on its list of concerns. But it also shows how resistant the internet remains to existing regulations.

These sanctions have been around since the Clinton administration and, in the case of Cuba, far longer. Yet even in the face of some of the most stringent and ubiquitous trade embargo laws of any country, a free internet has grown and flourished between the US and these countries, despite neither the US nor their domestic governments apparently wishing it.

Perhaps if Europe takes a harder line on hate speech or libel online, we will see more controlling and censorious laws being created in the US. Will US companies pay any attention to them? Controlling the flow of information online is like attempting to stem a million holes in a million dams. Whether it’s for good or ill, it may just turn out that we – and our politicians – have better things to do than create borders where none can exist.