Yesterday the EFF reported on a “secret” subpoena served by the U.S. government on Kristina Clair, the sysadmin for the independent news site indymedia.us. The subpoena demanded information on all IP traffic for the site. It also demanded that Clair keep the request secret.
With free legal help from the EFF, the subpoena was dropped and the secrecy order abandoned. Take a look at this long report by an EFF Senior Staff Attorney, which goes into fascinating detail.
Kristina Clair with handknitted scarf
Right on Kristina, for not keeping logs of IP addresses in the first place, and for standing up for First Amendment rights. It seems well in keeping with The System Administrators’ Code of Ethics as well as with the EFF’s Best Practices for Online Service Providers.
I thought geekfeminism readers might be interested in more of Kristina’s story, so I asked her a few questions over email.
Here’s the interview!
Liz: When you got the subpoena, how and when did you decide to contact the EFF? Did you talk it over first with others? What was it like to call the EFF and ask for their help?
Kristina: Actually, someone who helps admin the server asked a general question on an Indymedia mailing list, and they recommended the EFF for Indymedia-related legal questions.
I was definitely completely clueless about any legal processes, so it was a bit nerve-wracking to talk to them and say, ‘Hey I got this thing and I have no idea what to do about it’. But they were completely helpful from the beginning and made me feel comfortable right away.
Liz: As a sys admin, how did you decide *not* to keep IP logs?
Kristina: It’s standard imc policy. It’s standard policy for anyone that wants to keep their visitors’ information private.
Liz: Is there any use of IPs of your sites’ visitors that the site owners or you might find useful? In other words, what factors might make you want to keep IPs?
Kristina: I can only speak for myself – I’ve found IP addresses to be useful for debugging. Sometimes the only way I’ve been able to track down an error in Apache’s error log and tie it to a page visit by the IP. I’ve also used IPs to track down hacker behavior on servers, but that’s not always reliable because hackers often connect from several places.
I think generally IP addresses are used for statistical data – the country, mainly. But I think if you really wanted that data but didn’t want to store IP addresses you could find a way to do it.
Liz: Is your work for Indymedia volunteer? Do you do similar work for other organizations? Personally, I tend to do a bunch of back end support work for nonprofits and organizations that I like. Do you have any advice for other volunteer sys admins and web hosts?
Kristina: Yes, Indymedia work is volunteer. I also do some volunteer work for riseup.
I tend to not do too much support for other organizations because my skillset is not desktop-oriented, and that’s generally what they need. I’m completely useless setting up a windows network or setting up a printer or things like that!
The common advice for volunteer work is to have good boundaries with it so that it doesn’t burn you out.
Liz: What are your thoughts in general about free speech, privacy, technology, activism and so on?
Kristina: I’ve been thinking a lot lately about personal information and privacy. There is one train of thought I’ve been interested in for the last several months which is more personal than activist: before computers and emails and blogs, people commonly wrote letters and kept written journals. These things were not things that are necessarily accessible to anyone except those who had physical access. They were private. when that person died,they would go to a family member, probably. Now, these types of things are often not even things that we own ourselves. Most people have email or blogs hosted on someone else’s server, and while they can still access that information, it’s not quite the same as having it physically on paper. That’s a huge history of personal communication that is sitting on a hard drive somewhere, connected to the Internet.
There is something to this that I haven’t quite been able to articulate,but that’s where my interest has been lately in regards to technology and privacy.
I guess where it starts to matter is that, at least in my mind, there is some degree to which all of this information is public, regardless of what information someone wants to be public — obviously people want their blogs public! Privacy is really hard to think about and protect when non-privacy is so convenient. It’s important to me to help provide alternatives for people who want to use the Internet but are concerned about privacy.
Finally, doing all of this in a way that supports freedom of information and open source keeps things really interesting.
In the past, in the activist realm I’ve done a lot more work having to do with accessibility, particularly in regards to gender in IT.I’ve done a lot of work with the genderchangers (genderchangers.org) and the eclectic tech carnival, which are both based in Europe. Both groups focus on technology education for women.there is also a project which I helped create called systerserver, which is a Linux server administered by women for the purposes of learning. Due to some hardware troubles, this project has been moving forward slowly lately.
Liz: It looks like you’re part of LinuxChix and other local Philadelphia computing organizations. Can you tell us a bit about your involvement with them and what the Linux/FLOSS scene is like in Philly?
I haven’t been actively involved in LinuxChix for quite some time, actually. I’ve been a bit of a lone wolf here – all of my collaborators and coworkers live elsewhere.
Liz: Have you experienced any particular sexism or solidarity in your field?
Yes, lots and lots of sexism. My favorite examples of this are when I’ve received emails that begin with “Dear Sir,” in reply to an email that I’ve sent and signed with my name.
I’ve been lucky to have a lot of positive experiences with men in the field, however. The person who taught me Perl is male, and I’m currently doing some work with the riseup collective whose members are extremely aware of gender issues in the field and take active steps to discourage it.
Liz: Can you tell me a bit about yourself, personal history or interests, what kind of work you do, and so on?
I’ve been working in web hosting for about 10 years, mostly programming Perl and administering linux servers. Recently I’ve been working with ruby and ruby on rails on the crabgrass project.
I’m protective of my time and spend as little time as possible in front of a computer, though! I have balanced it out by extremely physically-oriented activities like cooking, knitting, sewing, and yoga.
Liz: What are your favorite Linux distros?
I like CentOS and Debian for servers, and I use Ubuntu for a desktop (I really like Ubuntu 9.10).
Thanks to Kristina for the interview!