One of the major problems with the actions surrounding WikiLeaks was that there seemed to be a marked lack of process. In some cases WikiLeaks got 24 hour notice, but they had no way of appealing or presenting their view of the case. But from the information we have seen so far, the justifications used by companies have been very thin or just outright false. Just to get everything collected in one place, I wanted to write about all the companies that removed support for WikiLeaks, and analyze their stated reasons for doing so.

Amazon

Just after WikiLeaks started releasing their “cablegate” data, they decided to move their site to Amazon Web Services. The reason for this was that they had been subjected to minor DDOS attack and wanted to make sure that the site remained possible to reach. Amazon was mainly serving as the host for the website – not for the actual data (although the data is there too). The data was also available through numerous other means, such as BitTorrent.

Lieberman has confirmed that his office made a phone call to Amazon to see whether they would take down the site. Lieberman had his office do this, since he feels that WikiLeaks is distributing “illegally seized material”.

Amazon was quiet for over twenty four hours, but then issued a message explaining why they had removed the WikiLeaks site. It has several interesting nuggets. The first sentence of the message says that Amazon did not stop serving WikiLeaks because of the government inquiry. We may never know the truth here, but it’s clear that a call was made from Liebermans office, very close in time to when the service was taken down. It’s also clear that WikiLeaks has hosted content on AWS several times before (and it has gotten lots of attention those times too) – without Amazon taking this content down.

The justification Amazon is using for taking down WikiLeaks is that WikiLeaks wasn’t following their terms of service. As examples of things that go counter to the ToS, Amazon notes that WikiLeaks doesn’t own or control the rights for all their content. Of course, according to the Copyright act, copyright protection is not available for any work of the United States government, so the cables can definitely be said to be in the public domain. Even if you don’t care about that argument, there is also an argument for consistency of enforcement. Have Amazon taken down the New York Times for reporting the same material?

The other justification used is that it’s not “credible” that WikiLeaks could have carefully redacted all information that could put innocent lives in danger from their 250 000 cables. That obviously doesn’t take into account the fact that WikiLeaks haven’t released all 250 000 cables yet – a huge reason being that they are careful in redacting information that shouldn’t be there. As I write this, less than 2000 cables have been released.

At the end of the day, Amazon’s justifications look very weird. Amazon clearly has the right to enforce their terms of service however they want – until someone sues them for breach of contract, of course. But the more insidious part is that it will be very hard to trust Amazon as a host for any kind of interesting data in the future. The capricious nature of the WikiLeaks takedown should worry anyone who depend on Amazon to host their data.

Tableau Software

Tableau Software is a small company that make it possible to do visualizations of different kinds of data and put that online. Think Excel graphs, but on a web page. WikiLeaks used Tableau to create graphs and charts of different kinds of data. These graphs contain information such as what the distribution of cables regarding different subjects are, and so on. An example of a graph can be found here.

So basically, Tableau didn’t host the WikiLeaks data at all. They hosted derivative information based on WikiLeaks data sets.

Tableau published a blog post explaining why they had removed WikiLeaks support. You can find it here. In comparison to Amazon’s press release, it feels refreshingly honest, at least. They explicitly say they removed the content based on Joe Liebermans public request for organizations to terminate their relationships with WikiLeaks. They also cite their terms of service as the reason for actually removing the data. However, that runs into the same problem as Amazon’s justifications. Tableau is saying that WikiLeaks doesn’t have the right to make this content available. But in fact, WikiLeaks right to this data is still up in the air. It could be that they are covered by the First Amendment. It could also be that they are not. But Tableau Software is not a judicial function. They can’t make that decision.

They decided to investigate WikiLeaks, and remove their data, just because Joe Lieberman said it was illegal. That seems like a very convenient power for a senator to have…

EveryDNS

The wikileaks.org DNS name was hosted by EveryDNS.net. This company decided to remove the DNS entry for wikileaks.org citing massive DDOS attacks against WikiLeaks. Of all the attacks on WikiLeaks, this is arguably the most problematic one – even if you have a place to host your content, without a working DNS, it is much harder for people to get access to that content.

And what about the justification of EveryDNS? Their public statement clearly states that there was no political pressure involved in this decision. Instead, they say that the reason for dropping the WikiLeaks domain was that the heavy denial of service attacks against WikiLeaks threatened service for the rest of their clients. However, I keep trying to figure out how a DDOS attack could ever threaten one specific DNS provider. Isn’t the whole point of DNS that the records quickly get distributed to any DNS server that requests the entry? Unless the time to live on the WikiLeaks entry is very low, it seems, most lookups for it wouldn’t even touch the EveryDNS infrastructure. So I guess that the only way a DDOS attack could touch EveryDNS would be for the DDOS attack to be targeted against EveryDNS, not against WikiLeaks. The more I think about it, the less I understand how this justification even make sense.

EasyDNS is another DNS provider that got mixed up with EveryDNS – and incorrectly reported as the company that dropped WikiLeaks support. They decided that they had already gotten the bad rep for dropping WikiLeaks, so they could just as well go ahead and host the WikiLeaks DNS entries after EveryDNS dropped them. EasyDNS have reported DDOS attacks, but they haven’t reported it being a problem for their infrastructure.

All of these pieces come together to a picture that just doesn’t make sense. If I’m wrong – can someone explain to me how a DDOS attack can threaten a DNS provider?

PayPal

On the 3rd of December, PayPal cut off the account of Wau Holland Foundation, an account that had redirected donations to WikiLeaks. PayPal being what it is, I would assume that a large fraction of the donations for WikiLeaks used to come through this channel – and since WikiLeaks doesn’t make money by itself, it lives or dies by donations. The reason PayPal cited was that it was used for activities that encouage, promote, facilitate or instruct others to engage in illegal activity. At a later date, the VP of PayPal clarified that the reason they felt it was illegal content was based on a letter from the State Department to WikiLeaks where the State Department claimed the cables were illegal.

Simply put, the State Department declared something illegal, and the flow of money to WikiLeaks immediately dried up.

It is interesting to note that Wau Holland Foundation are filing legal action against PayPal for blocking its account, and also for libel due to PayPal’s allegations of illegal activity.

PostFinanace

PostFinance is a Swiss bank that on the 6th of December froze all the assets of Assange. Their reason for doing this was that Assange had provided false information about his place of residence when opening the account. This might well be true – but it’s hard to not consider how many other people with accounts in Switzerland use their lawyers address as their place of residence. The timing of this action also strains credulity. Why now, PostFinance?

PostFinance happen to be a state run financial institution. The Swiss government have refuted allegations of foul play. However, the Pirate Party in Switzerland claims that the bank didn’t follow a clear legal process when closing the account. There is also the possibility of PostFinance violating client confidentiality laws by releasing information about its business relationship with Assange through a press release.

MasterCard

Further pushing on the limits of coincidence, the same day MasterCard decided to take action against WikiLeaks, by ensuring that MasterCard products can’t be used to donate money to WikiLeaks. Their reason for doing so echo PayPals – MasterCard has rules that prohibit customers from directly or indirectly engaging in or facilitating any action that is illegal.

As many observers have noted, it is still possible to use MasterCard to donate to the Klu Klux Klan.

Visa

The next day, Visa Europe decided to follow MasterCard in suspending payments to WikiLeaks pending “further investigations”. As far as I can tell, these further investigations are still pending – and Visa still aren’t processing payments to WikiLeaks. The suspension was initially limited to a weeks time, but it doesn’t seem to have been lifted at this point.

Bank of America

Last week Bank of America announced that they would stop processing any transactions of any type that they have reason to believe are intended for WikiLeaks. Exactly what that means is quite unclear. Bank of America claims that WikiLeaks might be engaged in activities that are inconsistent with their internal policies for processing payments.

I don’t know about you – but the longer this goes on, the more vague the justifications of these companies have become.

Apple

A few days before Christmas, Apple decided to remove a WikiLeaks IPad and IPhone application from their App Store. The most confusing thing about this incident is that the app was actually allowed in the App Store for a few days before getting removed. Apple have a reputation for enforcing their developer guidelines very strictly for the App Store. So when Apple removed the application after the fact, based on the developer guidelines, it looked quite weird. If Apple hadn’t allowed the application in the first place though, noone would have been very surprised.

The reasoning Apple cited for removing the app was that applications must comply with all local laws and may not put an individual or group in harm’s way. Exactly which part Apple feels apply to WikiLeaks wasn’t clear from the public statements.

Summary – common themes

Now, almost a month after these series of events started, it gets increasingly hard to justify the WikiLeaks denial of service. Looking back through the behavior of all these parties, I can’t help but notice the common theme – the assumption that WikiLeaks is illegal. This assumption comes from public pronouncements from the State Department and from Senator Joe Lieberman. But the State Department is part of the executive wing of the US government. And the senate is part of the legislative part of the US government. That simply means that neither of these sources can pronounce whether something is illegal or not. Having the State Department and senators pronounce that something is illegal, and then have companies acting on these pronouncements is tantamount to removing the democratic underpinnings of society, and is a very dangerous path to take.

We don’t know how much back room deals have been made to orchestrate the recent events. In come cases it’s obvious that we don’t know everything – in other cases there is a large possibility that the State Department and Joe Liebermans public actions have been enough for the above companies. Either alternative scares me.

2 Comments | By Ola Bini | In: The Future of the Internet, Wikileaks | tags: amazon, apple, bank of america, democracy, everydns, future of internet, mastercard, paypal, postfinance, tableau, visa, Wikileaks. | #

One huge aspect of the last two weeks that leaves me more and more concerned is the almost uniform silence from technologists. I can count on one hand the blog posts I’ve seen from individuals or companies expressing their feelings about current events. In Australia there are public rallies. In Sweden I know many people who are speaking up about this. But from the technologists in the US, all I hear is an eerie silence. Why is this?

I guess there are three possible explanations. Maybe people are afraid to express an opinion that can be viewed as antiamerican? Or from a corporate side, maybe the economic and judicial risk of doing this worries people to much. The second alternative is that most technologists just don’t care or think their views will have any effect. The third option is that most companies and technologists actually agree with what the US government is doing, and don’t see anything problematic about it.

All these explanations scare me. If individuals are already too scared to speak up, I think we have already lost. And if most companies can’t see that a free and open internet is in their interest, I also think we have lost. But if there are people keeping quiet because they don’t think their views will have effect, I wish they would reconsider. The only reason their views won’t have effect is if everyone keeps quiet. It can start small and grow. One of my close friends recently mentioned the fact that the boycott of South Africa took over twenty years to have any real impact.

So what about the third option? Maybe I’m naive, but I genuinly think we are living in world changing times. I think that these events send the clear message that we are heading straight for a closed Internet in the style of China. Like Ron Paul has said – “In a society where truth becomes treason, then we’re in big trouble”. I think democracy is in mortal danger.

The brazenly open actions by the US government tells me that they don’t even care that people know how they use extra legal tactics to get their means. And if that’s the case, then they are counting on people not speaking up and protesting. Well, this is our opportunity. This is our chance to speak up and say what we feel about what’s happening. And us technologists should be at the forefront of this. It’s our world that is threatened first.

And if I’m right about this, it means this period might be the last chance we have of saying anything.

1 Comment | By Ola Bini | In: The Future of the Internet | tags: amazon, future of internet, technologists. | #

I would like to quickly outline why I feel that Amazon’s behavior with regards to Wikileaks is problematic on many levels. When considering these issues, I was left with no other conclusion but to decide to boycott Amazon. I know that that might not be much, but it’s the only real power I have – except for publicizing why I made the decision I made – which I’m doing right here and now. I also hope other individuals and companies will consider not doing business with Amazon in the future.

So what was it that happened? Well, an important precursor to the story is that Amazon hosted/mirrored the Wikileaks Iraqi and Afghani War logs for some time. As far as I know, Amazon never booted Wikileaks during this time period.

After serious DDOS attacks, Wikileaks moved their content to Amazon again on November 29. On December 1st, Amazon drops Wikileaks. Joe Lieberman claims his office has made a call to Amazon before they did this. Lieberman then publicly expressed his view that Wikileaks is breaking the law. At that point other companies started to follow – first Tableau Software; then EveryDNS cancels the wikileaks.org DNS entry. After that, PayPal shuts down the Wikileaks account. PostFinance shuts down a Swiss donation account for Wikileaks. Then MasterCard. Then Visa. All or any of these companies could have made a stand and let legal process run. They didn’t.

So why am I picking on Amazon? Why am I singling them out specifically in this blog post? Because Amazon was the first. They are strong enough to take a stand. At the moment I don’t even care what they think about Wikileaks. The problem is that they could have let a legal process run its course – and when or if a court had decided that Wikileaks have broken a law (and what law-/s they had broken), Amazon could have removed the Wikileaks account. The duplicitous nature of first hosting them for months, but then when they get a call from Liebermans office immediately fold, feels to me like a real problem.

A few days after, Amazon issued a press release pointing to their terms of service as explanation. Most people I’ve spoken to feels that this press release is a complete lie. It doesn’t add up, and even if it does add up, the press release also points to the Wikileaks data as being illegal. Which brings us back to the two questions – why wasn’t the Iraqi war diaries illegal enough to break the terms of service, and when did Amazon become a legal instance qualified to judge what is illegal or not?

Amazon folded first. It doesn’t matter that most companies in the US probably would have behaved the same way. It doesn’t matter that other companies folded after – in fact, that makes it worse. Amazon is a large company, a strong company. They have extreme resources at their disposal. And they decided to not use them. They could have waited for Wikileaks to become illegal before booting them out. They didn’t. How much easier did it become for other companies to make the same decision after Amazon decided to fold? I can’t help but seeing Amazon as partly responsible for the actions of the other companies that folded. Amazon was put to the test and they were found wanting.

I think that the current world events are indicative of where we are headed in the future. Amazon acting on a phone call from Liebermans office starts us down a very slippery slope. Imagine if you will that the US Supreme Court finds that Assange is not guilty of espionage and that Wikileaks is protected by the first amendment. At that point, Amazon’s actions in retrospect means they booted out a legal site with no due process. That precedent is very dangerous. And it isn’t restricted to organizations like Wikileaks. The next site that gets kicked off could by your next startup. Your safeties and guarantees from Amazon just went rapidly down. If we are to build systems on top of Amazon, we must know that Amazon will be stable enough ground for us to build on. And presumably Amazon wants this too. But these actions have sent a very clear message about what can happen if you are a bit unlucky or end up with the wrong enemies: no due process.

1 Comment | By Ola Bini | In: The Future of the Internet, Wikileaks | tags: amazon, The Future of the Internet, Wikileaks. | #