Uncategorized

Nokia Siemens in Iran: Shame or all’s fair game for telcos?

Deep packet inspection is bad under any regime, no matter how benevolent. When a regime such as Iran today gets access to technology with the potential of DPI, you have a justifiable uproar on far more serious and urgent implications than delayed music downloads.

Global media over the past week pointed to Nokia and Siemens as having provided the Iranian regime with technology to detect and filter information they found inconvenient. According to a widely republished and quoted Wall Street Journal article on 22 June that the newspaper stands by, a system installed in Iran by Nokia Siemens Networks provides Iranian authorities with the ability to conduct deep-packet inspection of online communications to monitor the contents and track the source of e-mail, VoIP calls, and posts to social networking sites such as Twitter, MySpace and Facebook. As quoted by Wired, the newspaper also said authorities had the ability to alter content as it intercepted the traffic from a state-owned internet choke point.

Commenting on the story was Ben Roome, a spokesperson for Nokia Siemens Networks who noted in a blog post that,

I do want to say to the people commenting here if we’re (I’m) aware of the situation in Iran. We are (and I am), and it is mainly because of mobile phone video, photos and calls from across Iran, communicating events first hand as they happen, that we are so aware. As I said above: we had a choice as to whether we bring the Iranian people this mobile connectivity, in the knowledge that telecoms networks in Iran are required to have the ability to monitor voice calls as they do all over the world. We made that choice and believe there is a net benefit to the people of Iran.

The point made is that the world is angry about Iran, and sees horrific videos such as the murder of Neda Soltani, because of the ICT networks and foundations facilitated by Nokia Siemens Networks. The over one hundred comments to date on Ben’s blog post reveal the frustration and anger of people who point to the culpability of Nokia Siemens Networks in the violence that has gripped Iran today.

I suggested to some colleagues this morning that one can look at this issue from the perspective of power and accountability. The power of these DPI systems in Iran pale into insignificance with the capacity of what, for example, the US and its allies can monitor and intercept domestically and globally. But there is, at worst, retroactive judicial oversight in the US even when the Executive runs amok combined with the enabling Freedom of Information legislation. What can and should business do when this accountability and oversight is not present, and yet government’s ask for powerful technologies that can be used to undermine human dignity and human security?

But let’s not kid ourselves – you don’t do any business with a regime like Iran expecting them to give a free reign to rights, dissent and democracy. Is that a reason to not do any business? Not. Is that a reason to be up front to consumers about the business one does? Perhaps. Is that a reason to brush away a moral responsibility for the death of Neda Soltani?

Definitely not.

ICT for Peacebuilding, ICTs in general

How much of information is too much information?

When it comes to Google, the size of the web and the size of their index are apparently very different.

What’s interesting to recognise here is that Google cannot afford to index ALL of the web. Coupled with the fact that we are losing, irrevocably, information that defines us a larger humanity or as identity groups and individuals, it just begs the question as to whether all this information has contributed to an equal growth in knowledge. 

I think not.

I’ve raised a number of questions that trouble me very deeply as someone deeply interested in saving the knowledge generated, used, abused and ignored in a peace process. Terabytes of information hugely pertinent to researchers, historians and scholars of a process as multi-faceted and complex as peacebuilding are often to be found in disparate proprietary systems with limited access, proprietary formats with encryption keys residing with those at risk themselves of being killed, badly managed archives, perishable media and aren’t backed up – to name just a few of the problems. 

I was caught by the fact that what people consider the web is actually what Google defines as the web:

But it’s also very expensive to index sites. And the fact that Google indexes many news sites, blogs and other rapidly changing web sites every 15 minutes makes all that indexing even more expensive. So they make value judgment on what to actually index and what not to. And most of the web is left out.

Emphasis mine. 

I find that last bit positively frightening.

ICT for Peacebuilding

Complex Political Emergencies and humanitarian aid systems design

Missing entirely in the discussions I was part of at the UN OCHA +5 Symposium and also the draft statement current on the Symposium website for public review is the manner in which complex political emergencies  (CPEs, herein used to also cover violent ethno-political conflict) influence the design and deployment of ICT support architectures and systems for humanitarian aid.

While there is a large existing corpus of literature that examine CPEs and the challenges it poses to humanitarian aid (also looking at the challenge of aid in response to the “natural” disaster in the midst of CPEs) , there is very little to my knowledge written on the manner in which ICT systems also need to respond to and be shaped by the realities of violent conflict on the ground in theatres of humanitarian aid. As I note in Humanitarian aid and peacebuilding:

In cases such as Sri Lanka and Banda Aceh, regions affected by the tsunami were also regions affected by years of violent ethno-political conflict. Without question, any humanitarian system designed to support aid work in such regions needs to be sensitive to the added complexity of ethno-political strife. This added layer of complexity cannot be ignored as it directly influences humanitarian aid decisions and actions.

and go on to note that:

One notes with interest the features in Sahana’s Missing Person’s Registry that are no doubt tremendously useful in aid deployment, but is cognisant that the same features may also be used by less savoury individuals and organisations to track information of people affected by the disaster – say for instance children who have been orphaned as easy fodder for guerilla movements. 

In another article that looks deeply at information security in humanitarian aid support systems, I aver that:

The emphasis on accountability, transparency, trust, right to information legislation, equity and holistic, inclusive frameworks I believe under gird any appreciation of information security in humanitarian aid systems. As I note in a monograph written a few weeks after the tsunami that captured InfoShare’s information architectures for the humanitarian response, the first days & weeks of the relief efforts brought to light the following information needs:

  1. Information on the type of the disaster – what a tsunami was, how it formed, the dangers of further tsunamis during the severe after shocks that continued for many days etc
  2. Information on missing persons, including foreign nationals. This included details of those internally displaced by the tsunami
  3. Information on immediate needs of survivors (shelter, food & medicine)
  4. Information of resources available to deliver aid – from 4WD vehicles, to trucks and helicopters
  5. Information of organisation to give money and donations in kind to – collection centres, bank account details, wire transfer instructions
  6. Information on contact numbers for emergency services, relief agencies, regional offices of large NGOs, country representatives of INGOs and donor agencies, number for key agencies in the UN
  7. Dissemination of requests for help, channelling aid to appropriate locations, mapping resources and taking inventories of aid received
  8. GIS data on Sri Lanka post tsunami and pre tsunami, including accurate and up-to-date maps of affected regions and satellite imagery to pin point where aid was needed in communities which had been isolated after the tsunami.
  9. Coordination of local and international volunteers involved in the relief efforts – what their skills were, where they were needed, what they were doing once assigned to a particular area
  10. News reports on key developments in the affected regions, including the details of money pledged for relief efforts and how to access this money
  11. Database of various NGOs operational after the tsunami across the affected regions who could be mobilised for aid and relief operations
  12. Information on the actual ground situation in the worst affected areas – with dysfunctional mobile communications, the national telecom provider’s PSTN infrastructure badly affected, transport infrastructure washed away, there was an urgent need to ascertain the status of survivors

As the reader will recognise, some of this information is extremely politically sensitive – that which was captured in the relief effort could be used to target communities and ethnic groups in a renewed war effort, and given the Sri Lankan’s state’s pathological inability to engage in a serious peace process, we were faced with the acute problem of having on the one hand the need to collect, store, analyse and disseminate sensitive information and on the other hand the need to maintain control of who and where this information was used.

The closest I came to discussing some of these issues was in a side meeting during the +5 Symposium with representatives from OCHA and the US State Department. In general however, the assumption seems to be that aid support systems, especially using ICT, are applicable irrespective of the timbre of social, cultural, political and religious relations present in the context of the humanitarian intervention.

This is a tremendously dangerous assumption and I hope that in the fullness of time, the larger community of humanitarian ICT systems developers take a page out of InfoShare’s experiences in this regard.

Also read:

ICTs in general

Humanitarian information systems: Ethics, information protection and “information DNA”

One of the discussions that cropped up in the working group on Innovation and also at the Plenary at the UN OCHA +5 Symposium was the ethics of information sharing in humanitarian aid systems. I for one find it hard to believe that we are bereft of the information needed for timely and sustainable humanitarian action. The essential challenge is three fold – oftentimes the significant lack of progressive political will, information overload and its corollary, information exchange systems that are extremely poor in their ability to leverage information and transform data to knowledge.

Addressing the first is beyond the scope of this post and looking into the future, I was in particular concerned with challenges to information security posed by the ubiquity of location and presence aware devices, ranging from mobile phones with built with GPS to RFID tags that can now even be implanted inside humans.

As the article on RFID notes, the ethical use of technology such as RFID, particularly for humanitarian aid, is an area that is as yet ill-defined and for which there is little or no interest at present. This is fundamentally because of the growth of so many new technologies that need, in some way, to be tested amongst beneficiaries of aid before they are touted as proven technologies. The +5 Symposium’s Innovation Working Group recognised this and cautioned against the use of new technologies in mission critical scenarios:

We shouldn’t experiment with unproven technologies during the critical phases of the emergency response; and better preparedness of: personnel, systems, infrastructure, and data improves the effectiveness and timeliness of the response while allowing for innovation

Nigel Snoad, one of the best known thought-leaders of humanitarian information systems design currently with the Microsoft Humanitarian Systems Group (LinkedIn Profile) and one time head of the UN Joint Logistics Centre in Rome, Italy and I had a fascinating exchange on the topic of ethical information sharing that to me still defines this emergent field of study.

Titled How much information should we share in peacebuilding and humanitarian operations? I proposed the idea of “information DNA”, akin to the semantic web and RDF:

Future technologies may also look into something akin to information DNA – invisible yet system wide meta-tags that clearly indicate when records were gathered, by whom, for what purpose. These tags can then be tracked, so as to ensure that information gathered for humanitarian relief is never used for active combat operations, however valuable such information may be for offensive / defensive operations.

My post was in response to one of Nigel’s posted on the Strong Angel III website and contains a number of points that will be of vital interest to humanitarian aid workers, humanitarian system architects and information protection experts based on my field experience of designing, deploying and managing complex, mission critical applications for peacebuilding, peace process support and human rights monitoring.