WHO DO YOU ask to find out if the government of Ethiopia has really shut down the internet? If Facebook is blocked in India? Or if Wikipedia is unreachable from Venezuela? For the past few years, the answer to all those questions has been NetBlocks.
Since its launch in 2016, the London-based outfit has alerted the world to all and every internet incident. Whenever a ruler, junta or strongman tampers with a country’s connectivity, NetBlocks will be tweeting about it, publishing graphs and reports showing how the disruption unfolded. Day after day, crisis after crisis, NetBlocks’s alerts pour in, almost a fixture of the age of internet censorship.
The group’s rise has been unstoppable. It has over 125,000 followers on Twitter and its posts can rake in thousands of retweets and tens of thousands of likes. Articles citing NetBlocks have appeared in The New York Times
It’s a seemingly simple question with a complex answer. Several experts in the internet measurement sector have spent years scratching their heads at the vagueness of the organisation’s explan ations of its methods and have continually called for more transparency. To those pleas, NetBlocks and its firebrand British-Turkish founder, Alp Toker, have replied with defensiveness and accusations of unfair competition.
But, even as other specialists worry about NetBlocks’s lack of transparency, attention-seeking, and potentially unethical practices, the company’s media cachet has never been stronger. Governments across the globe are increasingly turning to internet shutdowns and censorship to oppress their citizens. In parallel, the internet measurement community is engaged in a battle, unevenly fought, to discover, document, and report the truth with accuracy and prudence. For this community, the behaviour of a fast-moving, fiercely competitive startup like NetBlocks raises questions not just about the truth but also who gets to tell it and how. And, at the centre of this row is a crisis that affects us all: who monitors the internet monitors?
ON DECEMBER 15, 2019, Collin Anderson – an American researcher with a decade of experience investigating internet censorship – fired off a fusillade of tweets revealing a security flaw that he believed posed a risk to internet users in repressive countries. In this case, he claimed, the danger did not come from state-backed snoopers or ruthless security services: Anderson was pointing the finger at NetBlocks, the self-styled internet observatory. And he had a stark warning: NetBlocks’s website could be dangerous.
“[NetBlocks] is running undisclosed experiments that could endanger people,” Anderson’s tweet read. “Without their permission, visitors to [NetBlocks] are forced to conduct censorship measurements.” When a user opened netblocks.org, a series of inconspicuous scripts in the page’s source code would hijack his or her browser and have it connect to dozens of websites, including social media, news outlets, internet forums, and websites selling VPNs, among others.
NetBlocks’s script could gauge what was blocked and where: if the browser of someone in, say, France, reported back that it could not connect to Twitter, that would provide NetBlocks with useful data. Anderson’s view was that it was unethical. Not only were these tests conducted without the user’s express consent; worse, Anderson thought they could put people in danger. If someone whose internet traffic was already being monitored by an oppressive government were to access netblocks.org, Anderson argued, their unwitting connection to certain websites – for instance US-backed Voice of America, or the controversial imageboard 4Chan, both among the checked websites – might put a target on their backs. That was not just a speculative scenario: in 2016, Turkey jailed 150 teachers who had been reportedly tracked down because they used a texting app linked to president Recep Tayyip Erdogan’s arch-rival Fethullah Gulen. Anderson was categorical. “[NetBlocks] should stop immediately,” he signed off his thread.