The case of “Illicit appropriation” in
the use of technology


Eduardo H. Calvillo Gámez
División de Nuevas Tecnologías de la Información
Universidad Politécnica de San Luis Potosí
México

Rodrigo Nieto Gómez
Center for Homeland Defense and Security
Naval Postgraduate School
USA

INTRODUCTION
Ramón de Campoamor y Campoosorio wrote the poem1:

En este mundo traidor
Nada es real ni es mentira
Todo es segun el color del cristal
Con que se mira.
In this treacherous world,
nothing is real or a lie;
everything is according to the color of the
glass you are looking through.


In the everyday of the Mexican folklore, the introductory line of this poem has been forgotten,
leaving  simply   the  phrase:  “Nothing   is   real  or  a   lie,  everything   is  according   to   the  color  of   the  
glass   you   are   looking   through”.   Sometimes,   the   glass   is   being   used to look into technology.
Technology can be used to commit unspeakable acts, e.g. war, as well as to enhance human life,
e.g. The Manhattan Project ended World War 2 and provided technological advances that we still
use (Kelly, 2007). But technology is neither bad nor good as its value depends on the action that
the technology is mediating. The role of technology to perform actions that can be deemed as
good or evil depends on the eye of the beholder, as it was the case of the Manhattan Project,
which helped humanity to end a war, but it also provoked the dead of millions of civilians.

Arguably, the value of every human conduct is not left to interpretation. There are certain
conducts that are deemed criminal (deviant acts) by the legislation of most democratic states such
as pedophilia, human trafficking, kidnapping (or any other type of extortion), homicide, terrorism
or copyright infringement. These deviant acts have benefited from the use of "new technologies"
up to a point that they are considered as central for the commission of the illegal conduct. This
prominent role of the technology has provoked a response from public actors that seems oriented
to "punish" technology itself and limit its functionalities, and not only to prosecute and punish the
crime.

1 Poem and translation obtained from http://daxdavis.com/nothing-is-real-or-a-lie/

However, it is when non-democratic States act in the same way to prosecute conducts that in their
context are also considered deviations (e.g. China vs cyberporn or Iran vs Twitter), that the
conflict between the neutrality of technology and the Nanny State becomes clearer. A biased
criterion seems to dictate that it is valid for democratic states to restrict technology in lieu of the
prosecution of criminal acts, but it is not valid when, outside the democratic world, those
restrictions limit human rights or user experience.

In this chapter, we play the devil's advocate to those who favor strict government supervision
over technology itself or that claim that the way to stop deviant acts is purely technological. We
do not argue that some actions should be accepted and some others not. Instead, our argument is
that   technology   is   a   “neutral”  mean   to   an   end,   and   that   the  use  of   technology   to  detract   social  
deviations is dependent on public policy and social behavior. We also argue that technology
designers should be aware that any new feature included to stop deviant acts might be used to
commit those very same acts. We concur with Koops et al. that the goal of a technology-neutral
regulation  should  be  that  “the  effects  of the ICT [Information & Communication Technologies]
should  be  regulated,  but  not  technology  itself”  (Koops, Lips, Prins, & Schellekens, 2006).


To elaborate our argument we propose the concept of "illicit appropriation", based on the Human
Computer Interaction (HCI) concept of appropriation (e.g. Dix, 2007). Dix argues that the user of
a technology appropriates its usage in a way not foreseen by the designer of the technology. We
argue that sometimes that appropriation can be geared towards activities that can be considered as
illicit, and in some cases criminal. We illustrate the use of illicit appropriation through a series of
case studies of current events, in which we show that either a state or the individual can rely on
illicit appropriation. In those examples, we argue that the use of technology to deter illicit
behaviors is linked to civil liberties. One of our conclusions is that technology rarely creates new
crimes, but it does ease the process of committing them. As one of the old mantras of information
technology says: computers only make processes more efficient, in this case the process of
committing a crime. Our final conclusion is that the use of technology to combat social deviations
is not a technological problem, but a public policy issue, where a delicate balance has to be found
between the enforcement of the law by technological means (approved by legislation), the user
experience, the civil liberties of the individual and the checks and balances to the power of the
state.

The chapter is organized as follows; firstly we review the concepts of appropriation and user
experience as well as the concepts of democratic and non democratic states. Secondly, we
introduce the concept of illicit appropriation. Thirdly, we present three case studies of illicit
appropriation in democratic, non democratic states and, in order to avoid an excessively state-
centric vision of the process of illicit appropriation, in the last case study we analyze it in the
context of a criminal networked organization and their appropriation of everyday technologies for
the commission of deviant acts. We close the chapter with conclusions.

TECHNOLOGY, USER EXPERIENCE AND APPROPRIATION

The role of technology is to improve human life. Humans have tried to improve their
surroundings and daily interactions, both with the environment and fellow humans, through the
invention of the written language, seed domestication, motors and computers just to mention few
examples. In order to understand and design technology to have a deeper impact on daily life, a
series of laws, guidelines and frameworks are usually devised to transfer technology from theory
to praxis. These theories can go from the intrinsic design of the technology itself, e.g. would the
metal melt if it is used to manufacture such engine? To the actual use of the technology by its
intended audience, e.g. how long would it require to educate the user to learn how to drive? When
the objectives are only to create a technology that solely deals with the core scientific aspects,
disregarding the human user, it may not actually improve, but actually diminished, human life.
For example, medical devices that produce harm because of a poor design (Thimbleby, 2008).
Among the different aspects of technology, in this chapter we introduce illicit appropriation
primarily using the front-end of Information Technologies (IT), but later on we extend the
discussion to technology, including critical infrastructure. The focus of our discussion is on the
interaction between user and technology and the utilization of technology in ways not defined by
the designer

Originally, the objective of any IT application was be to be useable by its intended audience; that
is, it could be used efficiently and effectively to perform a task and it would provide satisfaction
to the user (Bevan, 1995). In other words, the application had to be able to let the user perform a
task fast, correctly while being pleasant to use. New research in HCI suggests that the focus of the
application should be to provide the user with a positive experience (Hassenzahl & Tractinsky,
2006). The role of satisfaction takes precedence over efficiency and effectiveness as it can be
safely assumed that an application that does not let the user perform a task under these two
conditions would provide a poor experience.

The concept of User Experience goes beyond the interface of the application; it is about the
interaction of the user with the environment (Calvillo Gámez & Cairns, 2008). Designing to
improve the user experience is grounded on the idea of understanding the users, the task and the
context and making sure the application responds to all the needs of the user (Buxton, 2007). The
designer needs to understand both the process and outcome of the interaction (Calvillo Gámez,
Cairns, & Cox, 2010). The process is formed by those elements that make the interaction
common among individuals. The user makes sense of the experience by anticipating, connecting,
recounting, personalizing2, interpreting and reflecting on the different elements that form the
experience (McCarthy & Wright, 2004).


In making sense of the experience, the user reflects on the application used to perform the task.
This changes the role of the application from a tool ready-at-hand to present-at-hand (Winograd
& Flores, 1986; Heidegger, 1927). In other words, the application is no longer a medium to an
end, but an end in itself. Present-at-hand is when the individual reflects on the tool, rather than on
the task; it is usually associated to when the tool does not perform as expected, but it also gives

2 McCarthy  &  Wright  use  the  word  “appropriation”,  however,  this  word  is  used  in  this  article  with  a  
different meaning as the one intended by them. To avoid confusions, appropriation is changed for
personalization without changing the intended meaning of the sense making process.

the user the opportunity to find new uses for the tool not foreseen by its designer. That is, the user
improves the experience by finding new uses to the application.

Using the application for something different than intended by its designer is known as
Appropriation (e.g. Dourish, 2003; Dix, 2007). The various definitions are centered on the idea
that the user appropriates the application by using it in another way as intended by its designer. It
is important to distinguish between appropriation and personalization. Personalization is using the
application for its intended use while adding non functional features, such as changing the picture
of the desktop, colors, fonts, orders, and so on. Appropriation is not using the application for its
original and intended use, such as using e-mails as a to-do list or creating a Grease Monkey script
for Firefox to change its functionality. A simple and parochial example would be to use a shoe to
drive a nail into the wall. It is important to notice that the appropriation of the application does
not preclude the user from personalizing or using the application as expected. Furthermore, the
user is likely to enhance the use of the application by adding the appropriated features (AF) and
then sharing them via worth of mouth or blogs. For example, the GNU project (GNU Foundation)
is based on appropriation and AF being incorporated into the new releases of the technology,
evolving from AF to standard features. The designers release a basic GNU application, then the
users adapt and change the application to fit their needs, and if enough users approve the
introduced AF, then they are included in the new official release. Of course, to develop AF for
any GNU application requires specialized skills. Firefox, on the other hand, provides support to
add-on applications that although widely popular, are still not included in the standard version. In
this case, the user can develop their own AF, or go to the add-on section of Firefox and add it.
Firefox, just as GNU in general, are applications designed for appropriation; in particular
appropriation by users with the technical ability to change the application. However, this is not a
requirement for appropriation. A person using the inbox of the email as a to-do list, instead of its
intended use of just receiving emails, does not require different skills as the rest of the users.

To summarize, appropriation is when the user interacts with the application in ways not defined
by its designer and as an effort of the individual to improve the user experience. The AF proposed
by the user are then shared and adopted by a wider population of users. The application, and the
technology   in   general,   are   then   used   with   the   AF   “on   top”   of   the   standard   features. Before
introducing what it means to illicitly appropriate an application, we first introduce the definition
of what constitutes an illicit activity, and the caveat of what is illicit or not depending on the type
of state on which this happens.

DEFINITION OF ILLICIT CONDUCTS IN DEMOCRATIC AND NON-
DEMOCRATIC STATES

It is impossible to obtain a universal definition of what constitutes an illicit conduct, for the
simple reason that there are as many definitions as there are sovereign nations in the world. It is a
geographically dependent concept because it is linked to a jurisdiction, and every nation-state will
define it differently depending on their legal tradition and local values. In that sense, an illicit
conduct is any conduct deemed as such by the body that has the authority to create the law in that
territory.   We   consider   it   to   be   a   “positive   law”   definition:   part   of   a   law   created   by   a   proper  

authority, which defines a particular conduct as forbidden and punishable within the boundaries
of that jurisdiction.

An exception to this criterion exists in the case of  human   rights,   considered   to  be   “inalienable  
rights  of  all  members  of  the  human  family”  (United Nations, 1948), as they derivate from natural
law theory (Habermas, 1999). This means that no government has the right to curtail them, and
because of that, most of the illicit conducts committed by state authorities do not have to be
recognized in any law when they go against the fundamental rights of every citizen.

Or at least, that is the theory. In reality, as it is often the case with regard of International Law,
might makes right, and only the peer pressure of other nation-states or their projection of national
power will allow some kind of punishment against the members of any government who commit
one  of   the   series  of   illicit   conducts   considered   to  be  “crimes   against  humanity”, e.g. genocide,
enslavement, the deportation of populations, torture, enforced disappearance, among others
(United Nations, 1998).

Crimes are the clearest example of an illicit conduct. While they are not the only ones, as many
other conducts are considered to be against the law but not criminal (exceeding the driving speed
limit or jaywalking are also illicit conducts, but in most countries they are not considered to be a
crime). Criminal law tends to concentrate on the worst cases of illicit conducts, the ones that
receive the harshest of punishments available in that jurisdiction. By worst it is usually meant
those deviant conducts that are considered to hurt society as a whole, and not only the individual
(that  is  why  in  criminal  law  cases,  one  of  the  parties  is  always  “the  state”  or  “the  public”  versus  
the presumed criminal).

Despite the fact that most of the English speaking countries derivate their laws from the common-
law British tradition, a majority of them have today some kind of codification that contains a
description of the conducts considered to be a crime, e.g. (Robinson & Dubber, 1999). In the rest
of the world, a codified penal or criminal law is the norm. For those countries, the criminal code
is written in the form of a catalog that contains a description of all the conducts deemed a crime
(actus reus) and thus, they are in fact catalogs of illicit or deviant conducts.

The main difference between democratic and non-democratic states will then be, not in the way
they structure their definitions of illicit conducts, but in their origin. In the former, a
democratically elected parliament will be the source of all codification, while for the later, the
origin of the definitions of the illicit conducts can be one person (a dictator) or a group of
unelected individuals (a military junta, a “People's   assembly” or the clergy of a religion), with
little or no input from the majority of the population.

INTRODUCING ILLICIT APPROPRIATION
As discussed previously, appropriation is when the user interacts with the technology in ways not
defined  by  its  designer.  Dix  describes  the  association  as  the  user  “not  playing  by  the  rules”  (Dix,
2007). From the point of view of HCI, designing for appropriation has to be encouraged as it
provides a better user experience. It is for this reason that programs such as Firefox allow scripts
or add-ons, or programs released under the GNU licensing scheme can be edited and configured
to satisfy the needs of the user.

Dix continues explaining that there is another kind of appropriation --“subverted  appropriation”--,
where  the  user  “uses  something  in  a  way  it  was  not  intended,  not  just  because  of  something  the  
designer didn't think about,  but  in  order  to  thwart  its  intentions”.  For  example,  a  user  that  installs  
a special kind of script to his browser, in order to avoid the advertisement content of a website
(ad-blocker). In this case, this particular user is clearly subverting the intent of the web designer,
who expects to make his profit from the ads revenue, but it is a valid appropriation for the
designer of Firefox as it was created to use this type of script.

However, it is not always desirable that the user appropriates a given application; for example,
running a Windows applications, such as the video game Spores (Wright, 2008), on a Linux
distribution like Ubuntu. The web page Linux Outlaws (Spore on Linux Howto, 2009) provides a
guideline into how to achieve this. Spores was designed to run only on Windows, but via
introducing the AF suggested in the web site, it is possible to run it on Ubuntu. In this example,
the instructions provided by the developer of the AF specifically tell the user to break the digital
rights management (DRM) of the game. An early adopter of the technology may stumble upon
the original source, while a late adopter may find the answer in a different website (e.g. Spores on
WINE) where this warning is not issued. This may indicate that the original developer of the AF
is doing illicitly, but that the late adopter may have not known this. However, both conducts
would result in committing an illicit conduct. From the point of view of public policy, this is a
problem.

This is what we define as illicit appropriation; it goes beyond subverted appropriation. It does
not  only  break   the  designer's   intentions,   but   also   the   law.  On  a   scale,   it   is   the   “worst”  kind  of  
appropriation, as it is the only one that is punishable by law.

The case of the DVD Region Coding (RC) system highlights this battle between appropriation
and public policy. DVDs incorporate a type of DRM that is supposed to prevent watching a DVD
outside of its intended regional zone. This was a system intended to give the film industry the
capacity to set different release dates in different regions of the world (DVD copy control
Association, n.d.).

Figure 1.- Map of the different RC currently in use by the film industry to lock DVDs according
to their region. (Source: http://en.wikipedia.org/wiki/File:DVD-Regions_with_key-
2.svg#filelinks)

For example, to watch a DVD region 1, the user is supposed to be based in a region 1 country;
thus, a DVD bought in Canada or the United States cannot be watched in Mexico. This is
enforced by selling DVD players of only the approved region.

For the particular case of Mexico, this proved to be a bad geopolitical decision regarding the fight
against copyright infringement. As the map in Figure 1 shows, this country was placed inside the
region 4 that includes all Latin America, the Caribbean nations, Australia and New Zealand. This
policy neglected the fact that Mexico's strongest international relations (human and commercial)
are with the United States and take place inside the NAFTA zone (Domínguez & Fernández De
Castro, 2009).  This  meant   that   in   a   very   short   period   of   time,  Mexico   had   a   vibrant   “zone   1”
DVD market, and a public eager to find ways to appropriate the DVD technology in order to
circumvent these DRM issues.

This restriction can be circumvented by moving the DVD player outside of its original region; so
buying a DVD player in the United States and moving it to Mexico would allow users in Mexico
to watch a region 1 DVD. Because this is not illegal, it is   a   clear   case   of   “subverted  
appropriation”.

Other solutions are to use the computer to watch the DVD, and via software, modify the region of
the DVD player software, or physically modify a DVD player to completely bypass the RC
System. Both of these conducts would be considered to be an illicit conduct by the film industry.

All these limitations have a negative influence on the user experience. For this reason, few
experienced  users  decided  to  appropriate  the  use  and  interaction  of  computer’s  DVD  players.  The  
DeCSS (DeCSS Central) library was introduced so that users could watch a DVD regardless of
the RC. As a result, the Motion Picture Association of America presented a lawsuit against the
developers of the library (DVD CCA Lawsuit(s)). The lawsuit was based on the idea that the
developers were acting illicitly. Only one of the developers was on trail and he was found not-
guilty (BBC Technology News, 2003). However, DeCSS did not become a standard feature of

any computer, even though it was being used extensively all over the world. This was because it
is believed that DeCSS allows an illicit behavior of the users depending on the country on which
they are based; although copyright infringement is not always equated with a criminal offense,
it can be. The users can still download and use the application, but it is up to their legal
framework if they are acting illegally or not.

Installing and running AF such as DeCSS can be seen as an effort of the user to thwart the
intentions of the designer. One can assume that the designer of DVD players for computers are
law abiding citizens that don't want to risk a potential lawsuit from media organizations; so they
decide not to install the DeCSS library. The user that downloads and install the library is doing so
to avoid something the designer, willingly, did not provide. Of course that in some countries
DeCSS may actually break the law, where in other ones is just the posterior use of DeCSS that
could result in breaking the law; for example, using DeCSS not only to watch a DVD, but to use
it to copy a DVD without the intended locks.

We summarize then the process of appropriation in three different categories. Simple
appropriation is desired from the point of view of user experience. The designer should allow the
user to appropriate a given application in order to improve the experience of the user, as it was
the case of the GNU applications or Firefox. Subverted appropriation is when the user thwarts the
designer’s  intentions,  as  it  was  the  case  of  the  user  of  web-pages who block commercial pop-ups,
making it harder for the designer of the page to generate revenue. The third type of appropriation
is  when   the  user  not  only   thwarts   the  designer’s   intentions,   but   also  breaks   the   law.  As   it  was  
discussed on the example of the DVD RC system, the conduct produced by the illicit
appropriation can result in a criminal activity that is forbidden by law. See Figure 2 for a
representation of the different types of appropriation.

Figure 2: The three different types of appropriation. Simple appropriation is a goal of the
designer so that the user can have a better experience while interacting with the application.
Subverted appropriation is the user breaking the intentions of the designer. Illicit appropriation
is when the user commits illicit or criminal activities with the application.

Appropriation
• Encouraged
Subverted
Appropriation
• Tolerated
Illicit
Appropriation
• Forbidden

This means that the concept is dependent on the existence of a previous legal declaration that a
certain appropriation conduct is part of an illegal conduct. Even if the appropriation conduct
subverts the intentions of the designer, then as long as it has not been declared illicit in a public
law, it would only be considered to be a case of subverted appropriation, but not of illicit
appropriation.

The core element of the process of appropriation is that the user appropriates the technology
doing things in a way not foreseen, simple appropriation, or explicitly unwanted, subverted
appropriation, by the designer, adapting the technology to his reality, outside of the designer's
table. While the first kind of appropriation is seen as a positive phenomenon in design studies, the
second kind, subverted appropriation, establishes a confrontational relation between the designer
and the user, albeit still a legal one. Illicit appropriation differs from the other two in that, because
of its supposed deviant nature, it introduces a third actor, in addition to the designer and the user:
the state.

Because some illicit appropriation processes have come to be considered as an intrinsic part of
the commission of some crimes (cyber crimes being the clearest example) governments all over
the world have decided to curtail or limit, not only the criminal conduct, but also the technology
that facilitates the commission of the crime via the process of illicit appropriation. This limitation
is done through legislation. The role of the state in protecting its citizens varies from country to
country. In some countries, the state plays an active role enforcing the law thus providing
regulations that limit the type of appropriation that a user can achieve with certain technology. In
other cases, the role of the state is to deal with the consequences of the acts produced by illicit
appropriation. And, in some cases even the state can be the perpetrator of illicit appropriation.

We will now study some of those cases were official actors in democratic and nondemocratic
states alike, promulgate laws to fight some kind of illicit appropriation of technology, enforcing
limits to the technology itself. Because the policymaking process in democratic and
nondemocratic states differs considerably, we have separated the study of technology
enforcement in these two groups.

We use the definition of democratic states provided by the Democracy Index (Economist
Intelligence Unit, 2008), which is based on five indicators: electoral process and pluralism,
functioning of government, political participation, political culture and civil liberties. For the
Democracy Index of 2008, there are 30 full democracies in the world, 50 flawed democracies, 36
hybrid regimes, and 51 and authoritarian regimes.

Finally, in order to avoid an excessively state-centric vision of the process of illicit appropriation
and law enforcement of technology, in the last section we analyze these subjects in the context of
criminal networked organizations and their appropriation of everyday technologies for the
commission of deviant acts.


CASE ONE: TECH ENFORCEMENT IN NON DEMOCRATIC STATES

In this section we present two different examples of illicit appropriation in Non Democratic
States. First we present the efforts of the Chinese government to filter pornography on the
Internet, and then the role of Twitter during the 2009 election protests in Iran. It is important to
remark that the classification of China and Iran as non democratic states is based on the
Democracy Index of 2008 where China ranks 136 of 167 analyzed countries with a score of 3.04
points, and Iran ranks 145 with 2.83 points, both classified as authoritarian regimes.

The  Green  Dam  of  the  People’s  Republic  of  China

The government of China has an official censoring policy for the Internet, contained in the
Computer Information Network and Internet Security, Protection and Management Regulations
approved by the State Council in December 1997 and promulgated by the Ministry of public
security that same month (Ministry of Public Security of the State Council of the Chinese
Government, 1997). The article 5 of the quoted regulations gives a list of the kind of information
that cannot be transmitted using the Internet. Among them:
 inciting to overthrow the government or the socialist system,
 inciting division of the country (e.g. the independence of the Tibet province),
 making falsehoods or distorting the truth, spreading rumors,
 destroying the order of society,
 promoting feudal superstitions, sexually suggestive material, gambling, violence,
murder,
 Terrorism or inciting others to criminal activity;
 openly insulting other people or distorting the truth to slander people;
 Injuring the reputation of state organs.

Most prominent among the censored type of information was that related to democracy and
political parties, but not so strict on pornography (Zittrain & Edelman, 2003). The filtering of
information is done on all the servers placed in the country through a series of firewalls. In other
words, the filtering is done at the entrance of the Country.

On 2009, the Chinese government announced that it would require all personal computers sold in
the  country  to  include  the  “Green  Dam”  software (OpenNet Initiative, 2009) that would prevent
all pornographic content from being displayed to the users. Green Dam checks a list of blocked
websites, if the user tries to visit any of these websites, then the information is filtered (Wolchok,
Yao, & Halderman, 2009). There are many complaints regarding the use of this software
(Branigan, 2009), some people argue that it would allow the Chinese government to censor more
information directly at the footstep of the users; others claim that the software is so poorly
designed that it would put the computers with the software at risk (Wolchok, Yao, & Halderman,
2009). Some late reports claim that Green Dam will not be enforced (Taylor, 2009). However,
even if installed or not, it is important to highlight the danger of illicit appropriation that can arise
from Green Dam.

The original objective of Green Dam is to censor pornographic content. However, as the list that
contains the blocked websites depends on a central database, it can be updated to include websites
that contain different type of information. The person, or organization, in charge of updating the

list could appropriate its use to censor information about democracy among other topics.
Furthermore, the Green Dam would allow malicious users to use it as a gateway to gain access to
the computer and its information. In both cases users would appropriate, subvertly, Green Dam to
be used in a completely different way than intended; in the former case by blocking different
types of websites than originally defined, in the later by using Green Dam to gain access to the
computer. If said users are governmental organization, then this type of appropriation may not be
deemed illicit depending on the legal framework of China. As we will in the third case study,
when   similar   activities   are   done   by   democratic   governments,   then   they   are   not   considered   “as  
illicit”.

Iran vs. Twitter during the 2009 election protests

In June 2009 Twitter, the micro-blogging service, delayed an upgrade to their system that would
have taken down their servers for a whole day. This was in the midst of the Iranian protests after
their presidential elections. Before this could happen, the Department of State of the government
of the United States asked the management of that company to keep the service running. Twitter
had become the main communication system of the protesters, used not only to organize their
rallies,  but  also  to  communicate  to  the  rest  of  the  world  what  was  happening  inside  Iran’s  borders,  
closed   to   “traditional”   means   of   international observation (Grossman, 2009). Although the
Department of State confirmed that version, Twitter denied that they responded to the pressure of
any government.

Keeping aside if the importance of the so-called  “twitter  revolution”  was as important as most of
the media claims, it was clear that the US government was interested in keeping Twitter running;
as it was seeing as neutral technology, in this case that means without the intervention of the
Iranian government. The use of Twitter had become a matter of national interest for the US,
beyond the financial strategy that this start-up company might have for its Iran operation.

Twitter was never supposed to be an instrument of civil disobedience and political participation.
But as it is often the case with communication technology, the micro-blogging system was not
supposed to be anything but a platform that would empower the user to use it in any way, shape
or form that he or she decides. The open design of Twitter, which allow users to interact with it
via SMS, instant messaging, Web and a search engine, as well as its broadcasting capabilities,
allowed the Iranian protesters to appropriate the service. With it they were able to organize
protests, communicate events that were being censored by the state-controlled media broadcasting
them to the outside world in a relatively anonymous and non-filtered way. Of course, the neutral
and non-filtering of the information depends on the type of users with access to Twitter.

Within the context of nondemocratic states, the process of illicit appropriation is frequently
portrayed in the media as a struggle for freedom against an oppressive regime. As it was the case
in Iran.

CASE TWO. TECH ENFORCEMENT IN DEMOCRATIC STATES: DIGITAL
COPYRIGHT INFRINGEMENT AS AN ILLICIT APPROPRIATION PROCESS.

It would be a mistake to consider that only non-democratic states have designed and enacted
policies against the phenomenon of illicit appropriation. In fact, because of the nature of the
political process in democracies, where the state is constrained by the law to do only what the law
allows it, democracies have been a prolific source of legislation against illicit appropriation. In
some cases, the state has gone as far as fighting the technology used during the appropriation
process, and not only the conduct.

Piracy, as the illicit conduct of copyright infringement is commonly known, is the act of
exploiting protected materials, against the wishes of the owner of the exclusive rights of that
intellectual property, without compensation.

The beginning of the effort to protect intangible assets for their commercial exploitation can be
found  in  medieval  Europe.  While   the  British  crown  had  been  issuing  “letters  patent”  protecting  
several  industrial  designs  and  inventions  since  1331,  “some  consider  the  first  British  patent [and
thus   the   first  “modern”  patent   in   the  world] to be the letter of protection granted to John of
Shiedame    in  1440” (Foster & Shook, 1993)
.
Regarding protection for literary works, the first copyright legislation in the world was passed
also   in   the  United  Kingdom   in  April   1710.  The   statute  of  Anne,   as   it  was  known,   “provided  a  
legal  protection  of  14  years   for  works  published  after   the  commencement  of   the  act”   (Deazley,
2006). Its objective  was   “to   encourage   learned  men   to   compose   and  write   useful   books”   (The
Statute of Anne, 1710).

Since then, intellectual and industrial protection have been the cornerstone of a system that tries
to promote creativity by rewarding authors and designers with the exclusive right to exploit
commercially their work, for a specific period of time.

Until the second half of the 20th century, all of these works were distributed in an analogous
format (e.g. information in books, plans and designs in paper, music   in   LP’s and then tape
recordings, etc.) with little or no convergence at all among them. Because of that, all efforts to
curtail copyright infringement were oriented to fight the distribution of tangible things, and to
dismantle the industrial infrastructure needed to reproduce the protected material. While
copyright infringement was a problem since the middle ages, it was one that was relatively
contained.

But all that would change with the advent of the digital era. The history of digital technology and
the compact disc might well be the most exciting case of simple and illicit appropriation. In 1977,
Sony  “showed a 30 cm digital record with a playing time of 150 minutes, and a few years later
Philips demonstrated the 11.5 cm prototype of the Compact Disc to  the  international  audio  press”.  
By 1982, the first commercial product was available in Japan and, one year later, in Europe (The
history of the CD - The beginning, 2005).

The designers of the compact disc had in mind only the distribution of music in a digital format,
in order to obtain a better sound quality. Instead, the public appropriated the technology in a
process that was shaped by the realization that once the information –any information- was

digitalized; it   became   “liberated”   from   the   analogue physical support once contained it. It was
turned into intangible digital media.

When that happened, a whole set of analogous and seemingly unrelated devices (LP’s  players,  
VCR’s  or  even  books)  converged  into one sole media, with a cost of reproduction close to zero,
and independent of the constraints of physical reality. The advent of the World Wide Web some
years later would mean that not only the cost of reproducing content became close to zero, but
also  that  it  was  possible  to  distribute  that  content  for  “free”.

Digitalization empowered the user to appropriate technology in a way that was impossible before,
without the burden of manipulating the physical world to alter the substance of the media, as it
was previously with an analog object. It also allowed the convergence of technology that is the
norm today.

As Anderson points out, “the  engineers  brought  us  the  technical  infrastructure  of  the  Internet  and  
the Web -- TCP/IP -- and HTTP://-- but we were the ones who figured out what to do with it.
Because the technology was free and open to all, we, the users, experimented with it and together
we populated it with our content, our ideas, and ourselves. The technologists invented the pot, but
we   filled   it” (Anderson, 2009). In other words, we appropriated digital technology beyond any
designer's expectations.

As an unintended consequence, the system of copyright protection that was created in medieval
times was put in jeopardy. The whole business model built around charging expensive prices for
content has been confronted by the illicit appropriation process of piracy, which follows simple
appropriation of digital technology. A user of digital music may produce a copy for her personal
records, but that same copy could be distributed, or sold, without the consent of the copyright
holder.

Since the 90s, public and private actors have employed different strategies to try to fight this new
wave of digital copyright infringement, with very little success. Legislation has been one of the
main tools to fight against this kind of illicit appropriation.

In 1998, the U.S. Congress passed the Digital millennium copyright act that criminalizes most
conducts related to the illicit appropriation of digital technology. In 2001, the European Union
passed the Copyright Directive aimed at the same objective. More recently, France passed in
September   2009   a   second   version   of   its   “Hadopi”   law   (the   first   one   was   repealed   by   the  
constitutional tribunal), designed specifically to give the French state a graduated response
capability to fight against illegal downloads.

But it's been the private sector, specifically the recording industry, who has been the most active
actor in the fight against this kind of illicit appropriation. Using the legal framework of the
Digital Millennium Copyright Act (and thus taking advantage of the actions of public actors), the
Recording Industry Association of America (RIAA) sued the peer to peer service Napster in
1999, in what would become the most famous legal case regarding copyright infringement.
Eventually, the RIAA won the legal battle against Napster, but lost the war against downloading
as the main vehicle for delivering music. This law suit punished the technology, not the crime

itself. Furthermore, the technology used in Napster is nowadays used in Skype; a type of simple
and positive appropriation. Today, the illicit conduct of downloading copyrighted material is
simpler than it was during the Napster years, and legal downloading is predicted to replace the
compact disc as the main way of music distribution in 2010, with a completely new actor --
iTunes -- as the undisputed market leader (Whitney, 2009). iTunes used to distribute its files
encoded with a type of lock that prevents the music to be copied in more devices, this has a direct
impact on the user experience, as the user is unable to copy his music among his different
computers or devices. In this case, the move of material from one device to another might be
legal, but the solution to piracy may be an illicit appropriation of iTunes.

All these legislative and legal actions from the part of public and private actors have provoked a
political reaction from the part of the -- until recently-- fringe sector of the electorate that wants to
challenge the status quo regarding copyright regulation. From their point of view, open source
efforts to create knowledge and innovation in an incremental way, cannot exist in the context of
the traditional copyright paradigm, and have decided that the only way to oppose those policies is
to become policymakers themselves. Founded in Sweden in 2006 with the aim of reforming
copyright laws and fighting for privacy rights, the Pirate Party is now present in most European
countries and has one seat in the European Parliament.

This means that as long as this political movement continues to be active, the classification of
illegal downloading as a deviant conduct will be now permanently challenged in democracies
with   a  “pirate”  movement,   proving  once  again   the   strong  association  between   the   fight   against  
illicit appropriation and the policymaking process.

CASE THREE: NON STATE ACTORS: ILLICIT APPROPRIATION DURING
THE 9/11 ATTACKS.

Terrorism can be the most hideous case of illicit appropriation. While there is no easy way to
define terrorism, almost all authors agree that there are two key elements in any terrorist conduct:
the use of targeted violence to provoke terror beyond the people that are directly targeted by such
violence, and the intention to influence a political agenda.

The Report elaborated in March 2007 by the Independent Reviewer of Terrorism Legislation
presented to the Parliament of the UK, concluded that, with some alteration needed, the definition
in   the   Terrorism   Act   2000   “is   useful   and   broadly   fit   for   purpose”   (Independent Reviewer of
Terrorism Legislation, 2007). In consequence, and given the fact that we are not interested in
continuing here the debate on a universal definition of terrorism, we use the official definition of
the Terrorism Act 2000:

“Terrorism Act 2000
Section 1. -
(1) In this Act "terrorism" means the use or threat of action where-
(a) the action falls within subsection (2),
(b) the use or threat is designed to influence the government [or an international governmental
organisation] or to intimidate the public or a section of the public, and

(c) the use or threat is made for the purpose of advancing a political, religious [, racial] or
ideological cause.
(2) Action falls within this subsection if it-
(a) involves serious violence against a person,
(b) involves serious damage to property,
(c) endangers a person's life, other than that of the person committing the action,
(d) creates a serious risk to the health or safety of the public or a section of the public, or
(e) is designed seriously to interfere with or seriously to disrupt an electronic system.
(3) The use or threat of action falling within subsection (2) which involves the use of firearms
or explosives is terrorism whether or not subsection (1)(b) is satisfied.”

The real target of the terrorist action is not those who suffer the violence, but the people who
witness it. Terrorism is always in a direct need of an audience to scare.

Nevertheless, new technologies have permitted a kind of escalation in the objectives of terrorist
organizations, that today seek not only to impress the public that witness their action, but also to
inflict massive casualties and economical loses to their opponent (OECD, 2003). The Madrid
bombings of 2004 (191 casualties) or the London bombings of 2005 (52 casualties) are both good
examples of the new scope of terrorist attacks.

The most successful non state-sponsored terrorist attack in history is –by far-- the attack of 9/11
in US soil (2,293 casualties). Al-Qaeda in particular is known for designing its operations with
the  objective  of  maximizing  “the  casualties  and  costs  that  they  produce”  (Jackson, 2009).

Even  if  those  acts  accomplished  the  “traditional”  objective of terrorizing a witnessing audience,
the 9/11  attacks  had  a  magnitude  that  made  them  much  more  that  “just  a  terrorist  attack”. They
were equivalent to the level of an act of war.

They succeeded in putting a halt to all commercial air traffic in US airspace for days to come for
the first time in US history, and made impossible to continue the operations of the US financial
markets. They also destroyed the emergency management office of New York City, crippled the
first response capabilities of the state of New York, partially shattered the national headquarters
of the US Armed Forces and made necessary the evacuation of most government buildings,
placing government continuity at risk (National Commission on Terrorist Attacks Upon the
United States, 2004). The associated costs of the attacks have been calculated in literally
hundreds of billions of dollars (Makinen, 2002).

One reason for the level of success that Al-Qaeda had during 9/11 is that these attacks took
terrorism to the realm of illicit appropriation in an unprecedented way. They were not only able to
sabotage a component of the Critical Infrastructure of the United States (the transportation
sector), but they illicitly appropriated part of that infrastructure and turned it against the
population it serves, transforming it from a tool of transport into a tool of terror.

The   “Marsh   report”   of   1997   is   considered   to   be the cornerstone of the field of Critical
Infrastructure  Protection   in   the  United  States.   It  defines  Critical   Infrastructure  as  “a  network  of  
independent, mostly privately owned, man-made systems that function collaboratively and

synergistically to produce   and   distribute   a   continuous   flow   of   essential   goods   and   services”
(Marsh, 1997). This infrastructure is vital to the well-being of any developed nation. The National
Infrastructure Protection Plan of 2009 of the United States organizes this infrastructure around 18
interconnected sectors (National Infrastructure Protection Plan: Partnering to enhance protection
and resiliency, 2009).

While   “normal”   terrorism   traditionally   tries   “only”   to   sabotage a system to inflict casualties to
their perceived enemy, destroying their infrastructure (e.g. the Pan Am 103 bombing of 88; 270
casualties) during 9/11, the four kidnapped planes were not only sabotaged, but they were also
illicitly appropriated, in order to transform them from a transportation tool into a weapon of mass
destruction. The intentions of the aeronautic designers were completely subverted as they never
intended for the planes to be used to demolish buildings and kill its occupants; breaking every law
that governs and regulates civilian aviation.

The  terrorists  understood  the  rules  that  allow  the  planes  to  be  used  “as  intended”.  They  attended  
flying schools inside the United States where they learned the basic knowledge needed to fly the
planes (they learned how to use the technology), and they also studied the limitations of the
security system at the airports, inside the cabin of the planes, and in the way air traffic control
took place in the United States prior to those attacks.

Only then the Hamburg cell was ready to appropriate illicitly part of the air transportation sector
of the United States turning this technology against its legitimate users.

A terrorist attack that appropriates part of a technology, will be always more dangerous than a
plot that only seeks to destroy an infrastructure. The reason is simple: when the terrorist illicitly
appropriates part of a critical infrastructure, he's not only in the position to inflict damage by
destroying such infrastructure, but he is able to appropriate some key elements of that technology,
to create a deadlier system. That is   what   happened   in   9/11,   where   instead   of   “only”   the   246  
fatalities in the four planes (excluding the 19 hijackers), the terrorists were able to kill as many as
10 times more innocent victims, using everyday technology against the civilian population.

Theoretically, there are a lot of other scenarios where the illicit appropriation of a part of a critical
infrastructure might result in high costs both in terms of money and more importantly, in human
fatalities: e.g. Planes (or trains) can be used as bombs; water infrastructure, as well as the food
supply chain, can be appropriated as a pathogen delivery system (Wein & Liu, 2005); the
chemical industry or the hazmats storage facilities can be appropriated to be turned into a dirty
bomb (Rosoff & von Winterfeldt, 2005), etc.


Cyber terrorism might present some of the worst case scenarios related to illicit appropriation of
critical infrastructure systems by radical actors. The appropriation of the SCADA (Supervisory
Control And Data Acquisition) systems that control most critical infrastructure would allow them
to remotely turn the technology that any modern society needs to function, against that same
society, e.g. opening the levees to flood a city or in the worst-case scenario of all, hacking the
command-and-control center of a nuclear power plant (Greenberg, 2007).

It can be considered that the  whole  Homeland  security  policy  in  the  US  is  a  big  and  costly  “illicit  
appropriation  prevention”  system  of  systems. It tries to force the user of those different systems to
use them only in the way they were designed, with no appropriation whatsoever.

Consider the TSA (Transportation Security Administration), part of the Department of Homeland
Security of the United States, which was created after 9/11 in order to centralize in one federal
agency the aviation security systems at the airports, which prior to the attacks were managed by
private companies (TSA is responsible also for the security in all other transportation systems, but
most of its resources go to aviation security).

The objective of this relatively new agency is to create and manage a mixed system of people and
technology that will prevent the illicit appropriation of any part of the transportation sector in the
United States, and in any country from where planes fly to the US.

Therefore, the example of the DHS shows that there are valid cases when a ban on appropriation
is justified for critical infrastructure protection concerns. Based on this, we can define the
endeavors of the “red   team”, a team that tries to think like the adversary in order to defeat the
defense systems of an infrastructure, that take place in any terrorism prevention program have the
objective of creating a system that: a) cannot be sabotaged and b) cannot be appropriated.

But one should not forget that in all cases, the priority of the actions and the policy involved
should be to avoid and prosecute an illicit conduct and not the illicit appropriation by itself. More
than punishing the illicit use of a technology, the objective should be punishing homicide,
terrorism, kidnapping, the destruction of private property, etc.

In consequence, the policy to prevent illicit appropriation in the context of Critical Infrastructure
Protection should be oriented to the prevention of the appropriation process and not to the
prosecution of deviant acts already committed. That should be the task of the justice system.

If someone uses a hammer to kill a person (illicit appropriation), society should punish the
homicide…  not  the  use  of  the  hammer.

CONCLUSIONS

In this chapter we have presented the case of illicit appropriation. Our main argument is that, for
good or evil, technology is a mean to an end; not an end on itself. Based on all these arguments,
we present the key conclusions of our discussion as follows:
 The  use  of  technology  is  dependent  on  the  individual’s  intentions.
 The individual can use the technology for something completely foreign to what the
designer of the technology intended via appropriation.
 Appropriation is an effort of the individual to improve the user experience.
 What constitutes an illicit conduct is defined by the state, except when is the state who
curtails human rights.
 Illicit conducts are combated by the state via laws, which are defined by policy makers.

 When using technology to combat an illegal conduct, designers have to work hand by
hand with policy makers.
 Determent of Illicit conducts is not a technological issue; however, technology solutions
can be used to combat them when they are the consequence of a solid public policy.
 Illicit appropriation should be prosecuted when:
a) the  appropriation  goes  beyond  the  normal  “use”  of  technology,  and  
b) puts in danger non users.
 Policy makers have to take into account the magnitude of the conduct. It is not the same
illicit appropriation for the sake of using a hacked MP3 player, that illicitly appropriating
part of the transportation system of a country to commit a terrorist attack. Thus, illicit
appropriation should not be a crime, but the conduct that required such appropriation.
 Policy makers have to consider the use of technology to prevent illicit appropriation, but
technology responses should not be considered the silver bullet that would replace sound
public policy.

As we argued   at   the   beginning   of   the   chapter,  we   have   played   devil’s   advocate.   This  was  
done in order to raise awareness of the need to create interdisciplinary teams, and prepare
professionals that understand both technology and policy, to combat deviant acts. Hence, this
would provide an efficient use of technology to facilitate humanity.

REFERENCES
Anderson, C. (2009). Free: The Future of a Radical Price. New York: Hyperion.
BBC Technology News. (2003, January 7). Teenager wins DVD court battle.
http://news.bbc.co.uk/1/hi/technology/2635293.stm . London, UK.
Bevan, N. (1995). Measuring usabilty as quality of use. Software Qualty Journal , 4 (2),
115-130.
Branigan, T. (2009, July 2). China's Green Dam internet fitering system will go ahead,
official says. Guardian , pp. http://www.guardian.co.uk/world/2009/jul/02/china-green-
dam.
Buxton, W. (2007). Sketching user experience: Getting the design right and the right
design. Morgan Kaufmann.
Calvillo Gámez, E. H., & Cairns, P. (2008). Pulling the strings. A theory of Puppetry for
the Gaming Experience. In S. Günzel, M. Liebe, & D. Mersch (Ed.), Conference
Proceedigns of the Philosophy of Computer Games (pp. 308-323). Potsdam, Germany:
Potsdam University Press.
Calvillo Gámez, E. H., Cairns, P., & Cox, A. L. (2010). Assessing the Core Elements of
the Gaming Experience. In R. Bernhaupt, Evaluating Experience in Games. London, UK:
Springer.
Deazley, R. (2006). Rethinking Copyright: History, Theory, Language. Cheltenham:
Edward Elgar Publishing Limited.
DeCSS Central. (n.d.). DeCSS Central. Retrieved from http://www.lemuria.org/DeCSS/
DeCSS Central. (n.d.). DVD CCA Lawsuit(s). Retrieved from
http://www.lemuria.org/DeCSS/cca.html
Dix, A. (2007). Designing for Appropriation. Proceedings of the BCS HCI 2007
Conference, People and Computers XXI. 2. London, UK: BCS-eWik.

Domínguez, J. I., & Fernández De Castro, R. (2009). United States and Mexico: Between
Partnership and Conflict. Abingdon, Oxfordshire: Routledge.
Dourish, P. (2003). The appropriation of interactive technologies: Some lessons from
placeless documents. Compuer Supported Cooperative Work (CSCW) , 465-490.
DVD copy control Association. (n.d.). Frequently Asked Questions (FAQ). Retrieved
september 3, 2009, from www.dvdcca.org: http://www.dvdcca.org/faq.html
Economist Intelligence Unit. (2008). Index of Democracy 2008. London: The Economist.
Foster, F. H., & Shook, R. L. (1993). Patents, copyrights & trademarks. Jhon Wiley &
Sons.
GNU Foundation. (n.d.). GNU Operating System. Retrieved from http://www.gnu.org
Greenberg, A. (2007, August 22). America's Hackable Backbone. Retrieved August 29,
2009, from Forbes: http://www.forbes.com/2007/08/22/scada-hackers-infrastructure-tech-
security-cx_ag_0822hack.html
Grossman, L. (2009, June 17). Iran Protests: Twitter, the medium of the movement. Time
Magazine .
Habermas, J. (1999). Between Facts and Norms: Contributions to a Discourse Theory of
Law and Democracy. Cambridge, MA: MIT Press.
Hassenzahl, M., & Tractinsky, N. (2006). User experience -- a research agenda.
Behaviour & Information Technology , 25 (2), 91-97.
Heidegger, M. (1927). Sein und Zeit. Tübingen: Max Niemeyer.
Independent Reviewer of Terrorism Legislation. (2007). The Definition of Terrorism.
London: The Home Department.
Jackson, B. A. (2009). Organizational Decisionmaking by Terrorist Groups. In P. K.
Davis, & K. Cragin, Social Science for Counterterrorism: Putting the Pieces Together.
Santa Monica: RAND Corporation.
Kelly, C. C. (2007). The Manhattan Project: The Birth of the Atomic Bomb in the Words
of Its Creators, Eyewitnesses and Historians. New York: Black Dog and Leventhal.
Koops, B., Lips, M., Prins, C., & Schellekens, M. (2006). Starting Points for ICT
Regulation: Deconstructing Prevalent Policy One-Liners (Information Technology and
Law) (Vol. 9). Asser Press.
Linux Outlaws. (2009). Spore on Linux Howto. Retrieved from
http://linuxoutlaws.com/spore
Makinen, G. (2002). The Economic Effects of 9/11: A Retrospective Assessment.
Washington, DC: Congressional Research Service.
Marsh, R. T. (1997). Critical Foundations: Protecting America's Infrastructures.
Washington, DC: The White House.
McCarthy, J., & Wright, P. (2004). Technology as Experience. Cambridge, USA: MIT
Press.
Ministry of Public Security of the State Council of the Chinese Government. (1997).
Computer Information Network and Internet Security, Protection and Management
(translation of the US Embassy. Beijing.
National Commission on Terrorist Attacks Upon the United States. (2004). The 9/11
Comission report. Washington, DC: US Congress.
(2009). National Infrastructure Protection Plan: Partnering to enhance protection and
resiliency. Washington, DC: Department of Homeland Security.
OECD. (2003). Emerging Risks in the 21st century. Paris: OECD.

OpenNet Initiative. (2009). China's Green Dam: The Implications of Government
Control Encroaching on the Home PC. OpenNet Initiative Bulletin.
Robinson, P. H., & Dubber, D. M. (1999, March 12). An Introduction to the model Penal
Code. Retrieved September 1, 2009, from PennLaw. University of Pennsylvania Law
School: http://www.law.upenn.edu/fac/phrobins/intromodpencode.pdf
Rosoff, H., & von Winterfeldt, D. (2005). A Risk and Economic Analysis of Dirty Bomb
Attacks on the Ports of Los Angeles and Long Beach. Los Angeles: Center for Risk and
Economic Analysis of Terrorism Events. University of Southern California.
Taylor, M. (2009, August 13). China drops Green Dam web filtering system. Guardian ,
pp. http://www.guardian.co.uk/technology/2009/aug/13/china-drops-web-censorship.
The history of the CD - The beginning. (2005). Retrieved september 23, 2009, from
Philips Research: http://www.research.philips.com/technologies/projects/cd/index.html
The Statute of Anne. (1710, April 10). Retrieved juin 7, 2009, from The Avalon Project.
Yale Law School: http://avalon.law.yale.edu/18th_century/anne_1710.asp
Thimbleby, H. (2008). Feature: Ignorance of interaction programming is killing people.
interactions , 15 (5), 52-57.
United Nations. (1998, July 17). Rome Statute of the International Criminal Court.
Retrieved september 12, 2009, from UN.org:
http://www.un.org/children/conflict/keydocuments/english/romestatuteofthe7.html
United Nations. (1948, December 10). The Universal Declaration of Human Rights.
Retrieved September 22, 2009, from Un.org: http://www.un.org/en/documents/udhr/
Wein, L. M., & Liu, Y. (2005). Analyzing a bioterror attack on the food supply: The case
of botulinum toxin in milk. PNAS , 12 (28).
Whitney, L. (2009, August 18). iTunes reps 1 in every 4 songs sold in U.S. Retrieved
September 18, 2009, from Cnet News: http://news.cnet.com/8301-13579_3-10311907-
37.html
WINE HQ. (n.d.). Spores on Wine. Retrieved from
http://appdb.winehq.org/objectManager.php?sClass=application&iId=8185
Winograd, T., & Flores, F. (1986). Understanding computers and cognition: a new
foundation for design. Ablex Publishing Corporation.
Wolchok, S., Yao, R., & Halderman, J. (2009). Analysis of the Green Dam Censorware
System. http://www.cse.umich.edu/~jhalderm/pub/gd/.
Wright, W. (2008). Spores. Maxis Electronic Arts.
Zittrain, J., & Edelman, B. (2003). Empirical Analysis of Internet Filtering in China.
Harvard Law School, The Berkman Center for Internet and Society. Cambridge, USA:
Harvard Law School.

KEY TERMS & DEFINITIONS

Key term 1: Illicit Appropriation
Key term 2: Technology Use
Key term 3: Illicit Conducts