Joho the Blogtor Archives - Joho the Blog

January 12, 2009

Chinese circumvention sites selling user data

Hal Roberts, at the Berkman Center, blogs that he’s found that three suppliers of tools that allow those in China to circumvent the government’s restrictions on the Internet — DynaWeb FreeGate, GPass, and FirePhoenix — are selling information about the behavior of their users.

The sites freely publish anonymized data for people doing research on Net trends, but they will also sell you identifiable information … if you pass their smell test. Hal points to one company’s faq:

Q: I am interested in more detailed and in-depth visit data. Are they available?

A: Yes, we can generate custom reports that cover different levels of details for your purposes, based on a fee. But data that can be used to identify a specific user are considered confidential and not shared with third parties unless you pass our strict screening test. Please contact us if you have such a need.

From hands considered safe to the hands of totalitarians with a grudge is a distressingly short distance.

Hal concludes:

This sort of thing demonstrates that there is no way to eliminate points of control from a network. You can only move them around so that you trust different people. In this case, Chinese users are replacing some of the trust in their local Chinese ISPs with trust in the circumvention projects through which they are proxying their traffic. But those tools are acting as virtual ISPs themselves and so have all the potential for control (and abuse) that the local ISPs have. They can snoop on user activity; they can filter and otherwise tamper with connections; they can block P2P traffic.

So, yes, the Net routes around restrictions. But those routes themselves are subject to all the weaknesses to which we are heir. [Tags: ]

[January 15: Rebecca MacKinnon spoke with some of the principles and blogs their explanations.]

1 Comment »