Jump to content
Sign in to follow this  
Goddess Relief Office

Net Effect: Should we oppose sit-ins just because crazy people can abuse them?

Recommended Posts

I am still trying to untangle thenumerous moral complexities involved in DDoS attacks. Two argumentsstand out in particular.

First - and I briefly touched upon thissubject in my previous post - some Internet experts fear thatparticipating in DDoS attacks, even if one has morally justifiablereasons for doing so, might make DDoS a more acceptable form ofsilencing dissent. As such, anyone participating in DDoS – even ifthey have perfectly good reasons for doing so – should first consider the indirect consequences of popularizing DDoS as a tactic. (I havewritten about DDoS as a new censorship mechanism on numerousoccasions – see, for example, the story of the Georgian bloggerCyxymu.)

Let's leave philosophy aside for amoment and just use some common sense. Would we advise anyoneparticipating in lunch-counter sit-ins during the civil rights eranot to do it because it may popularize sit-ins as a tactic that might be abused by all sorts of crazy people and criminals? I don'tthink so: just because one can organize a sit-in to block an entranceto the offices of ACLU to protest their defense of civil liberties would hardly be a factor in deciding whether to block an entrance to the offices ofthe Department of Defense to protest a war.

Why is DDoS different? Arguably,physical civil disobedience is often much easier to conduct than itsvirtual counterpart: having 100 people show up and block entrance toAmazon's offices, on average, is far more effective than having thesame 100 people launch DDoS attacks on its web-site. Sure, there areoddballs like Jester, who claims to have taken the entire WikiLeakswith a solo DoS attack; but such people are not exactly missing fromthe offline domain. Cindy Sheehan has been quite effective actingsolo - is it a reason to impose a moratorium on acts of civil disobedience? I don't think so. 

I think that those who worry about theadverse effects of popularizing DDoS as a tactic misunderstand whatcivil disobedience is (moreover, I'm not sure they understand the distinction betweenits direct and indirect varieties). Civil disobedience involvesbreaches of law by definition; anyonelamenting the popularization of DDoS as a tactic is only lamentingthe fact that those practicing it would violate the rule of law. But whatsuch critics do not seem to understand is that for a breach of law tocount as civil disobedience its perpetrators should be willing toaccept the consequences, get arrested and serve jail time if this ifwhat the law demands. Submitting oneself to the rule of law afterbreaching it isthe compensatory actthat makes such acts morally permissible.

Thosewho oppose DDoS on the grounds that it will popularize DDos as atactic are essentially saying: don't breach the rule of law becauseit would lead others to breach the rule of law. Note that such aposition leaves no space to comment on whether the laws that arebeing breached are unjust to begin with or, in case the laws are,indeed, just, whether violating them may be a morally permissible wayto right other wrongs (i.e. engage indirectcivil disobedience).

Frankly,I think this is a morally impotent position – and those who advocateit need to spend more time thinking about ways to resolve competing moral claims than about the costs of server administration. Is it really obvious that abunch of environmental activists in Russia should not launch DDoS attacks on theweb-site of a company engaged in illegal deforestation just because it may result inmore DDoS attacks on the web-sites of independent newspapers in Burma? It's notthat obvious to me – and I'd like to see the experts who condemnDDoS engage in some rigorous (and preferrably public) ethical calculus before making such loudpronouncements.

The second brief point that I'd like toaddress is this: many liberal democracies are extremely lenient whenit comes to allowing their citizens to organize protests anddemonstrations. As someone who comes from Belarus, where protests arefew and far in between, this is one feature of democratic societies Ifind extremely attractive.


I've lived in Berlin's Kreuzbergneighborhood - and I have seen a plenty of spontaneousdemonstrations, some of them not particularly peaceful and manyinvolving broken windows and the like. I don't see why theGerman state should be any less lenient when it comes to allowing itscitizens to protest in cyberspace than they are in allowing them to riot on  Oranienstrasse. Such considerations, as far as I understand, were part of the reasoning of the German court in the Lufthansa case. 

What I find amusing about the presentsituation is that the same people who often lament the fact that the Iraniangovernment denies freedom of assembly to the Green movement almost reveal themselves as crypto-conservatives when they are forced to think about the digital equivalent ofprotests and demonstrations in democratic societies. So, those opposingauthoritarian governments should feel free to protest anytime theywant – but those who want to protest Amazon should be careful andask for permissions and all that?Does anyone else smell hypocrisy here?

While the exact conditions differ fromcountry to country, I am pretty sure that most liberal democracies dopermit unconditional protests as long as the protesters do not causeserious public disorder and do not seriously disrupt thelife of the community. Even if the protests are organized on privaterather than public property, trespassing is not always viewed as acriminal offense (unless, of course, it is aggravated trespassing,with lots of disruption/damages, in which case it is oftencriminalized). Don't they teach such basic stuff at Harvard Law School? 

True, we don't yet have a neat theoreticalframework to translate the norms surrounding the criminalization oftrespassing (or lack thereof) in the physical world into the digitaldomain. What I do know is that I don't want a blanket ban on anythingthat involves groups of people seeking to protest an activity thatthey find unjust simply because it occurs on the Internet. Even moreso in the case of protesting the actions of technology companies,who, unlike conventional factories and plants, bury all their infrastructureunderground, where it's unreachable to those who may otherwise chooseto protest in the physical space. How do you disrupt Amazon's business in thereal world anyway? I know how to do it with, say, a Ford factory;I'm not sure how to do it with a data center.

Anyone arguing against DDoS on thegrounds that it may have some undesired secondary consequences isimplying that some basic human rights do not apply online. I findthis unacceptable. And by the way, I think that the current laws thatcriminalize DDoS in liberal democracies – some with up to 10 yearsin prison – are in for some major revision as well. No one blockingaccess to a physical building or even tinkering with some corporateinfrastructure without causing it much damage would receive 10 yearsin jail. This doesn't mean we need to de-criminalize DDoS altogether but I thinkthat we do need to think about proportionality here.


What bothers me even more is that theleading brains working on DDoS – especially the folks at theBerkman center – are once again not particularly vocal in thisdebate. A few months ago, I pointed out that they were conspicuouslysilent on the Haystack issue; their excuse then was that they wereworking on a report about circumvention tools and felt like theyshouldn't weigh in on a tool they haven't tested.

Now they are also working on a reportabout DDoS attacks – and once again, there is nearly completesilence from their end, not counting a comment that Ethan Zuckermandleft on Deanna Zandt's blog and a handful of tweets and retweets. Perhaps,if it distracts them from participating in some of the mostfundamental debates taking place online today, they should take iteasy on all this report-writing.

I am absolutely serious about this, asI happen too believe that too much coyness and pragmatism by theleading minds working on Internet issues is what has allowed the USgovernment to behave as recklessly as they have towards the Internetin the last few weeks. But perhaps we'll read all about this in areport next year.


Update #1: I think many people misunderstand the reason why I'm engaging in this debate about DDoS attacks as acts of civil disobedience. This is not to debate the effectiveness of this tactic nor is it to understand whether it fits (or defies) the charge of "slacktivism".  I think that hundreds of people who have participated in such attacks risk getting arrested - and some have been arrested already.


If some of them were acting on the assumption that their actions were fully public and that they were ready to get arrested, I think we should honor their willingness to go to jail for launching attacks on companies that behaved in a very cowardly fashion. (By the way, one of the two teeanagers arrested in the Netherlands for launching these DDoS attacks said as much - he chose not to disclose his online identity precisely to make a public statement about WikiLeaks and suffer the consequences). 

View the full article

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this