Jared Cohen - The New Digital Age

Eventually, though, the technology used by these platforms will be so sophisticated that they will be effectively unblockable. When WikiLeaks lost its principal website URL, WikiLeaks.org, due to a series of distributed denial-of-service (DDoS) attacks and the pullout of its Internet service provider (which hosted the site) in 2010, its supporters immediately set up more than a thousand “mirror” sites (copies of the original site hosted at remote locations), with URLs like WikiLeaks.fi (in Finland), WikiLeaks.ca (in Canada) and WikiLeaks.info. (In a DDoS attack, a large number of compromised computer systems attack a single target, overloading the system with information requests and causing it to shut down, denying service to legitimate users.) Because WikiLeaks was designed as a distributed system—meaning its operations were distributed across many different computers, instead of concentrated in one centralized hub—shutting down the platform was much more difficult than it seemed to most laymen. Future whistle-blowing websites will surely move beyond mirror sites (copies of existing sites) and use new methods to replicate and obfuscate their operations to shield themselves from authorities. One way to accomplish this would be to create a storage system where fragments of files are copied and distributed in such a way that if one file directory is shut down, the files can be reassembled from those fragments. These platforms will develop new ways to ensure anonymous submission for potential leakers; WikiLeaks constantly updated its submission methods, warning users to avoid earlier cryptographic routes—among them SSL, or secure sockets layer, and hidden Tor service, using the highly encrypted Tor network—once they had determined that those were insufficiently secure.

And what of the individuals leading this charge? The Assanges of the world will still exist in the future, but their support bases will remain small. The more welcomed whistle-blowers of the future will be the ones who follow the example of people like Alexei Navalny, a Russian blogger and anticorruption activist, who enjoys much sympathy from many in the West. Disillusioned with Russia’s liberal opposition parties, Navalny, a real-estate lawyer, started his own blog dedicated to exposing corruption in major Russian companies, initially supplying the disclosures himself by taking small stakes in the businesses and invoking shareholder rights to force them to share information. He later crowd-sourced his approach, instructing supporters to try to do the same, with some success. Eventually, his blog grew into a full-blown secret-spilling platform, where visitors were encouraged to donate toward its operating costs via PayPal. Navalny’s profile grew as his collection of scoops swelled, most notably with a set of leaked documents that revealed the misuse of $4 billion at the state-owned oil pipeline company Transneft in 2010. By late 2011, Navalny’s public stature placed him at the center of preelection protests, and his nickname for Vladimir Putin’s United Russia party, the Party of Crooks and Thieves, had gone viral, adopted widely throughout the country.

Navalny’s approach, at least in the beginning of his new activism, was distinctive in that for all his zeal he had not turned the focus of his whistle-blowing operation toward Putin himself. His targets had largely been commercial, although given that the Russian public and private sector are not always easily distinguished, the information implicated some government officials as well. Moreover, despite the harassment he experienced—he had been arrested, imprisoned, spied on and investigated for embezzlement—he remained free for years. His critics may have called him a liar, a hypocrite or a CIA stooge, but Navalny remained in Russia (unlike so many other high-profile Kremlin opponents) and his blog was not censored.

Some think Navalny did not constitute much of a threat to the Kremlin; his name recognition among Russians remained quite low, though his supporters argue that such figures merely reflect low Internet penetration across the country and the success of state media censorship (Navalny was banned from appearing on state-run television). But a more interesting theory is that, for a time at least, Navalny found a way to toe the line as an anticorruption activist, knowing what to leak—and from whom—and what areas to avoid. Unlike prominent Putin critics, like the jailed billionaire Mikhail Khodorkovsky and the self-exiled oligarch Boris Berezovsky, Navalny seems to have found a way to challenge the Kremlin, while fighting corruption, without veering into overly sensitive areas that might place him in grave danger. (Short of a badly doctored photograph that appeared in a pro-Kremlin newspaper showing Navalny laughing with Berezovsky, there is little to suggest he has any ties to those critics.) His presence seemed to be tolerated by the Russian government until July 2012, when it deployed all available tools to discredit him, formally charging him with embezzlement in a case concerning a state-owned timber business in the Kirov region, where he had formerly worked as an advisor to the governor. The charges, carrying a maximum sentence of ten years in prison, reflected how much of a threat the resilient antigovernment protest movement had become. The world will continue to watch the trajectories of figures like Navalny to see whether his approach provides some measure of insulation from attack for digital activists.

There is also the frightening possibility that sites will emerge created by people who share the design and scale of these whistle-blower platforms but not their motivations. Rather than functioning as a clearinghouse for whistle-blowers, such platforms would serve as hosts to all manner of pilfered digital content—leaked active military operations, hacked bank accounts, stolen passwords and home addresses—without any particular agenda beyond anarchy. Operators of these sites would not be ideologues or political activists; they would be agents of chaos. Today, hackers and information criminals publish their ill-gotten gains fairly indiscriminately—the 150,000 Sony customer records released by the hacker group LulzSec in 2011 were simply made downloadable as a file through a peer-to-peer file-sharing service—but in the future, if a centralized platform emerged that offered them WikiLeaks-level security and publicity, it would present a real problem. Redaction, verification and other precautionary measures taken by WikiLeaks and its media partners would surely not be performed on these unregulated sites (indeed, Assange told us he redacted only to reduce the international pressure that was financially strangling him and said he would have preferred no redactions), and lack of judgment around sensitive materials might well get people killed. Information criminals would almost certainly traffic in bulk leaks in order to cause maximum disruption. To some extent, leaking selectively reflects purpose while releasing material in bulk is effectively thumbing one’s nose at the entire system of secure information.

But context matters, too. How different would the reaction have been, from Western governments in particular, if WikiLeaks had published stolen classified documents from the regimes in Venezuela, North Korea and Iran? If Bradley Manning, the alleged source of WikiLeaks’ materials about the United States government and military, had been a North Korean border guard or a defector from Iran’s Revolutionary Guard Corps, how differently would politicians and pundits in the United States have viewed him? Were a string of whistle-blowing websites dedicated to exposing abuses within those countries to appear, surely the tone of the Western political class would shift. Taking into account the precedent President Barack Obama set in his first term in office—a clear “zero tolerance” approach toward unauthorized leaks of classified information from U.S. officials—we would expect that future Western governments would ultimately adopt a dissonant posture toward digital disclosures, encouraging them abroad in adversarial countries, but prosecuting them ferociously at home.