21 December 2017

The End of Net Neutrality: Implications for National Security

LEVI MAXEY 

The Federal Communications Commission (FCC) voted 3-2 on Thursday to dismantle their authorities to enforce net neutrality rules that prohibit internet service providers, such as Verizon, AT&T, and Comcast, from interfering in the traffic streams that take place over their infrastructure. The reversal of the FCC’s 2015 decision means the federal government will no longer be able to regulate ISPs as if they were a utility, allowing ISPs to privilege some traffic over others and perhaps even throttle or block content they independently decide to – such as controversial political opinions. 

While there are major consumer implications to the end of net neutrality, there are also potential ripple effects into the nation’s security. The Cipher Brief revisits its analysis on how the end of net neutrality could impact anything from terrorist content online, foreign disinformation campaigns in U.S. elections, and even how U.S. intelligence agencies, such as the National Security Agency, traverse the global web to collect information critical to the country’s national security.

Consumer access to the marketplace of ideas, goods and services isn’t the only underpinning of American society to be affected by the Federal Communications Commission’s (FCC) vote to lift restrictions that require internet service providers to treat all legal internet traffic equally in terms of speed. The decision also will reverberate for the nation’s security. The FCC’s decision will be felt in the fight against online messaging for terrorist recruitment, the struggle to quell disinformation campaigns, and efforts to thwart cyber intrusions by foreign adversaries. 

The core principle of net neutrality is that all lawful internet traffic is considered equal by internet service providers (ISPs)—mainly AT&T, Verizon and Comcast for the U.S. This means that, no matter whether the traffic consists of video, audio or text, it is provided at the same bandwidth regardless of which website the data is travelling to or from. 

Without net neutrality, ISPs would be able to determine which sites are accessible and how fast the internet traffic is able to move to and from each site. The fear is that ISPs will essentially create a tiered system whereby some traffic—likely that belonging to those paying a premium—would traverse networks quickly, while everyone else must deal with lag times (known as throttling) or even site blackouts. 

In particular, traffic for those accessing the products of market competitors—for example, should Comcast seek to outmaneuver Netflix for market share of television streaming services—could be blocked or throttled, so that customers instead turn to different video streaming products for better loading speeds. According to research by Google, a delay of just six seconds when accessing a website doubles the chances a consumer will abandon their efforts to access the site. 

This has particular consequences for freedom of speech, as ISPs could essentially censor content they deem inappropriate or controversial. It also effectively allows websites with enough money to pay a surcharge for faster internet traffic to increase their viewership—a form of sponsored content not clearly labeled as such. In the absence of net neutrality, money could become even more powerful in shaping political opinion. 

Net neutrality effectively shapes conceptions of the modern internet as an open and free marketplace of ideas, goods and services that has been the foundation of much of global economic, cultural and political growth. 

ISPs reportedly have interfered in internet traffic a number of times, including censoring political speech at a Pearl Jam concert in 2007; throttling, or slowing down, file-sharing sites such as BitTorrent, eDonkey and Gnutella to prevent customers from accessing these sites; and blocking access to a text-messaging platform used by activists to coordinate collective action. 

Before today’s vote, the legal framework for government-imposed net neutrality rested on Title II of the 1934 Communications Act, which categorizes ISPs as common carriers similar to telephone networks that are considered similar to a government utility. ISPs were originally categorized under Title I until 2015, which did not give the FCC the same robust protective authorities as Title II. The FCC’s vote Thursday reclassified ISPs under Title I protections again, effectively removing the FCC’s authority to adequately impose net neutrality rules over them. 

The FCC’s decision to end net neutrality could have unforeseen, yet significant, effects for political discourse, cybersecurity and possibly even terrorism and disinformation within the United States.

“Net neutrality means a lot of things to a lot of people…The government’s interest is typically in three bins. One, there is an accessibility issue – do people have a fair opportunity to access, make use of the capabilities and functions available in the internet? There seems to be a sense that there is a basic service and a non-discriminatory role for the government. Second, does the government have the responsibility to ensure that citizenry have an opportunity to make use of an open and free internet. Beyond it simply being available, are they allowed to express their opinions—free speech? Are they allowed to traverse without undue interference? In the third bin would be to make sure the internet is not used as a weapon against us. And the most nuanced and difficult piece of that is what we experienced in 2016: if you allow entities that perhaps have a nefarious purpose to make use of the internet in the prosecution of information war or an influence campaign against us, the government has an interest in that, too.” 

Should a tiered internet system be implemented, the effect will not only stem the ability of startups to operate on an even online playing field with established institutions that can pay the premium for speed, It also could limit the real-time sharing of cyber-threat intelligence on the tactics, techniques and procedures of state-sponsored hackers targeting critical infrastructure. 

“The same problem that exists in the civil liberties and content community also exists in the cybersecurity community: Some of the most valuable companies in the industry of information security, are those that are pushing massive petabytes of data around the internet everyday… The challenge there is now you have a circumstance where information that is being slowed down or potentially altered, and its use is in the security of infrastructure. That is a huge problem, because now we have a third-party intermediary who has the ability to take action on traffic.” 

Technically, a tiered system could be accomplished through “deep-packet” inspection tools, a technique used to view the content of internet traffic as it passes by. The tactic is already used on behalf of law enforcement to scan emails for evidence of child sexual abuse domestically or by intelligence agencies against foreign intelligence targets such as terrorists under authorities provided by Section 702 of the Foreign Intelligence Surveillance Act. Deep-packet inspection could allow ISPs to filter traffic and determine whether it is desirable to place in the “fast lane” of a tiered system, or to be effectively slowed or blocked. 

Some have argued that net neutrality provides a virtual safe haven for extremist content, from recruitment messaging to how-to manuals. Under the Title II net neutrality framework, an ISP can’t, without government direction, slow or block websites that host terrorist content, even though internet companies such as Google, Facebook, Twitter or Microsoft can on their own sites. 

But while terrorists certainly have used the internet effectively—for example, the Boston bomber Dzhokar Tsarnaev studied bomb-making materials on AQAP’s online Inspire magazine—ending net neutrality is seemingly the wrong lever to fight it. Laws already prohibit material support for terrorism, and Title II protections under the Communications Act only apply to legal web traffic. Law enforcement is fully equipped to remove sites linked closely with criminal activity without the need for ISPs to use a separate authority. 

But if ISPs cannot determine what sort of application—voice, text, data, etc.—is being used, they don’t know whether to prioritize or deprioritize a specific traffic stream. That might tempt internet users to employ encryption to circumvent discriminatory practices such as tiering, in turn increasing the number of cases in which criminal organizations and terrorist groups “go dark” by hiding from law enforcement and intelligence agencies behind anonymizing technology and end-to-end encryption. 

At the same time, ISPs may decide to just place all encrypted traffic in the “slow lane.” That effectively would jeopardize the majority of users’ privacy and cybersecurity through market forces, while not necessarily stopping nefarious actors who might be willing to tolerate the inconvenience in return for the security of encryption. 

In a similar vein, the argument could be made that the end of net neutrality could allow ISPs to fight disinformation online by censoring misleading content. Following Russia’s online influence operations in the lead-up to the 2016 U.S. elections, and throughout Europe, combating such information warfare has become a central priority for Western democracies. However, a tiered system also could provide new avenues of disinformation, enabling foreign adversaries such as Russia to covertly purchase or gain privileged viewership to their disinformation as they did with sponsored content artificially amplified on social media platforms. 

“On net neutrality, I think the key security issue is transparency. We are already struggling to understand foreign political manipulation of internet content—for example, Russian misuse of Facebook and Twitter platforms. Without greater compulsory transparency, the end of net neutrality would allow hostile foreign states new avenues to spend their way into silencing or overriding opposing views.”

The internet is a borderless space. While the physical infrastructure of the web, namely ISPs and undersea fiber-optic cables that connect them, are under the jurisdiction of the governments where they reside, a domestic policy such as net neutrality—or the end of it—has international ramifications. 

A tiered system that would likely follow the end of net neutrality could diverge international internet traffic away from U.S. infrastructure. Packets, or bytes of internet traffic that would make up an email, for example, don’t all traverse the global internet together. Each takes a path of least resistance and reconvenes at their destination. 

This has potential implications for the effectiveness of NSA intelligence collection of foreign internet communications data transiting U.S infrastructure, known as upstream collection under FISA Section 702. Throttled internet traffic in the U.S. will no longer be an efficient path for such foreign communications. At the same time, this could free NSA’s hands from complications of incidentally collecting communications belonging to U.S. persons, making the communications streams abroad more lucrative and reducing the domestic political risk of collecting on those communications streams. 

“With respect to whether it has a positive or negative impact on how NSA traverses the networks in pursuit of its materials so that it might provide actionable intelligence to its customers, I can’t say that I think it makes a material difference at this point in time. The set of changes and dynamics that exist in the internet are equal if not greater in terms of affecting how NSA conducts its business, and it has at once to respect the values of the government but at the same time figure out a way to navigate the value systems and deliver on its end goods.”

Levi Maxey is a cyber and technology analyst at The Cipher Brief. Follow him on Twitter @lemax13.

No comments: