The Yarovaya package, Big Data, and the death of network neutrality: The last frontier

packs-163497_960_720.jpg

What awaits us after the entry into force of the “Yarovaya” law on July 1, 2018? Increased rates for internet services? Tighter authoritarian control over citizens? The end of network neutrality?

In the very near future, this year in fact, in connection with the entry into force of new regulations on total network surveillance of Russian citizens, it is likely that such negative scenarios will play out. We will pay more for the internet and other modes of communication. Resources that are unsuitable for the state or individual corporations will be prohibited, or harder to access because they did not fall into the “fast track” determined by internet providers. For access to YouTube, WhatsApp and Skype you will pay a separate fee, and instead of them “import-substituting” services will be imposed.

Network Neutrality

What is on the verge of being lost is the principle of network neutrality, whereby access to all resources is allowed without restrictions, as long as the information published is not prohibited by law. In full compliance with this principle, operators must pass traffic at the same speed, regardless of whether it comes from a small site or a giant corporation.

In 2015, the US Federal Communications Commission (FCC) introduced the principle of full network neutrality, forbidding providers from blocking websites or applying discriminatory measures against any internet traffic. But at the end of 2017 the FCC changed its mind and began the process of abolishing these neutrality rules, while the supporters of this move call it the “RESTORING INTERNET FREEDOM ORDER”.

The ability of politicians to distort things is simply amazing: to restrict the functioning of sites and services is “restoration of internet freedom”!

The FCC press release said:

“Restoring a favorable climate for network investment is key to closing the digital divide, spurring competition and innovation that benefits consumers.

Generally speaking, it can be said that internet providers (especially cellular operators) are seeking to earn more money. In particular, having bitten off a decent chunk of the media companies’ revenues, they are also sharing with the politicians who lobbied the decision to abolish network neutrality. And this is all under the banner of freedom.

The possibility of an early cancellation of network neutrality caused a storm of indignation in the US: Silicon Valley, digital human rights defenders, and the media sector have met this initiative furiously.

The creator of the World Wide Web, Tim Berners-Lee, spoke out against changes in American internet policy: “Network neutrality — the principle that Internet service providers treat all traffic equally, underpins the internet as we know it today.”

Already more than 2.4 million people have signed a petition in defense of the principles of network neutrality. A number of IT giants have declared their readiness to participate in the forthcoming trials against the FCC.

Also, most senators are determined to abolish the FCC decision. All 49 Democrats support the resolution to abolish the FCC decision, along with a Republican senator from Maine. The supporters of network neutrality in Congress have had only 60 days to use the law on revision. The deadline is June 12. On May 9, the senators submitted a petition that would allow a vote to be taken to abolish the FCC decision.

And what about Russia?

At present the principle of network neutrality in Russia is observed by providers in practice, but at the legislative level it is not defined.

At the end of 2017, the Media-Communications Union, represented by the largest telecommunications operators and media holdings of Russia, started developing the Infocommunication Code, a single document that is intended to replace the existing laws “On Communications”, “On Information, Information Technologies and Protection information”, and “On personal data”.

The new legislation will take into account not only technologies and relations within the industry, but also “the opportunities and risks inherent in their development, including the exchange of information between devices, ensuring constitutional rights to privacy, protection of personal data, etc.”

The Infocommunication Code project provides for a “soft interpretation” of the principle of network neutrality, where “reasonable restriction and control of traffic” is allowed. For example, an operator will be able to manage traffic during network congestion and provide priority access to its own content or partner content.

“We create regulations not for the sake of regulation, but for the sake of creating a unified competitive environment. This is the first task. The second task is to protect national content.” said MKS President, Pavel Stepanov.

This he said, when he lobbied for laws on online video sites and SMS registration in messengers (in fact, de-anonymization of all users of these services).

In other words, we can assume that when the Infocommunication Code comes into force, figuratively speaking, the latest film from Nikita Mikhalkov will download faster than a blockbuster from Steven Spielberg.

The first version of the Infocommunication Code was intended to appear by April 2018. The Boston Consulting Group (BCG) is working on its creation on the order of the MKS, and signed a contract for $600 thousand.

Yet this first version has still not appeared. Some information did get out, however. It was pointed out that the Code is intended to consolidate the principle of network neutrality as it operates today. At the same time, the developers of the concept indicate that it is necessary to work out the issues of traffic management in case of network accidents, as well as the possibility of slowing down certain types of traffic, in particular, P2P – the network principle on which user file-sharing and torrent trackers work.

And what is the connection between the InfoCode and the Yarovaya package?

The Yarovaya package comes into force on July 1. According to this pair of laws, ISPs are obliged to record and store all user traffic for up to 6 months: text messages, voice data, images, sounds, video and other messages of users of communication services. This could mean:

  • ISP expenses are rising
  • Communication becomes more expensive
  • A wave of indignation among internet users
  • Power rating is reduced

This is one option.

Another option is filtering traffic by content type, and limiting the speed of access to certain resources and types of communication.

The main portion of Russian internet traffic is video content. And regardless of whether it is required to store it under the law or not, it just makes sense to take media resources and require an extra fee for access to them at normal speeds. This will not increase the overall cost for subscribers, since it will cover the costs for online cinemas and other sites with video content.

Torrent trackers will also be slowed down under the filter, but this is in tune with the “anti-piracy law”. This will allow them to swing audiences towards legal online cinemas,. Music and game content will also be taken under control.

No matter how you look at it, this is bad news for the users. How this deterioration will affect the general political situation is hard to predict (we are not in Europe or the US, where any little attempt to harm the freedom of the internet brings hundreds of thousands to the streets, or even millions).

The Great Game, Big Data

On September 1, 2015, the law on the storage of personal data of Russians in the territory of the Russian Federation came into force. Many foreign companies in response just moved their servers outside of Russia.

Ms. Kasperskaya has long openly stated that “big user data” of Russians should be recognized as the property of the state. Also, her subgroup “Internet+society” has offered to regulate the collection of impersonal big data, which can be used to identify the user.

Believe me – with this approach, we ourselves will soon be recognized as the property of the state. It’s been tacitly acknowledged, and for a long time…

It is interesting – and what do such statements mean by the term “state”? Who exactly should these data belong to?

With such data in your hands, you can make a fairly accurate “digital portrait” of a person.

In 2012, Mikhail Kozinski proved that analyzing 68 likes on Facebook is enough to determine skin color (with 95% accuracy), sexual preferences (88% accuracy) and political views (85% accuracy).

Kozinski’s model helps to know more about a person than his colleagues do after ten studied likes. After 70 likes, more than a friend. After 150 likes – more than parents. After 300 likes – more than a partner. An even greater number of studied actions helps to learn more about the person more than he himself.

There is a story that after analyzing the data of 200 million American citizens on the model of Kozinski, a certain group that specializes in election campaign managed to influence the course of the last US elections, through targeted content. Another trump card for opponents of the current US President.

Russia is not far behind in terms of big data analysis. This is normal practice all over the world.

For example, the Kripta technology, which allows Yandex to evaluate a user’s gender, age category, income level and many other personal characteristics, was launched in 2011. Previously you could even check the results for yourself. The results were not always successful, but a lot of progress has been made since then.

I just want to emphasize what power lies in Big Data. And why politicians are so eager to get this data… They already have domestic social networks and search engines up their sleeves, and now they want Google, Facebook and Twitter.

And since they can’t get the data directly from these companies, they are using a completely legal basis, in the name of combating crime and terrorism, to obtain the data from ISPs.

Rostelecom has already announced its interest in this market and is ready to invest 40 billion rubles in the construction of data centers. Furthermore, Rostelecom plans to acquire the Data Storage Center (SafeData trademark) from Gazprombank. Rostelecom and SafeData intend to create a network for storing and analyzing big data on a truly Federal scale.

Encrypted traffic

͓͓̠̮ͤ͛ͧ̾̋́ ́̾ͧ͠ ̟̤͍̓́ ͙̿͐ͭ̓͐̐̒ ̙̤̺̞̹̏̿̅̄̊ͅͅ ̻̤̪͢ ̼̥̟̟̬͗̒́͋̕ ̞̗̲̪̼̱̙̐̐̓̕ ͚̫̣̖ͣ̌́́̔̓ ͒̄ͨ̌̆̀́͏͎̯ ̞̟̥̺̟̾̅̉̿͋̓ͩ̕ ̱̪͎̻ͣ̇̅̐̿̒ ̉͠ͅ ̸͚̘̜͎̫͗̍̓̈̋̈̇ ̭̼͙̬̭̎̑͛̕ ͮͨ͆́ ̛̣̭̞̙̪̟̯͆̅͊̐̒ ͚͕͙̭͎̃̔̌̽͑ͦ͜ ͔͍̺̓ͪ̓ͯ̄ͅ ̲͎̣̙͎̗͛̃̃͋̋͞ ̼̓ͪ̑ͤ̾̏ ͨ̃͐̅̂̾͞ ̹̰̘̳̣̝͆ͮ̍ ̥̜̰̭̌̑̋͌ͬ͋͟ ̯̜̹̲̝̬͈̌ͫ ̠̘̬̯̳̙͉͊͂̈́̅͒́ ̥̫͈̹ͪ ̤̥͉͉̙͢ ̥̅̽͆ͭ͠ ͚̭̹̻̖̺ͪ ͋̈͊̚͏̻̫̳͙ ̅̉ͣ̊ͫ͏̥̻̟̰̥ ̵̘̫̱̂ͤ͋̌ ̉̒͊̊̿ ̜̘̺͔̞̦̋ͯ͐ͭ ̺̱̤̰̓̈́̂̿̃͒͌ ̸̳̒̾ͪ ̹̰͌ͯ͂̚ ̩͉ͥ̽ͭͪͮ̾͊ ͗̽̎ͬ̚͡ ̙̙ ̠̿ͭͭ̂ ͍̮̩͇̹̌ͨͥ ̹̪̭̬͈̾͑̅̉̇ͫ͐ ͉̟̮̫̝̾͒ͤ̉̎̚ ̨̏͒ ͓͓̠̮ͤ͛ͧ̾̋́ ́̾ͧ͠ ̟̤͍̓́ ͙̿͐ͭ̓͐̐̒ ̙̤̺̞̹̏̿̅̄̊ͅͅ ̻̤̪͢ ̼̥̟̟̬͗̒́͋̕ ̞̗̲̪̼̱̙̐̐̓̕ ͚̫̣̖ͣ̌́́̔̓ ͒̄ͨ̌̆̀́͏͎̯ ̞̟̥̺̟̾̅̉̿͋̓ͩ̕ ̱̪͎̻ͣ̇̅̐̿̒ ̉͠ͅ ̸͚̘̜͎̫͗̍̓̈̋̈̇ ̭̼͙̬̭̎̑͛̕ ͮͨ͆́ ̛̣̭̞̙̪̟̯͆̅͊̐̒ ͚͕͙̭͎̃̔̌̽͑ͦ͜ ͔͍̺̓ͪ̓ͯ̄ͅ ̲͎̣̙͎̗͛̃̃͋̋͞ ̼̓ͪ̑ͤ̾̏ ͨ̃͐̅̂̾͞ ̹̰̘̳̣̝͆ͮ̍ ̥̜̰̭̌̑̋͌ͬ͋͟ ̯̜̹̲̝̬͈̌ͫ ̠̘̬̯̳̙͉͊͂̈́̅͒́ ̥̫͈̹ͪ ̤̥͉͉̙͢ ̥̅̽͆ͭ͠ ͚̭̹̻̖̺ͪ ͋̈͊̚͏̻̫̳͙ ̅̉ͣ̊ͫ͏̥̻̟̰̥ ̂

So, the ground is prepared – according to the law, the data of Russian users is stored in Russia (in theory), online cinemas will be under control, soon ISPs will store the data of “owners” of traffic, and registration in messengers should be via SMS.

Next we need to access the data of users from these messengers, so that also can be analyzed. But there’s a bit of an obstacle. End-to-end encryption, which is used in many modern messengers such as Telegram, does not allow you to just take and read someone’s correspondence, roughly speaking. You need to get the keys to decrypt the traffic, under the guise of a backdoor for security services.

The Telegram messenger is used by millions – and it is a tasty morsel for analysts and special services. Having received from Pavel Durov his refusal to provide keys, it was decided to unchain Roskomnadzor, which began to shoot in all directions. It killed everyone but Telegram.

Accessing a user’s device never represented a problem for intelligence services or hackers.

It’s quite easy, just access their device or account. No need to decrypt the traffic. The difference is that the state wants to legally obtain the information to which it previously had illegal access, and gather all the data together. So that the hackers can then trade the stolen data on the black market…

I cannot but mention that on July 28, 2017, the “Digital economy” project (RF Government Decree No. 1632-R) was approved, which is a project on the formation of a global system for processing all personal data of all Russian citizens and the development of artificial intelligence.

The essence of the project of end-to-end identification is to assign each citizen a number (personal code, electronic ID). The ID will be a kind of key to access the full file with information about the person from the various information bases currently formed in all spheres of their life.

What to do? The last frontier

It’s a complex issue. There is an opportunity to confuse all the cards and bypass the bans through anonymous networks and VPNs, although legislation has already introduced a mechanism for their strict regulation. But how the law will be executed isn’t absolutely clear yet. Although it came into force on November 1, 2017, the law still does not work effectively, and this was acknowledged by Roskomnadzor. Despite this, the state Duma is considering new laws with sanctions against VPNs, proxies and search engines for failure to comply with the requirements of the authorities to filter traffic and disclose data.

But if through some incredible genius the authorities are be able to eliminate access to anonymous technologies, freedom will end. This is the last frontier.

There is also a bill to block information on the internet that discredits the honor, dignity or business reputation of a citizen or legal entity. Who is the first person to be protected? And soon they will block without trial.

But as you know – the more pressure, the stronger the resistance.

Anonymous networks and VPNs are thriving. It is important that VPNs not only open access to blocked resources, but also hide all traffic from the ISP. The state accuses anonymizing technologies and cryptocurrencies of all mortal sins.

Only anonymous technologies and anonymous cryptocurrencies, combined with cash, will save this world from the Great Trouble.

But those who seize virtually unlimited power through the senseless introduction of technologies in state administration will be severely punished for this. Any system is subject to hacking.

I’m still interested in the question: why don’t we include cameras and microphones in our homes as counter-terrorism efforts, so we can analyze and store all this data for several years? Isn’t reading and storing our correspondences the same invasion of privacy? What will come next after the Yarovaya package, under a good pretext? All of us will be marked like animals with microchips, placed under video surveillance in our homes, and once a month we will be obliged to go to the investigator for an interrogation? Within the framework of “counteraction to something” you can push any idea.

You can imagine such a news item: “The terrorists planned the attack, actively discussed it on Telegram / Viber / Email / Whatever, were tracked by FSB agents, and arrested on the same day.” Who are the idiots here, the terrorists or the readers? Or do the officials seriously want to convince someone that terrorism is built on open communication channels?

And did you know that besides cryptography there is also steganography, which allows you to exchange encrypted messages under the guise of any inconspicuous image? If you modify this method a bit, you can exchange messages very quickly. Even I, without being a specialist, would be able to offer a dozen useful methods to conduct absolutely secret correspondences online. In this case, no one can get the key — it is only for the sending and receiving parties.

This is a global policy, this is global marketing

So, it turns out that the state wants to monitor our every step, to sell and use our data and most importantly, all at our expense. And this is only the beginning.

Relevant Links

https://vpnlove.me/en

https://www.psiphon3.com/

https://www.torproject.org/

https://zenmate.com/

https://www.hideman.net/

Advertisements