• Great articles on other sites
  • RSS Great articles on other sites

  • Internet, News - Written by on Wednesday, February 27, 2013 15:39 - 17 Comments

    Redacted: AFP cuts ISP details from filter docs

    news The Australian Federal Police has sought to prevent the public from ascertaining the identities of ISPs participating in the Federal Government’s voluntary filter scheme for child abuse materials, through redacting the ISPs’ details from relevant documents released under Freedom of Information laws.

    In November last year, Communications Minister Stephen Conroy formally dumped the Government’s highly controversial mandatory Internet filtering scheme, instead throwing his support behind a much more limited scheme which sees Australian ISPs voluntarily implementing a much more limited filter which Telstra, Optus and one or two other ISPs had already implemented. Vodafone is also believed to be implementing the filter, and the process is also believed to be under way at other ISPs such as iiNet.

    The ‘voluntary’ filter only blocks a set of sites which international policing agency Interpol has verified contain “worst of the worst” child pornography — not the wider Refused Classification category of content which Conroy’s original filter had dealt with. The instrument through which the ISPs are blocking the Interpol list of sites is Section 313 of the Telecommunications Act. Under the Act, the Australian Federal Police is allowed to issue notices to telcos asking for reasonable assistance in upholding the law. It is believed the AFP has issued such notices to Telstra and Optus to ask them to filter the Interpol blacklist of sites.

    In mid-January this year Delimiter filed a Freedom of Information request seeking the complete text of all notices issued by the AFP under Section 313 of the Telecommunications Act over the two years preceding 14 January 2013 that mentioned the Interpol blacklist; as well as any responses sent by ISPs to the AFP in response to the issuing of those notices, and any subsequent communication from the AFP in response.

    In response, the AFP this month published two documents; a decision letter (download PDF here) relating to the request and a longer document compiling all of the Section 313 notices and responses. The second document is 10.6MB in size and is available to download here in PDF format.

    The documents reveal that the AFP has issued only a small number of Section 313 notices under the scheme; and certainly not enough notices to cover most of the ISPs operating in Australia. The AFP appears to have issued Section 313 notices in two tranches; in June 2011, shortly before Telstra and Optus implemented their Interpol filters in July that year, and more notices in mid-October 2012, shortly before Conroy announced the Government’s plans to abandon its more comprehensive filtering plans in November.

    However, in all cases the AFP has removed all references to the specific ISPs which it targeted with its notices, citing several sections of the applicable FOI legislation. The two principal sections cited by the AFP in its redactions to its documents include subsection 37(2)(b) of the FOI Act, and subsection s47E(d), as well as section 47F.

    In its letter, the AFP stated that portions of the documents released — namely, the identities of the ISPs — constituted information that would disclose methods and procedures used by the AFP in investigations of breaches of the law. With reference to another subsection, the AFP noted that while there was a public interest in the information being released, there was a need to ensure “continued cooperation during police investigations and the effectiveness and integrity of current procedures”.

    It is unclear why the AFP considers that the identities of ISPs would cause an impact on its ability to undertake its operations, given that no customer data is collected by the ISPs in their implementation of the Interpol list; the list acts only as a block to stop the ISPs’ customers from accessing offensive sites on the list.

    Lastly, with respect to individuals employed by the ISPs who received Section 313 notices from the AFP, the AFP noted that again, while there was public interest in the issue, the AFP had not received consent regarding those individuals’ personal information, and their identities would therefore be exempt under the FOI Act.

    Delimiter has filed an application for the AFP to conduct an internal review of the FOI decisions, stating: “… the decision document I received did not provide sufficient detail to explain why these sections of the Act apply to the identities of the ISPs concerned. I do not believe that releasing the identities of the ISPs which the AFP has contacted regarding these trials would either be likely to prejudice the effectiveness of the AFP’s operations in this area.”

    The decisions appear to contradict earlier AFP decisions on the issue of releasing ISPs’ identities. In documents released in December 2011 under FOI laws, for example, the AFP stated that iiNet, Internode and Primus had also “expressed interest” in the scheme and were “preparing to use the list”. It also revealed that Internet gateway filter manufacturer ContentKeeper had already implemented the scheme. At that Telstra and Optus were publicly known to have implemented the filter.

    In addition, Delimiter made the following additional reply to the AFP: “Section 47F is also cited in the decision document as a rationale for withholding information in this regard; however, I would point out that the individuals contacted by the AFP as part of the process of issuing Section 313 notices are publicly known members of large corporations with public positions. It is irrational to suggest that releasing their identities would be an “unreasonable disclosure of personal information”; there is no personal information being released here; rather, the information being released relates solely to their professional role.”

    The AFP’s FOI documents also revealed that the ISPs would need to sign a relatively straightforward confidentiality agreement regarding the contents of the Interpol list, as a condition of being part of the program.

    Since Telstra and Optus implemented the Interpol filtering scheme in mid-2011, there have been no known public complaints about the system and no sites known to have been wrongfully added to the Interpol list apart from known child abuse sites. In addition, users of both ISPs have not complained publicly about speed issues with respect to the Internet filtering system. However, some segements of the community are still concerned about specific details of the Interpol filtering scheme.

    For example, when Telstra and Optus implemented the Interpol filter, neither explicitly communicated with customers to let them know that the scheme was in operation and that their Internet connections were actively blocking a small list of sites; and neither is known to have updated their terms of service with customers.

    In addition, in contrast with the mandatory Internet filtering policy (which was to have been administered by the Australian Communications and Media Authority) there is currently no known civilian oversight of the scheme, which is administered by the Australian Federal Police and international policing agency Interpol, apart from questions which parliamentarians may put to the Federal Police.

    Furthermore, Section 313 of the Telecommunications Act does not specifically deal with child pornography. In fact, it only requires that ISPs give government officers and authorities (such as police) reasonable assistance in upholding the law. Because of this, there appears to be nothing to stop the Australian Federal Police from issuing much wider notices under the Act to ISPs, requesting they block other categories of content beyond child pornography, which are also technically illegal in Australia but not blocked yet.

    A number of sites which were on the borderlines of legality — such as sites espousing a change of legislation regarding euthanasia, for example — were believed to be included as part of the blacklist associated with the Federal Government’s much wider mandatory filtering policy. It is not clear what safeguards exist to prevent the Interpol filtering scheme being extended by the Australian Federal Police to include such extra categories of content.

    The current attitudes of ISPs apart from Telstra and Optus towards the Interpol filtering scheme are also currently unknown, with it being unclear whether they would implement the scheme if the Australian Federal Police issued them with a request to do so. Last year, ISPs such as TPG and Exetel said right out that they would reject such an attempt, while others such as iiNet and Internode said they were unclear as to the specifics of the situation.

    The efficacy of the Interpol filter has also been publicly questioned. Optus has admitted that users would be able to defeat its implementation of the Interpol filter merely by changing the DNS settings on their PC. And information released under Freedom of Information laws by the AFP late last year shows as time went on, less and less requests were made by Telstra customers to access child abuse material on the list — presumably, as Telstra customers attempting to access the offensive material became aware that the telco had implemented a filtering system to block the requests.

    For the first five weeks it operated, from 1 July through to 7 August last year, Telstra’s filter blocked a total of 52,013 requests to access child abuse materials online, with 10,402 average requestsper week. Average requests per day were 1,405, with the highest day recorded seeing 2,443 requests blocked and the lowest seeing 915 blocked.

    However, over the succeeding weeks through to mid-October last year, fewer and fewer requests were made. In the week commencing 13 August, 8,649 requests were made, but by September the figure was down to between 1,193 and 3,452 requests per week, and in the week beginning 15 October, just 989 requests were made — which had previously been close to the lowest requests received in one day, in the filter’s first month of operation. In the period from mid-September to mid-October, the lowest day saw just 99 requests made by Telstra customers to access the blocked material.

    Delimiter has encouraged the Minister to hold an open press conference on the issue to take questions from the media, as well as to issue a discussion paper on the issue which would allow the public to comment on the scheme formally. In addition, we have invited the Minister to respond to the following questions in writing:

    • Given the wide-ranging nature of the Interpol filter — affecting most Australian Internet users — why was no public consultation held before the Government decided to take take this step? I note that the Government has never held a formal public consultation into Internet filtering in general.
    • How would the Government respond to the claim that there will be no civilian oversight of this Interpol filtering scheme, with key information about it only being released over the past several years through Freedom of Information requests filed with the Australian Federal Police?
    • ISPs such as iiNet, Internode, TPG and Exetel have declined to participate in this scheme so far over the past 12 months, with some citing uncertainty of the legal situation. How would the Government address the claim that the legal ground of this Interpol filtering scheme, notably the process whereby the AFP issues notices to ISPs, is not clear?
    • Which further ISPs will the AFP issue notices to? Has the Government already received support from those ISPs for the scheme? How will the Government react if an ISP declines the notice?
    • How would the Government respond to the claim that there is the potential for the AFP to issue notices beyond the Interpol list to ISPs, in an approach which could be dubbed ‘scope creep’?
    • Neither Telstra nor Optus explicitly notified customers that they had implemented the Interpol filter when they did so last year. What guidelines will the Government be placing around ISPs’ participation in this scheme?

    However, so far Conroy has declined to respond to the questions.

    In July 2011, when Telstra and Optus implemented the voluntary Interpol filter, I wrote the following about it:

    “We are talking about a filtering scheme here which is being implemented behind closed doors, with little notification to customers, with no civilian oversight, an unclear legal framework, the potential for scope creep and a limited and secretive appeals process overseen by the agency which drew up the list to start with.”

    None of this has changed. Communications Minister Stephen Conroy will not answer basic questions about the scheme. The Australian Federal Police will not answer basic questions about the scheme. And Australians are apparently not even allowed to know which ISPs have implemented it and which have not. Plus … there is also a lot of evidence to show that the new filter is trivial to circumvent.

    Personally, I think the voluntary Interpol filter is a good idea; and it’s certainly a much better idea than the mandatory ISP filtering idea the Government came up with last time around. However, the scheme is far from perfect, as the AFP’s current reticence to disclose an appropriate level of detail about it shows. Australia can do better on this issue.

    submit to reddit


    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. Nick Perkins
      Posted 27/02/2013 at 5:09 pm | Permalink |

      I don’t have a problem with this sort of filtering, but transparency is important. I would hate to think that ISPs might start slipping other sites on such a filter as well without warning.

      • Posted 27/02/2013 at 5:31 pm | Permalink |

        That’s pretty much why I’m still writing about this issue. The potential for ‘scope creep’ is quite large.

    2. Bob.H
      Posted 27/02/2013 at 5:38 pm | Permalink |

      It is interesting to note that the Telstra figures on referrals to the stop page have substantially reduced over time. This surely would indicate that the largest number of hits on the stop page were not in reality actual requests but resulted from automated processes which had nothing to do with actual attempts to access domains on the Interpol list. I seem to recall that the AFP were loudly trumpeting their success shortly after the introduction of the Interpol filter.

      It would be interesting to know exactly what sub section of Sec313 the AFP are relying upon in making their request. It would be even more interesting for a full review of this process by the judiciary. Undoubtedly we will hear more of this when Senator Ludlum receives an answer to his question on notice. http://whrl.pl/RdvolE

      There has been some interesting discussion on Whirlpool about this http://forums.whirlpool.net.au/forum-replies.cfm?t=1892148&p=101 The comments here are interesting http://whrl.pl/RdvNIB

    3. Joakal
      Posted 27/02/2013 at 6:41 pm | Permalink |

      If child pornography possession is illegal then that person is a paedophile. In order to create an ongoing blacklist, they need to not only view the content but possess it perpetually. They need to possess it because Internet addresses change all the time and may end up in the hands of an unsuspecting domain owner who wants to know why the domain is blocked. Ergo the filterers are government-funded paedophiles.

      How they can stop child porn AND destroy content? By investigating and prosecuting those that possess child porn. Then destroy it. As a bonus, they can stop child abuse. Guess who will be keeping a massive amount of child pornography? The Australian Federal Police or at least Interpol.

      I say, ban Internet filters except for opt-in for concerned Internet users. It’s deeply concerning that Telstra/Optus spent millions voluntarily controlling users’ access to the web.

      • Karl
        Posted 27/02/2013 at 10:12 pm | Permalink |

        “If child pornography possession is illegal then that person is a paedophile… the filterers are government-funded paedophiles.”
        No that’s completely wrong. Breaking a law doesn’t make somebody a paedophile, and similarly being a paedophile is not illegal.

      • TrevorX
        Posted 28/02/2013 at 12:00 pm | Permalink |

        What are you smoking? The ISPs didn’t spend millions, they would have spent maybe $1,000 on a technician’s salary for them to spend maybe a day altering DNS records on a test server, testing, then pushing it out to the live servers. All in a day’s work for a network admin.

    4. Nobby6
      Posted 27/02/2013 at 7:01 pm | Permalink |

      I certainly think it’s fair that they redact anything identifiable with the person handling their requests, as one who has processed 282 requests, but not any 313 requests, it’s nobodies business but mine and the AFP’s, same goes for other ISP liasions.

      Further, I also certainly don’t think the AFP has a responsibility, or even a right, to release who it sends notices to, that would be the ISP’s rightful place to announce that.

    5. His media "adviser"
      Posted 27/02/2013 at 7:53 pm | Permalink |

      Security is subjective, its a feeling, you feel secure or your dont, it cant be objectively measured.

      This filter attempts to make us feel more secure by requiring blind trust in Authority, its counterproductive, it can not achieve any net good.

    6. MitH
      Posted 27/02/2013 at 9:24 pm | Permalink |

      Linky no worky

      First is ok

      Second document links points to wordpress admin area

      even tweeking the format fails

      BigBrother is messing with your code…..

    7. Rob
      Posted 27/02/2013 at 10:24 pm | Permalink |

      You ask a relevant question but later answer it with data from the trial.

      “It is unclear why the AFP considers that the identities of ISPs would cause an impact on its ability to undertake its operations, given that no customer data is collected by the ISPs in their implementation of the Interpol list; the list acts only as a block to stop the ISPs’ customers from accessing offensive sites on the list.”

      The fact that telstra has logged all the failed attempts day by day, week by week, month by month would be very relevant in any AFP investigation.
      If each ISP is reporting that to AFP, it gives them an Ida of which IP ranges to monitor more closely, and which ISPs are worth subpoenaing for more info on their customer base.

      While logging the page request / filter block, they are more than likely capturing the IP address of the requesting service, date, time, browser agent etc which would link back to the account holder. That gets them another step closer to possible suspects.

      If the AFP is investigating people, they wouldn’t want it known exactly which ISPs are running the filter because it would make it more difficult for a peadophile to shop around for an ISP who isn’t running the filter.

      More transparency on what is being filtered is good, then do we really need to know who is filtering?

      • Bob.H
        Posted 28/02/2013 at 1:48 am | Permalink |

        “While logging the page request / filter block, they are more than likely capturing the IP address of the requesting service, date, time, browser agent etc which would link back to the account holder. That gets them another step closer to possible suspects”.

        No this is not being recorded or the AFP has lied to the Parliament. It is also directly contrary to the way that Interpol say their filter works. All that Telstra was recording was the number of requests that were diverted to the “Stop Page” As I noted in a post above this has significantly reduced and the assumption must be that a large number of the original hits were from crawlers and other automated searches and not from human initiated searches. How many of the 989 requests in one week in October were humans and how many were bots is something we don’t know. To say that these statistics have any real meaning is “gilding the lily”.

        The stats that Telstra have collected on hits on the “Stop\ Page” are not going to be of any assistance to the AFP or anyone else as they don’t tell us any thing more than the number of hits.

        • PeterA
          Posted 28/02/2013 at 10:42 am | Permalink |

          If you read the schemes details, there is nothing preventing an ISP from logging access requests.

          There is no requirement but the section 313 request specifically does not state that you should or should not log requests. (It merely says logging is not a requirement since identification is not the goal of the scheme).

          • Bob.H
            Posted 28/02/2013 at 11:19 am | Permalink |

            “If you read the schemes details, there is nothing preventing an ISP from logging access requests.”

            Interpol say ( http://www.interpol.int/Crime-areas/Crimes-against-children/Access-blocking/The-INTERPOL-%22Worst-of%22-list ) “INTERPOL or other police authorities will not, as a rule, have access to logs and/or identifying data on the Internet users being redirected, such as IP-addresses.”

            This means that any logging of this data is not required under Sec313 and the ISP is subject to Sec 7 of the Telecommunications (Interceptions and Access) Act 1979 as amended which would seem to preclude them from recording the information. My understanding is that ISPs can only obtain and use a record by DPI or similar means for network maintenance purposes. ISPs who kept a record of the IP address of anyone redirected to the stop page would likely be in breach of the law. This is one of the reasons that any statistics on access to the stop page should be viewed with skepticism.

    8. Disgruntled Loner
      Posted 28/02/2013 at 4:00 pm | Permalink |

      ¨The AFP’s FOI documents also revealed that the ISPs would need to sign a relatively straightforward confidentiality agreement regarding the contents of the Interpol list, as a condition of being part of the program.¨ – how does that work with Conroy´s claim that this new Censorship Scheme is being forced on to ALL ISPs? Surely they can´t force anyone to sign?

      And, even if you were in favour of this censorship why would you sign. You know that this whole thing is going to be leaked, it is a matter of when not if. The previous scheme was leaked, and the UK version of this was leaked. The Police are unlikely to be capable to track down who leaked the information, nor will they be likely to even attempt to do so since they already have your name on a document assuming responsibility.

      It seems to me like you are signing on to play roulette with the prize being identified as a paedophile enabler and career ruin.

    9. Stephen H
      Posted 28/02/2013 at 7:48 pm | Permalink |

      Seriously, 10,000 requests/week for child porn through just one ISP? Either I live in an extremely sheltered world, or that number is garbage. Or some guys are EXTREMELY active and totally incapable of hiding their tracks.

    10. The Majority
      Posted 03/03/2013 at 11:35 am | Permalink |

      This is sorta BS hey, if you follow Anonymous on twitter for instance they are big on taking down these types of pedo scum. Yet when they provide the information and proof to the law they themselves are looked upon as the person who was in breach and the “law” uses excuses such as saying that this isnt a problem which is of priority to them.
      So to me… it just seems very suspicious that the “law” wants a filter to block access to things which are not of a high “priority”.

      I like to research things for myself and question the mainstream news.
      You’ll be shocked at what you might find ;)

    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:

  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, the $250 million project has not precisely been going well.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT

    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications

    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry

    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights