Archiving Al Qaeda: The Role of Libraries in Protecting Free Speech and Open Systems
by Ben Johnson
The Islamic State group has lost a lot of territory on the battlefield, but the terrorist organization still maintains a strong online presence, making extensive and effective use of social media to spread violent propaganda videos despite the increasingly sophisticated efforts of major tech companies to purge them from their networks. A recent report detailed the websites most used by the Islamic State group, and sitting at the top of the list was a name that should be familiar to librarians: Internet Archive (archive.org).
|As governments, media companies, and internet providers all over the world crack down on extreme speech and bad behavior online, it is naive to think that library systems and services will be exempted.
The Internet Archive is a nonprofit group based in San Francisco with the mission to “provide Universal Access to All Knowledge.” It proudly features an ALA logo on its website, where it notes that it is a library. What does it mean that a self-proclaimed library—and certainly a library partner—is the number one source for Islamic State group propaganda online? Could it be that our professional commitment to openness is being exploited?
Big media platforms such as Google and Facebook are facing increasing scrutiny from politicians and advertisers for hosting extremist content on their platforms. These companies have responded by developing sophisticated machine learning tools and employing human content moderators to identify and take it down. These tools can determine Islamic State group content and remove it—often before it ever reaches its intended audience—and disable the account. Twitter, once the main platform for the Islamic State group, now accounts for less than 1% of its web presence, causing one Islamic State group member to lament in a web forum, “I alone have had more than 120 accounts closed on Twitter … the task is impossible.” At least, it is impossible on Twitter.
Like Twitter, the Internet Archive works to remove Islamic State group execution videos, but the archive is different in a few key respects. First of all, as a nonprofit group, the Internet Archive lacks the sophisticated machine learning tools and the trained content moderation staff of large media platforms. Also, the platform was designed to be as open as possible. Whereas Twitter explicitly bans hate speech, threatening speech, graphic violence, and pornography, the Internet Archive acknowledges that its open platform “may contain information that might be deemed offensive, disturbing, pornographic, racist, sexist, bizarre, misleading, fraudulent, or otherwise objectionable,” placing sole responsibility on the user for abiding by all laws and regulations that may be applicable to the viewing of the content.
The Internet Archive seeks to save ephemeral web content by crawling and archiving webpages and by allowing anyone with a free account to upload media and save copies of his or her works. The purpose of the site is to save online content that would otherwise disappear, and as big platforms get better at disappearing their stuff, terrorists are looking to do just that. The Internet Archive is working exactly as intended, fulfilling it stated mission. But in so doing, is it aiding a terrorist organization?
This question comes as governments around the world are pursuing legislation to control hate speech and other extreme views on the internet and as there is a growing sense among politicians that the internet is being weaponized by bad actors in an attempt to undermine liberal institutions. In Germany, social media networks can be held responsible for their users’ content, and platforms can be fined millions if they fail to remove “illegal” posts within 24 hours. And in Australia, ISPs have been ordered by a federal court to block sites that infringe on copyright. In America, Craigslist abruptly shut down its personals section days after Congress approved a sex-trafficking bill that expanded the criminal and civil liability of website operators. Shortly after that, federal authorities seized backpage.com, a classified advertising website that was accused of enabling sex trafficking. It seems we are fast approaching a time when hosting controversial speech will be criminal. If you don’t believe me, consider the man in Kansas who was recently arrested at a library event for asking challenging questions about Israel.
According to ALA, libraries should “challenge censorship in fulfillment of their responsibility to provide information, …” and should “cooperate with all persons and groups concerned with resisting abridgment of free expression. …” This commitment to openness is hard-coded into library platforms, library policies, and library systems. This directive reads a lot like the stated goals of WikiLeaks, which also calls itself a library, and which used openness as justification for releasing stolen emails during the 2016 U.S. presidential campaign.
To be sure, transparency creates a better society for all. And as government agencies refer citizens to the internet for a major portion of their public records, a closed internet then becomes a denial to public record and a denial of government services. Among librarians, the commitment to intellectual freedom and OA is absolute, but that resolution may soon be tested. As governments, media companies, and internet providers all over the world crack down on extreme speech and bad behavior online, it is naive to think that library systems and services will be exempted. Openness and transparency and equity and personal liberty online are sustaining a frontal assault, and the profession is taking notice.
The Internet Archive recently announced that it is building a backup of its archive in Canada—a move that was widely perceived as being a response to the election of the current president. In a statement, the founder of the Internet Archive said:
On November 9th in America, we woke up to a new administration promising radical change. It was a firm reminder that institutions like ours, built for the long-term, need to design for change.
For us, it means keeping our cultural materials safe, private and perpetually accessible. It means preparing for a Web that may face greater restrictions.
It means serving patrons in a world in which government surveillance is not going away; indeed it looks like it will increase.
Throughout history, libraries have fought against terrible violations of privacy—where people have been rounded up simply for what they read. At the Internet Archive, we are fighting to protect our readers’ privacy in the digital world.
In the age of mass surveillance, libraries provide free and anonymous use of the internet. Our networks are generally open, and our systems are usually designed to not store any identifying information about users. Library organizations advise against filtering and seek to assuage liability concerns related to illegal activity taking place on their networks. Libraries are discouraged from blocking torrent traffic even as they receive cease-and-desist-letters from ISPs and even while acknowledging that they are unable and unwilling to identify copyright infringers.
Libraries advance the cause of intellectual freedom by creating systems that are as open as possible, but that same openness also makes those systems vulnerable to abuse. That old 1990s ideal of an open internet—of a place where you can say anything and read anything—has collided with the reality of spam, propaganda, phishing, advertising, hate, trolling, botnets, trafficking, surveillance, compulsive behavior, paywalls, ransomware, and election interference. Our profession is committed to openness, but according to the Merriam-Webster Thesaurus, synonyms for the word “open” include unguarded, prone, unsecured, exposed, and liable.
ALA notes that all speech, including hate speech, is protected speech, and that “libraries are sanctuary spaces for First Amendment ideals.” In 2018, this is an increasingly lonely and contentious position to take. Our profession’s commitment to free speech means that we should protect hate speech, fake news, conspiracy theories, and other controversial speech, but to what extent, to what end, and at what cost?
In 2017, the white supremacist website Stormfront was removed from the internet for more than a month as ISPs dropped the group and seized the domain name. During that time, archive.org kept the site online, hosting archives of Stormfront dating back to 1996. As the self-proclaimed champions of the First Amendment, should libraries come to the aid of extremist groups when their service is dropped, when they are excluded from search results, or when they are blocked by a government agency? Should we host endangered sites? This is not a hypothetical scenario to consider in the abstract. Platforms everywhere are actively erasing hate speech, fake news, and illegal material from the internet, and what isn’t being removed is sometimes being hidden by search algorithms. Sure, these platforms say they care about free speech, but when they are facing steep fines from governments such as Germany (a country that has learned from its own history of hate crimes) and when they are facing a mass exodus of advertisers, their financial incentive is to clean up.
Hate speech is not a crime in America, but it is a crime in many other countries. It is banned from most social network platforms. As these networks unleash AI to weed it out, we should be concerned that what qualifies as hate speech is different from culture to culture. We should be concerned that voices are being censored with little transparency and, like everything else on the internet, that censoring tools can be weaponized for political ends because despots despise openness.
By creating open and anonymous systems, libraries advance the cause of intellectual freedom, allowing patrons to explore a wide range of topics. At the same time, amid a growing crackdown, it is not very difficult to see why such systems would be desirable to criminals or why they would be despised by regulators. A public computing system with no identifying log-in, no content filter, and no blocks on person-to-person traffic offers a safe haven for people seeking to violate copyright law, view child pornography, or engage in other illegal activities.
Libraries and nonprofits may be small players in the internet world, but as we are the leading source for Islamic State group content, as we defend controversial speech, and as we provide total anonymity, it seems naive to think we will not be subject to greater regulation, scrutiny, and pushback in the future. Siding with Nazis and the Islamic State group only seems noble to librarians; to everyone else, it sounds like madness. Open Wi-Fi for all seems noble to librarians; to others, it seems reckless.
There is always a trade-off between openness and security. To illustrate this fact, there are dozens of online tutorials showing how to compromise users on public Wi-Fi networks, and some of them have millions of views. With Net Neutrality protections gone and with the cost of accessing the internet in America going up, members of the public will come to rely on library networks more than ever, and many of them will be from vulnerable populations. Those who can afford it will have secure, private home networks with software to detect fraud. Those who can’t will use open networks with minimal security, leaving them more vulnerable to hacking. Security is an arms race, and libraries are standing still.
The new digital divide is not only about access—it is about quality and safety of access. Bad actors can compromise even the most sophisticated web users, but the risks are more acute for users with more limited resources. Poor people will be able to get on the internet, but their connection will be less secure. They will be able to download software, but they will not be protected by security software. They will read email, but will be more susceptible to phishing. In the name of openness, we can shirk the responsibility to protect those who rely on us. In the name of openness, we can also shirk the responsibility to protect others from those who exploit us.
We, as librarians, are quick to point out that behavior on our networks is the responsibility of the user alone. We are quick to point out that libraries are not liable for the abuse and criminal activity that occur over library networks. To this end, librarians argue that they are ISPs, hoping to benefit from the safe harbor protections in the law that guard providers from infringements that happen on their networks. But can a library really be an ISP when it is purchasing internet access from an actual ISP? We interpret the term broadly, but the question of what is and what is not an ISP has not been definitively answered in court.
The big tech companies (Google, Facebook, etc.) made a similar argument for immunity and failed. They tried to assert that they were not media companies, and that they were not responsible for the content on their platform. Executives were dragged before Congress, and today, these companies constantly talk about their efforts to enforce policy and to control content.
Of course, libraries aren’t the only open networks; you can get on the internet at a Starbucks, for example. But even a cursory examination of the Starbucks privacy statement and internet usage policy will make it clear that you are not anonymous. You will be required to enter an email, you will be tracked, you will be filtered, and you will be investigated if there is abuse.
Our profession’s complete dedication to privacy and openness invites scrutiny and regulation. Law enforcement agencies can see that child pornography is shared on our public networks and that the offenders are untraceable. They see that we are loved by the Islamic State group. They see that our systems are designed so that they cannot aid law enforcement. In the face of these real and perceived transgressions, how long will it take before lawmakers enact regulations?
The Wild West internet is dying, and the library is the last cowboy standing. In 2018, the ideal of a free and open internet seems like a distant dream, and, to be sure, this is almost certainly a bad thing. But to pretend like it is not the case, to pretend that “safe” and “open” are not mutually exclusive is to ignore reality. We hire security for our library buildings and install security cameras in our library buildings, but we should be just as concerned about the online safety of our patrons. We should seek to ensure that they are not harmed and that they are not harming others online. Issuing a Wi-Fi disclaimer without any enforcement mechanism in place is like writing a behavior policy and looking the other way every time it is violated. Libraries are quick to address bad behavior in their physical buildings, but extremely reluctant to address it when it happens online. If a balance between openness and security is not found, a more severe corrective will be legislated.
The Cambridge Analytica scandal proved that playing fast and loose with data can have major consequences. But a complete absence of data—a system devoid of security—can also have consequences. It is better to be proactive and acknowledge the security problems inherent in open systems than it is to be reactive to the problems those systems cause. It is better to acknowledge that bad things happen on our networks and that we could mitigate them but choose not to.
If a library’s dedication to free speech is absolute, it must be prepared to defend itself. When the USA PATRIOT Act passed in 2001, we were worried about people accessing our library records. This concern seems quaint in 2018, as every aspect of our lives is now under continual surveillance. Can we rise to the challenge and invent systems that are both open and safe? I think we should be concerned that a small group of bad guys could draw a lot of unwanted attention to libraries, potentially undoing a lot of the good work we have done to bridge the digital divide.
In 2018, the government can track activists and critical thinkers online and in the real world. Facial recognition can tell who attended a rally and link those images to an online presence. As the case of black activist Rakem Balogun illustrates, in 2018, protected speech can lead to arrest and imprisonment. In 2018, bots can eliminate protected speech before it is read. In 2018, the world needs anonymous and open systems. The world needs libraries.
But, also in 2018, the main platform for speech (the internet) carries innumerable security threats. Facing the realities of fraud, identity theft, and ransomware, the world needs secure and closed systems. The challenge for libraries is to reconcile these two, finding a way to offer secure and open systems that protect the free speech and privacy of library users while keeping them safe from harm.