Twitter takes sides on the Internet's future

While some tech companies aim to sell surveillance, one aims to thwart it.

Published December 4, 2011 2:00PM (EST)

     (<a href=''>ps-42</a> via <a href=''>Shutterstock</a>)
(ps-42 via Shutterstock)

If you're wondering where Internet and other digital technologies are headed, take note of two news items from this past week.

The first was a piece in the Washington Post profiling the Wiretappers' Ball, a recent gathering in suburban Maryland for those who make tools for surveilling, monitoring and throttling the Internet -- and for the people who buy them. The get-together, according to the Post, featured more than three dozen countries and nearly as many U.S. federal agencies. It's a showcase event for an industry in which behemoths like Cisco, and smaller players like Blue Coat, help control and track the Internet activities of the government's enemies in China (Falun Gong) and Syria (revolutionaries).

The second, smaller development, reported by the Wall Street Journal, was that San Francisco-based Twitter Inc. had acquired Whisper Systems, a two-person firm that specializes in securing the Android mobile operating system. The firm's only employees -- the marvelously named Moxie Marlinspike and fellow researcher Stuart Anderson -- seek to make it harder for snoops to monitor who and how) you are texting, calling and otherwise connecting with digitally.

These seemingly unrelated events represent alternative visions of the roles technology companies, large and small, will play in the future of the Internet. Will the Internet remain a healthy, flexible, sustainable platform for discourse? Or will it turn  into yet another medium controlled by whoever has the most offline power? The Arab Spring painted a picture of an immensely robust Internet. Twitter, Facebook, cellphones, email and more powered revolution from Tunis to Cairo to Damascus. Yet at the same time, it revealed itself as shaky. Could Hosni Mubarak really turn off the Internet on a whim?

"A lot of this technology is a double-edge sword," says Tim Karr of Free Press, who drew early attention to the role of U.S. tech companies in equipping the Egyptian regime. "We see it being used by dissidents and activists, but in the wrong hands it can be used to spy on and even crack down on them."

The Wiretappers' Ball is, for its part, a carnival of tools that can be used to track and stop what people are doing online.

"On offer were products that allow users to track hundreds of cellphones at once, read emails by the tens of thousands. There was technology that could get a computer to snap a picture of its owner and send the image to police — or anyone else who buys the software," wrote Post reporters Sari Horwitz, Shyamantha Asokan and Julie Tate. For sale: the very latest in "tracking, monitoring and eavesdropping technology."

On the day the Post story appeared, Alex Ross, innovation advisor to U.S. Secretary of State Hillary Clinton, tweeted to the tech sector, "Choose principles over profits. The Wiretappers Ball should not be a morality-free zone."

Just because a sale is legal," he went on, "that does not make it responsible."

But the surveillance industry -- a $5 billion a year proposition, according to the Ball's founder -- rolls on, focused on the latest, greatest in tracking and monitoring tech.

Meanwhile, in San Francisco, the 700-employee Twitter is making an investment in Whisper Systems, a firm that makes it harder for people to track and monitor mobile phones built on the Android operating system. (Twitter declined to reveal the terms of the deal, but knowledgeable sources suggest that there were, at least, seven figures involved.) Mobile phones are increasing how much of the world gets online, but because of their architecture, they pose particular challenges. As Berkman Center researcher Ethan Zuckerman has framed the issue, "Mobiles are both utterly essential devices for activists and ones that are profoundly unsafe for activists to use." Whisper Systems aims to make the second bit of that equation less true, not only for activists, but for everybody.

Whisper System's rock-star tool, say those in the industry, is WhisperCore. The tool, writes the company, "integrates with the underlying Android OS to protect everything you keep on your phone, featuring "full disk encryption, network security tools, encrypted backup, selective permissions, and basic platform management tools." The company claims,  "WhisperCore presents a simple and unobtrusive interface to users, while providing powerful management capabilities for administrators and enhanced security APIs for developers."

Then there is TextSecure, a "drop-in replacement for the standard text messaging application, allowing you to send and receive text messages as normal." Messages sent or received through TextSecure, they say, get encrypted and lodged in a database on your device itself.

Marlinspike, a big name in the computer security world, is considered quite a talent get for Twitter. But Marlinspike and Anderson wouldn't be the first tech startup founders to get gobbled up, only to see their vision changed and their passions dissipated.

But there are signs that this wasn't just a case of Twitter filling out its bench -- or simply bringing on a pair of security masters to shore up the company's basic security infrastructure. There was some blowback on Twitter's pick-up of Whisper Systems this week when Whisper Systems pulled down its RedPhone tool, which provides end-to-end phone call encryption, "securing your conversations so that nobody can listen in."

In a carefully crafted blog post that went up on Monday, Marlinspike and Anderson's first day as employees of Twitter, the pair took pains to say that the RedPhone would return. They hinted at the notion that the tool would live on in Twitter, despite the fact that it's not completely obvious how encrypted voice calls relate to the tweeting experience.

"The Whisper Systems software as our users know it will live on (and we have some surprises in store that we're excited about), but there is unfortunately a transition period where we will have to temporarily take our products and services offline," they said. That suggests that the pair were brought on not just for their talent, but for their tools. Perhaps they will be able to incubate hard-core Internet and digital security technology for the masses.

Technology has never been Twitter's strong suit. The company got slapped on the wrist by the U.S. Federal Trade Commission last March for putting users' "privacy at risk by failing to safeguard their personal information." During those breeches, tweeters' log-in information was exposed and used to blast out bogus tweets.

At the same time, the company has shown good instincts when it comes to questions of whom, exactly, it's serving -- working with customers, for example, during law enforcement crackdowns in the wake of the WikiLeaks situation. Those instincts, and how they act on them, only become more important as Twitter grows. The company is seeking to build out its hugely popular platform to attract not only users' tweets but also their photos, videos and location data. (One thing to watch for: how well Twitter works with a U.S. government security establishment that doesn't have an overwhelming fondness for encryption.)

The threat of attracting Washington's attention may be motivating Twitter as much as good intentions. The capital is starting to pay more attention to what Cisco and other technology firms  are up to around the world, as evidenced by Friday's Washington Post report. Karr and other advocates argue that Washington has an interest in regulating the sale of routers to Syria, just as it has an interest in the sale of arms.

"I don't think that Twitter wants to be hauled in front of a Senate subcommittee," says a source in mobile security, citing the appearance of Google's Eric Schmidt before a Senate Judiciary Committee panel last September. "So they're battening down the hatches."

With Whisper Systems embedded inside Twitter, the company now has a built-in user base of tens of millions of people. It puts them in a strong position to secure the digital space. "Changing the Internet is pretty difficult," said Marlinspike at the 2011 hacker convention DEFCON.

Someone is going to do it. The question is, which company?


By Nancy Scola

Nancy Scola is a New York City-based political writer whose work has appeared in the American Prospect, the Atlantic, Columbia Journalism Review, New York Magazine and Salon. On Twitter, she's @nancyscola.

MORE FROM Nancy Scola

Related Topics ------------------------------------------

Cisco Internet Culture Twitter