The Internet

NSA surveillance may cause breakup of internet, warn experts

Internet specialists highlight moves by Brazil, Germany and India towards creating separate networks in order to block spying

the Guardian,

1 November, 2013

The vast scale of online surveillance revealed by Edward Snowden is leading to the breakup of the internet as countries scramble to protect private or commercially sensitive emails and phone records from UK and US security services, according to experts and academics.

They say moves by countries, such as Brazil and Germany, to encourage regional online traffic to be routed locally rather than through the US are likely to be the first steps in a fundamental shift in the way the internet works. The change could potentially hinder economic growth.

"States may have few other options than to follow in Brazil's path," said Ian Brown, from the Oxford Internet Institute. "This would be expensive, and likely to reduce the rapid rate of innovation that has driven the development of the internet to date … But if states cannot trust that their citizens' personal data – as well as sensitive commercial and government information – will not otherwise be swept up in giant surveillance operations, this may be a price they are willing to pay."

Since the Guardian's revelations about the scale of state surveillance, Brazil's government has published ambitious plans to promote Brazilian networking technology, encourage regional internet traffic to be routed locally, and is moving to set up a secure national email service.

In India, it has been reported that government employees are being advised not to use Gmail and last month, Indian diplomatic staff in London were told to use typewriters rather than computers when writing up sensitive documents.

In Germany, privacy commissioners have called for a review of whether Europe's internet traffic can be kept within the EU – and by implication out of the reach of British and US spies.

Surveillance dominated last week's Internet Governance Forum 2013, held in Bali. The forum is a UN body that brings together more than 1,000 representatives of governments and leading experts from 111 countries to discuss the "sustainability, robustness, security, stability and development of the internet".

Debates on child protection, education and infrastructure were overshadowed by widespread concerns from delegates who said the public's trust in the internet was being undermined by reports of US and British government surveillance.

Lynn St Amour, the Internet Society's chief executive, condemned government surveillance as "interfering with the privacy of citizens".

Johan Hallenborg, Sweden's foreign ministry representative, proposed that countries introduce a new constitutional framework to protect digital privacy, human rights and to reinforce the rule of law.

Meanwhile, the Internet Corporation for Assigned Names and Numbers – which is partly responsible for the infrastructure of the internet – last week voiced "strong concern over the undermining of the trust and confidence of internet users globally due to recent revelations of pervasive monitoring and surveillance".

Daniel Castro, a senior analyst at the Information Technology & Innovation Foundation in Washington, said the Snowden revelations were pushing the internet towards a tipping point with huge ramifications for the way online communications worked.

"We are certainly getting pushed towards this cliff and it is a cliff we do not want to go over because if we go over it, I don't see how we stop. It is like a run on the bank – the system we have now works unless everyone decides it doesn't work then the whole thing collapses."

Castro said that as the scale of the UK and US surveillance operations became apparent, countries around the globe were considering laws that would attempt to keep data in-country, threatening the cloud system – where data stored by US internet firms is accessible from anywhere in the world.

He said this would have huge implications for the way large companies operated.

"What this would mean is that any multinational company suddenly has lots of extra costs. The benefits of cloud computing that have given us flexibility, scaleability and reduced costs – especially for large amounts of data – would suddenly disappear."

Large internet-based firms, such as Facebook and Yahoo, have already raised concerns about the impact of the NSA revelations on their ability to operate around the world. "The government response was, 'Oh don't worry, we're not spying on any Americans'," said Facebook founder Mark Zuckerberg. "Oh, wonderful: that's really helpful to companies trying to serve people around the world, and that's really going to inspire confidence in American internet companies."

Castro wrote a report for Itif in August predicting as much as $35bn could be lost from the US cloud computing market by 2016 if foreign clients pull out their businesses. And he said the full economic impact of the potential breakup of the internet was only just beginning to be recognised by the global business community.

"This is changing how companies are thinking about data. It used to be that the US government was the leader in helping make the world more secure but the trust in that leadership has certainly taken a hit … This is hugely problematic for the general trust in the internet and e-commerce and digital transactions."

Brown said that although a localised internet would be unlikely to prevent people in one country accessing information in another area, it may not be as quick and would probably trigger an automatic message telling the user that they were entering a section of the internet that was subject to surveillance by US or UK intelligence.

"They might see warnings when information is about to be sent to servers vulnerable to the exercise of US legal powers – as some of the Made in Germany email services that have sprung up over the summer are."

He said despite the impact on communications and economic development, a localised internet might be the only way to protect privacy even if, as some argue, a set of new international privacy laws could be agreed.

"How could such rules be verified and enforced? Unlike nuclear tests, internet surveillance cannot be detected halfway around the world."