________________________________________________________________________________ Government Control of Information Technologies: The Post-Soviet Experience The 20th century will be remembered by the creation and collapse of the world's largest empire, the territory of which comprised 1/6th of the world. The Soviet Union officially was claimed to be non-existent in 1991, but the infrastructure still remained there to serve the needs of the new independent states. About four years later the world experienced a series of events, which would afterwards be referred to as the Internet boom. Nerds, enthusiasts and geeks around the world all participated in uniting the world's computer networks, which gave birth to the Internet, as we know it today. Very soon, the Internet proved to be a very powerful mechanism of information exchange, bringing urgent data to the people's desktops. One interesting thing about the Net was the elimination of boundaries. From now on a person's physical location influenced only their cost of being online, by all other features it was hard to differentiate between Internet users in the United States or Morocco. The next best thing about the Internet was its ability to transfer information with speed, unknown to humanity before the Internet. Of course, such a powerful phenomenon as the Net couldn't possibly remain beyond the attention of the former KGB offspring. They now were dispersed among the different independent nations, serving the needs of the current governments. Very slowly the special services started paying attention to the network, which could transfer encrypted messages across the world in a matter of seconds^Å the network which made express mail almost useless and the network which was gaining popularity, regardless of its high price, in the former Soviet Union. 1998 can be considered the boom of the former KGB offices' undivided attention to network affairs. Soon, there were very few individuals who would not know what the Net was. The Internet Service Providers were advertising their services on radio and television, and the local oligarchs started buying the stock of the Internet companies at home. Very differently, each country having its own position towards the Internet, the governments started approaching the global network, with one mission in mind - to control. ======== Russia ======== The Russian government was among the first to initiate an anti- Internet campaign in order to get a better handle on the so- called communication problem, which the government viewed as a threat to the previous status quo. Russian information was mostly controlled by the KGB successor, the FSB. The document called SORM, which stands for System of Operative and Investigative Procedures in Russian, appeared in the Russian legislative world in 1995. The 1995 Law on Operational Investigations gave the FSB the authority to monitor all private communications, from postal correspondence to cell-phone calls and electronic mail, provided that the security service first obtained a warrant from a court. After a series of meetings with the national and local ISPs it became clear that the whole goal was to have the provider install a certain black box, which would have access to all the incoming and outgoing e-mail activity on the server. The provider itself was responsible for paying the costs of installing the equipment and wiring up the local KGB office with a high-speed leased line. That would definitely create certain financial pressure on the small Internet companies due to their tight budgeting problems. Thus, the rumors were that SORM, besides being initiated by the FSB, was being co-sponsored by big ISPs. By doing so they would eliminate competition and leave the market open only for the big players. "Most Internet providers in Moscow, including all of the large providers and many in the provinces, have opened a hole for security agents to peep at traffic," said Anatoly Levenchuk, a Russian Internet expert. Anatoly's site, located at http://www.libertarium.ru/libertarium/sorm has a number of articles dedicated to SORM regulations, and, among them, banners and clipart dedicated to the anti-SORM Internet movement. An example would be a Microsoft Outlook window with the error message, saying "We're sorry, but the FSB officer responsible for reading your e-mail is away right now. Please re-send your message later". As ma ny analysts suppose, Russian special forces have a nasty habit of selling information gathered electronically to the highest bidder, and the information ends up serving political ends. As the Russian daily newspaper Noviye Izvestia noted recently, Internet users are already ironically referring to SORM as "System for Scandalously Unveiling Investigative Materials." One provider in southern Volgograd, Bayard-Slavia Communications, actually refused when security service agents sought to receive full and uncontrolled access to all of their clients and their communications. Bayard-Slavia had its main communication line cut off and faced threats of fines from government officials. But, it won a court case against the security service last fall. However, not all the Internet community thinks SORM presents a danger to security. Anton Nossik, the editor-in-chief of several major Internet publications, is less concerned than others, saying security service agents already have access to electronic traffic and would not be able to monitor its ever-increasing volumes in full. Nossik is also related to another big Internet scandal, which happened between his sponsoring organization, the Fund for Efficient Politics and the Russian Central Election Committee, which was responsible for maintaining the parliamentary elections this December. The Internet site, maintained and supported by the fund, was publishing the results of the exit polls in real time. According to Russian laws, any results of the elections cannot be published in the media while the election is in the process. That's why Gleb Pavlovsky, who is the head analyst of the Fund for Efficient Politics, received a call from the local FSB office with the request "to shut down all that Internet". In an hour, however, the site was shut down, obviously due to the pressure on the hosting provider from more technically-literate FSB officers than those who called Pavlovsky. The mirror of the site, located on the American continent, however, continued to function and thus drew the attention of the FSB, which tried to shut this site down as well. Alas, the ISP providing the services for hosting www.elections99.com was not located in Russia and obviously couldn't care less about the Russian laws. The elections being over, Pavlovsky was summoned to the local police office. The officials were quite satisfied that the Internet was not media at all, rather, it was a medium for creating different types of electronic media. Several weeks later the Russian government, envisioning the same problem happening during the Presidential elections in March, decided to propose a legislative act, by which the Internet was considered a media, which should be regarded as a subject to Russian laws. Obviously, this act of courage by the government drew attention from the network media, which published feature articles, full of sarcasm towards the Russian Central Election Committee. "From now on, the entire Internet, including Yahoo, Amazon, Wired and all the personal sites in the world is considered a Russian electronic media", quoted one of the electronic publications on the day the proposal reached the Parliament. The Russian government has not yet formed its exact position towards the Internet issues in the country, nevertheless, it is continuing to install SORM devices in the offices of major service providers. ========= Ukraine ========= Involved in several major conflicts between the President and the parliament, the Ukraine government appeared quite regarding Internet regulation, of which it has none. On September 19th the President of Ukraine planned to introduce a bill, which would require ISPs to provide full access to the e-mail activity on the server to the local KGB office, which in Ukraine is renamed to SBU. The document does not differ much from its Russian counterpart and is obviously written by the highest SBU officials imitating their Russian colleagues. The fate of the document, however, is different. In September '99 the confrontation between the President and the Parliament reached its highest point. The shrewd executive officials knew quite well, that whatever went to the Parliament of Ukraine from the Office of President, would get refused regardless of content. Thus it was a time when the administration had to sacrifice some legislative initiatives in order to have some other bills passed. Since the SBU was the primary beneficiary of the SORM- like bill, the President's Office decided that it was time to get rid of the unneeded bill that had been written up by another government agency. At that time, just before the elections, the agency was even suspected of disloyalty to the current executive power. Thus Ukraine remained one of the most liberal countries as to Internet regulation. Will it be a long-time victory or not? No one knows. The best guess is that the Ukrainian special services are watching their Russian colleagues' experience in order to follow the efficiency of the SORM program. The probability of Ukraine initiating a program of strict Internet control remains low, since the country depends on international donations to its tight budget. Imposing government control upon the flow of information might disturb some companies dealing in Ukraine, those, which had complained for a long time about the country's level of corruption and numerous regulations. Recently the Prosecutor general of Ukraine Mykhailo Poteben'ko has complained about the great deal of discrediting information about the current Ukrainian President Leonid Kuchma. Indeed, after some research one could find the sites with the Swiss account numbers of Kuchma's family. Whether the published information is true or not, the Ukrainian prosecutor promised to do everything possible to make the data disappear. The means are dubious, considering that the Office of the Prosecutor General of Ukraine isn't even connected to the Internet, and most of the employees have a very vague knowledge about the global computer network. ============ Kazakhstan ============ Among the former Soviet states, Kazakhstan remains one of the most conservative and strict in terms of information control. Kazakhstan's President, Nursultan Nazarbaev is widely criticized on the Web for corruption and several known facts of money laundering by the President's family. One of the sites, which belongs to the International Eurasia Foundation, on November 9th, 1999 found itself being censored by the Kazakhstan officials. The users which typed the site's URL (http://www.eurasia.org.ru) found themselves confronting the message which announced that "Connection to the site is not possible at the moment due to technical reasons". The electronic publication claimed that NurSat, one of the main Internet Service Providers in Kazakhstan, was blocking access through a series of URL filters which included the site in disgrace. The same day the information bulletin published on the Eurasia Web site ran as follows: "In a statement made available to "RFE/RL Newsline," the Internet provider Nursat, which is the largest in Kazakhstan, has formally denied blocking access to the Eurasia Web site maintained by the Kazakh political opposition. It also affirmed that it neither condones nor supports any Internet "censorship". Internews' office in Kazakhstan last week quoted an unnamed Nursat technician as saying that access to the Eurasia site would be impossible for an indefinite period for "technical reasons" (see "RFE/RL Newsline," 9 November 1999). Conclusion Internet censorship turns out to be a very popular means of controlling information flow in the post-Soviet environment, where the so-called special services were used to directing the information and controlling all of the media. Unfortunately, with the approach of the digital age, the strategy of the former KGB officials does not seem to be exactly fit. Almost all the impediments to free speech expression can be overcome with the help of a deft technician or a 14-year-old hacker. Russia's approach, which includes having security officials track the e-mail flow of Internet users seems impractical. Since I am personally involved in several Internet news projects and have friends dispersed around the world, I receive about 150 e-mails daily, and in a year the number would perhaps double. That means that in my case if the security officials want to track all my Internet activity, they would need to have a dedicated employee working with just my e-mail. This seems of little efficiency if you have a large number of people to track. Another approach, which has not been used by the KGB offspring, but surely will be, is posting the filters, which recognize certain words and word combinations in e-mail messages. In the US such methodology is used not only by CIA or NSA, but by another triple letter agency, which we know as AOL. The efficiency of this can be estimated to an even lower level, since it would take only two 14-year-olds to exchange several thousands messages containing the sought words daily, which would bring the tracking system to a complete halt. Kazakhstan's solution to the problem, even being more high-tech and advanced than its counterparts, has many flaws as well. Without going into technical details it is quite obvious that with the proper technical knowledge a person can surmount the access restrictions as well as firewalls. If they can break into the FBI's Web site, they can surely pass some server-side restrictions imposed by a government technician. And, finally, as to encryption^Å Even if you are working with highly secret messages and even if you are watched by a dozen security officials, there is still a relatively easy way to transfer the message to the destination. The 128-bit encryption key, which is now included in Microsoft's shipment of Windows 2000, presents 2 to the power of 128 possibilities of the encryption key, and it can only be broken with about three thousand computers picking the numbers for three years. Needless to say, even the current companies, involved in the IT area, do not have the capabilities of dedicating such a grand amount of hardware to solving one specific problem of decrypting another e-mail message. Today the security services of the post-Soviet countries are trying to find an enemy, which they had not expected, an enemy, which is popular and welcomed in public, an enemy with the power far beyond all the security services combined - and the name of the enemy is the Net. ________________________________________________________________________________ no copyright 2000 rolux.org - no commercial use without permission. is a moderated mailing list for the advancement of minor criticism. more information: mail to: majordomo@rolux.org, subject line: , message body: info. further questions: mail to: rolux-owner@rolux.org. archive: http://www.rolux.org