China spearheads the anything-goes movement of technology-based societal control, authoritarian countries worldwide follow suit, and we yet don’t know whether western democracies will manage to at least remain in their currently mediocre shape if one of the many ongoing global developments and crisis should ever have a major and disruptive societal impact. From the perspective of the freedom and unhindered flow of information, the internet makes a bad expression these days and things haven’t changed for the better in the last year and the naughties.
John Perry Barlow’s “fuck them” against the dark priests of internet regulation has died away, the rejected kings have given a dam, the doers of power moved on – internet governance has covered a long distance in the last decade. Yet, the fundamental conflict is still ongoing and presumably will, as long as the Internet remains the world’s leading communication infrastructure and the constant flux of innovation raises again and again new opportunities that actors consider to take advantage of pursue their agenda.

Just as every year, the Chaos Computer Club has held its annual Chaos Communication Congress. Being the 26th instance of this post-Christmas meeting, it was aptly named 26C3. The motto of the congress “Here be dragons” was, as Frank Rieger explained in his keynote (summed up in a CCC blog, video streams of all presentations), a text-label used on old sea maps to mark uncharted territory where dangers, dragons, sea monsters or treasures were assumed. According to this analogy, the CCC community aims at playing a more avant-garde of a role, an exploratory force with “small ships ahead of the masses” looking into potential traeasuries and dangers lying the yet not fully charted territory of societal and cultural usage of information technology.
Whereas other actors contemplate launching military invasions to fight the unknown unknowns, 26C3 prefers a more playful search for truths of and possibilities for the use of information technologies. Playful indeed was the scenery on the floors and in the basement of the Berlin Congress Center with all these flying quadrocopters, Lego-based machines and robots and all these blinking hackerspaces. And Berlin couldn’t have welcomed the geeky crowd better than with the mystique of a freezing, snowy, quiet post-cristmas days setting.

Rieger outlined his ideas of a political agenda for the CCC and the hackers’ community for the months and years to come. He called for nothing short of a roll-back of data breaches and mass data collection, individual liabilities of business and public administration executives for “data crimes”, data protection quality ratings by publicly funded research institutes. He explicitly excluded the German Federal Office for Information Security (BSI) from the list of possible organisations to excert such ratings. While formally responsible for enhancing user security on the internet, the BSI had, accroding to Rieger, recently been granted the right to intercept inter-administrative traffic in Germany — a development one should have in mind when discussing the cooperation between German internet providers and the BSI.

The community should, Rieger asked, start activities to upgrade and invent systems needed for the “technical defense of our communicative habitat” — just in case. My impression that no one really doubts that the judicial, business and political sphere will put more pressure on the that “digital habitat”. Thus, the conceptualization of internet security from the perspective of the CCC congress is very different from what is usually discussed on conferences where the majority of attendees has an LE, policy or business background. (I wonder whether my Giganet paper, in which I have tried to conceptualize internet security, will ever go online :-/)
Rieger, who has a strong technical background in cryptography for mobile communication, asked the crowd to technically improve tools and software, e.g. to correct OpenSSL, to speed up and increase the scalability of Tor, and to find ways to technically circumvent the presumably upcoming mass usage of deep packet inspection. Decentralized technologies would be the route to go.

Austrian journalist Erich Möchel has covered IT politics and European data surveillance policies for more than a decade. In the late 1990s, he was the first to cover Enfopol, the then emerging transatlantic Europol-FBI surveillance system. On 26C3, he gave a follow up on US-EU data retention activities.
In the last couple of years internet security politics would have changed in a way, that Möchel describes as an ongoing “militarization of cyberspace”. The working group of the European Technical Standards Institute (ETSI) that is responsible for defining technical standards for exchange of data retention data has been staffed with personnel with significant military intelligence background. Möchel concludes that the British GCHQ is in a key position to control activities within these working groups and influences technical standards.
The technical standards for exchanging data gathered via data retention comprises data fields that are forbidden to collect according to current legislation in most EU states. The ETSI standards go way beyond what is defined as mandatory by data retention laws, comprising optional data fields such as lists of all the devices with which a user uses a service, ring duration of failed attempted calls, billing details such as customer numbers at the billing provider or the list of billing numbers used to pay the providers services. The resulting list of BIC and IBAN numbers can then be used to link retention data with SWIFT data.

Möchel’s investigations on the realities of internet surveillance could indeed have enticed the audience to daydream about how it all could be if only…. Sandro Gaycken, technology thinker, philosopher and regular speaker at CCC events, used the opportunity to link Hackers’ visionary thinking with Utopian theory in an inspring, thoughtful and relaxedly academic presentation. (Christian Scholz has the details and a transcription of the presentation.)
Unfortunately, utopia and dystopia are related, and the features of today’s information technologies could too easily be combined with authoritarian forms of governance and result in a real 1984. The recent trends in internet politics make a dystopian outcome more and more feasible. Historically, the emergence of authoritarian or totalitarian regimes would happen every once in a while, Gaycken said.
On the other end of the spectrum is, what Sandro Gaycken calls the “Hacker’s utopia” of the “Free Information society”. Its genuine agenda is derived from the idea that major societal problems could be overcome by establishing a free flow of knowledge and information. This leitbild of a free information society serves as a powerful idea that structures activities against an IT-powered decay of our societies into more authoritarian (I prefer this term over the term “totalitarian” used by Sandro) systems — activities such as the anti-surveillance, anti-censorship or open source movements.
Sandro contrasts the idea of a “‘Free Information’ society” with the idea of a “free ‘Informatized Society’”, in which hackers ought to address any societal problems as soon as ICT is involved. The latter idea leads to an overstretch of hackers responsibilities. Sandro obviously advises hackers to be careful about extending their activities into too many societal territories and political conflicts. “Hackers’ utopian ideas were never meant to constitute a full-fledged social utopia”. As a consequence, an extension of the agenda of hackers’ ethics into more political arenas would “blur the agenda” and create entanglement in left-right infopolitics conflicts.

The politicization of illegal downloads would serve as an example of an overstretch of the hackers’ agenda. While striving for a property rights reform would be a legitimate goal, Gaycken is doubtful whether Christina Aguilera’s albums should be considered as important societal knowledge and thus be part of the public domain. He pointed at how an extended hackers’ agenda aiming at free-beer-not-free-speech filesharing would lead to conclusions about the role of the state and of law that are detrimental to the free information interests that are at the core of the Hacker’s ethic. In short: “Filesharing politicization promotes the surveillance of the internet.”
Instead, Sandro proposes the Hackers’ agenda to be clarified. Concentration on hackers’ core idea of a “free information society” and on neutral and clear infopolitics would be favourable and necessary in order to not get hampered by right-wing/left-wing-types of conflicts.

I have an idea what Sandro might be up to: ensuring the coherence of the hackers’ coalition by selecting “things we can change” — that’s what utopias are about, as he said in his introduction. And never get engaged in fight you can’t win or that would bust the coherence of your troops, one could add. While there might be a difference between the “hackers’ core agenda” and hackers’ extended agenda, I would love to see a more elaborated and precise elaboration about these two concepts beyond the filesharing discussion.
Apropos filesharing. In the advent of 26C3, there has been a bit of a quarrel between Sandro and official CCC representatives around Frank Rieger about filesharing in the German weekly Zeit. An inattentive reader probably has the impression, that Sandro Gaycken considered filesharing not worthy to be politicized whereas Rieger&Co had argued that filesharing is a politically important technology.
In his 26C3 presentation, Sandro Gaycken stated that “filesharing politicization promotes the surveillance of the internet.” Of course, the “politicization of filesharing of copyrighted material” would be politically stupid or hyper-bold, but has it ever been proposed anywhere but in teenagers’ forums? But my impression is, that the alleged ‘politicization of filesharing of copyrighted material’ would more likely be a defensive reaction to copyright holders’ strategy of equating filesharing of copyrighted material with robbery and their attempts to criminalize filesharing in general. Filesharing, i.e. the distribution of files based on peer-to-peer technologies, is indeed a technology that is highly valuable. Peer-to-peer technologies are indispensable for the “hackers’ core agenda” (Sandro Gaycken) and the goal to ensure “free communication with any protocol” (Frank Rieger). Sandro’s argumentation slightly suffers from his definitional looseness and the at least implicit equation of the “politicization of filesharing” to the ‘politicization of filesharing of copyrighted material’. These two things are quite a different thing, just as “filesharing” and “filesharing of copyrighted material” are fundamentally different, politically and economically and judicially.
Having followed Frank Rieger’s presentation, my impression is that the hackers’ community feels being forced into the defensive. Why else should Rieger announce that CCC will come up with a financial concept for artists in the next couple of months. While I’m curious to see the plan, my hunch is that it is going to be a piece of cake for the content industry to get a dozen of talking heads and fora to squash the plan. I couldn’t imagine anything more remote from the hackers’ agenda than the development of a business plan for a whole industry, and anything fitting less to the forthcoming general political agenda than rhetorics like “the state has to guarantee the income of artists” (Rieger at 26C3). Content managers must be cheering for joyful anticipation.

Christian Bahls was a major pillar of the German anti-filtering movement last year, which urged the newly elected coalition of conservatives and free-market partisans to distance itself from its predecessors web-fiiltering legislation to allegedly promote child-security. Christian gave a short summary of last years activities and identified the centralized ownership of critical internet infrastructures such as DNS servers as a major security threat for internet freedom. As providers like Vodafone block port 53, alternative DNS server would not always an option to circumvent illegitimate filtering attempts. Thus, Bahls proposed and briefly showcased stumbling code that implements three technical approaches to counter the vulnerabilities that are intrinsic to DNS as a scarce internet ressources: 1) DNS-via-HTTP(s)-Tunnel, 2) DNS-with-Cache-in-DHT (distributed hash tables), 3) HTTP-Prody-with-Cache-in-DHT.
The latter two approaches reminded me of Yochai Benkler’s 2004 paper on “Peer Production of Survivable Critical Infrastructures“, in which he proposed the use of peer-to-peer systems for three critical internet components, namely networks, storage and computing ressources. While network connectivity should be ensured by using ad hoc mesh wireless networks, resilient distributed data storage is to be implemented by peer-to-peer file services and the availability of computing ressources by distributed computing. In a sense, Bahls extends this peer production approach of technical internet security to secure “information freedom”, which is threatened activities of national governments ironically pursued in the name of enhancing internet security.

Daniel Schmitt and Julian Assange of Wikileaks rocked the floor at 26C3 last week in Berlin by revealing a plan to use to cooperate with Icelandic politician to turn the island into a “Switzerland of Bits”. Icelandic population, threatened by IMF’s widely feared euphemistically called structural adjustment programmes, is highly supportive of Wikileaks’ recent activities to keep documents in the public sphere that were gagged by Icelandic jurisdiction.

Wikileaks describes itself as a “disclosure portal for classified, restricted or legally threatened publications” and an “anonymous safe harbour for the submission and uncensorable provisioning of documents”. According to “The National”, an Emirates based e-magazine, “Wikileaks has probably produced more scoops in its short life than The Washington Post has in the past 30 years”.

Their track record for 2009 is indeed impressive: Trafigura, Toll Collect contracts, the Kunduz Feldjaeger report, the 911 pager messages, the EUISS report proposing a built up of European military and police forces to protect alleged European interests abroad and seal off Europe for migrants, US special forces manual on unconventional warfare for special forces units and intelligence staff.

And now this: a plan for an “offshore publication centre” that “provides a specialized set of laws”, which would “fit the freedom of information needs of the information society”. In short: “a safe haven for data and communication”. While Avi and Randy in Stephenson’s legendary novel were in for a “thick river of gold”, Daniel and Julian want to provide the public with streams of information and make sure that publicly relevant information cannot be hidden from the public by inept court activities or economic or political pressure against media publishers.

As again displayed by the presidential decision to block payments to Dutch and British savers, Iceland is playing a tough political game these days, anyway. According to Roubini.com, the economic analysis website of Noriel “Dr. Doom” Roubini, Iceland is flirting with doom: “Not passing the bill could even lead to Iceland defaulting on its debt.” (Roubini.com Daily Newsletter, 6 Jan 2010) Has Iceland started a campaign of vengeance or would they use the leaking data center as capital that could be traded in in negotiations with EU countries?

Neil Stephenson’s Cryptonomicon figures faced a similar dilemma with their plan of a “data haven”, a “secure, anonymous, unregulated data storage”.

“What if … the good Sultan changes his mind, decides to nationalize your computers, read all the disks? What is needed is not ONE data haven but a NETWORK of data havens–more robust, just like Internet is more robust than single machine.” Neil Stephenson, Cryptonomicon

Decentralisation technologies might indeed be the way to go.

When Germany’s leading webpolitics site netzpolitik.org brought the message (“Toll Collect wird offen”), its leading brain Markus Beckedahl asked his broad and usually helpful audience how, with which tools and techniques some 10,000 pages of contract papers could collaboratively be analyzed to quickly find the rascalities that everyone was expecting to find there. I was split on whether this could work out or not, whether such a task is suited for social ad-hoc collaboration or not.

Back in 2004, I was working with a

small team of consultants for an ICT provider that was about to louse up an e-government project and thus wanted external expertise to learn what was going wrong. After days interviewing key persons, on-site inspections and analysis of key-documents it was obvious that the ICT provider had developed a prototype that simply didn’t meet the specifications of its clients. Worse, no one actually knew exactly which features should have been implemented in the first place.

It turned out that the contractual basis for the project consisted of a dozen of substantially different contracts between the ICT provider on the one hand and distinct German bundesländer (federal states) or groups of them on the other. As no one had thoroughly read the contracts before, the ICT provider had developed for two years and implemented functions they assumed they had to develop. Just to know how deeply they were in trouble, some several thousands of pages of contract paper had to be reviewed very rapidly. On the one hand, you have to dive deep into the text to understand it, but you also have to get an overview to get into the complexities of such set of contracts—a task you simply can’t split up and delegate to several persons. On the other hand, some tasks were handed over to trainees. They were gathered in a small lab, got copies of text analysis software installed on their desktops and created series of reports and text extracts. Those more senior cared about the overall strategy and the big picture.

In a sense, crowdsourcing is similar has similar characteristics. It is a mode of production that invokes a coordinating center and supportive helpers. The poster-child of web-based collaborative production, Wikipedia, is steered by the Wikimedia Foundation, a small organisation with 34 employees and $5.6 million turnover (or expenses) per year. Analogue foundations are set up for regional Wikipedias in more countries all over the world. Tens of thousands of contributors are coordinated by this central organisation and its national siblings. Notwithstanding this centre, Wikipedia’s contents are more the result of more egalitarian modes of production than created in a crowdsourced mode. But what is crowdsourcing then actually?

Jeff Howe, who allegedly came up first came up with the term “crowdsourcing” with his 2006 Wired article and acts as its evangelist ever since, has two definitions of crowdsourcing: a “White Paper Version: Crowdsourcing is the act of taking a job traditionally performed by a designated agent (usually an employee) and outsourcing it to an undefined, generally large group of people in the form of an open call.” And then a “Soundbyte Version: The application of Open Source principles to fields outside of software.” (Jeff Howe’s Blog) I would prefer a more generic definition that doesn’t see crowdsourcing just as the activity of outsourcing to the crowds, but as a distinct mode of production that is characterised by a designing and controlling center and the production at the edge by “an undefined, generally large group of people in the form of an open call” (ibd).

A prominent example of political ad-hoc crowdsourcing was launched earlier this year by the Guardian. The British daily had within a few days set up an web-based system, which enabled interested users to participate in a distributed analysis of MPs’ filed expenses. Users could contribute to the overall effort of reviewing 457,000 pages in total, and select and review a few of them. The designers of the crowdsourced solution admitted later on that “keeping up the interest is hard” (http://www.slideshare.net/simon/crowdsourcing-with-django). Too hard, obviously. Hardly 50% of all the documents online have been reviewed by the reading electorate. (Guardian)

It is helpful to know the limits and potentials of crowdsourcing. The recent debates about Wikipedia (Wall Street Journal) point at generic problems of social production: accuracy, breadth and reliability. In a sense, any organisational form has to struggle with these targets, yet crowdsourced production models are especially prone to run into difficulties with these organisational targets. For products to be reliable, modern production techniques comprehend quality management, training and certified qualifications—nothing a person working for free and for fun is too keen on. At commercial organisations, breadth of service offering is guaranteed by economic interests of service providers—more services, higher revenues, higher profits. For crowdsourced endeavours however, breadth of service offering implies more unpaid, yet somewhat differently compensated work. Wikipedia has to go on road-shows to sell work to others. This is not an option for smaller projects. Guardian’s crowdsourced expenses intelligence system seems to have stalled as the respective discourse vanished from news headlines.

Another approach to crowdsourcing involves payments for the work of the amateurs, as can be seen on websites such as iStockphoto. Crowdsourcing here creates “distributed labor networks [that] are using the Internet to exploit the spare processing power of millions of human brains” {Howe 2006}. Mechanical Turks so to speak, according to Amazon. This is the name for a “Human intelligence tasks” (HIT) brokerage website owned by Amazon. (Mechanical Turk) The seekers for these Mechanical Turks have “access to a global, on-demand, 24 x 7 workforce” that only gets paid “when you’re satisfied with the results”. A capitalist’s dream come true. According to Jeff Howe a “network of passionate, geeky volunteers could write code just as well as the highly paid developers at Microsoft or Sun Microsystems”.

The the underlying principle of crowdsourcing is “to connect with brainpower outside the company”. By R&D crowdsourcing, businesses can find people who could assist them in developing products and decrease time-to-market. {Howe 2006} On Innocentive, so called solution seekers “pay solvers anywhere from $10,000 to $100,000 per solution”. Many of these solvers allegedly are hobbyists or undergraduate student. One of Howe’s interviewees stated, “We have 9,000 people on our R&D staff and up to 1.5 million researchers working through our external networks”. An R&D managers dream come true.

Now, as the mode of crowdsourced production has been around for a few years, it is used in a range of markets. Anjali Ramachandran of London-based consultancy Many By Many has set up a wiki that enlists the types of businesses that currently make use of this mode of production. She categorizes them into four groups: “1. Individual businesses or sites that channel the power of online crowds 2. Brand-sponsored initiatives or forums that depend on crowdsourcing. I’ve included those that are no longer active as well, for reference. 3. Brand initiatives that allow users to customise their products, 4. Brand-sponsored competitions/challenges focussed on crowdsourcing”.

But what about crowdsourcing in politics? The ideal of a democracy is quite the opposite of a sheep market—a felicitous word for crowdsourcing coined by artist Aaron Koblin, who used Amazon’s Mechanical Turk in one of his art projects. (Interview with Koblin in Wired)

Mary Joyce has summed up the problems of applying crowdsourcing in politics or political activism. The definitional key of crowdsourcing is, “the task is defined at the center, produced at the edge”. (digiactive)

To come back to Wikileaks, Toll Collect and the call for collaborative contract analysis by netzpolitik.org: Such a thing wouldn’t turn out to be a crowdsourced net activism. While some nodes in bottom-up political networks will be more influential as others, none of them will be so influential to become the node that controls all the process and chops up the project into small chunks for the masses, into HITs. Or, to use the analogy of Aaron Koblin, to turn net freedom activists into sheep. A differentiator between crowdsourcing and peer production is the frequency and intensity of relations among the smaller nodes. Wikipedia’s problem might be that they have morphed from a peer-to-peer production model to crowdsourcing. And, by the way, it’s peer production, not crowdsourcing that is going to have an impact on existing political institutions.

Readers of netzpolitik.org came up with only a few suggestions how this massive contractual framework could be collectively analyzed. The aforementioned Guardian solution (presentation of the developer on technical details) was mentioned. Another approach is Bundestagger.de, a web platform that provides an API, the ability to comment and tag certain text passages of plenary session protocols of the German Bundestag.

A third user recommended to just use “grep”, the Unix command line tool to search text files. But nothing was ready to go. A day or two later, heise.de journalist Detlef Borchers, a notorious critic of German eGovernment projects gone wrong, had already published an article with key statements of the contracts. At such complex tasks, nothing beats a dedicated professional with attitude. As someone who makes a living with selling his computational brain cycles, I’m relieved. But where does it leave social ad-hoc investigation? Is there still some collaborative analysis going on in this matter? Maybe peer-produced net politics just needs more time to develop more effective tools and techniques.

Update 4.12.2009

“Given enough eyeballs, corruption and waste are similarly shallow problems.” (Brito, J. 2008. Hack, mash & peer: Crowdsourcing government transparency. Colum. Sci. & Tech. L. Rev. 9:119-122. http://www.stlr.org/html/volume9/brito.txt.)