Angry Chinese Blogger
 |
 |
Angry Chinese Blogger:
The news and views about China that the big media can't, or won't, tell you The is no single truth Menu: Home |
|
Entries By Country
   |
"TD 4068" A Sino-US plot to end Internet privacy?
«
H E
»
News and Politics :: Sino-American :: Human rights and personal freedoms :: News and Perspectives ::
email
posted Sunday, 14 September 2008
It might seem odd, even absurd to the point of unbelievability, but according to official documents obtained from the UN it's true. Washington and Beijing are currently working on a joint UN proposal that could bring an end to Internet anonymity.
Death of Web Privacy?
In a move that has been condemned by privacy and human rights interests the world over Washington has joined with Beijing to move forward the controversial draft issued by United Nations International Telecommunication Union working groups “Study Group 17”. The proposal, known as "Q6/17 TD 4068" is a formal document that is currently in the draft stages which was put forward by the Chinese government. It's purpose, to put in place a mechanism by which any communications over the Internet can be tracked back to its source. In effect, ending Internet privacy and anonymity.
A draft of TD 4068, obtained by this website, list two core objectives:
Even taken in isolation either of these two objectives could have significant privacy implications. The first would in effect mandate that all current Internet privacy technologies be rendered useless by allowing any communication - or fragment of any communication - to be tracked back to its sender. The second would mandate that every point across the Internet through which a communication - or fragment of a communication - traveled must log log where said came from and where it is going to.
Together, these two proposals would render useless the anonymous proxies and onion routing technologies that many of China's Internet dissidents use to protect their identities. Further more, this would not only effect those using proxy technologies to post to the Internet, but also those using them simply to read content that Beijing does not wish them to read. Additionally, the proposal would not only allow Beijing to track the source and destination of any Internet traffic originating or terminating in China, but also the source and destination of any traffic that merely passed through the Chinese Internet infrastructure on its way to/from another destination.
In all the Q6/17 TD 4068 draft lists 5 envisioned scenarios. All of which have significant privacy implications.
Q6/17 TD 4068 calls for a system that could cover any kind of network and which would enable tracking of a user given only a minimal sample of data.
Q6/17 TD 4068 (Draft)
Of particular concern to privacy advocates is requirement 4, a requirement for a tracking system to be able to track Internet traffic through Network Address Translation (NAT). Network Address translation allows many computers/networks to access the Internet through a single point, and while that point is visible to the Internet the computers/networks remain invisible.
Many companies and Internet service providers use NAT. Using NAT renders individual computers invisible behind a single corporate or network identity, protecting them from malicious Internet attack and keeping their identities hidden. In order to locate a user hidden behind NAT the company or Internet service provider must be approached directly and a request must be made to hand over the identity of the user. However if Q6/17 TD 4068 were to mandate the creation of a mechanism by which data could be tracked through NAT it would potentially open up individual computers to direct scrutiny when previously only the computer providing the NAT would have been visible.
For example, under the current system an office block may have several hundred computers connected to a single Internet link, and only the entry point to the network would be visible. Under Q6/17 TD 4068 any computer on the network would be become visible if it communicated with another via the Internet. The same would be true for home networks. Currently a home Internet user may have several computers connected to the same broadband connection and only the home would be visible, under Q6/17 TD 4068 every computer that communicated to with the Internet would be individually identifiable over the Internet via the serial number (Known as a Media Access Control address) of its network card.
Public Face?
On the face of it, a proposal to monitor individual Internet use around the world does not seem in keeping with the general ethos of the United Nations. For this reason the latest draft of Q6/17 TD 4068 - due to be put before Study Group 2/17 later this month - has been put forward as a means of crime/terrorism prevention rather than as a means of Internet surveillance
According to to Chinese officials the primary purpose of Q6/17 TD 4068 would be to ensure that mechanisms were put in place that would make it harder for criminals to hide their location and identities, as well as to provide involved parties with the means to better regulate Internet traffic.
One example given in the current draft of Q6/17 TD 4068 proposes that tracking mechanisms could be used to zero in on those responsible for so-called Distributed Denial of Service attacks (DDOS) - incidents in which criminals uses multiple computers around the world to overload sections of the Internet.
According to a list of case studies that has been circulating amongst privacy groups Beijing has put forwards several key scenarios in which mechanisms stemming from Q6/17 TD 4068 could be used to better manage the Internet. ACB has not independently verified the authenticity of this document.
Beijing's Angle?
While it may seem laudable for China to propose means of preventing the misuse and abuse of the Internet by criminal elements, China watchers have voiced that the mechanisms being discussed in Q6/17 TD 4068 could have very serious implications for Internet use in China because the same mechanisms that could be used to track criminals using the Internet for malicious purposes could also be used to track Internet dissidents with legitimate issues of free speech.
By mandating that records be kept of the passage of data across the Internet Beijing would be able to track the activities of any Internet users whose data originated/terminated in China, or merely passed through China's Internet infrastructure. In turn, this would mean that Beijing would be able to locate any individual who posted content on the Internet that it deemed to be unfavorable, as well as to track the locations of any users who viewed it.
At present, Beijing has the ability to track the activities of Chinese Internet users, but it is extremely limited. If a user posts content to a server located in China Beijing can force the owner of the server to surrender the Internet address that the user used to connect to the server which links the user back to their Internet Service Provide and in turn back to their real world identity. It currently uses this information to track down and detain those who speak out against the state line on history, society or politics, in order to stifle dissent.
However, users are currently able to connect to privacy servers/services outside of China known as proxy servers or Onion Routers. In the case of proxy servers a machine located outside of China becomes an intermediary for Internet traffic. It takes traffic from the user and forwards it on as if it were its own traffic and relays any return data back to the user, effectively swapping the user's traceable identity for its own much more anonymous identity, with only the intermediary server actually knowing the identities of both the traffics source and destination. In the case of onion routers this is done many times, with each server knowing only the identity of the servers on either side of itself. In order for the user to be identified Chinese authorities would need to be able to access the details from all of the servers in the chain. This is all but impossible to do.
Were Q6/17 TD 4068 to be fully realized the details of the both the source and destination of the data, and thus both the identity of the user and the website that they are communicating with would be available to Beijing. In fact the data itself could carry this information. Allowing Chinese security forces to find and detain any Internet Chinese user that they pleased with comparative easy. For example, tracing Internet users whom revealed details of political corruption or whom use the Internet to call for greater freedom of speech on the Mainland.
Current drafts of Q6/17 TD 4068 contain no safe guards to prevent if from being misused by China in this manner and there are few indications what, if any, safeguards are may be added. Additionally, under current proposals it appears that the level of tracing used would be left up to domestic law. Which would give Beijing a free hand to track and detain Internet dissidents at will
Washington's Angle?
Almost since the day that Internet use became a medium for political and social expression in China, US insiders have been expressing concern about Beijing's efforts to crack down on web dissidents. Therefore it would, on the face of it, appear illogical for Washington to back a proposal that would enable China to neutralize many of the mechanisms through which Internet dissidents maintain their privacy, and thus also their liberty. However, when viewed from a wider perspective, the reasoning becomes clear: America also has problem of its own with Internet anonymity.
One of America's primary interests pushing through Q6/17 TD 4068 from draft to legislation becomes apparent when you stand back and see exactly how much America is reliant on the Internet. American businesses relies on the Internet as a medium form communications and commerce, the American public relies on it for social interaction and shopping, and the American government relies on it in order to connect disparate government branches and offices the world over. Therefore anything that disrupts the Internet also disrupts the running of America.
US Internet interests come under attack on a daily basis. With So-called Denial of Service attacks, organized botnet attacks, and hackers accounting for countless losses in money and time. At present Internet anonymity makes tracking domestic perpetrators tough and overseas perpetrators almost impossible. It also makes routing Internet traffic around attack sites tough as it can be problematic to tell legitimate Internet traffic from illegitimate Internet traffic, and to tell priority traffic from background chatter. On paper, a successful implementation of Q6/17 TD 4068 would allow US law enforcement to track and apprehend more of those responsible than ever before and faster than ever before. Making e-crime less profitable and more likely to result in conviction.
With this said, a second reason for America's interest in Q6/17 TD 4068 become clear when you look at the US representative to Study Group 17, one Richard C Brackney. A senior official with the National Security Agency: A subdivision of the US Department of Defense.
Currently the US is engaged in a number of military and ideological struggles. Some domestic, some international, and some spanning both. In this field the US experiences many of the same issues as China when it comes to identifying Internet users who post content that contradicts its own state line, or which US security forces deem to be harmful to US interests. Were Q6/17 TD 4068 to lead to world wide tracking mechanism it would allow organizations such as the NSA and CIA to better track people inciting violence against America, such as posters on Islamic fundamentalist websites or radical anti-federalist groups. However the same mechanisms would also allow the identification and detention of domestic dissidents such as anti-war activists whom post pictures of the coffins of US soldiers returning for burial or whom identify failings within the US security apparatus such as the use of torture and the mistreatment of detainees by mercenary groups under US pay.
China watchers not that since 9/11 US intelligence agencies have been given significantly increased surveillance powers. Including the ability to record private domestic telephone conversations without the need for court approval.
Hurdles?
It has yet to be seen whether Q6/17 TD 4068 will move beyond the draft stage, and what impact, if any it will have on personal privacy.
Though desired by both Washington and Beijing Q6/17 TD 4068 has a number of obsticaly in its path. Many of these odsticale take the form of questions about the legallity of the proposals contained within the draft of Q6/17 TD 4068. As things stand Q6/17 TD 4068 contradicts a number of international laws and charters. Including the United Nations Universal Declaration of Human Rights which mandates that governments must not put in place mechanisms that would inhibit the peoples right to freedom of speech, the European Declaration on Freedom of Communication on the Internet (2003) which states that countries must "respect the will of users of the Internet not to disclose their identity", and the ITU constitution which mandates that the organization must not interfere with "the secrecy of international correspondence".
The articles of the US constitutional also brings the legality of Q6/17 TD 4068 into question, with First Amendment president sustaining that the right to anonymity is vital to maintaining freedom of speech.
Q6/17 TD 4068?
Q6/17 TD 4068 is a controversial draft document put forward to the UN's International Telecommunication Union Study Group 2/17 in April 2008 (http://www.itu.int/dms_pub/itu-t/oth/0A/0D/T0A0D00000D0003MSWE.doc) using the working title "Trace Back Use Case and Requirements".
Q6/17 TD 4068 arose out of earlier Chinese concerns that it was unable to monitor Voice over Internet Protocol telephone services. Officially, China's concerns were raised due to issues of law enforcement and the prosecution of the so-called War on Terror. Unofficially, China watchers have questioned whether Beijing's real concern was more to do with the fact that because VIOP users were not subject to the same monitoring and interception technologies as conventional telecoms systems they could be used to communicate ideas that contradict Beijing's state line on history society and politics in comparative privacy from the government.
The members of Study Group 2/17 are
The next meeting to discuss the Q6/17 TD 4068 draft will be held later this month. The ITU has decreed that the meeting will be closed to the public and that the minutes will be sealed to general viewing.
Death of Web Privacy?
In a move that has been condemned by privacy and human rights interests the world over Washington has joined with Beijing to move forward the controversial draft issued by United Nations International Telecommunication Union working groups “Study Group 17”. The proposal, known as "Q6/17 TD 4068" is a formal document that is currently in the draft stages which was put forward by the Chinese government. It's purpose, to put in place a mechanism by which any communications over the Internet can be tracked back to its source. In effect, ending Internet privacy and anonymity.
A draft of TD 4068, obtained by this website, list two core objectives:
- Any type of IP packets (including spoofed IP) can be traced backward to its origin
- In order to ensure traceability, essential information of the originator should be logged by network
Even taken in isolation either of these two objectives could have significant privacy implications. The first would in effect mandate that all current Internet privacy technologies be rendered useless by allowing any communication - or fragment of any communication - to be tracked back to its sender. The second would mandate that every point across the Internet through which a communication - or fragment of a communication - traveled must log log where said came from and where it is going to.
Together, these two proposals would render useless the anonymous proxies and onion routing technologies that many of China's Internet dissidents use to protect their identities. Further more, this would not only effect those using proxy technologies to post to the Internet, but also those using them simply to read content that Beijing does not wish them to read. Additionally, the proposal would not only allow Beijing to track the source and destination of any Internet traffic originating or terminating in China, but also the source and destination of any traffic that merely passed through the Chinese Internet infrastructure on its way to/from another destination.
In all the Q6/17 TD 4068 draft lists 5 envisioned scenarios. All of which have significant privacy implications.
- Trace-back of malicious IP packets
- Trace-back for normal IP packets
- Trace-back of IP packets with dynamic address
- Trace-back of spoofed IP packets
- Trace-back across different management domains
Q6/17 TD 4068 calls for a system that could cover any kind of network and which would enable tracking of a user given only a minimal sample of data.
1) IP trace-back mechanism is required to be adapted to various network environments, such as different addressing (IPv4 and IPv6), different access methods (wire and wireless) and different access technologies (ADSL, cable, Ethernet) and etc.
2) IP trace-back mechanism is recommended to take into account the influence/impact on performance, quality of service, usability, scalability and cost constraints on deployment of IP network.
3) IP trace-back mechanism is recommended to be feasible over current and future IP network.
3A) A good IP trace-back mechanism shouldn’t make too many changes to the existing equipments and protocols.
3BA) A feasible IP trace-back mechanism should be able to be carried out with small amount of samples (e.g. IP packets) even with a single one.
4) IP trace-back mechanism is required to be able to deal with the complex network topologies, for example, network with NAT or dynamic IP address assigning.
5) Implementation of IP trace-back should not bring new security threats to the IP network.
Q6/17 TD 4068 (Draft)
Of particular concern to privacy advocates is requirement 4, a requirement for a tracking system to be able to track Internet traffic through Network Address Translation (NAT). Network Address translation allows many computers/networks to access the Internet through a single point, and while that point is visible to the Internet the computers/networks remain invisible.
Many companies and Internet service providers use NAT. Using NAT renders individual computers invisible behind a single corporate or network identity, protecting them from malicious Internet attack and keeping their identities hidden. In order to locate a user hidden behind NAT the company or Internet service provider must be approached directly and a request must be made to hand over the identity of the user. However if Q6/17 TD 4068 were to mandate the creation of a mechanism by which data could be tracked through NAT it would potentially open up individual computers to direct scrutiny when previously only the computer providing the NAT would have been visible.
For example, under the current system an office block may have several hundred computers connected to a single Internet link, and only the entry point to the network would be visible. Under Q6/17 TD 4068 any computer on the network would be become visible if it communicated with another via the Internet. The same would be true for home networks. Currently a home Internet user may have several computers connected to the same broadband connection and only the home would be visible, under Q6/17 TD 4068 every computer that communicated to with the Internet would be individually identifiable over the Internet via the serial number (Known as a Media Access Control address) of its network card.
Public Face?
On the face of it, a proposal to monitor individual Internet use around the world does not seem in keeping with the general ethos of the United Nations. For this reason the latest draft of Q6/17 TD 4068 - due to be put before Study Group 2/17 later this month - has been put forward as a means of crime/terrorism prevention rather than as a means of Internet surveillance
According to to Chinese officials the primary purpose of Q6/17 TD 4068 would be to ensure that mechanisms were put in place that would make it harder for criminals to hide their location and identities, as well as to provide involved parties with the means to better regulate Internet traffic.
One example given in the current draft of Q6/17 TD 4068 proposes that tracking mechanisms could be used to zero in on those responsible for so-called Distributed Denial of Service attacks (DDOS) - incidents in which criminals uses multiple computers around the world to overload sections of the Internet.
IP trace-back is the important mechanism to make users have the confidence to use their key applications over the IP network. Because it can provide the trace of the packets’ source IP addresses, therefore with the deployment of IP trace-back technology, it can help to solve the problem mentioned above, such as:
Help to fight against DDoS attacks, spams, worms and so on. For example, by tracing the DDos attack route back, the DDoS traffic could be blocked by the network router along the route.
Provide technical supports to counter network crimes and trace back to the roots. This would deter criminals and reduce the volume of network crimes.
Provide more reliable network environment and enhance the performance of the applications deployed over the IP traceable network.
Q6/17 TD 4068 (Draft)
Help to fight against DDoS attacks, spams, worms and so on. For example, by tracing the DDos attack route back, the DDoS traffic could be blocked by the network router along the route.
Provide technical supports to counter network crimes and trace back to the roots. This would deter criminals and reduce the volume of network crimes.
Provide more reliable network environment and enhance the performance of the applications deployed over the IP traceable network.
Q6/17 TD 4068 (Draft)
According to a list of case studies that has been circulating amongst privacy groups Beijing has put forwards several key scenarios in which mechanisms stemming from Q6/17 TD 4068 could be used to better manage the Internet. ACB has not independently verified the authenticity of this document.
1.1 Virus application traceback A target's system has been infected with an email virus downloaded through a "drive-by"
downloaded when the target system was used to access an infected site. When the virus initializes it sends spam to all the addresses on the target's address list. The virus remains resident in memory and as new addresses are added, they in turn are also sent spam.
In this case, while the target system is the source of an individual piece of spam, it is really the source of the virus and in turn
the source of the web site's infection that is the true source for all the spam delivered.
1.2 Bot net DDoS
A target system has been infected with a Trojan which connects to an IRC server to receive instructions. On receipt of a specific
instruction, the Trojan client repeatedly tries to connect to a designated server. The results of numerous Trojan clients all trying
to connect to the target server cause the server to run out of available connections leading to a denial of service situation.
In this case, a network server is attacked my numerous requests being received simultaneously from numerous infected systems but the true source of the attack remains "hidden" behind the zombie slaves.
1.3 Application macro infection A document file with an embedded executable macro is distributed causing any application which opens the file to become infected leading to more and more infected document files to be created and distributed. In this case, the
application is infected but the source of the infection may be difficult to determine over time.
1.4 Proxy "Pirate cove"
Physical threats against a person are made in a discussion forum on a web site. The poster of the threats connected to the site
through a proxy server which hides the origination of the threats.
Q6/17 TD 4068 Use Cases (Partial Translation)
downloaded when the target system was used to access an infected site. When the virus initializes it sends spam to all the addresses on the target's address list. The virus remains resident in memory and as new addresses are added, they in turn are also sent spam.
In this case, while the target system is the source of an individual piece of spam, it is really the source of the virus and in turn
the source of the web site's infection that is the true source for all the spam delivered.
1.2 Bot net DDoS
A target system has been infected with a Trojan which connects to an IRC server to receive instructions. On receipt of a specific
instruction, the Trojan client repeatedly tries to connect to a designated server. The results of numerous Trojan clients all trying
to connect to the target server cause the server to run out of available connections leading to a denial of service situation.
In this case, a network server is attacked my numerous requests being received simultaneously from numerous infected systems but the true source of the attack remains "hidden" behind the zombie slaves.
1.3 Application macro infection A document file with an embedded executable macro is distributed causing any application which opens the file to become infected leading to more and more infected document files to be created and distributed. In this case, the
application is infected but the source of the infection may be difficult to determine over time.
1.4 Proxy "Pirate cove"
Physical threats against a person are made in a discussion forum on a web site. The poster of the threats connected to the site
through a proxy server which hides the origination of the threats.
Q6/17 TD 4068 Use Cases (Partial Translation)
Beijing's Angle?
While it may seem laudable for China to propose means of preventing the misuse and abuse of the Internet by criminal elements, China watchers have voiced that the mechanisms being discussed in Q6/17 TD 4068 could have very serious implications for Internet use in China because the same mechanisms that could be used to track criminals using the Internet for malicious purposes could also be used to track Internet dissidents with legitimate issues of free speech.
By mandating that records be kept of the passage of data across the Internet Beijing would be able to track the activities of any Internet users whose data originated/terminated in China, or merely passed through China's Internet infrastructure. In turn, this would mean that Beijing would be able to locate any individual who posted content on the Internet that it deemed to be unfavorable, as well as to track the locations of any users who viewed it.
At present, Beijing has the ability to track the activities of Chinese Internet users, but it is extremely limited. If a user posts content to a server located in China Beijing can force the owner of the server to surrender the Internet address that the user used to connect to the server which links the user back to their Internet Service Provide and in turn back to their real world identity. It currently uses this information to track down and detain those who speak out against the state line on history, society or politics, in order to stifle dissent.
However, users are currently able to connect to privacy servers/services outside of China known as proxy servers or Onion Routers. In the case of proxy servers a machine located outside of China becomes an intermediary for Internet traffic. It takes traffic from the user and forwards it on as if it were its own traffic and relays any return data back to the user, effectively swapping the user's traceable identity for its own much more anonymous identity, with only the intermediary server actually knowing the identities of both the traffics source and destination. In the case of onion routers this is done many times, with each server knowing only the identity of the servers on either side of itself. In order for the user to be identified Chinese authorities would need to be able to access the details from all of the servers in the chain. This is all but impossible to do.
Were Q6/17 TD 4068 to be fully realized the details of the both the source and destination of the data, and thus both the identity of the user and the website that they are communicating with would be available to Beijing. In fact the data itself could carry this information. Allowing Chinese security forces to find and detain any Internet Chinese user that they pleased with comparative easy. For example, tracing Internet users whom revealed details of political corruption or whom use the Internet to call for greater freedom of speech on the Mainland.
Current drafts of Q6/17 TD 4068 contain no safe guards to prevent if from being misused by China in this manner and there are few indications what, if any, safeguards are may be added. Additionally, under current proposals it appears that the level of tracing used would be left up to domestic law. Which would give Beijing a free hand to track and detain Internet dissidents at will
"What's distressing is that it doesn't appear that there's been any real consideration of how this type of capability could be misused"
Rotenberg Marc, director, Electronic Privacy Information Center (US)
Rotenberg Marc, director, Electronic Privacy Information Center (US)
Washington's Angle?
Almost since the day that Internet use became a medium for political and social expression in China, US insiders have been expressing concern about Beijing's efforts to crack down on web dissidents. Therefore it would, on the face of it, appear illogical for Washington to back a proposal that would enable China to neutralize many of the mechanisms through which Internet dissidents maintain their privacy, and thus also their liberty. However, when viewed from a wider perspective, the reasoning becomes clear: America also has problem of its own with Internet anonymity.
One of America's primary interests pushing through Q6/17 TD 4068 from draft to legislation becomes apparent when you stand back and see exactly how much America is reliant on the Internet. American businesses relies on the Internet as a medium form communications and commerce, the American public relies on it for social interaction and shopping, and the American government relies on it in order to connect disparate government branches and offices the world over. Therefore anything that disrupts the Internet also disrupts the running of America.
US Internet interests come under attack on a daily basis. With So-called Denial of Service attacks, organized botnet attacks, and hackers accounting for countless losses in money and time. At present Internet anonymity makes tracking domestic perpetrators tough and overseas perpetrators almost impossible. It also makes routing Internet traffic around attack sites tough as it can be problematic to tell legitimate Internet traffic from illegitimate Internet traffic, and to tell priority traffic from background chatter. On paper, a successful implementation of Q6/17 TD 4068 would allow US law enforcement to track and apprehend more of those responsible than ever before and faster than ever before. Making e-crime less profitable and more likely to result in conviction.
With this said, a second reason for America's interest in Q6/17 TD 4068 become clear when you look at the US representative to Study Group 17, one Richard C Brackney. A senior official with the National Security Agency: A subdivision of the US Department of Defense.
"When NSA takes the lead on standard-setting, you have to ask yourself how much is about security and how much is about surveillance"
Rotenberg Marc, director, Electronic Privacy Information Center (US)
Rotenberg Marc, director, Electronic Privacy Information Center (US)
Currently the US is engaged in a number of military and ideological struggles. Some domestic, some international, and some spanning both. In this field the US experiences many of the same issues as China when it comes to identifying Internet users who post content that contradicts its own state line, or which US security forces deem to be harmful to US interests. Were Q6/17 TD 4068 to lead to world wide tracking mechanism it would allow organizations such as the NSA and CIA to better track people inciting violence against America, such as posters on Islamic fundamentalist websites or radical anti-federalist groups. However the same mechanisms would also allow the identification and detention of domestic dissidents such as anti-war activists whom post pictures of the coffins of US soldiers returning for burial or whom identify failings within the US security apparatus such as the use of torture and the mistreatment of detainees by mercenary groups under US pay.
"You would think (the ITU) would be a little more sensitive to spying on Internet users with the cooperation of the NSA and the Chinese government."
Rotenberg Marc, director, Electronic Privacy Information Center (US)
Rotenberg Marc, director, Electronic Privacy Information Center (US)
China watchers not that since 9/11 US intelligence agencies have been given significantly increased surveillance powers. Including the ability to record private domestic telephone conversations without the need for court approval.
Hurdles?
It has yet to be seen whether Q6/17 TD 4068 will move beyond the draft stage, and what impact, if any it will have on personal privacy.
Though desired by both Washington and Beijing Q6/17 TD 4068 has a number of obsticaly in its path. Many of these odsticale take the form of questions about the legallity of the proposals contained within the draft of Q6/17 TD 4068. As things stand Q6/17 TD 4068 contradicts a number of international laws and charters. Including the United Nations Universal Declaration of Human Rights which mandates that governments must not put in place mechanisms that would inhibit the peoples right to freedom of speech, the European Declaration on Freedom of Communication on the Internet (2003) which states that countries must "respect the will of users of the Internet not to disclose their identity", and the ITU constitution which mandates that the organization must not interfere with "the secrecy of international correspondence".
"Member States agree to take all possible measures, compatible with the system of telecommunication used, with a view to ensuring the secrecy of international correspondence"
Chapter VI, Article 37 (Secrecy of Telecommunications), Constitution of the ITU.
Chapter VI, Article 37 (Secrecy of Telecommunications), Constitution of the ITU.
The articles of the US constitutional also brings the legality of Q6/17 TD 4068 into question, with First Amendment president sustaining that the right to anonymity is vital to maintaining freedom of speech.
Q6/17 TD 4068?
Q6/17 TD 4068 is a controversial draft document put forward to the UN's International Telecommunication Union Study Group 2/17 in April 2008 (http://www.itu.int/dms_pub/itu-t/oth/0A/0D/T0A0D00000D0003MSWE.doc) using the working title "Trace Back Use Case and Requirements".
Q6/17 TD 4068 arose out of earlier Chinese concerns that it was unable to monitor Voice over Internet Protocol telephone services. Officially, China's concerns were raised due to issues of law enforcement and the prosecution of the so-called War on Terror. Unofficially, China watchers have questioned whether Beijing's real concern was more to do with the fact that because VIOP users were not subject to the same monitoring and interception technologies as conventional telecoms systems they could be used to communicate ideas that contradict Beijing's state line on history society and politics in comparative privacy from the government.
"In January 2007, China in a contribution to ITU-T Study Group 2 noted that with the development of technology and services, many Administrations were facing a major challenge, i.e., tracing the source of voice telephony calls.10 The contribution notes that one of the most efficient measures to trace the source of the call is by calling party number, however, calling party number delivery in VoIP and international calls is not implemented, which has seriously obstructed the attack of crime and terrorism. In order to help member states effectively trace international calls, China proposed a new standards work item, Rec. E.cpdn, (now E.157) Calling Party Number Delivery Service between International Networks."
Rutkowski Anthony, "International Caller-ID Capability", ITU
http://www.itu.int/osg/csd/cybersecurity/WSIS/3rd_meeting_docs/Rutkowski_IPtraceback_callerID_rev0.pdf
Rutkowski Anthony, "International Caller-ID Capability", ITU
http://www.itu.int/osg/csd/cybersecurity/WSIS/3rd_meeting_docs/Rutkowski_IPtraceback_callerID_rev0.pdf
The members of Study Group 2/17 are
- Richard C Brackney
- Tian Huirong
- Youm Heung-Youl
- Gregg Schudel
- Craig Schultz
The next meeting to discuss the Q6/17 TD 4068 draft will be held later this month. The ITU has decreed that the meeting will be closed to the public and that the minutes will be sealed to general viewing.
View Comments/Add a Comment