Digg this story   Add to del.icio.us   (page 1 of 2 ) next 
Free-Market Filtering
Mark Rasch, 2009-02-13

The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material.

The objectionable sites currently include things like child pornography or information related to terrorism, both of which are unlawful in Oz. The Australian Communications and Media Authority maintains and updates a list of tens of thousands of such prohibited websites and would mandate that all ISPs in Australia prevent their users from accessing the sites. A second, voluntary form of Web censorship would allow users to block access to other sites deemed by the ACMA to be inappropriate due to violence or sex.

Whether this is legal or not — and I believe it is not — it is a monumentally bad idea.

Let me make this clear: I am not one who screams about whether the government can tell me what I can and cannot download or watch. That battle is already lost. I also have no great objection to the government enlisting the voluntary assistance of the ISPs in the fight against child exploitation, pornography, and child sexual abuse. Indeed, they should block such content. In the United States, federal law grants them immunity from any lawsuits that might result.

However, there is a big difference between entities voluntarily acting as Internet police, and in that role as agents of the government, in preventing illegal conduct and being forced to act as government agents either by operation of law or under threat of prosecution.

Digital deputies

In the United States, there are examples of the government coercing companies into cooperation. For example, the New York State Attorney General has induced entities like Cablevision, Comcast, AT&T, Verizon, AOL, Sprint, and Time Warner Cable to install blocking software, sometimes resorting to sending a letter requesting that the ISPs "voluntarily" act as the government’s deputy in preventing crime, and noting that if they don’t voluntarily agree, "my office will pursue the legal remedies open to it to stop child pornography."  Moreover, the Attorney General will publicize any acts of "non-cooperation." Under such circumstances, the ISP is no longer voluntarily filtering content; it has effectively become an agent of the government.

It’s all in the name of protecting kids from what is, after all, unlawful materials, so what is the problem?

The problem isn’t so much blocking the unlawful conduct, it's the technology that has to be developed and deployed to do so. To be marginally effective, ISPs must deploy software that will examine the contents of every e-mail communication and attachment, the results of every Internet search, the content of every IM message and direct connection, and all files transferred by peer-to-peer file sharing, FTP, MMS, or other electronic means. Known as deep packet inspection, this is the electronic equivalent of mandating that the U.S. Postal Service, DHL, UPS and FedEx open and read every package and letter — without a warrant or probable cause — to determine whether there is anything in the container which meets a predefined government supplied list of prohibited items.

One technology that has been touted to accomplish this nanny function for the government is called the Global File Registry (GFR) CopyRouter. This technology would sit on an ISP’s main routers and essentially check a hash of every packet against a list of illicit content. The government would seed the filter with hash values of content it considered to be objectionable. If a user anywhere attempted to download this content, the content would be blocked. Presumably, the government could also be notified about the attempt and could then swoop in and make an arrest. The list of banned files could be created by the government or could be supplemented by entities like the National Center for Missing and Exploited Children or other watchdog groups.

Automated searches are still searches

So why object to an automated tool that simply blocks content that is illegal to possess?  First and foremost, in order to find this objectionable content, the tool has to essentially read the content of all the non-objectionable material and determine whether it is prohibited.

So the ISP, at the government’s behest, is examining everything you do, blocking some of it, and presumably reporting on what it finds otherwise. Because it is a private search, the government would not need a warrant. Imagine every parking lot attendant being sent a letter from the government that requested that they examine the contents of every car they parked. Or every apartment-building doorman. Or every toll taker. We could deputize the entire community to examine the contents of everyone’s cars, mail, luggage, and homes, and report anything the government found objectionable. Because this searching and blocking is done by private entities, the government would not need a warrant.

Story continued on Page 2 



Mark D. Rasch is an attorney and technology expert in the areas of intellectual property protection, computer security, privacy and regulatory compliance. He formerly worked at the Department of Justice, where he was responsible for the prosecution of Robert Morris, the Cornell University graduate student responsible for the so-called Morris Worm and the investigations of the Hannover hackers featured in Clifford Stoll’s book, "The Cuckoo’s Egg."
    Digg this story   Add to del.icio.us   (page 1 of 2 ) next 
Comments Mode:
Free-Market Filtering 2009-02-14
Anonymous (1 replies)
Re: Free-Market Filtering 2009-03-19
Anonymous
Free-Market Filtering 2009-02-14
Michael Speck
Free-Market Filtering 2009-02-14
David H
Free-Market Filtering 2009-02-15
neilmc
Free-Market Filtering 2009-02-16
Bourkie
Free-Market Filtering 2009-02-20
Anonymous
Free-Market Filtering 2009-02-23
TerryH


 

Privacy Statement
Copyright 2010, SecurityFocus