Sandvine technology helped blocking Internet

[tridy]

U.S. Company Faces Backlash After Belarus Uses Its Tech to Block Internet

 

Summary

Sandvine is criticized that their technology was used in the recent political events in Belarus and helped with blocking the Internet to prevent the spread of the news and have control of other channels of communication to spread propaganda. 

 

Quote

Alexander Haväng, Sandvine’s chief technology officer, acknowledged during the call that Belarus may be using the company’s equipment to block websites and messaging apps, but he said that Sandvine had concluded that the internet, and access to specific material on websites, wasn’t “a part of human rights.”

 

“We don’t want to play world police,” he said. “We believe that each sovereign country should be allowed to set their own policy on what is allowed and what is not allowed in that country.”

 

My thoughts

 

Nothing personal, just business - or is it? Do companies like this should have special legislative agreements where they should be held responsible about to whom they sell/licence the technology and how it is being used?

 

From what I understand, Sandvine has been selling their technology to the governments of not so democratic countries as Egypt, Turkey, and Belarus so they could block certain websites or, in case of the latest events in Belarus, the whole internet, when the political situation in the country faces a crisis. While we insist on clothing and footwear companies checking that no slave labor is used, we should be asking IT companies to prevent the use of their technologies to violate human rights.

 

When we talk about freedom of speech, freedom of expression of opinions, should we consider access to the Internet a part of human rights?

 

Sources

https://www.bloomberg.com/news/articles/2020-09-11/sandvine-use-to-block-belarus-internet-rankles-staff-lawmakers

[S w a t s o n]

Just came in here to pay my respects for another Canadian founded company that closed up shop here and moved HQ to the US. I once attended a LAN event hosted at Sandvine's original HQ, they seemed pretty cool. Oh well

[Trik'Stari]

2 hours ago, gabrielcarvfer said:

And what if Sandvine didn't sell their infrastructure to them and they were replaced by CCP/Putin counterparts? Don't forget wars never really end, just change their intensity and battlefields.

If we're going to hold this company accountable, should we not hold accountable every single company that does business in China in any way shape or form?

[wamred]

Oof, that is difficult. How do you determine whether or not to allow something like this. Personally, I am pretty sure I would have just ignored something like that for myself. 

[tridy]

9 hours ago, gabrielcarvfer said:

And what if Sandvine didn't sell their infrastructure to them and they were replaced by CCP/Putin counterparts? Don't forget wars never really end, just change their intensity and battlefields.

 

Because you do not want to dip the status of your company into someone else's shit. In the same way that it would not be good for your status if your are doing business with Huawei today. In the same way as companies get criticized for [indirectly?] using slave labor in China. In the same way one should not be selling tobacco and alcohol to under-aged.

 

It is easy to say that "what if" and not take the responsibility. I am saying that the license agreement between the two parties should say what the technology could and could not be used for. It is like one buys a surveillance camera that should not be used to spy on the neighbors. In the same way the telemetry that all are pissed of should be used for improving products and not spying on the users.

[tridy]

The question that I have is whether you consider access to the Internet being a part of human rights in 21 century. If someone is blocking the access to the Internet, would you consider your human rights being violated? Do you consider access to the Internet being a part of freedom of speech and freedom of expression of opinions?

[straight_stewie]

12 hours ago, tridy said:

Sandvine is criticized that their technology was used in the recent political events in Belarus and helped with blocking the Internet to prevent the spread of the news and have control of other channels of communication to spread propaganda. 

Nothing personal, just business - or is it?

Before reading this, you should know that it's coming from one of the most government skeptical, anti-surveillance users on the forum. Ask anyone that's posted a similar topic and argued with me about the realities of the US intelligence communities.

That being said, this is one of the rare times that I agree with the business: Each sovereign society should be allowed to decide for itself what they think their rights are.

 

There is plenty of legitimate use for the technologies that Sandvine offers. Many of those legitimate uses protect people like us. It is not Sandvines job to decide who should and shouldn't be able to use their products. Rather, it is the society in which the products are used that should decide who should and shouldn't be able to use their products, and what they should be able to be used for.

But none of that is the real issue. The real issue is that people, the world over, have decided that it's best to blame the easiest thing to blame, and not the right thing to blame. Blaming Sandvine actually hurts us. Instead of asking "why did Sandvine allow a customer to use their product", ask "why did their customer use their product in that way?".

Put blame where blame belongs and real change might actually happen...

 

As for my personal beliefs about internet rights, I believe that they should be exactly identical to ones real life rights. Whatever those happen to be where that person is at the time. Access to the internet is, therefore, not a basic right, at least not in my country. Freedom of use and privacy of communications, however, should be.

[tridy]

2 hours ago, straight_stewie said:

There is plenty of legitimate use for the technologies that Sandvine offers. Many of those legitimate uses protect people like us. It is not Sandvines job to decide who should and shouldn't be able to use their products. Rather, it is the society in which the products are used that should decide who should and shouldn't be able to use their products, and what they should be able to be used for.

 

My concern here is that the technology itself allows for dangerous misuse and therefore should be controlled by law. When one buys a car, for instance, there is a license one needs to have, so there will be order on the roads. At the same time the law says one cannot drive around hitting people in a car. The license for the technology should say that one cannot use it for evil purposes (I will leave it out to the lawyers to interpret it). 

 

There is awfully a lot of grey area in "sovereign country." I can present multiple arguments that Belarus is not a sovereign country. I do agree that the company did not explicitly cause any of the trouble. At the same time, I do not believe that they didn't know for what purposes their technology will be used. That would be BS. They are no angels in this game. Hence the offensive reaction from their side.

 

Again I am trying to say that this type if technology can be used as a weapon and should be (heavily) regulated. There is way too much possibility for misuse.

 

 

Edited September 14, 2020 by tridy
spllng

[tridy]

There is an update from Sandvine:

 

Francisco-Backed Sandvine Cancels Belarus Deal, Citing Abuses

https://www.bloomberg.com/news/articles/2020-09-15/sandvine-says-it-will-no-longer-sell-its-products-in-belarus

 

Quote

Sandvine Inc., the technology company backed by private equity firm Francisco Partners, canceled a deal with Belarus, saying the government used its technology to violate human rights.

 

I am glad that they see it that way.

[HM-2]

On 9/14/2020 at 12:06 PM, tridy said:

Again I am trying to say that this type if technology can be used as a weapon and should be (heavily) regulated. There is way too much possibility for misuse.

To be fair as a US domicile company it's almost certainly treated as such under ITAR (International Trafficking of Arms Regulation); in fact many of their open job vacancies make specific reference to ITAR.

 

If their technologies are regulated under ITAR then final responsibility for any overseas sale sits with the US federal government. 

[Roswell]

On 9/13/2020 at 5:01 PM, S w a t s o n said:

Just came in here to pay my respects for another Canadian founded company that closed up shop here and moved HQ to the US. I once attended a LAN event hosted at Sandvine's original HQ, they seemed pretty cool. Oh well

They’re anything but cool. Their entire business model revolves around selling metering, throttling and censorship products to ISPs.

[LAwLz]

I do not believe it is the job of a company to ensure that their products are used in ways that align with whatever the current population of a specific country agrees is "fair".

 

If a knife manufacturer sells a knife to someone who then goes out and stabs someone, should we hold the knife company responsible?

If the US government buys a ton of iron from Australia and then that iron is used to make bullets that kills some innocent person should we hold Australia responsible?

 

Why not blame the Belarusian officials that actually went "hey, let's use this tool for nefarious purposes"? Why the hell is anyone blaming the company who produced a product instead of blaming the people who used said product for bad purposes?

 

 

Why does people seem to have such a hard-on for the US controlling all other countries? Shouldn't it be up to Belarus to decide how they want to treat their people? If you think they are being treated poorly then get mad at Belarus. The US is not, and should not be the "world police". It's like people watched this video and went "yeah that sounds like a great idea"

 

[tridy]

5 minutes ago, LAwLz said:

I do not believe it is the job of a company to ensure that their products are used in ways that align with whatever the current population of a specific country agrees is "fair".

 

And yet there are license agreements and contracts.

Are you bringing "fair" into the context of today's Belarus government?

 

5 minutes ago, LAwLz said:

If a knife manufacturer sells a knife to someone who then goes out and stabs someone, should we hold the knife company responsible?

If the US government buys a ton of iron from Australia and then that iron is used to make bullets that kills some innocent person should we hold Australia responsible?

 

I see it more like selling cigarettes or alcohol to under-aged. Or uranium, or 

 

5 minutes ago, LAwLz said:

 

Why not blame the Belarusian officials that actually went "hey, let's use this tool for nefarious purposes"? Why the hell is anyone blaming the company who produced a product instead of blaming the people who used said product for bad purposes?

 

Current Belarusian officials do get blamed a lot. If you are not aware, it is a dictatorship country, and that is what people are trying to change. The current dictator blocks the Internet so the people could not be able to communicate and spread the news. The officials say that this is Western Europe that blocks the internet.

 

5 minutes ago, LAwLz said:

Why does people seem to have such a hard-on for the US controlling all other countries? Shouldn't it be up to Belarus to decide how they want to treat their people? If you think they are being treated poorly then get mad at Belarus. The US is not, and should not be the "world police". It's like people watched this video and went "yeah that sounds like a great idea"

It is not about US, it is about the company and, in my personal case a question whether blocking access to the Internet is violating human rights, in the same way as freedom of speech. If this company was still a Swedish company (or any other company in any country), they would get the same negative attention. It has nothing to do with USA personally or USA controlling anyone. Again, if you were selling nuclear fuel to the nuclear power stations, and you sold "a bit" to a dictator, and the dictator has used it for a different purpose, you would get blamed hell out of you.

 

I have posted an update on from Sandvine about their view on human rights in this thread.

 

 

[SpaceGhostC2C]

On 9/13/2020 at 4:44 PM, tridy said:

We nsist on clothing and footwear companies checking that no slave labor is used, we should be asking IT companies to prevent the use of their technologies to violate human rights.

 

This is the wrong analogy, though. What you have in mind is not about the supply chain but about the customers. The analogy would be preventing criminals from wearing your cloth and footwear. 

 

Such bans do exist anyway (see Huawei), but are hardly enforceable outside a few specific cases due to the possibility of circumventing them through intermediaries (e.g., Adidas had no way to prevent me from getting a shirt made by them even if I'm personally banned at their stores). 

 

In this case, the equivalent to no slave labor would be, I don't know, don't crunch your developers?

[S w a t s o n]

4 hours ago, Vitamanic said:

They’re anything but cool. Their entire business model revolves around selling metering, throttling and censorship products to ISPs.

Yea and they were bought out and moved to the US after I met them so, nice meme. Not the same company

[wanderingfool2]

On 9/14/2020 at 1:26 AM, straight_stewie said:

-snip-

Perfectly said I think.

 

On 9/14/2020 at 4:06 AM, tridy said:

My concern here is that the technology itself allows for dangerous misuse and therefore should be controlled by law. When one buys a car, for instance, there is a license one needs to have, so there will be order on the roads. At the same time the law says one cannot drive around hitting people in a car. The license for the technology should say that one cannot use it for evil purposes (I will leave it out to the lawyers to interpret it). 

There are maybe a few cases which software should be limited, but in general I don't think it should be...it just creates more issues down the road.  In this case, the technology has legitimate purposes and uses.

 

It is similar to how encryption was deemed  too important and dangerous in the wrong hands so the US legislated limitations on what encryptions could be used.  That might be all hunky-dory until you realize some of the internet protocols essentially used this weaker encryption because they had no other choice.

 

I'm not saying that modern limitions would cause this, but you can bet that there will be an abuse of the law eventually.  An example, how do you define an evil purpose...that is very subjective and differs greatly country to country.  Might I remind you of PRISM, where they were intercepting and monitoring traffic (should they be disqualified from buying surveillance equipment?)

 

There are countless, real first world countries, that likely abuse people's rights everyday (just aren't caught/do it in more subtle ways).

[tridy]

15 minutes ago, wanderingfool2 said:

There are maybe a few cases which software should be limited, but in general I don't think it should be...it just creates more issues down the road.  In this case, the technology has legitimate purposes and uses.

Again, the license agreement or contracts come in place. The OCR software should not be used to pirate books, for example, and it is in the license agreement. Cameras should not be used to record movies in the cinemas. Torrents should not be used to pirate software. Software should not be used to modify Windows installations or enable Testa's features that owner did not pay for. Apple should not be using software to prevent 3rd party repair. Software is all around.

 

15 minutes ago, wanderingfool2 said:

It is similar to how encryption was deemed  too important and dangerous in the wrong hands so the US legislated limitations on what encryptions could be used.  That might be all hunky-dory until you realize some of the internet protocols essentially used this weaker encryption because they had no other choice.

Encryption cannot directly violate human rights, in this case.

 

15 minutes ago, wanderingfool2 said:

I'm not saying that modern limitions would cause this, but you can bet that there will be an abuse of the law eventually.  An example, how do you define an evil purpose...that is very subjective and differs greatly country to country.  Might I remind you of PRISM, where they were intercepting and monitoring traffic (should they be disqualified from buying surveillance equipment?)

I think there is another PRISM somewhere and we just do not know about it. Or maybe there is no need for it, since we have Facebook, Instagram where people expose themselves without any need for encryption. Again, privacy, even though very important as well, is not the same as the access to the means of communication. You can listen to what I say but you cannot shut me up or cover my ears.

 

15 minutes ago, wanderingfool2 said:

There are countless, real first world countries, that likely abuse people's rights everyday (just aren't caught/do it in more subtle ways).

There are sanctions against certain countries that do now allow doing business with them, at least in Europe, including selling them services, software, technology, basically anything.

[straight_stewie]

On 9/14/2020 at 6:06 AM, tridy said:

Again I am trying to say that this type if technology can be used as a weapon and should be (heavily) regulated. There is way too much possibility for misuse.

We need to be very clear here: We're talking about imposing government regulation and licensure requirements to export, use, or own a firewall or router.

 

Your statement basically amounts to classifying network administration tools and equipment as arms and then regulating them through ITAR.

Such a thing would be a massive step backwards for internet security for private, commercial, and government entities across the board and the world over.

[wanderingfool2]

23 minutes ago, tridy said:

Again, the license agreement or contracts come in place. The OCR software should not be used to pirate books, for example, and it is in the license agreement. Cameras should not be used to record movies in the cinemas. Torrents should not be used to pirate software. Software should not be used to modify Windows installations or enable Testa's features that owner did not pay for. Apple should not be using software to prevent 3rd party repair. Software is all around.

All of that is held by government laws, and shouldn't be forced onto consumers.  Sometimes you might see things like Torrent software putting it in their TOS because they just want to protect themselves from civil suit.  Government's have very little place in terms of mandating what a company's product should do.
 

26 minutes ago, tridy said:

Encryption cannot directly violate human rights, in this case.

The point of my statement was that encryption in the past has had regulations on it and it caused consequences 10 years down the road (in our modern internet infrastructure).  And one could argue that encryption is allowing a hostile government to hide their communications (so should be regulated)...it's a slippery slope when it comes to government oversight.

 

30 minutes ago, tridy said:

Again, privacy, even though very important as well, is not the same as the access to the means of communication. You can listen to what I say but you cannot shut me up or cover my ears.

Some would argue privacy from a government body is more important.  What good is open communication if the government uses it to track you down and arrest you (for some petty thing, but still a way to control the masses).  It brings me back to my point, there isn't a golden rule in terms of what is and isn't acceptable...the line can sometimes very much be blurred, where as laws/mandates tend to be hard lines in the sand which creates the issues.

[Roswell]

2 hours ago, S w a t s o n said:

Yea and they were bought out and moved to the US after I met them so, nice meme. Not the same company

They were definitely in Canada during the whole deep packet inspection fiasco. This was like 15 years ago... Kind of hard to forget when my personal ISP at the time (Comcast) was their biggest customer. 
 

They’ve always been a shitty company.

[tridy]

1 hour ago, wanderingfool2 said:

All of that is held by government laws, and shouldn't be forced onto consumers.  Sometimes you might see things like Torrent software putting it in their TOS because they just want to protect themselves from civil suit.  Government's have very little place in terms of mandating what a company's product should do.

 

I mostly agree with that with some exception. Here are the examples:

 

1. Apple preventing 3rd party repair with proprietary mapping of the internal components to the motherboard/cpu so you would not even be able to swap the same part from another computer of the same model. Only Apple can repair their products. That is software. The same goes for Tesla.

 

2. Volkswagen diesel scandal with software cheating with reporting lower exhaust/pollution numbers than they really are.

 

Then there must be standards in software that has to do with medical, nuclear, aircraft, space and other industries that has to do with massive risks. Software can kill people.

 

1 hour ago, wanderingfool2 said:

The point of my statement was that encryption in the past has had regulations on it and it caused consequences 10 years down the road (in our modern internet infrastructure).  And one could argue that encryption is allowing a hostile government to hide their communications (so should be regulated)...it's a slippery slope when it comes to government oversight.

 

I look at the encryption like people should not be lying or stealing. One can use encryption to gain privacy or to hide crime. As you say it is a slippery slope. Like Bitcoin, for instance.

 

1 hour ago, wanderingfool2 said:

Some would argue privacy from a government body is more important.  What good is open communication if the government uses it to track you down and arrest you (for some petty thing, but still a way to control the masses).  It brings me back to my point, there isn't a golden rule in terms of what is and isn't acceptable...the line can sometimes very much be blurred, where as laws/mandates tend to be hard lines in the sand which creates the issues.

People most of the time choose convenience over privacy. There are some that try keep it as private as possible but they are laughed at by majority saying the world is not private anymore and you should let it go.

 

You are saying that some people say privacy is important (and I think I am one of them), and I am saying that most people do not care about privacy, which is not contradicting to you, but I would not give as much weight to privacy as I would give it to human rights.

 

---

 

Anyway, we dragged privacy and other things into the context, while my initial idea was to see how people would react if one day their government would turn off the Internet. How would they feel if in 2020 suddenly they have no access to their email, messengers, photos, news, movies, subscriptions, services etc. For me, that would be similar to if someone confiscates my mobile phone or my computer. So maybe blocking the Internet should be considered violation of human rights, regardless the ways it was achieved. And that is why I reacted to the Sandvine's initial quote:

 

Quote

Sandvine had concluded that the internet, and access to specific material on websites, wasn’t “a part of human rights.”

 

which they have corrected and said
 

Quote

Sandvine Inc., the technology company backed by private equity firm Francisco Partners, canceled a deal with Belarus, saying the government used its technology to violate human rights.

 

 

So, the thing that I want to emphasize that the way some software is used can violate human rights. And I am glad that the company acknowledged that.

[WkdPaul]

* thread cleaned *

 

Please stay on-topic and respectful to others.