Clean IT Project

The Clean IT Project is an online project initiated by the European Union, aiming to reduce or discourage online terrorism and further illegal activities via the internet. They aim to create a document that commits the internet industry to help governments discover content that incites acts of terrorism. The main facilitators that undertook this project were the Netherlands, Germany, United Kingdom, Belgium, and Spain. There are many more supporting EU members such as Hungary, Romania, and recently, Italy, but the main countries that have started the project are the 5 listed above.

Objectives
As stated on the project website, the objectives of the Clean IT Project include:


 * 1) The initiation of a public and private dialogue regarding illegal activities on the internet, especially focused on terrorist activities. The objective is to consider both the public and private interests of the Clean IT project so that both parties would have the proper motivation when engaging in it. Additionally, this aims to set a clear and shared understanding of what online terrorism is and the categories that it entails through a public and private dialogue.
 * 2) The creation of a general set of guidelines between the private and public sectors when managing online terrorist threats. This project's objective is not to set a strict legislative statement on online terrorism but to provide a set of guidelines and notions for both the government and the private corporations on online terrorism.
 * 3) The affirmation of a set of proceedings that eventually reduces the terrorists' influences on the internet. These proceedings are offered to the public and private sectors as guidelines, not necessarily a set of rules. Both parties may implement the indicated measures voluntarily to their own benefits.

History
Before the Internet was created, the transmittance of information between mediums was limited by distance. However, since modernization and constant development of this resource, we are now able to communicate with people across the world by a means of a couple clicks and keystrokes. While we have seen many benefits through the creation of the Internet, this extension of freedom has also led to many setbacks, which the Clean IT project strives to solve. Clean IT is particularly concerned with possible terrorist attacks. The ease of accessibility to reach individuals and corporations, harness large amounts of information, and manipulate systems can all be derived from this common source, and for these key reasons, Europe has made large strides in making their vision of clean Internet technology a reality.

This project was drafted through an open dialogue between the private corporations and government agencies which started in June 2011 and had concluded in March 2013. This process involved 6 meetings in Amsterdam, Madrid, Brussels, Berlin, Utrecht, and Vienna, where a project team facilitated the conversation for Clean IT. This dialogue involved over 110 participants: representatives from both the government and private corporations as well as experts and academics in the related fields. Once a revision had been made on the document after every meeting, the document was released to the general public in order to consider their opinion as well. The final version of the document was released on 21 January 2013, which included a detailed analysis of online terrorist activities and nine general guidelines that suggest the best practices or ways to reduce online terrorism.

On their website they state that their goal is to "To start a constructive public-private dialogue about terrorist use of the Internet". To further elaborate, the Clean IT project has created a set of guidelines that would be supported by public and private parties, a code of conduct on how to deal with possible terrorist attacks online. The solution, they state, is made on a case-by-case basis with one basic principle that has upset many, "Any action taken to reduce the terrorist use of the Internet must comply with national and European laws and regulations, and respect fundamental rights and freedoms, including access to the Internet, freedoms of assembly and expression, privacy and data protection".

Initial project partners

 * Netherlands (NCTV, National Coordinator for Counterterrorism and Security)
 * Germany (Federal Ministry of the Interior)
 * United Kingdom (Home Office)
 * Belgium (OCAD, Coordinating Body for Threat Analysis)
 * Spain (CNCA, Centro Nacional de Coordinación Antiterrorista)

Supporting governmental partners
Governments/Ministries that joined the project:


 * Hungary (Counter Terrorism Centre)
 * Romania (SRI)
 * Austria (Federal Ministry of the Interior)
 * Denmark
 * Greece (Hellenic Police)
 * Portugal (Ministry of Justice, Polícia Judiciária)
 * Italy (Ministry of Interior)

Other participants (civil society, industry, law enforcement and intelligence)
These persons or organizations attended Clean IT events and/or exchanged views to contribute to the project. (List explicitly includes only the names of those who made their attendance public)


 * Guardia Civil (Spain)
 * Belgian Federal Police
 * Bundesamt für Verfassungsschutz (Germany)
 * Bundeskriminalamt (Germany)
 * PET (Denmark)
 * International Network Against Cyber Hate (INACH)
 * Ligue internationale contre le racisme et antisémitisme (LICRA)
 * Association des Fournisseurs d'Acces et de Services Internet (AFA)
 * Internet Society Belgium (ISOC-BE)
 * Hosting company LeaseWeb
 * Dutch computer end user organisation (HCC)
 * Pirate Party Switzerland (Pascal Gloor, who also posted a blog about the Berlin meeting, in French)
 * Prof. Dr. Manuel R. Torres Soriano (Universidad Pablo de Olavide de Sevilla)
 * Ms Yuliya Morenets, representative of ’Together against Cybercrime’ (TAC)
 * Asiem El Difraoui, Institut für Medien- und Kommunikationspolitik
 * Euvision
 * Atos Spain
 * Special Telecommunications Service, Romania
 * Hosting company Kosmozz
 * International Association of Internet Hotlines (INHOPE)
 * N-Square Consulting
 * S21Sec
 * Community Security Trust
 * Ronald Eissens, Magenta Foundation
 * Dr Francesca Galli, Université Libre de Bruxelles
 * Denis Ćoragić, Diplo Foundation
 * ZyLAB
 * Nico Prucha, Vienna University
 * Rebecca Schindler, RAND Europe
 * Luke Forsyth, CA Technologies
 * Michael Hilberer, Piratenpartei Saarland (Germany)
 * Internautas Association (Spain)
 * Szubjektiv (Hungary)
 * Jugendschutz (Germany)
 * Office of the EU Counter-Terrorism Coordinator
 * Optenet
 * Abusix
 * United Nations Office on Drugs and Crime
 * Dr. Maura Conway (Dublin City University, Ireland)
 * Crown Prosecution Service (United Kingdom)
 * Christian Heutger
 * Eddy Willems, G Data Software AG
 * Korps Nationale Politie, Landelijke Eenheid (Netherlands National Police, Netherlands)
 * Incopro (United Kingdom)
 * KPN Security

Opposition
Many individuals fear that the actions of this project will continue to grow and possibly restrict use of the Internet. The project would require Internet users to use their real name in all online communication and punish individual for linking to "terrorist content", making no distinction between searching for educational or malicious purposes. Many activist groups and individuals are deeply concerned regarding the scope of the government's capabilities of keeping an eye on the general public. If the past is an indicator, the Clean IT project will see opposition if the Internet community bands together with a worldwide protest, such as one that was successfully able to kill ACTA. A recently leaked document has raised the concern that the initiative has drifted away from its initial aims of fighting the illegal activities and online terrorism. Their broad, vague and widespread approach to online security has arisen concern for internet freedom in addition to the project's dedication to defending the law. The leaked document reveals measures that would allow the removal of lawful content and several other factors including the implementation of blocking systems. There is also the issue of private corporations being involved in the equation of this agreement in the Clean IT project where their personal interests are also intervening with the issue.

The leaked document includes the following proposals:


 * Removal of any legislation preventing filtering/surveillance of employees' Internet connections
 * Law enforcement authorities should be able to have content removed "without following the more labour-intensive and formal procedures for 'notice and action'”
 * "Knowingly" providing links to "terrorist content" (the draft does not refer to content which has been ruled to be illegal by a court, but undefined "terrorist content" in general) will be an offence "just like" the terrorist
 * Legal underpinning of "real name" rules to prevent anonymous use of online services
 * ISPs to be held liable for not making "reasonable" efforts to use technological surveillance to identify (undefined) "terrorist" use of the Internet
 * Companies providing end-user filtering systems and their customers should be liable for failing to report "illegal" activity identified by the filter
 * Customers should also be held liable for "knowingly" sending a report of content which is not illegal
 * Governments should use the helpfulness of ISPs as a criterion for awarding public contracts
 * The proposal on blocking lists contradict each other, on the one hand providing comprehensive details for each piece of illegal content and judicial references, but then saying that the owner can appeal (although if there was already a judicial ruling, the legal process would already have been at an end) and that filtering such be based on the "output" of the proposed content regulation body, the "European Advisory Foundation"
 * Blocking or "warning" systems should be implemented by social media platforms – somehow it will be both illegal to provide (undefined) "Internet services" to "terrorist persons" and legal to knowingly provide access to illegal content, while "warning" the end-user that they are accessing illegal content
 * The anonymity of individuals reporting (possibly) illegal content must be preserved... yet their IP address must be logged to permit them to be prosecuted if it is suspected that they are reporting legal content deliberately and to permit reliable informants' reports to be processed more quickly
 * Companies should implement upload filters to monitor uploaded content to make sure that content that is removed – or content that is similar to what is removed – is not re-uploaded
 * It proposes that content should not be removed in all cases but "blocked" (i.e. make inaccessible by the hosting provider – not "blocked" in the access provider sense) and, in other cases, left available online but with the domain name removed.

Anonymous
On 12 September 2012, the world-renowned hacker group Anonymous made a statement in a video online indicating their opposition to the Clean IT project. They highlight the ambiguity of the notion of "cyber terrorism" and the possibility that the government will twist the definition of this term in order to censor internet usage at home. The Anonymous also argue that this Clean IT project will violate the two main principles of the online environment which are Internet anonymity and Internet neutrality. The group argues that if this project goes under way, everyone on the internet will be required to reveal their names and personal privacy will be void. They argue that they are not for the idea of cyber terrorism but they believe that limiting the rights is not the only way of combating such threats. The anonymous message ends with a threat to the European government by saying that the group is willing to break down any kinds of rules and restrictions in order to put a stop to the project.

EDRi
European Digital Rights is a group that was created to defend the civil rights of the people in the information society. This group has actively spoken out against the Clean IT project by not only saying that the project itself is a violation of privacy but they highlight a very key aspect in the final published version of the Clean IT project document that there is a huge amount of censorship power that involves the interest of the private filtering companies. The whole dialogue that was created by the Clean IT project was not a government centered dialogue but it was a government with a few multi corporate companies to counter online terrorism. However, during the process, EDRi suggests that the private companies' personal interests had been readily involved in the project document itself. The fact the document does not specify the term for what contents to block implies that the censored content depends on the reliability of the companies that provide the internet content. Also EDRi points out that the term "block" in the document is also used very vaguely in the sense that some customers will be limited and others will not be which suggests an unequal exposure to certain content. These two principles imply, EDRi suggests that the private companies have a considerable influence on the project itself and the disclosure of information.