First Monday

Accessibility of anonymity networks: How can Web accessibility policies promote the usability of darknets for persons with disabilities? by G. Anthony Giannoumis



Abstract
Public and private interests concerned over the right to privacy and freedom of expression on the Internet have contributed to the creation and adoption of anonymity networks. Previous research has yet to examine fully the accessibility of anonymity networks for persons with disabilities. Thus, I ask, “To what extent can existing policy approaches to Web accessibility promote the usability of anonymity networks by persons with disabilities?” Using the U.K. and Norway as examples, I argue that existing self-regulatory approaches to Web accessibility policy may provide a useful basis for promoting the accessibility of anonymity networks.

Contents

1. Introduction
2. Anonymity networks and social regulation
3. Methods
4. Ensuring privacy and freedom of expression through anonymity networks
5. Web accessibility obligations in the U.K. and Norway
6. Discussion
7. Conclusion and recommendations

 


 

1. Introduction

The United Nations (UN) Convention on the Rights of Persons with Disabilities (CRPD) obligates States Parties to ensure the accessibility of information and communication technology (ICT), including the Web. The CRPD stipulates that ICT accessibility must exist “on an equal basis with others” and the CRPD states that State Parties have an obligation to ensure Web accessibility (United Nations, 2006). This article refers to Web accessibility as the usability — i.e., operability and ease of use — of Web content by persons with disabilities. In addition, the CRPD obligates States Parties to “ensure that persons with disabilities can exercise the right to freedom of expression and opinion, including the right to seek, receive and impart information and ideas on an equal basis with others” (United Nations, 2006). Regarding freedom of expression, the CRPD also promotes Web accessibility by urging “private entities ... to provide information and services in accessible and usable formats” (United Nations, 2006). Nationally, many governments including the U.K. and Norway have established a legal obligation for service providers to ensure Web accessibility (Giannoumis, 2014a).

Neither the CRPD nor national regulations have addressed anonymity networks — i.e., Web sites created and accessed by users whose identity and location are anonymous. Anonymity networks include Web content that is accessed and published on darknets, which utilize specialized software such as Freenet or Tor (Freenet, 2013; Tor, 2013a). Darknets refer to distributed and encrypted networks that allow users to access and publish Web content anonymously. However, the use of anonymity networks and specifically darknets appears to be growing in popularity among users concerned over privacy and freedom of expression (Giannoumis, 2014b; Lee, 2014).

Anonymity networks act as a mechanism for preserving and in some cases realizing freedom of expression and a right to privacy (Graux, 2009; McManamon and Mtenzi, 2010). Graux (2009) demonstrated that darknets pose a “fundamental threat to law enforcement” while simultaneously providing “unlimited freedom of on-line expression”. Graux recognized both the positive and negative implications of darknet technologies.

Scholars’ attention to anonymity network has been growing and have demonstrated the challenges of enforcing legal norms within anonymity networks (Biddle, et al., 2003; Lohmann, 2004; Wood, 2010). In particular, Biddle, et al. (2003), Lohmann, (2004) and Wood (2010) examined the legal implications of darknets and focused on the broader use of anonymity networks for copyright infringement. These researchers argued that anonymity networks provide a useful technological solution for users involved in copyright infringement in order to evade legal enforcement. However, research has yet to examine fully a social regulatory approach to applying legal norms in anonymity networks. Social regulation refers to the use of legislative, financial and persuasive policies to achieve a social outcome (Ayres and Braithwaite, 1992; Bemelmans-Videc, et al., 1998; Levi-Faur, 2011; Majone, 1993). This article uses the concept of social regulation as a framework for examining the statutory and voluntary approaches adopted by governments and businesses and aimed at ensuring Web accessibility. From a social regulation perspective, it has been argued that a voluntary approach to regulation — i.e., rules that aim to persuade businesses to achieve outcomes beyond what the law requires — could provide a useful basis for achieving and exceeding compliance with policy objectives (Huising and Silbey, 2011; Levi-Faur, 2011). Voluntary approaches to regulation may involve State actors, such as regulatory agencies or government ministries, and non-State actors, such as businesses, non-profit organizations or international non-governmental organizations (Töller, 2011).

National governments have adopted a social regulatory approach to promoting Web accessibility by adopting legislative and persuasive policies aimed at forcing and encouraging service providers to remove barriers to the Web for persons with disabilities. Governments have used voluntary approaches to social regulation to encourage compliance (Levi-Faur, 2011; Potoski and Prakash, 2011; Töller, 2011). However, regulators and service providers encounter conflicting incentives, which simultaneously promote and obstruct efforts to achieve compliance. Potoski and Prakash (2011) demonstrated that voluntary approaches to regulation can provide a useful solution for managing conflicting incentives of more traditional “command and control” approaches to regulation. Töller (2011) further illustrated that voluntary approaches to regulation can benefit from explicit or implicit threats of enforcement. These studies suggest that threats of enforcement may include efforts from both State and non-State actors. Töller (2011) also criticized voluntary approaches to regulation as encouraging symbolic compliance, subverting the intent of the law.

However, despite criticisms of a voluntary approach to regulation, State and non-State actors, given adequate capacity, can promote compliance with voluntary policies such as standards. For example, State actors, such as regulatory agencies that have adequate resources and the authority to fine or otherwise sanction non-compliance, may deter non-compliance. In addition, non-State actors, such as interest organizations that have the ability to mobilize boycotts and influence consumer purchasing decisions, can promote compliance.

Previous research has examined the role of State and non-State actors in achieving regulatory compliance (Borraz, 2007; Christmann and Taylor, 2006; Easton, 2011; Giannoumis, 2017; Levi-Faur, 2011; Ogus, 2000; Short, 2013). This research described the role of State and non-State actors involved in supporting regulatory compliance through self-regulation. Short (2013) characterized self-regulation as a response to regulatory failure. Short stipulated that successful self-regulatory efforts required a “robust regulatory regime”. Ogus (2000) referred to self-regulation as a “collective restraint” established by non-State actors. Ogus further specified that self-regulation can extend compliance beyond legal obligations. Thus, self-regulation provides a useful approach for promoting compliance with legal obligations.

However, models of self-regulation have not yet been applied to anonymity networks. Therefore, this article attempts to fill two gaps in the literature. First, it examines the application of Web accessibility policies to a previously unexamined technology development, i.e., the creation and adoption of anonymity networks. Second, this paper discusses the application of a social regulatory approach to enforcing public policy objectives within anonymity networks. To fill these gaps, I ask, “To what extent can existing policy approaches to Web accessibility promote the usability of anonymity networks by persons with disabilities?”

There are six sections in this paper. First, a framework is described, based on models of social regulation and previous research on anonymity networks. Second, methods are detailed as well as data used to examine Web accessibility policies in the context of anonymity networks. Third, social and technological mechanisms are examined that anonymity networks use to ensure privacy and freedom of expression. Fourth, details are presented on the approaches to Web accessibility adopted in two contrasting countries, the U.K. and Norway. Fifth, there is a treatment on the application of Web accessibility policies to the accessibility of anonymity networks. Finally, recommendations are described for promoting the right to privacy and freedom of expression for persons with disabilities by ensuring the accessibility of anonymity networks.

 

++++++++++

2. Anonymity networks and social regulation

Anonymity networks pose a complex challenge to regulatory enforcement. Loesing, et al. (2010) characterize anonymity networks as a “communication system that permits its users to surf on the Net without revealing their identity or location”. This paper characterizes anonymity networks as the technologies and users involved in creating and promoting darknets. There is not a single definition of darknets although darknets are generally referred to as “unused IP addresses” (Harrop and Armitage, 2005) or distributed and encrypted networks that allow users to access and publish Web content anonymously (Biddle, et al., 2003). I adopt the latter definition and uses anonymity networks to refer to the range of users and technologies involved in distributing content on darknets

Anonymity networks have been characterized as an intractable governance problem (Biddle, et al., 2003; Giannoumis, 2014b; Lohmann, 2004; Wood, 2010), meaning that the anonymity inherent in darknet technologies allows users to avoid prosecution for producing, distributing or consuming content that may be illegal. The illegal production, distribution and consumption of content via darknets includes violations of criminal law, for example distributing drugs, and violations of civil law, for example distributing copyrighted content. Biddle, et al. (2003) argues that darknets provide a “low cost, high quality service to ... consumers” and act as a “competitor to legal commerce”. Lohmann (2004) and Wood (2010) examined the implications that darknets have for illegal content distribution. They argued that the creation and adoption of darknets necessitates an examination of legal protections for intellectual property rights and provides an opportunity to instigate reform. The World Intellectual Property Organization (WIPO) describes intellectual property as the “creations of the mind, such as inventions; literary and artistic works; designs; symbols, names and images used in commerce” (WIPO, 2014). Thus, research suggests that anonymity networks have challenged attempts to enforce legal protections for intellectual property rights by ensuring anonymity among darknet users involved in copyright infringement.

However, anonymity networks also ensure the right to privacy and freedom of expression on the Internet (Graux, 2009; McManamon and Mtenzi, 2010). McManamon and Mtenzi (2010) demonstrated that threats to privacy have provided an incentive for users to create and promote the use of anonymity networks. McManamon and Mtenzi (2010) argued that improving the security of darknets can circumvent efforts by “governments, Internet service providers and other third parties which threaten the state of privacy”. Threats to privacy and increased levels of security in anonymity networks encourages users to participate and further contribute to the development of darknets. Graux (2009) provided an alternative view. Graux argued that regulations have “focused on maintaining ... status quo” rather than attempting to govern the “unfettered freedom of expression” available through anonymity networks. Thus, anonymity networks pose a complex regulatory dilemma as users and regulators encounter conflicting incentives with little motivation for ensuring compliance with legal norms.

Finally, research has examined the usability of anonymity networks (Bethencourt, et al., 2007; Dingledine and Mathewson, 2005). Bethencourt, et al. (2007) demonstrated that technical challenges and a lack of information and guidance relates to the use and security of darknets. By increasing the usability of darknets, user adoption increases and contributes to increased security. Dingledine and Mathewson (2005) further examined the relationship between usability and technical security of anonymity networks. They argued that poor usability contributed to a loss of security. However, efforts to improve security could enhance adoption. Once anonymity networks provide an adequate degree of security, new users further contribute to providing information and improving the usability of anonymity networks (Dingledine and Mathewson, 2005). Thus, research suggests that the usability of anonymity networks may increase with adoption and improved security.

Research has, only to a limited extent, examined the relation between obligations for Web accessibility and the regulation of anonymity networks (Ferri and Giannoumis, 2014; Giannoumis, 2014b). Web accessibility provides a useful approach for examining the social regulation of anonymity networks as Web accessibility policies are part of a robust disability antidiscrimination regulatory regime in many jurisdictions and involve the usability of ICT for persons with disabilities. This article examines the application of Web accessibility policy approaches to anonymity networks. It compares qualitative data from two contrasting cases to examine the extent that Web accessibility policies can provide a useful solution for enforcing legal obligations for accessibility in anonymity networks.

 

++++++++++

3. Methods

This article attempts to identify common features between the U.K.’s and Norway’s approaches to Web accessibility that can be usefully extended to anonymity networks. Additional cases could provide opportunities to identify additional mechanisms that contribute to the accessibility of anonymity networks. However, including additional cases has the converse effect of increasing variations among cases. Thus, while additional cases may provide a more robust analysis, increased variation can challenge the identification of potential mediating mechanisms.

I sought data on explicit legal obligations for Web accessibility and implicit social norms regarding Web accessibility outcomes as they pertain to anonymity networks. Publicly available documents provided data on the legal obligations of Web accessibility and the current trends and utilization of anonymity networks. I accessed publicly available policy documents and information available on the Web. Sources included peer-reviewed research; national and international laws, regulations, policies, government research and reports, standards and guidelines, and media reports; and organizational practices and procedures, memos, and correspondence.

I selected policy documents based on search criteria related to Web accessibility and anonymity networks. As I located useful documents, I searched within the document for potentially useful references and developed the search criteria further. The document data collection aimed to include select documents with a high degree of relevance to Web accessibility and anonymity networks. While I located most of the policy documents in English or English translation, language barriers limited a more comprehensive approach to data collection in Norway.

To examine the extent that Web accessibility provides a useful policy approach for promoting the usability of anonymity networks, I compared qualitative data from the U.K. and Norway. Qualitative comparative case studies provide a useful basis for examining a current and uncontrollable phenomenon in context and identifying potential mechanisms that mediate various conditions and outcomes (George and Bennett, 2005; Yin, 2014). While anonymity networks originated with the development of the Internet, recent social, technological and political developments have prompted a re-examination of anonymity networks. This article uses a comparison between the U.K. and Norway to examine the social regulation of anonymity networks in two different policy contexts in order to identify opportunities to promote the accessibility of anonymity networks and enhance a realization of the rights to privacy and freedom of expression for persons with disabilities.

I selected the U.K. and Norway as contrasting cases. These jurisdictions are relevant for examining anonymity networks in the context of Web accessibility policy as media in both cases have publicized the legal and illegal use of anonymity networks and both countries were among the first to participate in the early developments of the Internet (Salus, 1995). In addition, the U.K. and Norway demonstrate differing legal cultures, regulatory environments and policy instrumentation.

Norway has a tradition of economic redistribution aimed at enhancing the social participation and inclusion of persons with disabilities (Halvorsen and Hvinden, 2009). Norway has a generous national system for providing practical assistance, education and economic support. However, the government has acted reluctantly to adopt social regulations. Historically, interest organizations in Norway have collaborated with State actors to ensure and expand social benefits for persons with disabilities. Regulatory agencies in Norway adopted a voluntary and persuasive approach to Web accessibility initially and attempted to encourage compliance by issuing guidelines, action plans and public evaluations. However, indirectly influenced by the EU and Council of Europe, the Norwegian government adopted disability antidiscrimination legislation after the broader adoption of ICT. Thus, Norwegian legislators anticipated ICT accessibility in antidiscrimination legislation.

Norwegian regulatory agencies have legally obligated compliance with international Web accessibility standards. Norway has a tradition of administrative enforcement, and government agencies typically resolve disputes between parties without resorting to the judiciary. Due to a history of advocating for social benefits, interest organizations in Norway have only recently begun collaborating with regulatory agencies or private enterprises to promote Web accessibility.

The U.K. has adopted a more proactive regulatory approach than Norway (Halvorsen, 2010; Moran, 2003). The U.K. established disability antidiscrimination legislation prior to the broad adoption of ICT, including the Web. Interest organizations in the U.K. have attempted to pursue judicial enforcement. However, case law around Web accessibility has yet to emerge. Regulatory agencies in the U.K. established a legal obligation for Web accessibility by issuing statutory Codes of Practice. However, unlike Norway, U.K. regulatory agencies have yet to adopt mandatory Web accessibility standards. U.K. regulatory agencies have instead attempted to define compliance by introducing voluntary standards and have used persuasive policies to encourage standards compliance.

The U.K. has an adversarial legal tradition for enforcing regulations. While government agencies have contributed to judicial enforcement, interest organizations typically use litigation and legal threats to resolve disputes. Interest organizations have also promoted Web accessibility by participating in public-private partnerships and collaborating with both regulatory agencies and private enterprises.

 

++++++++++

4. Ensuring privacy and freedom of expression through anonymity networks

Public concerns over Internet privacy and free speech have contributed to the introduction of anonymity networks and the creation and distribution of Web content through anonymity networks (Graux, 2009; McManamon and Mtenzi, 2010).

Anonymity network technologies range from the peer-to-peer networks using existing public Internet infrastructures and service providers, typically associated with darknets, to meshnets, which use a decentralized private network managed by users. The scope of this article limits an in-depth examination of the technological implications of meshnets. However, as an approach to creating an anonymity network, meshnets provide a promising technological development for ensuring the right to privacy and freedom of expression.

This section analyses the infrastructure of darknets, which provide a useful mechanism for realizing the right to privacy and freedom of expression. Research by Graux (2009) provides a useful basis for examining the functionality of darknets. Graux characterized the infrastructure of darknets in four ways. First, “a search cannot be easily traced back to the original sender” and “information ... cannot be easily traced back to the original source” (Graux, 2009). Users within the network are interconnected. When a user initiates a search, a responding user can forward the request to another user or can respond with the information requested. Each transmission between users contains only the information about the request and the identity of the “most recent forwarder” (Graux, 2009). Thus, “it is impossible to determine whether ... the request is the original requester” or whether “the sender ... held the information”.

Second, “information can be encrypted and spread throughout the network” (Graux, 2009). Web content hosted on darknets is typically separated into smaller encrypted files and distributed over multiple users. Third, users are typically “ignorant of the information” they host (Graux, 2009). Darknet users remain anonymous and Web content remains indecipherable for users that cannot decrypt the content. Thus, darknets can allow users to remain anonymous and avoid legal prosecution by encrypting and distributing Web content and communications.

Due to the infrastructure of darknets, anonymity networks challenge the enforcement of legal obligations and social norms. While criminal prosecutions of darknet users has emerged, enforcement has relied on user error rather than the failure of darknet technologies to preserve anonymity (Vinton, 2014). Wood (2010) further demonstrated that the development of anonymity networks makes “effective enforcement of copyright virtually impossible”. However, despite challenges to enforcing legal norms, anonymity networks provide a useful mechanism for realizing the right to privacy and freedom of expression (Galperin, et al., 2014; Guardian, 2013).

Previous research has demonstrated that anonymity networks have remained a niche activity for many users (Biddle, et al., 2003; Graux, 2009). However, recent trends indicate an increase in the adoption of anonymity networks. In recent campaigns, interest organizations and service providers have promoted the adoption of the Tor anonymity network (EFF, 2014b; Estes, 2014; Library Freedom Project, 2015; Meyer, 2014). Tor provides access to a network “that allows people and groups to improve their privacy and security on the Internet” (Tor, 2014). Government agencies from the U.S. and Sweden, in conjunction with privacy and free speech interest organizations and advocates, have contributed to the development of Tor (Tor, 2013b). In 2014, the Electronic Frontier Foundation (EFF) initiated a campaign to promote Tor. The EFF acts as a non-profit organization dedicated to “.defending civil liberties in the digital world”. and championing “.user privacy, free expression and innovation”. (EFF, 2014a). Thus, interest organizations that promote freedom of expression and privacy have promoted the use of anonymity technologies and contributed to the on-going development of anonymity networks.

 

++++++++++

5. Web accessibility obligations in the U.K. and Norway

Despite differing policy approaches and enforcement traditions, regulatory agencies in the U.K. and Norway have established a legal obligation for Web accessibility. In the U.K., regulators have adopted a self-regulatory approach to Web accessibility policy. While businesses have a legal obligation to provide Web accessibility, regulations have yet to define the technical requirements of the law. Consequently, service providers in the U.K. can flexibly determine compliance requirements. Conversely, regulators in Norway have adopted a legislative approach to Web accessibility policy through the application of universal design of ICT. Though antidiscrimination legislation in Norway obligates service providers to ensure the universal design of ICT, subsequent regulations have referred to international standards for Web accessibility. Thus, service providers in Norway have a legal obligation to comply with specific regulatory requirements.

5.1. Legal obligations for Web accessibility

Regulators in the U.K. and Norway have established a legal obligation for Web accessibility by applying disability antidiscrimination legislation to the Web. Antidiscrimination legislation in the U.K. obligates service providers to provide reasonable adjustments (Lawson, 2008). The Disability Rights Commission (DRC) provided regulations for Web accessibility in a Code of Practice, which stated that, service provides have “the duty ... to take such steps as it is reasonable ... to make its services accessible to disabled people” (DRC, 2002). The Code of Practice further states that “accessible websites” are an example of “ensuring that services are accessible” for persons with a hearing disability or visual impairment (DRC, 2002). Subsequently, the Equality and Human Rights Commission (EHRC) replaced the DRC and published updated regulations (EHRC, 2011). The updated Code of Practice states, “Websites provide access to services and goods, and may in themselves constitute a service, for example, where they are delivering information or entertainment to the public”. However, the EHRC’s Code of Practice only applies to service providers “established in Great Britain”. Thus, Web accessibility obligations in the U.K. apply only to service providers and only to service providers that operate in Great Britain.

In Norway, the Antidiscrimination Accessibility Act obligates public and private service providers to make active, targeted efforts to promote universal design. The Agency for Public Management and eGovernment (Direktoratet for forvaltning og IKT or Difi), a Norwegian regulatory agency, provided regulations for universal design stating that the universal design of ICT applies to ICT solutions aimed at the general public in Norway (FAKD, 2013). The regulations further specify that obligations for universal design apply to ICT solutions that support an organization’s normal function and is part of the organization’s flagship solution (FAKD, 2013). The regulations refer to Web-based solutions as the dissemination of information or services in a Web browser. The regulations also specify that the ICT solution must be an integral part of the way an organization provides information and offers services to the public.

Regulatory agencies in the U.K. and Norway have supported Web accessibility through the use of accessibility standards. In the U.K., the DRC supported the design of British Standard (BS) 8878:2010 — a procedural standard for Web accessibility. Though voluntary, BS 8878 applies to public and private organizations. The standard aims to ensure the effective management of Web accessibility within an organization and testing of Web content. Unlike the Codes of Practice developed by the DRC and the EHRC, BS 8878 does not specify any regional or operational limitations. In Norway, Difi has used an international standard for Web accessibility, the Web Content Accessibility Guidelines (WCAG 2.0, https://www.w3.org/WAI/standards-guidelines/wcag/) to define the legal obligations of the Anti-discrimination Accessibility Act. According to the Web Accessibility Initiative (WAI), which designed and published WCAG 2.0, the standard “is primarily intended for Web content developers ... [and] others who want or need a standard for Web accessibility” (WAI, 2012). Unlike Difi’s regulations for the universal design of ICT, WCAG 2.0 does not specify any regional or operational limitations.

Regulators in the U.K. and Norway have additionally adopted persuasive policies to encourage voluntary adoption of Web accessibility policies. In the U.K., the DRC assessed a sample of Web sites “used by the British public” (DRC, 2004). The assessment emphasized the “global reach” of the Web and found low levels of accessibility among service providers (DRC, 2004). In 2010, the U.K. government published “The eAccessibility Action Plan” (U.K. Department for Business Innovation & Skills, 2010). The Action Plan argues that Web accessibility provides a commercial opportunity for persons with disabilities to participate as consumers — highlighting media consumption — and emphasizes the commercial incentives of Web accessibility for service providers. In addition, the U.K. government has encouraged public and private sector service providers to comply with WCAG 2.0 and in a report on “ICT for Disabled People” mentions emerging trends in ICT including the development of mobile devices, open source assistive products and voice recognition. However, U.K. government agencies have yet to recognize fully trends in user generated content — e.g., videos, images and text created for social media applications such as Facebook — and Web accessibility policies have yet to clarify the relation between obligations for Web accessibility and an individual’s right to privacy or freedom of expression.

In Norway, government agencies have encouraged service providers to ensure Web accessibility (Norwegian Ministry of Children and Equality, 2009; Norwegian Ministry of Modernisation, 2005). In 2005, the Norwegian government published a report, “eNorway 2009”, which emphasized the social participation of persons with disabilities on the Web (Norwegian Ministry of Modernisation, 2005). In 2009, the Norwegian government published an action plan, which encouraged service providers to ensure the accessibility of public Web sites and learning platforms (Norwegian Ministry of Children and Equality, 2009). In addition, Difi has published a “Reference catalog of IT standards in the public sector”, which encourages compliance with WCAG 2.0 (Difi, 2014). However, similar to the U.K., government agencies have yet to adopt policies that clarify the relation between accessibility and an individual’s right to privacy or freedom of expression.

5.2. Enforcing Web accessibility

Regulatory enforcement in the U.K. resembles the adversarial and legalistic traditions of the U.S. (Burke, 2002; Kagan, 2001). The U.K. typifies these traditions as policy actors rely on the use of lawyers, legal threats and legal contestation. Nevertheless, antidiscrimination policies in the U.K. have not resulted in influential Web accessibility litigation. Policy actors in the U.K., including the EHRC, approached enforcement through negotiation and problem solving among stakeholder coalitions. Conversely, enforcement in Norway has relied on a less legalistic and adversarial approach and government agencies have acted as arbiters in resolving disputes between parties (Likestillings- og diskrimineringsombudet (LDO), 2014, 2012). Thus, enforcement traditions in the U.K. and Norway differ.

Interest organizations in the U.K. have adopted a coercive approach to promoting Web accessibility by combining consumer demand and threats of litigation (Giannoumis, 2015). Interest organizations in the U.K. organize consumer demand by cooperating with persons with disabilities in publicly promoting accessibility and criticizing non-compliant organizations. Consumer demands can motivate private enterprises to engage with Web accessibility. Interest organizations in the U.K. have also acted as litigants to enforce legislation and use legal threats to promote compliance (Royal National Institute of Blind People (RNIB), 2012). Interest organizations in Norway have hesitated to use consumer demand and litigation to promote compliance. Thus, interest organizations in Norway have yet to adopt a coercive approach to the same extent as interest organizations in the U.K.

 

++++++++++

6. Discussion

Existing approaches to Web accessibility policy provide a useful basis for promoting the accessibility of anonymity networks for persons with disabilities — both in terms of content available on anonymity networks and software used to access anonymity networks. The results demonstrate that legislative policies in the U.K. and Norway typically limit the application of legal obligations for Web accessibility to organizations acting within the jurisdiction of the government. However, persuasive policies have typically taken a broader view of Web accessibility by emphasizing the role of the Web in society and the remediation of Web content broadly. Thus, persuasive policies may provide a more useful approach for promoting the accessibility of anonymity networks. Interest organizations in the U.K. have integrated a coercive approach to enforcement with a self-regulatory approach to defining regulatory requirements. Interest organizations in Norway have yet to adopt substantively a coercive approach to enforcement.

While existing social regulations in the U.K. and Norway provide a useful basis for enforcing accessibility of “public” Web sites, enforcing accessibility in anonymity networks is problematic. Anonymity networks limit the use of coercive approaches to enforcement as the anonymity of darknet users provides opportunities to create and distribute legally problematic content. Thus, this paper suggests that a self-regulatory approach provides a more useful basis for promoting the accessibility of anonymity networks.

The results from Norway confirm the results from the U.K. and demonstrate that anonymity networks may fall under the legal obligations for Web accessibility if service providers choose to produce or distribute content on darknets. However, if service providers choose to remain anonymous, enforcement remains highly problematic.

The results suggest that in the U.K., individuals or organizations acting as service providers to create or administer content in anonymity networks have a legal obligation to ensure Web accessibility. However, regulators in the U.K. have yet to consider explicitly the application of Web accessibility policies to anonymity networks. In Norway, the regulations demonstrate a different approach to Web accessibility. While anonymity networks may utilize Internet and Web protocols, the regulations specify that the ICT solution (i.e., content provided on anonymity networks), must be integral to the operations of organizations and that the solution must target the general public in Norway. Thus, it is up to the courts in the U.K. or Norway to consider whether the use of anonymity networks by businesses constitute niche activities or are intended for use by a broader public.

In addition, the results demonstrate that specialized software such as Tor is essential to accessing darknets. While darknet users often remain anonymous, financial investors and software developers involved in creating and distributing programs such as Tor are often publicly known and actively engaged in promoting the use of anonymity networks. The results suggest that organizations such as the Tor Project (https://www.torproject.org) — the organization involved in developing and providing Tor software — have an obligation to ensure that their software is accessible for persons with disabilities. In addition, the accessibility of anonymity networks generally and Tor specifically is important as a platform for ensuring freedom of expression and privacy for users with disabilities.

Extensive research has yet to analyze the accessibility of Tor and other software used to access darknets and court cases analyzing the application of ICT accessibility policies to darknet related software have yet to emerge. In addition, disability persons’ organizations (DPOs) — i.e., interest organizations led and run by individuals with disabilities and representative of persons with disabilities — have yet to demand accessibility to anonymity networks. As participation in anonymity networks becomes more mainstream, any barriers experienced by persons with disabilities in using anonymity networks may result in a new digital divide and produce further inequalities among persons with and without disabilities.

Designing anonymity networks that are accessible for persons with disabilities has the potential to benefit persons with disabilities and DPOs by ensuring privacy, participation and free association on the Internet. For example, by using anonymity networks as a forum for participation, DPOs can provide new opportunities for persons with disabilities to communicate and disseminate information. In other words, DPOs could use anonymity networks broadly and darknets specifically to provide new services for persons with disabilities that aim to ensure privacy and harness the collective power of association under a common cause — i.e., accessibility and privacy. In this way, DPOs could use anonymity networks as a vehicle for social and political advocacy and as a means for achieving change both within anonymity networks and in broader society.

The approaches to Web accessibility policy in the U.K. and Norway provide a useful basis for extending self-regulatory efforts to anonymity networks. The results in this research are consistent with previous work on anonymity networks. Obligations for Web accessibility relate to broader issues concerning the right to privacy and freedom of expression. Darknets provide a useful mechanism for realizing the right to privacy and freedom of expression (Graux, 2009; McManamon and Mtenzi, 2010). Thus, for governments to ensure the accessibility of ICT and the right to privacy and freedom of expression for persons with disabilities, Web accessibility policies must consider the accessibility of anonymity networks.

A self-regulatory approach could provide a useful basis for promoting the accessibility of anonymity networks. Self-regulation and relational regulation could provide useful mechanisms for extending compliance beyond policy objectives (Huising and Silbey, 2011; Ogus, 2000; Short, 2013; Silbey, 2011). Policy actors involved in Web accessibility can promote compliance by encouraging a self-regulatory approach to the creation and promotion of anonymity networks. In addition, relational regulation can promote compliance for legal obligations characterized by intransigence.

 

++++++++++

7. Conclusion and recommendations

While legal obligations for Web accessibility in the U.K. and Norway may not apply to anonymity networks, persuasive policies in both cases have adopted a broader approach to promoting equality on the Web. This self-regulatory approach may provide a useful basis for promoting the accessibility of anonymity networks. By identifying and collaborating with actors involved in promoting online privacy and freedom of expression, interest organizations involved in Web accessibility can promote the usability of anonymity networks for persons with disabilities. Achieving Web accessibility requires further analysis of the role of privacy and freedom of expression on the Web. Interest organizations cooperate internationally with policy actors involved in publicly using and promoting the adoption of anonymity networks and collaborate with investors and developers of anonymity technologies to enhance the accessibility of anonymity networks. In addition, States Parties to the CRPD may have to re-examine the exemptions of Web accessibility obligations to ensure the accessibility of anonymity networks and further ensure the right to privacy and freedom of expression for persons with disabilities.

The limitations of this research prevent an examination of the implicit norms, values and procedures involved in creating, promoting and adopting anonymity networks. Future research should examine institutional norms, values and procedures involved in the development and adoption of anonymity networks. Further work could empirically examine the perspectives of anonymity network users and interest organizations involved in promoting a right to privacy and freedom of expression. Finally, previous research has yet to examine accessibility outcomes in anonymity networks. Thus, future research could empirically examine the rates of standards compliance of Web content hosted on anonymity networks. End of article

 

About the author

G. Anthony Giannoumis is an Assistant Professor of Universal Design of Information and Communication Technology in the Department of Computer Science at Oslo and Akershus University College of Applied Sciences. His research focuses on technology law and policy. He is currently researching the implementation of policies aimed at ensuring equal access to technology. His research interests include universal design, international governance, social regulation, and standardization, and he has also conducted research on assistive technology and intellectual property.
E-mail: gagian [at] hioa [dot] no

 

Acknowledgements

This paper was made possible with the support of the Marie Curie Alumni Association.

 

References

Ian Ayres and John Braithwaite, 1992. Responsive regulation transcending the deregulation debate. New York: Oxford University Press.

Marie-Louise Bemelmans-Videc, Ray C. Rist and Evert Vedung (editors), 1998. Carrots, sticks, & sermons : Policy instruments and their evaluation. New Brunswick, N.J.: Transaction Publishers.

John Bethencourt, Wai Yong Low, Isaac Simmons and Matthew Williamson, 2007. “Establishing darknet connections: An evaluation of usability and security,” SOUPS ’07: Proceedings of the Third Symposium on Usable Privacy and Security, pp. 145–146.
doi: https://doi.org/10.1145/1280680.1280700, accessed 20 May 2018.

Peter Biddle, Paul England, Marcus Peinado and Bryan Willman, 2003. “The darknet and the future of content distribution,” In: Joan Feigenbaum (editors). Digital rights management: ACM CCS-9 Workshop, DRM 2002. Lecture Notes in Computer Science, volume 2696. Berlin: Springer-Verlag, pp. 155–176.
doi: https://doi.org/10.1007/978-3-540-44993-5_10, accessed 20 May 2018.

Olivier Borraz, 2007. “Governing standards: The rise of standardization processes in France and in the EU,” Governance, volume 20, number 1, pp. 57–84.
doi: https://doi.org/10.1111/j.1468-0491.2007.00344.x, accessed 20 May 2018.

Thomas F. Burke, 2002. Lawyers, lawsuits, and legal rights: The battle over litigation in American society. Berkeley: University of California Press.

Petra Christmann and Glen Taylor, 2006. “Firm self-regulation through international certifiable standards: Determinants of symbolic versus substantive implementation,” Journal of International Business Studies, volume 37, number 6, pp. 863–878.
doi: https://doi.org/10.1057/palgrave.jibs.8400231, accessed 20 May 2018.

Direktoratet for forvaltning og IKT (Difi), 2014. “Referansekatalog for IT-standarder i offentlig sektor [Reference catalog of IT standards in the public sector],” at http://perma.cc/U2JS-F2J2, accessed 10 October 2014.

Roger Dingledine and Nick Mathewson, 2005. “Anonymity loves company: Usability and the network effect,” Proceedings of the Fifth Workshop on the Economics of Information Security (WEIS 2006), at https://www.freehaven.net/doc/wupss04/usability.pdf, accessed 10 October 2014.

Disability Rights Commission (DRC), 2004. “The Web: Access and inclusion for disabled people : a formal investigation,” London: TSO, and at https://www.city.ac.uk/__data/assets/pdf_file/0004/72670/DRC_Report.pdf, accessed 20 May 2018.

Disability Rights Commission (DRC), 2002. “Disability Discrimination Act 1995: Code of practice — Rights of access goods, facilities, services and premises,” at http://webarchive.nationalarchives.gov.uk/20070108130913/http://www.drc-gb.org/the_law/legislation__codes__regulation/codes_of_practice.aspx, accessed 20 May 2018.

Catherine Easton, 2011. “The Web Content Accessibility Guidelines 2.0: An analysis of industry self-regulation,” International Journal of Law and Information Technology, volume 19, number 1, pp. 74–93.
doi: https://doi.org/10.1093/ijlit/eaq015, accessed 20 May 2018.

Electronic Frontier Foundation (EFF), 2014a. “About EFF,” at http://perma.cc/98GP-37LG, accessed 11 October 2014.

Electronic Frontier Foundation (EFF), 2014b. “Join the Tor Relay challenge,” at http://perma.cc/LN5E-PN4X, accessed 11 October 2014.

Equality and Human Rights Commission (EHRC), 2011. “Services, public functions and associations: Statutory code of practice,” at https://www.equalityhumanrights.com/en/publication-download/services-public-functions-and-associations-statutory-code-practice, accessed 20 May 2018.

Adam Clark Estes, 2014. “Dreaming of a Tor button for Firefox” (29 September), at http://perma.cc/AA22-GPR9, accessed 11 October, 2014.

Fornyings-, administrasjons- og kirkedepartementet (FAKD, Royal Norwegian Ministry of Government Administration, Reform and Church Affairs), 2013. “Forskrift om universell utforming av informasjons- og kommunikasjonsteknologiske (IKT)-løsninger [Regulations for universal design of information and communication technology (ICT) solutions],” at https://lovdata.no/dokument/SF/forskrift/2013-06-21-732, accessed 20 May 2018.

Delia Ferri and G. Anthony Giannoumis, 2014. “A revaluation of the cultural dimension of disability policy in the European Union: The impact of digitization and Web accessibility,” Behavioral Sciences & the Law, volume 32, number 1, pp. 33–51.
doi: https://doi.org/10.1002/bsl.2102, accessed 20 May 2018.

Freenet, 2013. “Freenet the free network,” at http://perma.cc/WTV5-WGXS, accessed 12 December 2013.

Eva Galperin, Nadia Kayyali and Kurt Opsahl, 2014. “Dear NSA, Privacy is a fundamental right, not reasonable suspicion” Electronic Frontier Foundation (EFF) (3 July), at http://perma.cc/64PS-872E, accessed 12 October 2014.

Alexander L. George and Andrew Bennett, 2005. Case studies and theory development in the social sciences. Cambridge, Mass.: MIT Press.

G. Anthony Giannoumis, 2017. “Self-regulation and the legitimacy of voluntary procedural standards,” Administration & Society, volume 49, number 7, pp. 967–989.
doi: http://dx.doi.org/10.1177/0095399714548270, accessed 20 May 2018.

G. Anthony Giannoumis, 2015. “Auditing Web accessibility: The role of interest organizations in promoting compliance through certification,” First Monday, volume 20, number 9, at http://firstmonday.org/article/view/6167/4901, accessed 20 May 2018.
doi: http://dx.doi.org/10.5210/fm.v20i9.6167, accessed 20 May 2018.

G. Anthony Giannoumis, 2014a. “Regulating Web content: The nexus of legislation and performance standards in the United Kingdom and Norway,” Behavioral Sciences & the Law, volume 32, number 1, pp. 52–75.
doi: http://dx.doi.org/10.1002/bsl.2103, accessed 20 May 2018.

G. Anthony Giannoumis, 2014b. “The Web as a site of intractable governance.” In: Héctor Caltenco, Per-Olaf Hedvall, Andreas Larsson, Kirsten Rassmus-Gröhn and Bitte Rydeman (editors). Universal design 2014: Three days of creativity and diversity. Amsterdam: IOS Press, pp. 384–393.

Hans Graux, 2009. “Darknets and the future of freedom of expression in the information society.” In: Erik Claes, Wouter Devroe and Bert Keirsbilck (editors). Facing the limits of the law. Berlin: Springer-Verlag.
doi: http://dx.doi.org/10.1007/978-3-540-79856-9, accessed 20 May 2018.

Guardian, 2013. “‘Tor Stinks’ presentation — read the full document” (4 October), at http://perma.cc/AB7Z-QH29, accessed 12 October 2014.

Rune Halvorsen, 2010. “Digital freedom for persons with disabilities: Are policies to enhance e-accessibility and e-inclusion becoming more similar in the Nordic countries and the U.S.?” In: Lisa Waddington and Gerard Quinn (editors). European Yearbook of Disability Law, volume 2. Antwerp: Intersentia, pp. 77–102.

Rune Halvorsen and Bjørn Hvinden, 2009. “Nordic disability protection meeting supranational equal treatment policy — A boost for the human rights of persons with disabilities?” In: Henriette Sinding Aasen, Rune Halvorsen and António Barbarosa da Silva (editors). Human rights, dignity and autonomy in health care and social services: Nordic perspectives. Antwerp: Intersentia, pp. 177–203.

Warren Harrop and Grenville Armitage, 2005. “Greynets: A definition and evaluation of sparsely populated darknets,” MineNet '05: Proceedings of the 2005 ACM SIGCOMM Workshop on Mining Network Data, pp. 171–172.
doi: http://dx.doi.org/10.1145/1080173.1080177, accessed 20 May 2018.

Ruthanne Huising and Susan S. Silbey, 2011. “Governing the gap: Forging safe science through relational regulation,” Regulation & Governance, volume 5, number 1, pp. 14–42.
doi: https://doi.org/10.1111/j.1748-5991.2010.01100.x, accessed 20 May 2018.

Robert A. Kagan, 2001. Adversarial legalism: The American way of law. Cambridge, Mass.: Harvard University Press.

Anna Lawson, 2008. Disability and equality law in Britain: The role of reasonable adjustment. Oxford: Hart.

Likestillings- og diskrimineringsombudet (LDO), 2014. “Dismissal of complaint,” at http://www.ldo.no, accessed 20 May 2018.

Likestillings- og diskrimineringsombudet (LDO), 2012. “Dismissal of complaint,” at http://www.ldo.no, accessed 20 May 2018.

Dave Lee, 2014. “Facebook sets up ‘dark web’ link to access network via Tor,” BBC News (3 November), at http://perma.cc/8LMF-F57W, accessed 8 June 2015.

David Levi-Faur, 2011. “Regulation and regulatory governance,” In: David Levi-Faur (editor). Handbook on the politics of regulation. Cheltenham: Edward Elgar.
doi: https://doi.org/10.4337/9780857936110.00010, accessed 20 May 2018.

Library Freedom Project, 2015. “Tor exit relays in libraries: A new LFP project” (28 July), at https://libraryfreedomproject.org/torexitpilotphase1/, accessed 18 October 2015.

Karsten Loesing, Steven J. Murdoch and Roger Dingledine, 2010. “A case study on measuring statistical data in the Tor anonymity network,” In: Radu Sion, Reza Curtmola, Sven Dietrich, Aggelos Kiayias, Josep M. Miret, Kazue Sako and Francesc Sebé (editors). Financial cryptography and data security. Lecture Notes in Computer Science, volume 6054. Berlin: Springer-Verlag, pp. 203–215.
doi: https://doi.org/10.1007/978-3-642-14992-4_19, accessed 20 May 2018.

Fred von Lohmann, 2004. “Measuring the Digital Millennium Copyright Act against the darknet: Implications for the regulation of technological protection measures,” Loyola of Los Angeles Entertainment Law Review, volume 24, pp. 635–648.

Giandomenico Majone, 1993. “The European Community between social policy and social regulation,” Journal of Common Market Studies, volume 31, number 2, pp. 153–170.
doi: https://doi.org/10.1111/j.1468-5965.1993.tb00455.x, accessed 20 May 2018.

Conor McManamon and Fredrick Mtenzi, 2010. “Defending privacy: The development and deployment of a darknet,” 2010 International Conference for Internet Technology and Secured Transactions, at https://ieeexplore.ieee.org/document/5678544/, accessed 20 May 2018.

David Meyer, 2014. “Aphex Twin promotes both new album and Tor through Deep Web publicity push” (19 August), at http://perma.cc/H42H-9BVC, accessed 11 October 2014.

Michael Moran, 2003. The British regulatory state: High modernism and hyper-innovation. Oxford: Oxford University Press.

Norwegian Ministry of Children and Equality, 2009. “Norway universally designed by 2025: The Norwegian government’s action plan for universal design and increased accessibility 2009–2013” (14 May), at https://www.regjeringen.no/globalassets/upload/bld/nedsatt-funksjonsevne/norway-universally-designed-by-2025-web.pdf, accessed 20 May 2018.

Norwegian Ministry of Modernisation, 2005. “eNorway 2009 — the digital leap,” at https://www.regjeringen.no/globalassets/upload/fad/vedlegg/ikt-politikk/enorway_2009.pdf, accessed 20 May 2018.

Anthony Ogus, 2000. “Self-regulation,” In: Gerrit De Geest (editor). Encyclopedia of Law & Economics, volume 5. Cheltenham: Edward Elgar, pp. 587–602.

Matthew Potoski and Aseem Prakash, 2011. “Voluntary programs, compliance and the regulation dilemma,” In: David Levi-Faur (editor). Handbook on the politics of regulation. Cheltenham: Edward Elgar.
doi: https://doi.org/10.4337/9780857936110.00016, accessed 20 May 2018.

Royal National Institute of Blind People (RNIB), 2012. “RNIB serves legal proceedings on bmibaby,” at http://perma.cc/7JXN-4YZF, accessed 21 May 2014.

Peter H. Salus, 1995. Casting the net: From ARPANET to Internet and beyond. Reading, Mass.: Addison-Wesley.

Jodi L. Short, 2013. “Self-regulation in the regulatory void: ‘Blue moon’ or ‘bad moon’?” Annals of the American Academy of Political and Social Science, volume 649, number 1, pp. 22–34.
doi: https://doi.org/10.1177/0002716213485531, accessed 20 May 2018.

Susan S. Silbey, 2011. “The sociological citizen: Pragmatic and relational regulation in law and organizations,” Regulation & Governance, volume 5, number 1, pp. 1–13.
doi: https://doi.org/10.1111/j.1748-5991.2011.01106.x, accessed 20 May 2018.

Tor, 2014. “Tor: Overview,” at http://perma.cc/QF6C-MCNU, accessed 12 October 2014.

Tor, 2013a. “Tor Project: Anonymity online,” at http://perma.cc/4WE4-NKKJ, accessed 15 December 2013.

Tor, 2013b. “Tor: Sponsors,” at http://perma.cc/BUL5-86MV, accessed 15 January 2014.

Annette Elisabeth Töller, 2011. “Voluntary approaches to regulation — Patterns, causes, and effects,” In: In: David Levi-Faur (editor). Handbook on the politics of regulation. Cheltenham: Edward Elgar, pp.499–510.
doi: https://doi.org/10.4337/9780857936110.00053, accessed 20 May 2018.

U.K. Department for Business Innovation & Skills, 2010. “The eAccessibility action plan: Making digital content accessible by everyone” (12 October), at https://www.gov.uk/government/publications/the-eaccessibility-action-plan-making-digital-content-accessible-by-everyone-january-2011, accessed 20 May 2018.

United Nations, 2006. “Convention on the Rights of Persons with Disabilities (CRPD),” at https://www.un.org/development/desa/disabilities/convention-on-the-rights-of-persons-with-disabilities.html, accessed 20 May 2018.

Kate Vinton, 2014. “The feds explain how they seized the silk road servers,” Forbes (8 September), at http://perma.cc/CB3Y-NJLZ, accessed 11 October 2014.

Web Accessibility Initiative (WAI), 2012. “Web Content Accessibility Guidelines (WCAG) Overview,” at http://perma.cc/8LA-FDNM, accessed 10 October 2014.

World Intellectual Property Organization (WIPO), 2014. “What is intellectual property?” at http://perma.cc/TE6Y-36HE, accessed 12 October 2014.

Jessica A. Wood, 2010. “The darknet: A digital copyright revolution,” Richmond Journal of Law and Technology, volume 16, number 4, pp. 1–60, and at http://scholarship.richmond.edu/jolt/vol16/iss4/4, accessed 20 May 2018.

Robert K. Yin, 2014. Case study research: Design and methods. Fifth edition. Thousand Oaks, Calif.: Sage.

 


Editorial history

Received 18 October 2015; accepted 20 May 2018.


Copyright © 2018, G. Anthony Giannoumis.

Accessibility of anonymity networks: How can Web accessibility policies promote the usability of darknets for persons with disabilities?
by G. Anthony Giannoumis.
First Monday, Volume 23, Number 6 - 4 June 2018
https://firstmonday.org/ojs/index.php/fm/article/download/6194/7418
doi: http://dx.doi.org/10.5210/fm.v23i6.6194