Oxblood Ruffin | Hacktivism And Speech Rights, Then And Now

By Oxblood Ruffin

I come to hacktivism as an engaged participant. I am neither an academic nor an ethnographer. My opinions are subjective based on my own practice and understanding of what hacktivism is and should hope to achieve. Although I have a particular point of view I also realize that hacktivism has evolved in a number of directions since the Cult of the Dead Cow (cDc) kickstarted the movement in the late 90s. Possibly not the best analogy but hacktivism seems a bit like feminism. There are any number of feminisms, and there are any number of hacktivisms. Core principles exist but objectives and tactics can vary. So with that in mind I’ll give you my version.
I have always been – for lack of a better term – an internationalist. I was born and raised in Canada, I’ve always been fascinated with the wider world, different cultures and language, and global politics. Working as a consultant at United Nations headquarters in New York, I got a ringside view of how the organization works. I was also exposed to some of the smartest people from all over the world who challenged my assumptions. All of this occurred as the internet was moving from the military, through the academy, and into the public sphere. Many of us thought the internet had the potential to connect the world in new and beneficial ways. We had hope. And we were wrong. The free flow of information was not a priority for dictators and some corporations. National firewalls became the new borders – mostly provided by Silicon Valley – and the internet became disastrously fragmented.
That’s when I became a hacktivist.
At the same time I was trying to develop some guiding principles for hacktivism I reviewed the Universal Declaration of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR). Article 19 of both documents details the right of free speech and sharing information. Even if all members states in the United Nations didn’t ratify these documents, at least the ideals had been established. Everyone should have the right to free speech; everyone should be able to access and share information. And I didn’t particularly care if some governments had a problem with that. I formed Hacktivismo to develop circumvention tools. National firewalls are not conducive to the free flow of information.
With some objectives in place, it was time to think about tactics. How would we do this? Was anything off limits? We would be waging a kind of information war and we needed a blueprint – or at least some basic guidelines – for the rules of engagement. So tactics like Distributed Denial of Service (DDoS) attacks were off limits. If freedom of speech and access to information are basic human rights, then curtailing them are human rights violations. Over the years I’ve debated a range of people who take an opposing view, from activists, to artists, to academics. Counter-arguments range from: denial of service is like a sit in; it’s only a temporary lack of speech and access; targets almost always have other speech platforms.
I don’t buy these arguments but I also don’t doubt the sincerity of the people who make them. I also have to admit a certain amount of conflict. Almost always I agreed with the object of protests where DDoS was used. But I didn’t believe the ends justified the means, and quite frankly, it always seemed like an inelegant solution to the problems. But leaving the issues of speech and access aside for the moment, at least two things bother me with much of the pushback I’ve received to my position. The first is what appears to be the implicit bias of DDoS supporters. It’s alright for us to attack them but it’s not alright for them to attack us. A little more concretely, it’s alright for us to DDoS Fox News but it’s not alright for them to DDoS the ACLU, or vice versa. In an odd way I think DDoSing is like free speech. You either support it or you don’t. The late John Perry Barlow said, “I support freedom of expression, no matter whose, so I oppose DDoS attacks regardless of their target… they’re the poison gas of cyberspace.” I’m with Barlow on both points.
My second and more fundamental problem with DDoS attacks reflects my own bias. I have never been that interested in first world problems. At the same time I became a hacktivist many others were consumed with issues like DRM and copyright law in the United States. I didn’t have the bandwidth to think about these issues so whenever I was queried I’d just say ask Cory Doctorow  or Cindy Cohn; I’m probably good with their opinions. My focus was on speech and access and where there was not that much of it, namely in the emerging networks, or Global South. As much as I’m opposed to DDoS attacks in the liberal democracies I’m wildly opposed to them in places where speech rights and access to information are tenuous at best. To my best knowledge, the primary drivers of the pro-DDoS discourse are Euro-American, a cohort of advocates who already have the rights towards which the rest of the world is struggling.
At the same time that my thinking has evolved from a human rights approach, I also realize that it’s somewhat problematic. These ideas originated from an international organization after the Second World War. And to be fair they were often used by the West to point fingers at countries like Cuba, China, and Iran. Additionally the concept of violation was intended to be levelled against governments denying citizens their rights. So is it possible for non-state actors such as hacktivists or corporations to be guilty of human rights violations? Probably not. The results of a DDoS attack aren’t any different whether they’re committed by a state or non-state actor. It’s also worth noting that in the field of social media, hashtags can equally be weaponized to suppress speech. Gamergate is a good example. Women’s coversations were overwhelmed with hashtag spam. Similar hashtag attacks have been made in political contexts. In the digital age roles have become muddied. And as Marshall McLuhan observed in 1970, “World War III is a guerrilla information war with no division between military and civilian participation.”
Hacktivism is a bit like the Anonymous collective. They have been recognized as a hacktivist group, and they’re an organization that anyone can be a part of as long as they remain anonymous. Please note the word “anyone”. Hacktivism does not require deep technical expertise. You don’t need to be a vulnerability researcher, or a networking or hardware expert. In my experience the majority of hacktivists are not these kinds of people. It takes very few hackers to achieve large outcomes. Chelsea Manning. Edward Snowden. Two lone actors who exacted enormous change in political culture and public awareness. But the overwhelming number of hacktivists are not people like these. Not even close. Part of the problem is the conflation of the words hacker and hacktivist. While the former could be the latter, the latter is not necessarily the former. But what is true of most hacktivists is that they tend to be adept at raising public awareness, especially across social media. That, in my opinion, is hacktivism’s greatest achievement.
As someone who has thought about these issues for a long time I’m aware of how the terrain has changed. The internet was a very different place when I got started from what it is now. That’s why I have a lot of sympathy for anyone wrestling with ethics and artificial intelligence (AI). How is that going to be sorted out, especially if AI is used as a hacktivist tactic? At least I had an internationally agreed upon framework upon which to attach hacktivism. Ethics and a sense of decency always mattered to me. We even came up with a software license that sought to protect end user rights. But perhaps it’s time to abandon arguing for human rights and appeal to ethical consensus. Winston Churchill observed of democracy that it’s “… the worst form of Government except for all the other forms that have been tried from time to time …”. I am not so hidebound as Mr. Churchill. I’d be willing to swap another ideal for human rights if one came along.
Looking back over the past twenty years – if a comparison to feminism still works – I’d probably qualify as a second wave hacktivist. IMHO the first wave began with the Yippies/TAP. There isn’t a lot of information available about this group but I did hear a lot about them from my earliest mentor on hacktivism, The Nightstalker who had been active with them. I suspect we’re moving into something that might be characterized as third wave hacktivism; a far wider involvement with the emerging networks that represents a billion plus new users on the internet. If my projection holds then diversity, gender, and majority world issues will be the focus of the newer strains of hacktivism. It’s something I look forward to.
Oxblood Ruffin is a hacktivist based in Berlin.