CleanIT is a project by several European governments and private stakeholders. The project officially aims to reduce the use (or abuse) of the internet by terrorists. The list of the CleanIT goals reads, on the surface, like it is motivated by the wish to protect children or otherwise easily influenced persons from exposure to terrorist content. This protection is motivated through a fear that these people might become radicalised or otherwise harmed by seeing it.

After a recent leak made public by European Digital Rights (EDRi), a Non-Governmental-Organization (NGO), CleanIT has made rounds through the blogosphere. The document has incited outrage because it contains paragraphs about enforcing real names on websites as well as plans for a filtering system against “terrorist content”, without properly defining the term “terrorist”.

The Pirate Times talked with Pascal Gloor, Vice-President of the Pirate Party of Switzerland. While at first, in his function as a Pirate member, Mr. Gloor was not allowed to join, he was later able to take part in the project’s working groups by virtue of being the President for the SwiNOG Federation, an association representing small Swiss internet service providers (ISPs).

Mr. Gloor is generally in favour of the project’s aims, because law enforcement officials made a good case for the radicalisation and recruitment of young people over the internet actually being a  problem. He told us that there were cases where extremists used perfidious methods to induce hate in young people for other groups of people (or the existing democratic system) through, at first seemingly harmless online contacts. Of course, he does not agree on any measures to solve this problem unconditionally..

This is a point where opposition to the project begins. EDRi spokesperson Joe McNamee, whom we also asked to comment on the issue, is not convinced that there is a problem at all. He demands that CleanIT defines it more clearly. He considers the whole project a carelessly and rashly taken action with little substance following the motto “someone should do something, because terrorism isn’t nice”.

When asked about his rationale for joining in on a project many Pirates and digital activists categorically reject, Mr. Gloor told us:

“When you’re taking part in the discussion you can change a lot more in your favour than by merely rejecting it all together. Pirates should seize such opportunities of participation beyond parliamentary work.”

Mr. Gloor explained that the heavily criticized paragraph about enforcing real names on the internet has been eradicated from the draft document, after he argued against it at the last CleanIT meeting a few weeks ago in Utrecht, Netherlands. Another example of what he tries to do from inside the working groups of CleanIT is giving input on the paragraph about “Semi-Auto-Detection” of critical content. He says that this part of the text is also undergoing strong revision in the current discussions. Arguments about the mere technical infeasibility of the amount of data processing this approach would cause have been raised. Another point about it is that it might be made impossible anyway by legal constraints for any measures that would go beyond simply googling for publicly available data.

Mr. Gloor was able to support some measures in good faith without changing much of their core ideas. One such measure is education and awareness at schools to make children less susceptible to hateful ideologies and the ways in which they are propagated. Another such point was the establishment of a help and info hotline for parents who are clueless about their children’s internet usage.

Mr. Gloor also said that he tries to advocate for more transparency within the group, on principle as well as for their own benefit, as he thinks most of the media coverage which followed the leak to be ill-informed. Whether a push for more transparency can be successful is unclear, as lobbyists and working-level officials participating in such projects “are not used to this kind of new political culture”, as Mr. Gloor notes.

One example of non-transparency influencing coverage is that despite many news outlets reporting that CleanIT was an “EU project”, the European Commission’s funding of the project is restricted to paying travel costs to the meetings for the participants. Of course the Directorate General, which is paying out those funds is under the control of Commissioner Cecilia Malmström, who has a track record of political ideas that did not sit well with advocates of civil rights. Mr. McNamee therefore had previous negative experience on his side when he told us that he sees CleanIT as a deliberate attempt by the European Commission to push its own agenda onto private businesses. He considers this to be the reason behind the funding for this particular project. He also pointed out to us that because of this the Commission is most likely in conflict with Article 17 of the 2003 Interinstitutional Agreement on Better Lawmaking, where they agreed upon consistency of co-regulation and self-regulation proceedings with Community law as well as transparency rules for these proceedings.

Nonetheless, the actors “on the ground” are the governments and agencies listed on the project’s website, who also mustered up the political will to start the project and likely would have paid for travel costs themselves, had the Commission not come along. After all, all member states involved in the founding of CleanIT, with the exception of Belgium, are currently governed by conservative parties who have floated comparable ideas before, all by themselves. Additionally, there is a long list of undisclosed private participants of NGOs, business associations and large internet companies.

The core, and probably most controversial part, of CleanIT is what the leaked document calls “End-User Controlled Filters”. Contrary to what the name suggests, end-user controlled does not necessarily mean in the end-user’s hand. “It really is about parental controls”, Mr. Gloor stated. Parents are supposed to be able to activate filters that are harder to circumvent than locally installed nanny software. On a very general level, even EDRi’s Joe McNamee doesn’t disagree: “If parents want to implement user-level filters, they should have the freedom to do so.”

However, CleanIT does not exclude the option that these filters might be applied at infrastructure-level, meaning through the ISPs. For many this goes beyond the end-user, and is extremely problematic from a civil rights perspective, as it is creating an infrastructure that might be abused for censorship. Also, according to Mr. McNamee, “[n]etwork level filtering is less efficient, less configurable and less predictable than end-user filters“.

Mr. Gloor on the other hand could tolerate an implementation at infrastructure level, but only should it be done on a strictly opt-in basis. This means optional for the ISPs to implement, as well as optional for consumers to use it (should they have chosen an ISP who offers it). “This is the only version I would be willing to tolerate” he told us, backed by concerns of both aspects of his double role – a Pirate, who doesn’t want anyone to be subject to censorship or forced to use censorship-enabled infrastructure, and as the president of his business association, who wouldn’t want to put the burden of an obligatory implementation on small ISPs.

“All in all“, Mr. Gloor told us, “the project is strictly constrained by the current legal situation in each participating country, data protection laws included.” He also gave an explanation for the much criticized non-legislative approach. The project’s governments lack the political will to actually commit to any of the ideas far enough that they could move beyond what is covered by the current legal framework.

Because of this criticism gets directed at the nature of the current process itself. Public interest in this issue has grown to such high levels, that a quiet deal between ministries and industry associations, even one that merely explores the boundaries of current laws without changing them, might not be a feasible option any more. Mr. McNamee questioned how the project group got the legitimacy and technical competency to decide on any of these matters, outside of an orderly democratic process. He commented that the project is

“apparently based on an inexplicable belief that industry’s interests both today and forever into the future will perfectly match those of society, without any need for democratic oversight.”

While this deeper look into the project shows that there is more to CleanIT than previous media coverage has taken note of, and some of it possibly not quite as bad as expected from the leak, this will certainly not appease digital rights advocates. Still, some red lines, which civil society and also international Pirate observers refuse to cross, might be seen to be in danger. One such line is the categorical opposition to even building an infrastructure fit for abuse as a censorship-device.

Child protection and civil rights, free speech in particular, have long been at odds. In discussions involving the topic of shielding children from harmful content, many participants state that it should be the parent’s responsibility, not the government’s or the service provider’s. Should the final version of CleanIT not go beyond giving parents an optional tool to help them enforce restrictions on their own child’s internet consumption, it might actually be a compromise worth discussing. Approaches like running the filter via modified home routers, which concerned parents can optionally request when they sign their telecommunications contract, might help. This would provide a more secure child protection than pure software, while it leaves consumers full control over their internet access, as they can always use a regular router instead. This would possibly keep the infrastructure beyond the WAN-port of those routers untainted in the eyes of digital rights and network neutrality advocates.

Another remaining controversial point is the practice of deciding regulations with high relevance for everyone in this manner, meaning as a closed-door deal between government officials and industry associations. Calls for increased democratic control will surely continue. Transparency is one way, and a crucial one, to improve relations with the public. Instead of relying on selectively publishing or  leaking draft documents, whether or not any ideas or planned provisions touch on civil rights could be subject to true public scrutiny.

This would begin with laying open any data on the problem CleanIT officially aims to tackle and continue with a more open meeting practice. It may be against the nature of working-level projects like CleanIT to provide transparency, but should they not warm up to the idea in this case, they will likely have to deal with public attention such working groups rarely get. Civil liberties are a sensitive issue, which might even prompt political factions beyond the Pirates to oppose something that includes even a hint of restrictions on them, as it is already happening with the European Greens.

There have been faint attempts at increasing legitimisation otherwise, for example by now  listing Mr. Gloor as a Pirate, instead of the SwiNOG President, on the CleanIT web-page. Those attempts do fall short as the digital rights movement and the Pirates tend to answer questions of legitimacy in a much more basic democratic way and will demand direct insight into the processes. To expect that a conference, open only to invited stakeholders, however wisely selected across civil society they may be, will be seen as legitimate shows a grave misunderstanding of the principles and demands that the project’s greatest critics have.

The next CleanIT meeting is scheduled for November in Vienna, Austria.

Header photo: CC-BY flickr user karindalziel http://www.flickr.com/photos/nirak/

Photo of Protesters: CC BY-NC-SA flickr user Sally06 http://www.flickr.com/photos/ocarr/with/3104746380/

CleanIT is a project by several European governments and private stakeholders. The project officially aims to reduce the use (or abuse) of the internet by terrorists. The list of the…