!

Tor, anonymity and countercontrol in the log in era

!

New Media Theories Research Essay

Roberto Pizzato ID 19971084

Academic Year 2014/2015 9 January 2015

Summary

Introduction 3

Power and Control before the Internet 6

Control as Modulation 7

Control-freedom and Paranoia on the Internet 8

Control and Sovereignty in the Network Society 9

Protocol, the language of networks 11

Power and Resistance 12

Counterprotocol and Exploits 13

Countercontrol 14

The Tor Project 15

History and Sponsors of The Onion Router 16

Usability of Tor 17

Tor Users 19

Conclusion 20

Bibliography 22 ! 2

Introduction Online anonymity is a topic which hints the will to avoid different forms of surveillance and

control, but it has not always been considered as such.

In the mid 1990s users witnessed an Internet that looked very different from the one they surf

nowadays. Their first online experiences tasted of freedom and anonymity: as for other media, such

as TV and radio, the only action required to be able to access Internet content was switching a

device on. Unconsciously, they considered the Internet a medium that could be used anonymously,

an environment in which a certain degree of anarchy was suggested by an illusory absence of

control. Nonetheless, users’ Internet Protocol addresses have provided information on each Internet

connection since before the use of Web Cookies in ‘the log in era’.

Users’ identification has significantly improved since then, in particular in the last decade.

This process has been enhanced by companies such as Google and Facebook among others, due to a

business model centred on the usage and sharing of users’ data. This identification has empowered

not only the Internet corporations, but also users themselves. Nowadays, just typing someone’s

name on a search bar something about that person is likely to be found. Personal information such

photos, job experience and interests have become largely available to corporation as well as simple

users.

Internet users have a name, a surname and a history: searches, place visited, products bought, etc –

that is an online identity linked to their online behaviour. Tracking cookies keep them logged in,

smartphones require to create a personal account and to be logged in order to be used. The exchange

between users and corporation consists in agreeing to the terms of service for the former – which

allow these corporations to deploy data – and to provide services and products for the latter. In

everyday life this practice has become so common that has blurred users’ awareness of how they

have turn out to be controlled.

Moreover, since 9/11 intelligence agencies – the US National Security Agency in particular

– have designed infrastructures of online surveillance strictly connected to the data espionage of the

above-quoted Internet based corporations storage. This effort has been made easier by the politics

of Internet corporations that has encouraged the users to share data on Social Networking Sites and

to be always connected in order to make the best use of their services. Profiling users is the core

business of these companies, as they constantly strive for providing data for the most accurate

targeted advertising possible. That is, private business and countries’ safety purposes have led to the

! 3

most sophisticated form of pervasive control ever developed. Hence, surveillance and control

deploy marketing and targeted advertising techniques, while the boundaries of privacy are

continuously redefined through the agreement to terms of service which keep on being revised.

In 2013, the use, or better the abuse, of surveillance and control technologies by US and UK

intelligence agencies was unveiled by Edward Snowden, a former NSA contractor. Previously

employed as system administrator at the Central Intelligence Agency and at the Defence

Intelligence Agency, when he leaked top secret documents about PRISM – the clandestine US

National Security Agency mass surveillance program – he was working for the consulting firm

Booz Allen Hamilton inside the NSA centre in Hawaii. After two newspapers reported the leak – i.e.

The Guardian and The Washington Post – the topic of surveillance and control went mainstream.

The scandal had two fundamental consequences: one legal, the other psychological, both of

them associated to the concept of privacy. The first was the lawsuit filed against the NSA by the

American Civil Liberties Union on 10 June 2013, and immediately joined by the Yale Law School

(Yale Law School), which actually was only the one of the three litigations that aim to prove how

this form of surveillance violated the American Constitution. But it is the second consequence the

most relevant for this paper: a widespread paranoia related to the power of these techniques of

surveillance, the idea that even confidential users’ data stored by companies such as Hotmail,

Google, Yahoo and Facebook were constantly spied.

The tension between the empowerment enabled by these corporations – in terms of connectivity,

services and tools – and these systems of surveillance has increased proportionally to the users’

awareness of ‘being spied’. Thus, a projects which allows anonymity and circumvention of Internet

control has become more familiar to the masses – i.e. the free software and open network Tor.

In 2013 in fact, the number of hits to its download page has quadrupled reaching 139 million

(Business Week). This is what makes Tor an interesting case study for this research: it embodies the

desire of being online and anonymous at the same time. It represents the friction between control

and what I will define as ‘countercontrol’.

The focus of this paper is the dynamic that regulates the relationship between control and

forms of resistance within networks, in terms of protocol and users’ behaviours. This tension cannot

be ignored, it must be addressed, by the agencies responsible for the espionage, by the companies

which collect and manage our data, and last but not least, by the users.

The aim of this paper is to locate Tor as a form of resistance within the theories of power and

control. Moreover, the study of networks in what I called the ‘log in era’ can be combined with an ! 4

investigation of the topic based on software studies, and provides a framework in which control is

exerted on users’ countercontrol. Finally, the notion of countercontrol could be explained through a

shift to behaviourism.

To sum up, what is of interest here is not an ethical critique of the use of anonymity tools as

such, but rather the analysis of the dynamic that led to its creation, to its development and how it

has finally become mainstream. The aim of this paper is an attempt to answer the following

questions: how could Tor be related to theories of power and control? To what extent may Tor be

consider a form of resistance? How could we define online anonymity in the ‘log in era’?

! 5

!Image 1: One of the most popular log in pages in the world: Facebook log in page showing the claim “Heading out? Stay connected”.

!Image 2: The Download Tor button on the Tor Project homepage showing the claim “Protect your privacy. Defend yourself against network surveillance and traffic analysis.

! 6

Power and Control before the Internet

In order to define control it is necessary to introduce another fundamental concept strictly

intertwined with this: that is the notion of power. One of the most relevant contributions to this

topic is the work of the French philosopher Michel Foucault, who focused on the modes of

objectification which convert human beings into subjects (Foucault, 777). In particular, he studied

the dynamic that has led people to turn themselves into subjects, so that speaking about power is

speaking about subjects.

In 1982, a decade before the commercialisation of the Internet, Foucault wrote The Subject and

Power, which is a milestone of the major discourses elaborated by different scholars in the

following years. He suggested “to go towards a new economy of power relation” which “consists of

taking the forms of resistance against different forms of power as a starting point”, in other words

this relation can be analysed through the antagonism of the contrasting strategies used by these two

forces (780). This approach encourages to investigate the point of application and the methods used

as antithesis of power. Thus, when exploring these forms of resistance and the power relations they

imply, researchers should focus on the struggles for dissociate the above-quoted relations.

Moreover, Foucault delineated a precise profile of these anti-authority struggles: they are

‘transversal’ – not related to a particular country or form of government, they fight power effects

per se, they look for the ‘immediate enemy’ instead of a definitive solution, they are against the

“government of the individualisation”, they question the “way in which knowledge circulates and

functions” and finally they pose the ontological question “Who are we?” (781). To put it simple, the

anti-authority struggles described in the Subject and Power found their enemy in a “technique, a

form of power” (ibid). If we were to find a relation with the status quo, Tor could be considered one

of these struggles.

However this speculation was about a declining form of society organisation – defined by Gilles

Deleuze as Disciplinary Society – which he differentiated from the new ‘Societies of Control’.

Nonetheless, to some extent, the Foucauldian perspective is still extant and applicable to the current

way of life characterised by the widespread use of the Internet. In fact, when reading the quote

below, its relevance emerges in relation to what I called the ‘log in era’, a time in which the

exploitation of users’ data by the marketers and the control technologies used by intelligence

agencies have turn users into subjects.

! 7

This form of power applies itself to immediate everyday life which categorizes the individual, marks

him by his own individuality, attaches him to his own identity, imposes a law of truth on him which

he must recognize and which others have to recognize in him. It is a form of power which makes

individuals subjects. There are two meanings of the word "subject": subject to someone else by

control and dependence; and tied to his own identity by a conscience or self-knowledge. Both

meanings suggest a form of power which subjugates and makes subject to. (781)

To sum up, from the Foucauldian perspective subjectivation and resistance are two crucial concepts

related to the definition of power.

Additionally, Foucault stressed that power is characterised by its capacity to be exerted through

relations between individuals or groups (786) and it becomes explicit only when it is exercised.

Thus, there is no universal power, because it “exists only when is put into action”. Actions are in

fact the real expression of power, which could be finally define as an agency that “acts upon

action”. Eventually, this dynamic can effect present and future actions (789) in an environment

marked by a fundamental element: freedom (790). If subjects are not free, power can’t be exerted,

that is power and freedom “are mutually exclusive”, even if they cannot be separated, they never

confront each other face-to-face (Ibid). For what concerns the Western countries, supposedly

considered free, Internet users are hence free and controlled, and subjects of power as well.

Control as Modulation

Foucault focused on institutions as apparatuses of power, but as suggested by Deleuze, they have

been replace by corporations in what he named the ‘Societies of Control’. In fact, if the notion of

power is well explain by the former, a in-depth speculation of control was made by the latter. The

shift to Deleuze is important in order to address Foucault’s power strategy, or “the totality of the

means put into operation to implement power effectively or to maintain it” (Foucault, 793), that is

control. The crisis that hit the ‘Disciplinary Society’ led to the instability of this model, as well as its

modes of control and enclosure, so that this crisis needed to be confronted and addressed through

new techniques.

Deleuze’s Postscript on the Societies of Control was published in 1992, ten years after The

Subject and Power. It was precisely in the 1990s that the Internet was launched as a product for to

the masses; at the same time, a process of replacement took place. Power, and hence control, was ! 8

not a prerogative of institutions anymore, corporations would exert it (Chun, 25). This change

reflected also on the modes of control, that would become ‘modulation’, “like a self-deforming cast

that will continuously change from one moment to the other (Deleuze, 4). On one hand Deleuze’s

definition of corporation as gas or spirit (ibid) may be vague, on the other hand it is appropriate for

its capacity to express the pervasive and somehow ‘immaterial’ character of the Web.

Surely, what it is remarkable about this perspective is the predominant role of corporations

in people’s everyday life and the introduction of another fundamental element: the code. According

to Deleuze, “the code is a password” (5). Thus, it is reasonable to affirm that the password is the

essence of the ‘log in era’, a time rule by the Internet corporations, which have built their fortune

and power on the control exerted through the password, the only way to access their services.

The numerical language of control is made of codes that mark access to information, or reject it.

We no longer find ourselves dealing with the mass/individual pair. Individuals have become

“dividuals”, and masses sample, data, markets, or “banks”. (Deleuze, 5)

This words reflect the time we are living, in fact the ‘Societies of control’ – differently from the

previous ‘disciplinary societies’ – are characterised by the use of computers instead of the machines

previously deployed, a technological shift that would change the economical system from a

capitalism of production to a capitalism of higher-order production (ibid). This definition is just

appropriate enough to describe the current status of the (new) global economy, in which what it is

sold are not only commodities, but also users’ data as commodities. Given that “marketing has

become the center or the ‘soul’ of the corporation”(6), what he called the ‘corporate system’ (7) has

taken advantage of the digital technologies and imposed its power over the previous system.

Obviously the Web has had a predominant role in this process.

Nonetheless, the Foucauldian perspective is not antithetical to the one suggested by

Deleuze, but it is a necessary development due to the vital characteristic of power to maintain itself.

In fact, the new forms control do not exclude that the old methods would eventually come back,

modified in order to be applied by the ‘corporate system’ (7). Postscript on the Societies of Control

concludes posing a question, how – or whether – will struggles against power evolve in new forms

of resistance “capable of threatening the joys of marketing” (ibid)? That is how will be resistance

exercised in the ‘corporate system’?

! 9

Control-freedom and Paranoia on the Internet

According to Wendy Chun, “power now operates through the coupling of freedom and

control” (Chun, 1), a practice well explained also by Foucault. In fact, in Control and Freedom:

Power and Paranoia in the Age of Fiber Optics she used the terms ‘Control-freedom’ as a reaction

to the “privatisation of networks, public services and spaces”. On one hand, the Internet was sold as

a technology capable of blowing the mass media monopoly through the free flow of information – it

was perceived by the users as a tool enabling anonymous communication and a means of

empowering. On the other hand it has allowed an unprecedented form of pervasive control through

Internet cookies (2). If Chun’s paper focused on ‘jacked in’ objects such as laptop and personal

computer, now the control has become even more total and ubiquitous due to the widespread use of

smartphones and tablets connected to the Internet through 3G connections. Since Internet cookies

have been used, the flow of online information provides users’ Internet Protocol address, type and

language of the used browser, and user domain. Thus, the World Wide Web has never been

anonymous, in fact users’ online activities have always been traced, that is controlled. Users’

privacy per se has always been an illusion (15), suggested by the ideology supported by software

companies (19).

If you believe that your communications are private, it is because software corporations, as they

relentlessly code and circulate you, tell you are behind, and not in front of, the window. (21)

That is, the question whether the Internet is a tool of freedom or control is a false dichotomy.

As stated by McLuhan “the ‘content’ of any medium is always another medium” (McLuhan, 203),

so that the capacity of the Web to incorporate all the other media formats has made the Internet the

new mass medium.

The software as ideology is a characteristic that emerged after the shift to the ‘corporate

society’, it appeared as an effect of the introduction of the Internet as a new mass medium. The

political decision of the US government to “privatize the backbone” of what until 1994 was a

“military and research network” (25), effected society also from a socio-economical perspective,

and transformed the Web in a global marketplace. The crisis of the ‘disciplinary society’ was faced

through this shift, that had as a consequence the commodification of users’ data. Thus, technology

was used as solution to political problems (25).

! 10

Finally, differently from Foucault, who described power as such only when exerted, Chun

focused on the failures of the control systems and argued that the Foucauldian perspective

overestimated power not mentioning its possibility to fail. However, it can be said the NSA scandal

has emerged not because the technological part of system failed, but because the ‘human part’ of it

leaked top secret information.

Control and Sovereignty in the Network Society

Chun’s definition of the two layers of all new media objects – the cultural and the computer (Chun,

18) – is remarkable for this paper, but it is Galloway and Tacker’s perspective the most remarkable

when analysing networks and control.

Their critique is about the “power relationship between sovereignty and networks” (Galloway &

Thacker, 1). The Exploit was published in 2007, one year after Power and Paranoia in the Age of

Fiber Optics, and starts with an approach to control based on a political point of view. Galloway

and Thacker’s first off is a preliminary division into different positions about politics: one arguing

that “everything has changed after the fall of the Soviet Union and the attack to the Twin Towers,

the other supporting the thesis that the new millennial era is simply ‘more of the same” (2). The first

position suggests the ‘American exceptionalism’, due to the US superpower, was increase in the

period following September 11, 2001. The United States had to opt out from multilateral treaties in

order to preserve its predominant economic and political position, and to be safe. The centrality of

the US in researching, developing and launching new information technologies is evident when

looking at the history of project as Cybernetics, ARPANET and the anonymity software Tor, which

will be discussed hereinafter. Moreover, most of the biggest Internet corporations were born and are

currently based within the American borders – i.e. Google, Facebook, Amazon, Yahoo!, eBay,

Twitter, etc.

Arguing that the US represent an exception on the international scale has a political meaning:

according to Galloway and Thacker, the process of globalisation has mutated “from a system of

control housed in a relatively small number of power hubs to a system of control infused into the

material fabric of distributed networks” (3). Even though the American sovereignty seems to

suggest the opposite, “everything is everywhere” (4), that is that the American superpower is a

juncture between sovereignty and networks (5). The friction created by this apparent contradiction

unveils a fundamental characteristic of control applied to networks.

! 11

[...] there is no greater lesson about networks than the lesson about control: networks, by their mere

existence, are not liberating; they exercise novel forms of control that operate at a level that is

anonymous and nonhuman, which is to say material. (Galloway & Thacker, 5)

Thus, for Deleuze control is immaterial because it does not use force and enclosure, but it is

material from the above-quoted perspective; what it is interesting is that the two concepts are not

contradictory. As the two scholars stated “networks are a medium of contemporary power” (ibid)

above which no subject nor groups may exercise an absolute control.

The stress on politics is crucial to take on the topic of network control, because networks “act

politically” (15). Since the World War II the American supremacy has been shown through its

military apparatus and its technological development has been related to the US warfare. But since

these technologies have entered the global market, such as the Internet did through the privatisation

of its structure, the US enemies could use the same tool to fight the American power back. In fact

Galloway and Thacker underlined that “without connectivity terrorism would not exist in its current

form”, which is a terrorist network (16). In a certain sense this process has been enhanced by the

West, which “at least created the possibility for terrorism to emerge” (ibid). What the above-

mentioned scholar stated is that “the most highly standardised and controlled technology in history”

(18) had to be fight on the same ground, that is only networks can fight networks.

Thus, given the additive and non exclusive nature of networked power – the politics of Internet

corporations are a crystal clear example of that – it can be said that power has two qualities: it

implies resistance and it hints inequality in terms of power differentials in its inner structure (18).

These differentials infer a hierarchy within networks, that is that control is networked and

distributed, but hierarchical at the same time. Distributed through the global market ruled by US

based Internet corporations and hierarchical because of the American superpower. This is what it

can be defined as ‘sovereignty-in-networks’ (20).

In the ‘log in era’, users’ are encouraged to stay always connected, in order to use the social

networking sites, applications and other services provided by the Internet corporations. The

ubiquity of the Internet connection enabled by portable digital devices have rendered networks so

crucial to our lives that we do not question them anymore.

Nonetheless, reasoning on the term ‘users’ we can unveil an addiction: users are addicted to the

networks. As Chun stated “the term user, resonating with ‘drug user,’ discloses every programmer’s

dream: to create an addictive product” (Chun, 21). ! 12

Protocol, the language of networks

Given that networks are the framework of users’ life, the historical and cultural approach represent

only the first stage in the process of locating them theoretically. It is fundamental to analyse the

language of the networks as well, the rules and standards which make the flow of information

possible within networks. According to Galloway and Thacker “the concept of protocol refers to all

the technoscientific rules and standards that govern networks”, they are “rooted in the laws of

nature, yet they sculpt the spheres of the social and the cultural” (28). Then, the authors underline

the similarity between networks in biological and computer networks, to some extent as

Cybernetics, information theory and systems theory have pinpointed a trait d’union between

biology and informatics. More precisely, in biological and computer networks the flow of

information is direct by protocol (55), if the DNA carries information in the former, TCP/IP, FTP

and HTTP are the carrier of information in the Internet. If protocol is what enables communication

within networks, thus networks can be defined as protocological networks. Then, in order to

describe the characteristics of protocol, Galloway and Thacker state that:

Protocol is twofold; it is both an apparatus that facilitates networks and a logic that govern how

thing are done within that apparatus. (29)

Networks are made possible and governed through protocological control, a concept that is

dynamic and ‘metastable’ (30). Additionally, the graph theory provides a definition of networks

based on three main characteristics: they are made by nodes and edges – or dots and lines – and

they imply connectivity and topology. They are characterised by ‘metastability’ and they are

“multinode, multiedge configurations” (33).

To sum up, looking back to Deleuze’s idea of control as modulation, it can be argued that

control is “what enables a relation to a device, a situation, or a group” (35). That is to say control is

enabled through protocol.

Moreover, what problematises control is its duplicity: there’s control “from within the network and

from without the network”; to be effective it should not pervade, but rather operate over networks

(36). This tension between a control which stands “at once within and above” networks suggests

that the sovereignty still matters (39).

When trying to apply this perspective to the Web 2.0 and its transition to the what Tim

Berners-Lee called Web 3.0, Deleuze becomes central again. Users, individuals that have become ! 13

‘dividuals’ (Deleuze, 5), may be allowed or not to access information through the use of code, or

passwords. Once they logged in, they have become data, patterns, commodities. Users are

encouraged to stay always connected by the empowerment, the social acceptance and the services

they can get, so they accept the deal. Thus, I am skeptical about Galloway and Thacker’s idea of

control as something which aims “to make itself relevant” (41). It could be considered paradoxical,

but control is perceived when something goes wrong, not when it hides in everyday life. In the

control societies information cannot be considered immaterial, and of course information is the

substance of protocol (57). Nonetheless, if we think about the Edward Snowden’s revelations and

the following growth in terms of hits to Tor download page, it can be argued that it was a particular

event – a leak in the system – which lead to users’ concerns about privacy and control. So that

information is material, it is pictures, thoughts, files we share on the Internet and “makes protocol

matters” (57) only when control seems to represent a threat, that is when it becomes surveillance.

Power and Resistance

The Foucauldian concept of biopolitics could be described as the “strategic integration of biology

and informatics” in order to develop techniques which allow organisation and control of population

(Galloway & Thacker, 72). The notion of biopolitics derives from the idea of biopower, that is the

technology of power which enables control on populations. Control is made effective through the

production and analysis of data (73), a process which has clearly improved in the ‘log in era’, a time

in which big data are largely available among different fields. These data are collected and

exploited by private companies and governmental agencies, while the former use them to make

profit, the latter justify their use by security goals (74). Statistics and demographic are deployed to

establish patterns, averages and norms which enable the optimisation of control for both of the

above-quoted purposes (76).

Security matters because biopolitics has made “the concern for security immanent to social life

while also creating networks of all types (social, economic, biological, technological,

political)” (ibid). Security implies a threat, something which could sabotage control, that is

resistance.

What is the target of resistance? Control, applied to networks through protocol, aims at maintaining

itself and finds its enemies in the forces which try to resist. Thus, the target of resistance is protocol

(78). According to Galloway and Thacker networks are real-time, dynamic, experiential living

! 14

networks”, resistance is thus living, or life-resistance. Given that biopower has life as its object, also

resistance has life as its object, hence we can define life as the capacity of resist force (79).

Power always implies resistance. In relationships of force there are always vector movements going

toward and against. This is what Hardt and Negri call “being - against.” It is the vast potential of

human life to counter forces of exploitation. (78)

Counterprotocol and Exploits

Within protocological networks power does not shift from one place to another, instead power

differentials are exploited in order to produce political acts (Galloway and Thacker, 81). Hence, on

the Internet one is more likely to use the existing structure and its pits in lieu of drawing on an

alternative models.

Protocological struggles do not center around changing existent technologies but instead involve

discovering holes in existent technologies and projecting potential change through those holes.

Hackers call these holes “exploits. (ibid)

From Foucault to Deleuze, the relation between these struggles and power is central when analysing

the dynamic which governs control. Thus, if resistance targets protocol, it express itself through

counterprotocol, or the exploitation of protocol exerted to resist. Examples of counterprotocol could

be computer viruses (88), or as in this paper, technologies which enable anonymity such as Tor.

However, in computer networks a virus could not exist without computer, but computers do not

need viruses to exists.

Finally, on one hand it can be said that the dynamic nature of networks underlays the need of these

holes as means of improvement: the fragility and the strength of the informatic networks lays on

their capacity to deal with failures which can be exploited. On the other hand, counterprotocological

practices can benefit from the homogeneity of networks and exploit them for their purposes (99).

Countercontrol

Countercontrol is a term borrowed from behaviourism and introduced by the American psychologist

Burrhus Frederic Skinner. As stated by the American professor Dennis J Delprato, “the concept of

! 15

countercontrol derives from the fundamental behaviour-analytic position that behaviour is always

controlled or caused” (Delprato, 191). In his book Science and Human Behavior, Skinner focused

on the control of human behaviour and its resistance, that he named ‘countercontrol'. He

individuated different forms of controlling agencies in the field of psychotherapy, as well as in

different spheres of social life such as a economics, religion, government and law and education.

An understanding of Skinner’s position on control could be grasped from a well-known quote taken

from an interview:

[...] it is a mistake to suppose that the whole issue is how to free man. The issue is to improve the

way in which he is controlled” (Skinner, I have been misunderstood)

Thus, control could benefit human beings even more the freedom. According to Foucault if subjects

are not free, power can’t be exerted. Moreover, as argued by Skinner behaviors are determined in

noncoercive ways by societal controlling agencies. If we combine this perspectives with Galloway

and Thacker’s idea of “a system of control infused into the material fabric of distributed networks

(Galloway &Thacker, 3), we will end up to Skinner idea of control as practice which becomes more

as effective as human behaviour is further analized (Skinner, 438).

According to Gerald C. Davidson, when a person is led to think that is free and then that

freedom is threatened, she is likely to arouse what psychologists call ‘reactance’ (Davidson, 155).

From a behaviourist perspective, this could explain why Tor went mainstream after the NSA

scandal.

Galloway and Thacker stated that control is exerted above and within networks; surely it is

strictly intertwined with the use of Internet. Thus, given that in the ‘corporate system’ control has

passed in the hands of private corporations, Skinner’s assumption that “government which governs

least is relatively free from the dangers of misuse of power” (Skinner, 439) could give an

understanding of the status quo. Moreover, the American psychologist stated that “in economics a

similar philosophy defends the normal stabilising processes of a ‘free’ economy against all forms of

regulation” (ibid). Hence the stress on the ‘free economy’ may highlight a correlation between this

perspective and the current (free) global market.

Finally, it is through the diversification of control that a new culture can be safety designed

in a flexible way (Skinner, 441). That is that through the shift from the declining ‘disciplinary

society’ to the ‘society of control’, a new culture has been designed through the spreading ! 16

privatisation of the Internet. Networks provide a dynamic environment in which control can be

distributed horizontally while imposed from above (Galloway and Thacker, 39) and allow

governments to “prevent any sort of control through the use of force” (Skinner, 442).

The Tor Project The Tor is a free software and open network, relevant to this research because of three reasons: it is

an example of resistance within a computer network such as the Internet, it is a clear case of a

counterprotocological network and it represents a form of countercontrol with which techniques of

control have to deal. Given the theoretical background in which Tor could be positioned, I would

like to introduce the origins of this anonymity project, how it functions and who are Tor users.

As I had explained, recently Tor has recently increased its popularity, hereinafter I will provide two

examples of its spreading.

On 10 November 2014 the Mozilla Foundation announced the launch of Polaris, a new

online privacy initiative developed in partnership with the Tor Project and the Center for

Democracy & Technology. According to an online survey conducted by Harris Poll on behalf of

Mozilla in October 2014, 74% of more than 7,000 online adults aged between 18 and 64 years old

said that “their personal information on the Web is less private today than it was one year

ago” (Mozilla Blog).

On 31 October 2014, even Facebook had opened its platform to Tor users and “unveiled its

hidden service” through a link accessible only via Tor-enabled broser: https://

facebookcorewwwi.onion/ (Tor Project Blog). To be precise, it was already possible to access

Facebook through Tor, but the access could have been mistaken for a hacked account or a botnet

(The Guardian online, ‘Facebook opens up to anonymous Tor user with .onion address’), and

cryptographic protection was not assured. Obviously users cannot be anonymized if they used their

profile name, but through Tor now they can avoid localization – so that they can access the social

network from countries in which the social network is blocked – and hide browsing habits

remaining within the Tor network (BBC online).

Facebook goal is to extend its network in order to gain more users, no matter how: a clear

case of the additive and non exclusive nature of networked power (Galloway & Thacker, 18).

However, if users access through Tor it does not mean that they are not identified. Security is then

! 17

provided for the users who could not have accessed the social network, while concerns regarding

privacy, surveillance and control are still on the ground, due to the log in process. Nonetheless, the

second most used website in the world (Alexa) and one of the biggest Internet corporations has

publicly dealt with Tor (Facebook).

History and Sponsors of The Onion Router

The onion routing was conceived by Paul Syverson, Michael Reed and David Goldschlag in 1995.

At that time the U.S. Naval Research Laboratory designed a technology that would protect online

government communications from traceability. In 1997, the Defense Advanced Research Projects

Agency (DARPA) funded the project as part of the High Confidence Networks Program. Since

Roger Dingledine and Nick Mathewson were asked to be part of the project in 2002, the team

working on the Onion Router changed. Two years afterwards, the “Second-Generation Onion

Router” was presented at the 13th UNESIX Security Symposium and released under free license by

the Naval Research Laboratory. The team grew in December 2006, when Dingledine, Mathewson

and five others founded the nonprofit organization which maintains Tor nowadays (Onion Routing,

Syverson, Tor Project).

Thus, the inception of Tor can be traced back to the US military system and the project has

developed into a nonprofit NGO in about a decade. But what it is even more remarkable is that

among its sponsors a large variety of actors have been active in the last 20 years: from the US

Department of State to Google, from an “An anonymous North American Internet Service

Provider” to more than 4000 donations made by personal users (Tor Project, ‘Sponsors’). Moreover,

the Naval Research Laboratory has appeared among the sponsors till 2010, while a branch of the

US government as the “Department of State Bureau of Democracy, Human Rights, and Labor” has

sponsored Tor since 2013, the year in which the NSA scandal emerged (ibid). Paradoxically, Tor

was funded by a US governmental department and the target of a US intelligence agency – i.e. NSA

– at the same time (Tor Blog).

Usability of Tor

The basic concept is to avoid “the transport medium from knowing who is communicating with

whom” so that “the network knows only that communication is taking place” (Onion Routing). In

! 18

other words, Tor keeps the content of the communication “hidden from eavesdroppers up to the

point where the traffic leaves the OR network” (ibid).

Within the Tor network a user can achieve anonymity mixing her internet traffic with other

users’ traffic, that is that the sender of information cannot be distinguished from the set of other

users (Clark, Van Oorschot, Adam). More specifically, anonymity within the Tor network means

controlling and preventing “the dissemination of a user’s IP address” (ibid). Through the use of mix

proxy servers – tools which intermediate requests from client and direct them to other servers after

the connection has been segmented – users’ data cannot be monitored and stored by Internet Service

Providers. By default, Tor routes Internet traffic via these mix proxies, which encrypt the

information layering it; this is the reason why this method is called onion routing (ibid).

However, it can be said that “the sender is only anonymous within a crowd” and her safety is

dependant to the reliability of the members of the Tor network: if errors are committed, users can

be traced (ibid).

As written in the about section of the Tor Project website, “as Tor's usability increases, it will attract

more users, which will increase the possible sources and destinations of each communication, thus

increasing security for everyone.” (Tor Project).

Finally, an analysis of the language and documentation on Tor website underlines that its users

should be familiar with the jargon used (Clark, Van Oorschot, Adam). Although Tor has become a

popular privacy tool which enables online anonymity, its functionality are not always satisfactory in

terms of usability and configuration (ibid).

Nowadays, even ‘privacy-aware’ users are living hard times due to the so called ‘browser

fingerprinting’ (Broenink). One of the best known way of tracking users is through tracking

cookies, a technique which enables users traceability through the information sent by Internet

browsers. As previously explained, users can be tracked for different purposes, the ones relevant for

this research are essentially two: tracking for security reason – i.e. surveillance by the intelligence

agencies – and tracking for commercial reason, such as providing target advertising.

Some users might deploy ‘incognito’ browser in order to hide the traces of their activities, but this

does not prevent fingerprinting (ibid). Additionally, when a user tries to hide her fingerprints in an

unexperienced way, it might incurred in the Fingerprintint Paradox. In other words a user could

distinguish from the crowd because the technique used is not widespread enough (ibid). That is not

to say that Tor is not secure, in fact it is the only widespread technology that actually try to prevent

! 19

online fingerprinting (ibid). This anonymising tool needs a network made by a large number of

people in order to enable a higher degree of anonymity.

However, in October 2013, The Guardian reported top-secret NSA documents which show how the

intelligence agency considered Tor “very secure” and “very widely used worldwide” (The Guardian

online).

! Image 3: The screenshot of the successfull configuration of Tor for iOS.

Tor Users

Tor can be used for a variety of people seeking anonymity for different reasons. Its target is people

that do not want to be spied, tracked, commodified, censored; users that want to be safe and keep

their content confidential.

According to the Tor website, the free software and anonymity network is used by normal people

who want to protect their privacy from marketers, identity thieves and irresponsible corporations.

Parents can protect their children from being localize, researchers can study sensitive topics without

being stopped by firewalls, users can browse blurring their fingerprint and making ‘red flagging’

more difficult, and again they can circunvent censorhip.

! 20

Moreover, military usage of Tor is still central, after all it was actually designed for this purpose, as

well as it was the project by DARPA which has developed into Internet. In the military field the

main use is protecting from localization and enemy’s surveillance.

Interesting enough is that Tor it is used for hiding surveillance and by “law enforcement officers” at

the same time.

Activists, whistleblowers, journalists and bloggers may use Tor to achieve information, protect their

identity and once again, to circumvent censorship.

Finally, IT and business professionals can use Tor, the former to test control systems without

revealing violation, the latter in order to keep strategies confidential and to make competitors’

analysis (Tor Project, Inception).

! Image 4: ‘Who uses Tor?’ benner on Tor

Project homepage.

! 21

Conclusion Control is a fundamental topic when approaching network societies, it is a vital characteristic of

biological and computer systems, moreover it enables these systems’ functionality. On the Web it

could assume a negative nuance when it mingles with surveillance and it is perceived as an agency

imposed from above, nonetheless it does not hint a negative meaning per se. Control is a

prerogative of the above-quoted networks, both examples of protocological networks. As previously

argued, control has to deal with resistance, which express itself through conterprotocol.

Additionally, it can be said that a form of resistance is a behaviour which can be observed in human

beings, triggered by the awareness of being controlled. This concept may well explain users’

behaviours in terms of using anonymising tools on the Web and why Tor went mainstream after the

NSA scandal. Finally, the shift to behaviourism, to some extent suggest that control will improve

people’s social life.

In other words, users are led to think by Internet corporations that they are free and that their

privacy is guaranteed by the improvement of customised privacy settings, but when users discover

this is not enough, they try to avoid surveillance and control through anonymity. Anonymity has

two intertwined goals: one is avoiding traffic analysis, the other is avoiding forms of surveillance.

However, anonymity may be pursued by the ‘controllers’ themselves, in order to check their

techniques and to test new methods of control.

Tor was designed by the US government and this problematises its meaning and understanding. It is

a tool that enables countercontrol, anonymising Internet traffic and enabling practices out of the

control techniques radars. The same technology is used by power and resistance, even though it was

initially designed by an intelligence agency controlled by an institution – i. e. U.S. Naval Research

Laboratory.

Tor functions as a catalyst of countercontrol actions, no matter why users are seeking

anonymity when they use it. Thus, the analysis of Tor should not be approached from an ethical

perspective unless take the risk to incur in misleading paradoxes.

Among Tor sponsors and developers there are actors for whom anonymity could be

considered a threat: Google because of its business model based on targeted advertising and the US

government because of its concerns about security. However, this is not a contradiction, it hints a

dynamic in which power needs resistance to improve its techniques of control and resistance needs

power in order to achieve its goals through power’s protocol. Thus within networks, as in the

! 22

relation between a therapist and a patient, the relations of forces is dynamic, but unbalanced. The

actor which introduce of the protocol is in a predominant positions: counterprotocol could not exist

without protocol and countercontrol could not exist without control.

! 23

Bibliography

•Alexa. ‘The Top 500 sites on the Web’. Web. Retrieved: 8 Jan. 2014.

•American Civil Liberties Union. ‘ACLU Asks Spy Court to Release Secret Opinion on

Patriot Act Surveillance Powers’. N.p., 10 June 2013. Web. Retrieved: 21 Dec. 2014.

•Bloomberg Businessweek Technology. ‘The NSA’s Worst Nightmare: What Is Tor?’

BusinessWeek. N.p., n.d. Web. Retrieved: 28 Dec. 2014.

•Broenink, Ralph. ‘Using Properties for Fingerprinting Purposes’. 16th Biannual Twente

Student Conference. University of Twente. (2012): 169-176

•Clark, Jeremy; van Oorschot P.C. and Adams, Carlisle. ‘Usability of Anonymous Web

Browsing: An Examination of Tor Interfaces and Deployability’. SOUPS 07. New York.

(2007): 41-51. <https://www.ccsl.carleton.ca/paper-archive/soups2007.tor.pdf>

•Cheney Lippold, John. ‘A New Algorithmic Identity Soft Biopolitics and the Modulation of

Control.’ Theory, Culture & Society 28.6 (2011): 164-181.

•Chun, Wendy Hui Kyong. ‘Control and Freedom: Power and Paranoia in the Age of Fiber

Optics’ MIT Press. (2007).

•Deleuze, Gilles. ‘Postscript on Societies of Control’. October 59 (1992): 73-77.

•Delprato, Dennis J. ‘Countercontrol in Behavior analysis’. Eastern Michigan University.

(2002): 191-200

•Dixon-Thayer, Denelle. ‘Mozilla’s Data Privacy Principles Revisited’. Mozilla Privacy

Blog. Web. 11 November 2014. Web. Retrieved: 8 Jan. 2015. <https://blog.mozilla.org/

privacy/>

•Foucault, Michel. 'The Subject and Power’ Critical Inquiry (1982): 777-795.

•Galloway, Alexander R. and Thacker, Eugene. ‘Protocol, Control and Networks’ Grey Room

17 (2004): 6-29.

•Galloway, Alexander R. and Thacker, Eugene. ‘The Exploit’ University of Minnesota Press

(2007).

•Lawrence, Dune. “The Inside Story of Tor, the Best Internet Anonymity Tool the

Government Ever Built.” BusinessWeek: Technology 23 Jan. 2014. BusinessWeek. Web. 18

Nov. 2014.

! 24

•Lee, Dave. ‘Facebook sets up ‘dark web’ link to access network via Facebook’. BBC News.

N.p., 3 November 2014. Web. Retrieved: 8 Jan. 2015 <http://www.bbc.com/news/

technology-29879851>

•McLuhan, Marshall. ‘The Medium Is the Message’. Understanding Media: The Extensions

of Man. McGraw-Hill. (1964): 193-209.

•Muffet, Alec. ‘Making Connection to Facebook more Secure’. Facebook. N.p., 31 October

2014. Web. Retrieved: 8 Jan. 2015. <https://www.facebook.com/notes/protect-the-graph/

making-connections-to-facebook-more-secure/1526085754298237>

•“Onion Routing.” Onion-router.net. N.p., 2005. Web. Retrieved: 8 Jan. 2015. <http://

www.onion-router.net/>

•Skinner, Burrhus Frederic, ‘I have been misunderstood, An interview with B.F.Skinner’,

Center Magazine, (March - April 1972) :63−65

• --- ‘Science and human behavior’. Macmillan. (1953) Harvard University. Cambridge.

•Syverson, Paul. “Onion Routing: Publications.” N.p., 2005. Web. Retrieved: 8 Jan. 2015.

• ---. “Paul Syverson Home Page.” N.p.,Web. Retrieved: 8 Jan. 2015. <http://

www.syverson.org/>

•Syverson, Paul F., Michael G. Reed, and David M. Goldschlag. “Private Web Browsing.”

Journal of Computer Security 5.3 (1997): 237–248. Print.

•Tor Blog. “Facebook, hidden services, and https certs” N.p., 31 Oct. 2014. Web. 28 Dec.

2014. <https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs>

•Tor Project. “Inception” N.p., n.d. Web. 28 Dec. 2014 <https://www.torproject.org/about/

torusers.html.en>

•Tor Project. “Partnering with Mozilla.” N.p., 11 Nov. 2014. Web. 28 Dec. 2014.

• ---. “Tor Project: Overview.” N.p., n.d. Web. Retrieved: 28 Dec. 2014. <https://

www.torproject.org/about/overview>

• ---. “Tor Project: Sponsors.” N.p., n.d. Web. Retrieved: 28 Dec. 2014.<https://

www.torproject.org/about/sponsors.html.en>

! 25

•The Guardian. ‘Facebook opens up to anonymous Tor user with .onion address’ N.p., 31

October 2014. Web. Retrieved: 2 Jan. 2015. <http://www.theguardian.com/technology/2014/

oct/31/facebook-anonymous-tor-users-onion>

•The Guardian. ‘Tor: ‘The King of high-secure, low-latency anonymity’ N.p., 3 October

2013. Web. Retrieved: 2 Jan. 2015.<http://www.theguardian.com/world/interactive/2013/oct/

04/tor-high-secure-internet-anonymity>

•Yale Law School. “Media Freedom and Information Access Clinic, ACLU Ask Spy Court to

Release Secret Opinions on Patriot Act Surveillance Powers” N.p., 11 June 2013. Web.

Retrieved: 18 Dec. 2014.

! 26