Anyone who has ever heard me speak about Internet regulation will know of my barely contained scepticism with regards to Barlow’s Declaration of Independence of Cyberspace, and all that it represents. In fact, the Declaration speaks of a more innocent time in Internet history, and it is usually considered to be one of the best-known examples of cyber-libertarianism. The idea that Cyberspace is a separate place that cannot be regulated has fallen on hard times recently, and it has been rightly criticised by the likes of James Boyle and Goldsmith and Wu. The prevalent theory in Internet regulation circles is that some form of control online is not only possible, but desirable. From national firewalls to government filters, going through private spaces and walled gardens, we have come to accept that the Internet is not a space that can be devoid of regulatory solutions.
Have we been wrong?
Events in recent weeks seem to have brought cyber-libertarianism back from the grave. At the forefront of the challenge to prevalent theories of regulation is Anonymous, an amorphous, autopoietic and anarchic Internet group of hackers and technology enthusiasts acting anonymously against common targets. Anonymous has become front-page news because of its Operation Payback, which has been conducting Denial-of-Service attacks against prominent players in the P2P copyright war such as the RIAA, MPAA, IFPI, Davenport Lyons, ACS:Law, Ministry of Sound, Gallant Macmillan and the UK’s Intellectual Property Office. The effectiveness of such attacks can be argued over; undoubtedly, the targeted websites have been brought down by the DoS attacks, sometimes for days. Similarly, one of the DoS attacks exposed internal emails from ACS:Law in what will probably become a legendary data protection breach. But with the exception of the ACS:Law example, the attacks have been temporary, the affected sites eventually recovered once Operation Payback moved to different targets or the sites managed to put in place some anti-DoS measures, and the real lasting effect has been minimal.
I wonder if Operation Payback surprised some of its participants because it has been successful at its main objective, which is to knock out sites from the Internet temporarily. The fact that this is a criminal offence, and that so far there has been little or no enforcement against Anonymous, must have filled the collective with a sense of invincibility, perhaps the members of Operation Payback are thinking that they are completely untouchable. As the group is really an Internet meme with no central command, it is possible that there are dreams of a more serious future for Internet Hacktivism.
Historically, Anonymous operates in a disparate international network of Internet forums and chat rooms. The collective is composed of people who gather in 4chan, in IRC channels, and in the comment pages of places like Reddit and Fark. They inhabit comment threads of P2P-related news sites such as Slyck and TorrentFreak. So far, the organisation seems to be fuelled by sheer anger towards copyright owners. There is a culture forming around awareness (and virulent opposition) to maximalist copyright laws (see for example the Death of ACTA, I never thought I would ever see a rap about an obscure multilateral trade agreement). Anonymous is tapping on this growing anger and using it to fuel effective DoS attacks. But such anger does not really pose a challenge to our current understanding of Internet regulation, there is no future consideration, no room for strategy, and it might be easy to dismiss Operation Payback as the actions of large numbers of disgruntled and bored young people with too much time on their hands and no desire to stop using and enjoying free copyright works via file-sharing.
So, why do I say that it may be time to take Anonymous seriously? There appears to be a change in attitude in Anonymous. See the Letter from Anonymous to the Governments of the World.
Forget the ominous synth music and the unintentionally hilarious Stephen Hawking voice-over. This letter borrows heavily from the Declaration of Independence of Cyberspace. It is almost as if the last 15 years had not happened, and we are back to 1996 and the age where some believed that the Internet is an autonomous entity that cannot be controlled. The letter is also issuing threats against these governments, and the tagline “We are Anonymous. We are Legion. We do not Forgive and we do not Forget” is both a statement of intent and indication that at least some of these people take themselves seriously. There also seems to be some sense of self-awareness and a hint of sophistication in some of the formulations, although they also tend to be rather grandiose, often childish, and unfortunately prone to exaggeration, perhaps due to the age of the perpetrators. In another letter from Anonymous to the countries negotiating ACTA, the secret treaty is described as the greatest threat to freedom of speech the world has ever seen. They may not really have read the actual text of the agreement.
Nonetheless, there is something interesting happening here. We have a band of online vigilantes who have taken upon themselves the mantle of defenders of illegal file-sharing. Can any law enforcement agency take them on? Apparently, Operation Payback’s host had to be changed because of threats from UK cybercrime enforcement, and it seems like countries are becoming more aware of botnets in general. I do not believe that Anonymous is as untouchable as it may think itself to be. One of the main problems faced by some of the hacktivists involved is that they must have some real world contact points. I am not suggesting that everyone sending DoS attacks would be taken to court, but my guess is that it would only take a few arrests in various jurisdictions to erase the aura of untraceability and invincibility that surrounds Anonymous at the moment. With larger numbers of participants, someone is bound to make a mistake.
But if there is no enforcement forthcoming, then perhaps cyber-vigilantes will become more emboldened and widen their objectives. Whatever the result, I believe we are in store for an interesting couple of years in Internet regulation. With my geek law academic hat on, I can’t wait.
ETA: webbross from Twitter made an excellent point which should be included here: “I think anonymous is in a catch-22. If they are successful, that will just give lawmakers a good reason to regulate the net”. Interesting indeed, successful DoS attacks may prompt harsher enforcement and regulatory responses!