American policymakers face an increasingly complex set of choices about whether to permit commerce with “repressive regimes” for core internet technologies. The more straightforward cases involve prohibitions on US import of critical network technology from states that we suspect may include surveillance backdoors. For example, fears of “cyber espionage” have fueled a push for import bans on routers and other equipment from China.
Things get more complicated when the United States chooses to place sanctions on technologies that it exports to “repressive regimes.” In October of last year, the Electronic Frontier Foundation revealed that routers made by US-based BlueCoat Systems had been used in Syria to filter dissent. EFF noted that this appeared to violate export controls established by the US Government, and chastised BlueCoat. At the time, this seemed like an odd stance for the EFF. On the one hand, there were clear harms to citizens on the ground. On the other hand, EFF has helped to lead the charge against the ill-fated attempt to criminalize exportation of digital tools. I am somewhat skeptical about the ability to draw a bright line between speech-enhancing tools and tools of oppression — especially when general purpose computers can easily be used for both.
As CITP Fellow Phil Howard has noted:
The tough policy choice would be to figure out how to have effective information technology sanctions on Iran that would cripple the infrastructure of the regime while still allowing civil society groups to use Facebook, Google or Twitter to get news or information about the world and get news and information to their family and friends.
Last week, Syria completely cut off internet access for all citizens for more than a day. The government’s blackout was ironically made far easier by the United States government’s recent sanctions on doing business with Syrian telecommunications companies. By preventing US companies from interconnecting with Syria, the Syrian authorities were left with fewer interconnection points and therefore an easier chokepoint. This architecture is far more reminiscent of the heavily controlled Chinese internet than the more “leaky” Russian internet (with its many interconnection points). It seems to me that the US Government made a strategic error. It assumed that network technologies and interconnectivity benefit oppressive regimes more than they benefit citizen speech. To be fair, the EFF itself has argued that these particular export controls are unhelpful.
I nevertheless remain puzzled about how to split the baby — preventing export of “harmful” digital technologies while permitting those that are instead “beneficial.”
The law would have to be re-focused away from banning particular export technologies to regulating approved recipients of imports. This means moving from broad sanctions against technology to criminalizing sales to a particular regime, or better yet, granting export licenses if the importer is on an approved list of recipients.
This has been done in non-technology contexts. The State Department created a huge list of NGO’s in the Middle East with whom business and charity transactions would not violate the “material support” clause in anti-terrorism statutes.
Also, the material support clause bans technology to groups designated as terrorists by the State Department. If it listed state regimes in a similar list, it could forbid doing any business with that government rather than sanctioning exports to a whole country. This would also be a way around this ineffective policy.