If Amazon has silenced Wikileaks…
Whether you believe Julian Assange should be Time’s Man of the Year, or whether you’d like to see him tried for espionage, rape or other crimes, you have to admit the man keeps things interesting. While the revelations in Wikileaks recent releases haven’t toppled governments, or perhaps even led to major journalistic revelations, they’re forcing important discussions about secrecy, privacy, rights of free speech and the architecture of the internet.
In the wake of “cablegate”, Wikileaks’s release of secret, confidential and unclassified US diplomatic cables, the Wikileaks website has been under sustained distributed denial of service attack. Craig Labovitz, chief scientist for Arbor Networks (a leading firm focused on mitigating DDoS attacks), reports that the site experienced a 2-4Gbps attack on Sunday and a more significant 10Gbps attack on Tuesday. The analysis of Sunday’s attack is interesting in part because it shows how deep the interest in the Wikileaks documents has been – the site was generating well over 10Gbps in legitimate traffic prior to the attacks.
Labovitz references claims of responsibility from “The Jester”, a hacker who’s claimed responsibility for low-bandwidth, application specific attacks against sites he feels promote jihad or damage the US’s standing in the world. The Jester is an interesting figure – he claims to use a technique that allows users to cause serious downtime to sites without harnessing a botnet’s worth of servers – it’s unclear whether this is a technique like the known Sloloris attack, or something novel. And his choice of targets suggests a future where knowledgeable individuals are able to advance their personal political goals online without recruiting thousands of others to “help Israel win” or going on 4chan to organize attacks on the RIAA.
(Slashdot recently reported that the Jester had been arrested and had equipment confiscated in connection with an attack on Wikileaks. However, the article cited doesn’t mention an arrest. A site in the UK references the Jester’s blog as reporting an arrest by local authorities. Update, December 2: This appears to have been a hoax, and the comments thread under the Slashdot reflects this.)
In response to DDoS attacks, Wikileaks moved from servers in Sweden to Amazon’s web servers. This makes good sense – Amazon offers a “cloud” of servers with a great deal of capacity and a team of sysadmins who can fight off DDoS attacks. I’ve encouraged human rights organizations like Viet Tan to use sites like Blogger to host sensitive sites for similar reasons. Unfortunately, multi-Gbps DDoS attacks are really hard for sysadmins to fight off, and crouching behind a big rock is one good response to an attack.
It does, however, have downsides – you’re relying on that company’s continued willingness to host your site. I wrote a chapter for the recent Access Controlled volume on intermediary censorship – censorship conducted by an internet service provider or web service provider, on their own or acting on government instructions. If you’ve got a provider like Bluehost who decides they can no longer host sites owned by Zimbabweans, you may discover that the company you’re counting on to enable you to speak online is acting to silence you.
That may be what happened to Wikileaks earlier today. According to the Guardian, Sen Joe Lieberman (CT-Nutjob) is taking credit for pressuring Amazon to kick Wikileaks off its servers. Recent traceroutes for wikileaks.org and cablegate.wikileaks.org have led to servers in Sweden, suggesting that Wikileaks has changed homes.
It’s going to be very interesting to hear how Amazon justifies this decision. If the company was required by a court order to remove the content, that’s one thing. If they simply responded to pressure from a US Senator, or to boycott threats, it sends a very disturbing message: that Amazon will remove content under political pressure. Yes, Amazon is within its legal rights to refuse service to a customer… but as I’ve argued previously, they’re a private company responsible for a public space. That’s the nature of the internet – we use it as a space for public discourse, though the sites we use for much of our discussion are owned by private corporations and controlled by terms of service that are significantly more stringent than restrictions on public speech.
The rise of internet hypergiants like Amazon that host servers for hundreds of thousands of clients makes these potential conflicts more clear. If you are dissatisfied with the terms of service of your hosting provider, you can always find another… up to a point. There’s been massive consolidation in the web hosting market, and companies like Amazon are likely to control large shares of the market in the future, both because there are economies of scale in providing low-cost service, and because large server farms can more effectively defend from attacks like DDoS. But if large providers like Amazon won’t take on clients like Wikileaks, they’re forced onto smaller ISPs, which may be more costly and less able to thwart DDoS attacks.
If Amazon did respond to pressure from Lieberman, it should open a conversation about the responsibilities of cloud providers towards clients who host political content. If Amazon’s policy is “we can terminate you if we’re uncomfortable with what you say”, that cannot be acceptable to anyone who is concerned with freedom of speech online. I’m looking forward to hearing more about Amazon’s actions and justification, and to hearing from folks like Rebecca MacKinnon and Danny O’Brien who follow issues of free speech and corporate responsibility closely.
Update: It’s worth mentioning that Wikileaks is using peer to peer networks to distribute the actual cables. DDoS may be effective in removing their web presence, but it’s going to have a much harder time removing the sensitive material from the internet. The DDoS attacks are actually a useful reminder that we still don’t have a good way to serve web sites on a purely peer to peer architecture. That would be one response to the problems of consolidation I’m talking about here…
My dismay about Amazon’s apparent censorship of Wikileaks doesn’t constitute an endorsement of Wikileaks or this recent data release. I have complicated feelings about the organization and its methods. Two pieces I’ve found useful in thinking about Wikileaks:
- Dan Gillmor asks some tough questions about Wikileaks’s organizational transparency and motivations
- Blogger zunguzungu gives a close reading of an essay believed by be written by Assange in 2006 which suggests motivations for the Wikileaks project. This post is worth a close read – I find it both a satisfying explanation of some recent Wikileaks actions and a good reason for skepticism about aspects of the project.
December 1st, 2010 at 7:05 pm
[...] Ethan Zuckerman [...]
December 1st, 2010 at 8:16 pm
Great post Ethan!! Looks like it was indeed pressure from Lieberman, see:
http://online.wsj.com/article/SB10001424052748704594804575649050363774246.html
and
http://tpmmuckraker.talkingpointsmemo.com/2010/12/how_lieberman_got_amazon_to_drop_wikileaks.php
While Amazon was acting within its own terms of service, it certainly showed that it cannot be trusted to uphold users’ legal and constitutional rights. The Global Network Initiative’s principles for responsible corporate behavior in upholding free expression state:
“The right to freedom of expression should not be restricted by governments, except in narrowly defined circumstances based on internationally recognized laws or standards.5 These restrictions should be consistent with international human rights laws and standards, the rule of law and be necessary and proportionate for the relevant purpose.”
and:
“Participating companies will respect and protect the freedom of expression rights of their users when confronted with government demands, laws and regulations to suppress freedom of expression, remove content or otherwise limit access to information and ideas in a manner inconsistent with internationally recognized laws and standards.”
The GNI implementation guidelines state:
“When required to restrict communications or remove content, participating companies will:
* Require that governments follow established domestic legal processes when they are seeking to restrict freedom of expression.
* Interpret government restrictions and demands so as to minimize the negative effect on freedom of expression.
* Interpret the governmental authority’s jurisdiction so as to minimize the negative effect on to freedom of expression.”
(see globalnetworkinitiative.org)
These global principles and guidelines were developed through a multi-stakeholder process by human rights groups, socially responsible investors, and several other Internet companies in order to help companies make decisions and establish procedures for dealing with government takedown and data requests – so that user rights will be protected in a manner that is consistent with international human rights norms.
Amazon is not currently a GNI member. They should be. They clearly need help figuring out how to do the right thing and not completely lose user trust.
December 2nd, 2010 at 2:04 am
[...] …My heart's in Accra » If Amazon has silenced Wikileaks… [...]
December 2nd, 2010 at 12:17 pm
This analysis makes a number of good points, but I think it understates one — that it is controversial whether WikiLeaks is entitled to first amendment protections at all, with regard to the stolen documents. Certainly, journalists require and depend on such constitutional protections to perform a public service, but it is questionable whether a raw dump of thousands of stolen state secrets really qualifies as journalism or protected free expression.
December 2nd, 2010 at 1:52 pm
[...] …My heart's in Accra » If Amazon has silenced Wikileaks… [...]
December 2nd, 2010 at 7:48 pm
[...] does raise a very good point (talking about the Amazon/Wikileaks situation) about the role of corporate giants as intermediaries that can help a government censor: If they simply responded to pressure from a US Senator, or to boycott threats, it sends a very [...]
December 3rd, 2010 at 12:09 am
Great Post Ethan but do you really think there are no great journalistic revelations? The German rendition case is something I find journalists have failed to cover very well:
http://www.boingboing.net/2010/12/01/wikileaks-and-the-el.html
December 3rd, 2010 at 5:24 am
[...] If Amazon has silenced Wikileaks… from …My heart’s in Accra by Ethan [...]
December 3rd, 2010 at 5:56 am
[...] Que se critican entre ellos y que dudan de la capacidad de algunos de los líderes. También que cuando pintan bastos, algunos no dudan en apretar las tuercas, aunque luego se descubran otros pellejos y disfraces de [...]
December 3rd, 2010 at 6:03 am
[...] seems everyone in the blogosphere has an opinion of Wikileaks latest release of classified U.S. State Department cables. Adding one more voice to [...]
December 3rd, 2010 at 9:32 am
“Whether you believe Martin Luther King jr. should be Time’s Man of the Year, or whether you’d like to see him tried for … rape or other crimes, you have to admit the man keeps things interesting.” Had this been written then, say after the marches, I’d have had a rather bad opinion of the author.
December 3rd, 2010 at 9:55 am
[...] la presión y el miedo ha hecho que la empresa de hosting que alojó a Wikileaks.org después que Amazon.com cediera a las presiones de un senador Demócrata, haya decidido negarle el [...]
December 3rd, 2010 at 1:06 pm
[...] If Amazon has silenced Wikileaks… Ethan Zuckerman reacts to reports that Amazon has responded to political pressure from the US Senate and booted whistle-blowing website Wikileaks from their cloud-hosted web server service: “If Amazon did respond to pressure… it should open a conversation about the responsibilities of cloud providers towards clients who host political content. If Amazon’s policy is ‘we can terminate you if we’re uncomfortable with what you say’, that cannot be acceptable to anyone who is concerned with freedom of speech online.” [...]
December 3rd, 2010 at 5:06 pm
[...] “The rise of internet hypergiants like Amazon that host servers for hundreds of thousands of clients makes these potential conflicts more clear. If you are dissatisfied with the terms of service of your hosting provider, you can always find another… up to a point. There’s been massive consolidation in the web hosting market, and companies like Amazon are likely to control large shares of the market in the future, both because there are economies of scale in providing low-cost service, and because large server farms can more effectively defend from attacks like DDoS. But if large providers like Amazon won’t take on clients like Wikileaks, they’re forced onto smaller ISPs, which may be more costly and less able to thwart DDoS attacks.” From Ethan Zuckerman’s blog post, “If Amazon has silenced Wikileaks…” [...]
December 4th, 2010 at 4:01 pm
[...] Center for Internet and Society discusses how Wikileaks has shone a light on the manner in which our “public” Internet is corproate owned. Zuckerman’s issue is of course related to the need for a public space for deliberation [...]
December 6th, 2010 at 10:04 am
[...] on WikiLeaks bans: The tech industry more or less failed the neutrality test; [...]
December 6th, 2010 at 10:48 am
[...] stop from being distributed. Even if the WikiLeaks “promotional pages” are removed, the DDOS attacks make no sense as Ethan Zuckerman notes on his blog. “It’s worth mentioning that Wikileaks is using peer [...]
December 8th, 2010 at 7:58 pm
>The DDoS attacks are actually a useful reminder that we still don’t have a good way to serve web sites on a purely peer to peer architecture.
There is one in the works (soon to be open sourced)
http://en.wikipedia.org/wiki/Osiris_(Serverless_Portal_System)
http://osiris.kodeware.net
December 11th, 2010 at 9:47 pm
[...] 8:45PM: Jonathan Zittrain, Tim Hwang, Ethan Zuckerman, Jillian York, Dan Gillmor – all Berkman folk, all very brilliant, and all with interesting [...]
December 13th, 2010 at 12:12 am
[...] Whether you believe Julian Assange should be Time’s Man of the Year, or whether you’d like to see him tried for espionage, rape or other crimes, you have to admit the man keeps things interesting. While the revelations in Wikileaks recent releases haven’t toppled governments, or perhaps even led to major journalistic revelations, they’re forcing important discussions about secrecy, privacy, rights of free speech and the architecture of the internet… read more [...]
December 16th, 2010 at 7:24 pm
[...] If Amazon has silenced Wikileaks… [...]
December 20th, 2010 at 1:33 pm
[...] Wikileaks from their servers – under intense pressure from Senator Joe Lieberman – was deeply disturbing to me personally, and complicated one of the major suggestions we offer in the report. One of our [...]
December 22nd, 2010 at 1:39 pm
[...] Conspiracy; “To destroy this invisible government” (Aaron Bady, 29 de noviembre de 2010) If Amazon has silenced Wikileaks… (Ethan Zuckerman, 1 de diciembre de 2010) “The watchdog press failed; what we have is [...]