Behind the Firewall

The internet’s power to take down tyranny lies beyond Twitter. Jon Evans on the high-tech programs every despot should fear.

By Jon Evans April 12, 2010

REMEMBER IRAN? That disputed election seemed like a big deal for a few days, didn’t it? For two weeks my Twitter feed was full of green icons and locations set to Tehran, as if a posse of faraway microbloggers might help take down a totalitarian government. Chairman Mao, who once said, “Political power grows out of the barrel of a gun,” must have been grinning in his grave. How right he was. All those cogently worded tweets and blog posts collectively posed as much threat to the Iranian election as blades of grass to a hurricane.

However, the election fallout did illustrate two interesting things. One is that dictators are frightened of the internet. And the other is that they should be.

The only thing that can change an autocratic government is getting massive crowds of protestors out into the streets and keeping them there every day for weeks. But rage and frustration aren’t enough. Gandhi succeeded in India only because the Raj allowed him to protest; in China he would have been detained and disappeared long before becoming notorious. Nonviolence, in other words, only works on governments who are queasy about murdering thousands of people to stay in power. Iran’s government knows this, and used its brutal Basiji militia to stamp out protests before the election campaign even began.

The ayatollahs also made sure they had a tight leash on the internet, and with good reason. Tyranny is fearful of transparency; the internet is an X-ray spotlight. Tyranny thrives on ignorance, and feeds on the fear of the unknown; the internet is acid that eats away at both by allowing dissidents to freely, securely, anonymously and instantaneously communicate with each other and external supporters. This is why Reporters Without Borders’ list of “internet black holes”—i.e. the most heavily censored nations—doubles nicely as a list of the most autocratic governments: Belarus, Burma, China, Cuba, Egypt, Iran, North Korea, Saudi Arabia, Syria, Turkmenistan, Uzbekistan, Zimbabwe.

But the gate-guards manning the Great Firewall of China, and their counterparts in smaller states, are fighting a losing game—because you can’t censor the internet, not anymore, unless you actually turn it off. I’m not talking about the empty, credulous sound-byte hype that re-emerged during Iran’s “Twitter revolution” (“information wants to be free” or “the internet sees censorship as damage, and routes around it”—quotes which sound good but are meaningless and wrong). I’m talking about Freenet and the Tor Project.

The Tor Project—originally developed by the US Navy, now co-funded by the Electronic Freedom Foundation, and used by activists, dissidents, journalists and law-enforcement sting operations alike—lets you use the internet without being traced, by routing your connections through three layers of anonymous relays. If you use Tor, an observer watching your internet connection cannot identify (or block) the sites you visit; similarly, those sites cannot learn your location. Meanwhile, Freenet lets you secretly publish and access encrypted information, for either a small selected cohort or the world at large. Combined, the two technologies offer secure, anonymous, private, untraceable web access, all but immune to any censorship short of pulling the plug on the entire internet.

It was never Twitter that scared the Iranian government. Twitter is a centralized service, and if there’s one thing dictators understand, it’s centralized control. Freenet and Tor, however, are decentralized, accessible by everyone, controllable by no one.

What can you use them for? To mobilize crowds despite media crackdowns. To safely link dissidents to each other, their international support networks and journalists. To publicize the corruption endemic to all authoritarian governments and chip away at their veneer of legitimacy. To unveil cover-ups and shine a light on brutality, so that the rest of us can’t pretend to look the other way. (Consider Amnesty International: simply writing letters to dictators can stop torture—but first, you need to know who has been disappeared.)

But let’s not get too caught up in Hollywood-esque tales of plucky dissidents overthrowing iron-fisted despots. Tools like Tor and Freenet could be even more valuable in the war against local corruption.

A few years ago a very large corporation (whose name I will diplomatically not cite here) called for ideas on how to use technology to help sub-Saharan Africa. I suggested a corruption-reporting service, so that people could use mobile phones and internet cafes to report on the bribe-taking parasites who, throughout the Third World, divert money for new roads, clean water and medicines into their pockets. The world’s leading anticorruption organization is called Transparency International; what better form of transparency than reports from the very people who are being victimized by endless and pervasive theft?

I still think it’s a good idea, but it didn’t go anywhere, for a number of reasons. One being an employee’s warning that such a system might outrage corrupt governments, who then could bar the corporation in question from winning lucrative contracts. Disappointing, but not surprising. Megacorporations have other priorities than lifting the yoke of corruption. Today, though, thanks to the pervasive mesh of cellphone networks and the internet, something more grassroots could grow along those lines. Let’s hope.

And let’s not put too much faith in our own governments. Remember the Afghan election? That too seemed like a big deal, until it was stolen under the noses of the American government and NATO—purely because neither actually cared. There are more than one hundred thousand NATO soldiers in Afghanistan. They could have ensured a fair election had they really wanted to.

But no. Apparently it’s perfectly OK to get in bed with drug-dealing warlords and kill hundreds of Afghan civilians with airstrikes. But enforcing a fair election? That’s an unthinkably outrageous violation of Afghanistan’s sovereignty. So instead NATO hosted an expensive orgy of massive electoral fraud on both sides—and then, according to the New York Times, American government officials tried to convince Abdullah Abdullah, the losing candidate, to join Hamid Karzai’s government, in hopes of sweeping that fraud under the carpet.

Stolen elections are arguably an even bigger problem than tyrants. Just ask the citizens of Mexico, whose 2006 presidential election—declared “the cleanest in Mexican history”—was extremely dubious (within days of the polls closing, proof emerged of discrepancies and irregularities and false vote counts). Or ask those who worry about automatic voting machines and their lack of accountability—the citizens of Florida could give you an earful about that.

And you know what? There are high-tech solutions to this problem too. For starters, electoral commissions should require all election software be open-source (meaning the source code that electronic voting machines run on would be available for anyone to vet). Even if they don’t, systems like Scantegrity, developed by a team that includes renowned cryptographers David Chaum and Ron Rivest, let voters ensure that their vote is counted even if both the ballot boxes and the vote-scanning machines are corrupted. Scantegrity uses ballot confirmation codes which are revealed only when the voter votes. Afterwards, voters can compare their confirmation codes against the election’s posted results to confirm that their votes were not discarded.

Two other systems, Punchscan and Prêt à Voter, go even further: they ensure that outside parties can accurately audit the election results even if the entire electoral commission is a sham. Both systems use numbered ballots divided into two halves. After voting, the voter shreds one half and keeps the other as a receipt, which is scanned or photographed at the polling station. The voter’s mark, plus the receipt’s serial number, allows the vote to be decoded—but the receipt does not by itself indicate which candidate received the vote, and thanks to the magic of cryptography, the election authority cannot trace votes back to individual receipts.

If NATO had enforced the use of Punchscan or Prêt à Voter in Afghanistan and tabulated voter receipts outside polling stations itself, then that election would have been guaranteed free and fair no matter how corrupt the electoral commission tried to be. But the so-called nation-builders simply couldn’t be bothered.

It’s all too clear that the world’s millions still oppressed by dictatorships and fraudulent presidents can’t count on Western governments or corporations. Instead they’ll have to somehow save themselves. The very least we can do is give them the tools. Twitter is only a sideshow, but Freenet, Punchscan, Prêt à Voter and the Tor Project are big steps in the right direction.

(See the rest of issue 35, Winter 2009)