This article is also available in:
Deutsch: CleanIT – ein sichereres Internet … für Terroristen?

The “CleanIT project”, funded by the European Commission and led by the Dutch police, aims to produce a “guideline or gentleman's agreement” to fight terrorism online in a way which does not involve the use of legislation. The latest draft of its proposals was recently made available.

The intention to launch the project was first publicly announced in May 2010, during a European Commission event with the same goal and involving the same industry. At that event, the European Commission proposed that ISPs change their terms of service to allow them to more easily remove content that either industry or police forces felt was illegal. Two years and 400 000 Euros of funding later, the CleanIT project has formulated broadly the same proposal. Its draft document is 3 348 words long (which works out at a cost of 119.47 Euro per word), including definitions such as “the term “Internet companies” refers to companies providing divers sic services on the Internet” and informs us that “from a technical perspective, terrorist use of the Internet is not substantially different than regular, legal use of the Internet.”

The current draft document elevates Internet companies to a new level of corporate government. On a legislative level, it suggests that they should “ban the illegal terrorist use of the Internet in their terms of service/business conditions and acceptable use policies” - moving past the traditional rule-of-law based society where democratically-elected governments decided what should be prohibited. They will do this despite the fact that CleanIT believes that “Waht sic is terrorist use of the Internet is not always adequately defined or clearly explained.” The need for this move is hinted at by a recognition by the authors that “many activities of (potential) terrorists start in ordinary, easy accessible parts of the Internet and are not illegal”. This activity, they appear to believe, can be “banned” by private companies but not by democratically elected governments.

After fulfilling their legislative role, the Internet companies would then be in a position to implement their laws. They become the judge and decide what is illegal. Where their ruling is that it is illegal, they act as executioner of the law – imposing sanctions “immediately and proportionately” unless they believe that the activity that they are regulating may not be illegal, at which case they can refer the ruling to a court.

Internet companies are also expected to undertake a stronger policing role. The head of the project, Mr But Klaasen, envisages the development of a database of “illegal” (under which definition or in which jurisdiction is unclear – as CleanIT points out “there are differences in (il)legality between national legislations”) material, which could then be used, it appears, as some form of upload filter and/or download block. This would ensure that content deemed “illegal” could not be uploaded anywhere else... unless it was modified to get past the filter, of course. The fact that the draft project document says that “Internet companies must be transparent about the use of automated detection systems for this purpose” doesn't get around the fact that such widescale, suspicionless filtering was already deemed to be in breach of fundamental rights in the Scarlet/Sabam and Sabam/Netlog cases in the European Court of Human Rights. The draft document expresses a hope for widespread implementation of “automated detection systems” which, paradoxically would “not endanger Internet Freedom or even be illegal”.

The current project document also offers implicit encouragement to minimise or eliminate anonymity online, arguing that , while this is “logical and desirable” in some cases, “for many it is not a necessity”. This obviously ignores the fact that, for many, it is a necessity for this option to be available, even if not always used.

Despite much competition, possibly the most confusing element of all is the section on reporting. What is confusing is not that the Commission-funded CleanIT is working on re-inventing online reporting tools while the Commission-convened “CEO Coalition” is also (in parallel and with no coordination between them) re-inventing online reporting tools. What is confusing is more what it thinks this will achieve. What is confusing is that, in the context of online child abuse material, we are told by child protection organisations and the Commission that there are so many reports, that there is no hope of investigating a significant fraction of them and there is no point in asking for more resources for more of these crimes to be investigated. Meanwhile, CleanIT says that there isn't enough reporting of allegedly illegal material and “a large part of the terrorist use” is “never brought to the attention of Internet companies and LEAs.”

Of course, if the terrorists know that the only sanctions that will be taken against them will be superficial, because real law enforcement authorities will be relying on Internet companies to legislate on and police the Internet, maybe it would generate legal certainty – making the Internet a safer place... for terrorists... which is just a few words different from what CleanIT intended to achieve.

CleanIT Project
http://www.cleanitproject.eu/

EDRi/EuroISPA statement on predecessor project to CleanIT (9.07.2010)
http://www.edri.org/files/090710_dialogue_NTD_illegal_content_EuroISPA...

Interview with But Klaasen (6.06.2012)
http://www.itnews.com.au/News/303729,clean-it-project-considers-terror...

(Contribution by Joe McNamee - EDRi)