In 2001, Ron Deibert, a professor at the University of Toronto, founded Citizen Lab to help understand and track the spread of digital human-rights abuses around the world.
In the 20 years since, the interdisciplinary lab has made headlines for protecting journalists and human-rights defenders from digital attacks; one of its researchers helped identify members of the group that attacked the United States Capitol earlier this year.
TVO.org speaks with Deibert about his research, becoming the target of threats, and the past and future of Citizen Lab.
TVO.org: Let’s start at the beginning. How and why did Citizen Lab start, and what did it look like at the time?
Ron Deibert: Back in the late 1990s, I was doing what I would consider to be conventional academic research — the lone professor studying a topic. A lot of desktop research. A student was taking a course of mine proposed doing a paper where he would explore censorship in China. This was a new topic back then — there was not any evidence really that China was censoring the internet — but people assumed they would, and there was a lot of uncertainty about what was going on there.
Our journalism depends on you.
You can count on TVO to cover the stories others don’t—to fill the gaps in the ever-changing media landscape. But we can’t do this without you.
He was kind of a self-taught hacker, and he put together this research paper where he connected to computers in China using some proxy servers and started comparing the results he got to what he could see here in Canada, doing it very systematically. It opened my eyes to the ways in which methods from computer science and engineering science — technical interrogation tools and techniques — could be used to surface real primary evidence about what’s going on beneath the surface of the internet around information control. Especially what governments, and also private companies, are doing that isn’t in the public domain. No one was really doing that at the time, and a lightbulb went on, where I realized that this is a really powerful way of surfacing primary evidence and data in a way that really no one else was doing.
So I put together a prospectus for a lab that would be interdisciplinary, that would bring together people who have these skills to work systematically on uncovering information-control practices and look at surveillance and censorship and information warfare, from the standpoint of risks to citizens from a human-rights perspective. I was very fortunate at the time to get support from the Ford Foundation — I got a grant from them in 2001 — and I put the proposal together for the Citizen Lab from that.
TVO.org: And at the time you were in a pretty small basement lab.
Deibert: Actually, it was my office in political science where it all got started. When I got the grant, the Munk Centre was just being established, and the building at Devonshire [at the University of Toronto] was under construction. I went over to that building and scoped out what I thought would be a room that no one else would want, to increase my chance of getting approval. I found this space, and I went to Janice Stein, the director, and said, “Hey, I’ve got this grant. I’ve got this idea. I need some space.” And she said, “Okay, you can have it.”
So she supported the idea and took a risk. Space is a very valuable asset on campus. And even though it sounds less glamorous, we were really happy to have that room.
After 10 years, we moved to the new Munk building, the observatory, where we’re located now, and that was really great, because we needed more space. Security is not perfect — where we are there are lots of problems — but it is much better than it was in the old building, where people would just wander in and could easily locate us. Now we’re wrapped behind several layers of access control.
And it’s a nice building, because we have a good story there. I don’t know if you know the history, but originally it was a British Army headquarters. Then it became the observatory for weather monitoring and then an astronomical observatory. So that’s kind of a neat analogy to what we do: wandering the world, observing what’s going on using technical techniques. At one point, I was told, it’s where the British Army collated data about weather patterns to plan ship movements and things like that. I’ve described what we do as like a counter-intelligence for civil society — it’s appropriate we’re in that space, doing something but flipping it around.
TVO.org: Let’s talk a little bit about your process. How does Citizen Lab decide what to look into next?
Deibert: It’s a combination of factors. First and foremost, we are looking at the topic, at the domain, broadly speaking, which for us is global in scope. We don’t have a particular regional focus. We’re looking at risks to human rights that arise out of information technology: that’s the broadest possible definition of what we do.
That also limits our selection of cases that we want to examine. We assume that, however problematic cybersecurity is for big banks or government, they have resources — they can go hire a private company. But journalists, human-rights defenders, people living in the global south who are human-rights defenders and are advocating for policy change, they really lack capacity. So we put our effort into identifying cases that present the highest risk to human rights and, ideally, affect the most vulnerable parts of the population.
We divide our work systematically. So there are certain teams that we organize around, though there’s a bit of overlap. It’s fluid, but we have some teams that are more interested in applying network-measurement techniques to uncovering internet censorship, let’s say, and that’s probably the area where we’ve doing the most work for the longest time. Then there’s what we call the targeted-threats group, which is really the most serious stuff around espionage, and it certainly has the highest risk and has gotten us in the crosshairs of some bad actors, to such an extent that we’ve now become a target. We also apply non-technical methods in an interdisciplinary way — we have people who are trained in law and policy. So we’ve done a lot of work around legislation of analyzing national security laws and practices in Canada.
I would say how things are chosen depends on the opportunities that come up. We may hear about something, some preliminary evidence, perhaps a journalist tips us off or a victim comes forward. Or the team itself decides, hey, this is something we should look into. A good example of that is Zoom. We knew about Zoom: it was a kind of obscure business, networking-communications platform, until the pandemic hit. Suddenly, everyone was on Zoom. So our researchers got together and said, “Hey, we better take a look at this” and indeed uncovered some highly problematic security and privacy issues.
TVO.org: Your work with Zoom is a good example of getting immediate results from your work. If I’m correct, after a public outcry, Zoom cleaned up a lot of what you found. How does that feel to have an immediate impact on the world in that way?
Deibert: It’s actually super-rewarding in a number of ways. First of all, there’s the gratification to get the message out. Ultimately, we see ourselves as a university-based watchdog group, so if you can publish something and the next day everybody’s reading about it because it’s on the front page of the New York Times? That’s phenomenal. We’ve been actually really fortunate to have high-profile coverage for our research. I think we’ve had, like, close to 30 front-page stories in the New York Times, the Washington Post, other global media, the Financial Times, about different reports of ours over the last 20 years.
Going further, ultimately, we don’t just want to get attention for what we’re doing — we want to see some change. So there have been so many cases now where we’ve seen consequences, actions taken, policy changes, or advocacy campaigns started as a result of the work that we’ve done.
Probably the biggest one was back in 2016, when we investigated a targeted espionage attack against a human-rights defender in the United Arab Emirates. He shared with us an SMS message that was tainted with malware that the UAE government was using to try to hack his phone, and when we reverse-engineered it, that malware infected our own device, our own iPhone. We realized that it was so sophisticated and involved what were then three software flaws in the Apple operating system, that even Apple itself didn’t know about. We did a responsible disclosure to them and, within two weeks, they pushed out a patch that affected directly the security of more than 1 billion people. So, to be able to say, “Hey, we were responsible for that” is, I think, quite an accomplishment.
TVO.org: On the flip side, there are people that don’t like the work you do. What has it been like for you to become a target? I can’t imagine when you started this thing that you pictured yourself coming under threat.
Deibert: Well, first of all, you’re right. I grew up studying world politics as something out there, and I’m a spectator. There were a couple of instances before this, but, really, when we published the GhostNet report in 2009, which was the first public-evidence-based report on cyber espionage, it was the one that involved the hacking of the office of His Holiness the Dalai Lama, and we uncovered this massive Chinese espionage operation.
It suddenly dawned on me, okay, we’ve gone from kind of just observing and recording to becoming a factor, because very quickly thereafter, we had all sorts of inquiries and veiled threats and concerns about physical security. From that point on, from 2009 to today, they’ve really only amplified. The worst is probably when we were targeted by Black Cube, the same private-intelligence firm made up of ex-Mossad agents that notoriously went after the accusers of Harvey Weinstein. Now, that’s really frightening to be in their crosshairs. We ended up actually exposing that operation, but to know that something like that is going on, frankly, is very disturbing. It really forces you to change your behaviour, think about practical issues: when you’re travelling, hotels, getting into elevators, who’s accessing the same building as you.
At the same time, though, I think it’s a mark of success. If we’re not successful, those people wouldn’t care. It’s just something you have to factor into your risk calculation and take all the precautions, and we’re most concerned about the risks to the subjects of our research. Frankly, we go to extraordinary lengths to protect the security in terms of the data we handle, how we interact with them and interview them. But, yeah, it’s just constant. Actually, every day there’s something, ranging from people who, unfortunately, maybe are mentally disturbed, and they read about us and want to visit us, all the way to, you know, the world’s worst authoritarian regimes that are trying to threaten us.
TVO.org: A lot of this work is global in nature, but some Ontarians might be surprised to know a lot of it is quite local. I’m thinking about your work with internet-filtering technology and Waterloo-based Netsweeper. What makes filtering technology so important, and what was Netsweeper up to?
Deibert: As the internet evolves, there are all sorts of reasons why people want to control access to certain content online — beginning, I would say, with schools and libraries. There are legitimate concerns among parents and teachers that children have access to pornography or other types of content. Service providers like Netsweeper fill the market niche, providing filtering technology to those clients.
But, very quickly, there grew a need among governments — national-level internet censorship. In the beginning, like I talked about with the Chinese, it was very rare in the 1990s or 2000s. I could count on one hand the number of governments that were doing this sort of thing. Now, it’s routine, and it’s big business. So with a company like Netsweeper, for us, it was, frankly, a no-brainer to zero in on it, and not even because they’re based in our own backyard. There’s certainly a motivating factor there because we’re Canadians, and we want to make sure that, as best we can, we identify businesses operating out of Canada to see if they’re in compliance with Canadian law or Canadian values. Here, we had a company that seemed to be not just kind of stumbling into selling internet-censorship services to some of the world’s worst violators of human rights, but actively courting them.
They were showing up all over the world, especially in the Middle East. The Middle East is where Netsweeper really profited from selling internet-censorship services to governments that routinely violate human rights and block access to content that would be considered protected legally here in Canada. And they were also doing this in a non-transparent way.
This is not something they openly advertised, and yet we knew, from our research and technical investigation, we could identify basically unquestionable proof that their technology was being used to filter access to content that would be legally protected here in Canada, in places like Bahrain and Yemen and in the Gulf.
So we did a report about Netsweeper’s technology in Yemen, and at this time, the main telco, YemenNet, was controlled by Houthi rebels, and of course there’s an ongoing civil war, which at that time was really quite intense. We simply documented that Netsweeper’s technology was being used to actually block the entire Israeli top-level domain — the only time we’d ever seen that in the world, with the exception of Iran.
We published this report, and we mentioned in the commentary around it that, in providing services to one participant in an armed conflict, who is censoring information, including information related to international news, they’re effectively inserting themselves in an armed conflict, and it raises all sorts of ethical, moral, and potentially even legal issues. Netsweeper sued me and the University of Toronto for defamation for over $3 million. Of course, we thought that was entirely baseless, and six months later, they simply withdrew the suit.
Coincidentally, their suit came shortly before the Ontario government passed anti-SLAPP legislation to prevent lawsuits that chill free expression, which in our opinion, is very much what it is, because as we were going through the litigation, we couldn’t report on Netsweeper. After the lawsuit was dropped, we then published several subsequent reports on Netsweeper.
TVO.org: You’ve also done some work recently on Bill C-11, also known as the Consumer Privacy Protection Act. What should Canadians know about it?
Deibert: The work that’s been done on C-11 is led by Christopher Parsons, a senior research associate at the lab, and his specialty is Canadian privacy and national-security practices and laws and policy. I can’t take any credit for this research.
He really tore down the proposed legislation, and he is not alone in his judgment. It is, in his view and in mine as well, a flawed piece of legislation that really doesn’t go far enough in terms of addressing some of the problems around surveillance capitalism, what’s really needed in terms of strong legislation that protects users instead of protecting the company and making it easier for them to essentially drill down into our private lives and monetize the data that they vacuum up from us.
We live in a world now where sensors are embedded in just about everything around us, and they’re highly invasive by design. We need to come up with a new regulatory framework that empowers users and really alters the property relationship. When you sign terms of consent, what you’re actually doing is turning over your most intimate bonds, your social relationships, to these companies and permitting them to gather, mine, analyze, and monetize that data. We know that there are all sorts of ill effects from surveillance capitalism that we need to rein in, and this legislation falls short.
TVO.org: In your 20 years, what is the work you’re most proud of?
Deibert: What I’m most proud of is the staff. I’d say a skill that I have is, I think I would make a good NHL scout or a band manager. I have the ability, for what it’s worth, to identify talented people and give them the support they need. So there’s not a particular report that I’m proud of; I’m most proud of the people who work at the lab. I’m so fortunate to be surrounded by these extremely talented, ethical, dedicated people, most of whom have been with me for over 10 years. It’s rare to have that in a small university. And that’s what I’m most proud of.
TVO.org: The lab itself, as we talked about a little bit, is somewhat unique: you’re working outside of government or corporations and working in the interest of human rights. Others around the world have taken note of your model. Do you hope to export it?
Deibert: It’s beginning to be surprising to me that there aren’t more Citizen Lab–like organizations at other universities. To me, this is a field with such endless opportunity. There’s so much unfortunate malfeasance going on in the digital world.
And, yet, you have these extremely powerful methods and techniques, as we’ve demonstrated, that, by way of analogy, act like an X-ray on the abuse of power. That’s the way I think about it. It’s astonishing.
Sometimes I sit back and shake my head. A lot of the stuff we don’t even publish. It’s remarkable what you can see when you use these very precise, careful methods to uncover and track abuses of power. Why haven’t other university professors jumped on this and tried to mimic it? I don’t really know. I suppose there’s no one answer. There are risks involved with it, and it’s actually not easy to cross disciplinary boundaries.
So I think that we’re helping to build the field, at least I hope, and you’re right that there are a few other places where I’m seeing either professors or, in some cases, human-rights organizations, attempting to build something like this. That is fantastic. That’s really where my effort and the next phase of my career is, around really field-building by promoting that model and hoping that others build up centres like the Citizen Lab at other universities, while also ensuring the sustainability of the lab.
This is a bit “inside university,” but the reality is, as the only professor in the lab, I’m the weakest link. So if something happens to me, the lab would really fall apart. Not because I’m the wizard directing everything — purely because I’m the responsible principal investigator for the grant, and you need that at a university. What I hope to do is ensure the sustainability of the lab outside of me, and that means recruiting other professors to the lab. We’re actively fundraising to do that and to try to get more tenure-track positions connected to the lab so that it can continue once I move on.
TVO.org: And what will the next 20 years hold for the lab itself?
Deibert: Hopefully, we ‘ll be able to continue. We know we have the support from the University of Toronto; they’ve been incredible in a number of ways. We live in a time when big university bureaucracies are criticized, sometimes rightfully so — I’ve been critical of my own university in various areas. But one thing I can say, they have been so supportive of work that we do in a variety of real practical ways, including legal support.
I just want the lab to not be something that is tied to one profession. I want it to continue and to duplicate what we do globally. If we had 25 Citizen Labs sprinkled around the planet, it would be better for human rights overall, because there would at least be another protective layer, if you will, of dogged researchers who aren’t afraid to uncover abuses of power, no matter where they are.
This interview has been condensed and edited for length and clarity.
Ontario Hubs are made possible by the Barry and Laurie Green Family Charitable Trust & Goldie Feldman.