– Eric Auchard is a Reuters columnist. The views expressed are his own –

The Chinese government has backed away from mandating filtering software on all personal computers in China, in a move that averts a dangerous escalation in its censorship powers.

But however controversial and unworkable China’s plan to require Internet filters on PCs proved to be, Western firms have largely themselves to blame for creating and selling such filters in the first place.

The danger rears its head whenever technology created to solve some specific security problem is put to new and unintended use, not just in repressive regimes like China, Iran or Saudi Arabia, but professed freedom-loving countries in Europe or the USA.

“What is good and what is evil?” asks Mikko Hypponen, chief research officer at Finnish anti-virus software company F-Secure Corp. “It is really a very basic problem that security people face.”

A computer password cracker in the wrong hands is considered malicious, of course. But corporate network administrators rely on the same tools to recover lost documents when employees forget computer passwords. Voice recognition software used in corporate call centres to automate and improve customer service can be used by police to wiretap suspects on a grand scale.

On Tuesday, China’s official news agency reported that a government ministry had abruptly backed down from requiring that every PC sold in China include a censorship program called “Green Dam-Youth Escort”.

The software blocks web sites using a blacklist of keywords judged to be sexual or politically sensitive, or flesh-coloured images it assumes are naked bodies. But University of Michigan researchers found that the software developed by a Chinese firm had liberally borrowed the code of parental control software CyberSitter from the California-based firm Solid Oak.

Mobile network maker Nokia Siemens Networks was criticized last month after the Iran election protests for supplying “deep packet inspection” technology to mobile phone companies which Iran’s government allegedly used to track online dissidents. The same software for so-called “lawful intercepts” is widely used in phone networks around the world, be it Iran, China or the United States. The main differences are only how far network monitoring goes and to what uses such information is put.

These issues cannot be dismissed merely as unauthorized uses by bad cops in foreign lands. All the world’s biggest technology suppliers play some role in creating security tools that have Janus-like qualities, depending on the intentions of their users.

The dark side of the Internet is not some isolated corner. It is built with the same tools “good guys” use with the best of intentions, without considering their Orwellian surveillance potential. It is just the dual use of networked, interconnected technologies.

Companies such as IBM, Cisco, Intel and Dell are some of the dozens of vendors that market remote data recovery tools to police agencies that can be used to remotely monitor suspects. Once available commercially, it’s only a matter of time before such software is sold or copied for use by authorities in repressive regimes.

Canada’s Absolute Software sells such software for network administrators to track the location and use of all corporate laptops or Blackberries used in their organizations. If a computer is lost or stolen, it can be told to phone the factory every 15 minutes. Absolute then turns over the Internet address of the machine to police to recover the device. In countries with fewer safeguards, such tools can be used to snoop on or prosecute political dissidents.

Hypponen says computers have raised a host of issues that hardly existed in the Cold War era. “Monitoring traditional mail can be done, but takes a lot of manpower,” he says. “E-mail monitoring can be done which takes very little manpower.”

The very openness of the Internet has created a vast market for security tools used for Web filtering, network monitoring and text or video surveillance.

The power of technology to do good needs to be weighed against its powers to do evil. The many positive tasks computers perform for us need to be set against their growing powers as surveillance tools and mechanisms of repression. Just because a technology can be built, doesn’t mean it should be. As consumers, we need to be careful what we wish for in the way of modern conveniences.

– At the time of publication Eric Auchard did not own any direct investments in securities mentioned in this article. He may be an owner indirectly as an investor in a fund. –

(Editing by Martin Langfield)

– Leslie Harris is the president and CEO of the Center for Democracy and Technology in Washington, DC. The views expressed are her own. —

In the wake of troubling reports as recently as last year that Western companies were assisting China with Internet censorship and the unmasking of cyber-dissidents, governments around the world seemed poised to regulate the conduct of Internet companies. Lawmakers appear to have stepped back from those efforts, but the challenges of advancing global Internet freedom remain.

The Global Online Freedom Act, drafted in the U.S. Congress, would have made it a crime for Internet companies to turn over personal information to governments in cases where that information could be used to punish dissent. The bill produced a firestorm of controversy. Human rights groups campaigned for swift passage, while the tech industry scrambled to stop the bill, which they viewed as a global eviction order from many difficult but emerging markets. At the same time, several members of the European Parliament proposed a European version of the measure, taking the accompanying controversy global.

Now policymakers seem far less certain that global Internet freedom will be served by imposing harsh mandates on Internet companies that provide crucial services to customers in repressive regimes. The bill has not been reintroduced in the U.S. Congress this year, and earlier this month, a top European regulator, European Union Telecommunications Commissioner Viviane Reding, dismissed the notion of Europe passing its own Global Internet Freedom Act, saying that she was not convinced that “hard law” was the best way to address the issue.

For Internet executives who feared that hard-line regulatory mandates might force them out of many countries, Reding’s comments came as welcome relief. But celebration is premature. Threats to Internet freedom are growing and lawmakers’ concerns about industry’s role remain rightly high.  Those who choose to misconstrue Reding’s remarks as a free pass on this important issue do so at their peril.

Now is the time that Internet and technology companies must step up and take on the very challenges that the Global Internet Freedom Act was intended to address in order to ensure that their services and technologies do not become tools for surveillance and oppression.

Lest companies argue that the problem is too big and complex for any one company to make a difference, there is a responsible way forward. Late last year, a diverse coalition of leading information and communications companies, major human rights organizations, academics, investors and technology leaders launched the Global Network Initiative, which seeks to provide a framework to help information and telecommunications companies chart an ethical and accountable path forward through the growing demands from countries to take actions that infringe on the freedom of expression and privacy rights of their users.

Equally important, the initiative promotes collective action to uphold the rule of law and the adoption of public policies that protect and respect freedom of expression and privacy on the global network. Three technology giants – Google, Microsoft and Yahoo! – have shown critical leadership by committing to the Global Network Initiative. Now, others in the industry need to step up and make that commitment as well.

Companies that join the initiative will find its requirements both rigorous and fair. Signatories will have two years to implement a range of commitments including conducting human rights risk assessments, training employees, increasing transparency with users and employing a high degree of push back when government restrictions or demands appear to be inconsistent with fundamental rights. Members also commit to encouraging their joint venture and business partners to abide by the same principles.

The collective goal is not to provide the definitive rulebook for companies doing business in hundreds of countries with countless different legal regimes. Rather, the initiative provides a framework that allows companies to stand up for their customers, wherever they are in the world, and to draw support from a powerful community of business leaders and human rights advocates.

Now is a critical moment for this initiative. As regulators shift their focus away from immediate legislative action, the test for the Internet industry will be the extent to which it commits itself to addressing the challenge on its own. The Global Network Initiative provides a path toward responsible action. But its value depends in part on expanding participation from the companies in the sector and building a global identity.

One thing is certain: the challenge of upholding global Internet freedom is not going away. The next time a foreign government uses American Internet technology to spy on citizens, censor democratic materials or otherwise oppress users, the world will ask what the Internet industry is doing to address the problem.

Ignoring the issue was never a viable alternative. The world is on notice about these practices, and the next attempt to legislate the issue is always just around the corner. Companies that participate in the Global Network Initiative will be prepared to do the right thing regardless of whether or not there is a legal mandate to do so. At the end of the day, this is about leadership on a fundamental issue of human rights that will not go away.