Vodafone sends Interpol filter live

14

news National mobile carrier Vodafone has revealed it has become the third major Australian Internet service provider to implement the limited Internet filtering scheme supported by the Federal Government and Australian Federal Police, in a move which will now see its customers blocked from accessing a set of offensive sites supplied by Interpol.

In November last year, Communications Minister Stephen Conroy formally dumped the Government’s highly controversial mandatory Internet filtering scheme, instead throwing his support behind a much more limited scheme which sees Australian ISPs implementing a much more limited filter which Telstra, Optus and one or two other ISPs were believed to have already implemented.

The ‘voluntary’ filter only blocks a set of sites which international policing agency Interpol has verified contain “worst of the worst” child pornography — not the wider Refused Classification category of content which Conroy’s original filter had dealt with. The instrument through which the ISPs are blocking the Interpol list of sites is Section 313 of the Telecommunications Act. Under the Act, the Australian Federal Police is allowed to issue notices to telcos asking for reasonable assistance in upholding the law. The AFP has issued such notices to Telstra and Optus to ask them to filter the Interpol blacklist of sites.

Vodafone has long supported the scheme. In July 2011, as Telstra and Optus implemented their filters, Vodafone noted it supported the Internet filtering framework which had been developed by the IIA. “VHA (Vodafone) supports the development of the new Internet Industry Association (IIA) ISP code, which will help guide the mobile internet industry in appropriately dealing with illegal content,” a spokesperson for the telco said at the time.

However, at that stage, Vodafone hadn’t committed to actually implementing the filter. Its support firmed in December 2011. At that time, Vodafone yesterday confirmed it was currently looking at technology solutions which would enable it in 2012 to implement the limited Internet filtering scheme. A spokesperson for the company said at the time: “We’re currently looking at solutions and I would say that it is in the pipeline for 2012.”

Since that time, Vodafone is believed to have been examining the technical underpinnings required to implement the filter.

However, Delimiter has recently been made aware of a new page on Vodafone’s customer support portal, which indicates that the mobile carrier has in fact already implemented the Interpol filter. The page is entitled “Why am I being redirected to Interpol?” and states: “Vodafone is committed to assisting to make the internet a safe place to browse. Interpol provide us with a list of known websites that contain child sexual abuse material. If your web browser tries to access a blacklisted site, it will be redirected to a “stop page” hosted on our website.”

The page further states: “Interpol is an intergovernmental organisation that facilitates international police cooperation. They are a member of the COSPOL Internet Related Child Abusive Material Project (CIRCAMP), an international police collaboration project in which access blocking is promoted as a crime prevention tool. The primary goals of CIRCAMP are to detect, disrupt and dismantle networks, organisations or structures used for the production and/or distribution of child abusive files, to identify children and to stop abuse.”

And it also adds: “All domains that experience redirection have been checked by police officers at INTERPOL in co-operation with CIRCAMP, and were found to contain child sexual abuse material according to very strict criteria. The sites blocking is focused on sites that are perpetrating serious criminal activities and is not intended to limit any legitimate activity. Interpol provide a mechanism for complaints about the blocking of a domain. You can find out more information on the INTERPOL website.”

Vodafone’s implementation of the scheme follows a similar pattern seen at Telstra and Optus. Although the trio have in effect blocked a number of websites from being accessed by their customers, they did not, in general, take proactive steps to inform customers of the move — rather choosing to publish small pages on their support portals providing a small amount of information about the new filtering system.

The news comes as it was revealed last week that another major Australian ISP — possibly TPG — has flat out refused to comply with the AFP’s request to block Interpol’s list of sites, and that additionally, most of Australia’s ISPs are yet to comply with the AFP’s requests in the area.

The AFP’s review of the filtering scheme — recently released to the Senate — notes that two large ISPs, Telstra and Optus, continued to actively block the Interpol list. One network gateway manufacturer was incorporating the filter capability into their product, which was being utilised by customers, one small ISP was no longer blocking the list as it had been bought by another ISP, and two large ISPs continued technical preparations to activate the filter, with “both anticipating commencement by early February 2013”. Additionally, Norfolk Island Telecom also plans to implement the filter, although it is not required to do so.

However, the AFP noted in its review, one medium-sized ISP had not responded to its advances at all, and “one large ISP has refused to comply with a Section 313 Notice”, with the matter being referred to the Australian Communications and Media Authority for “adjudication”. TPG has previously noted that it had no intention of implementing the Interpol filter, as has mid-sized ISP Exetel.

The AFP noted that as at 9 November 2012, when Conroy made his announcement supporting the scheme, some eight ISPs had received Section 313 notices requesting that they implement the filter, while a further 13 received notices from the AFP following that date. According to figures the AFP cited from the Australian Bureau of Statistics, there were 81 ISPs operating in Australia with more than 1,000 customers.

Background
Since Telstra and Optus implemented the Interpol filtering scheme in mid-2011, there have been no known public complaints about the system and no sites known to have been wrongfully added to the Interpol list apart from known child abuse sites. In addition, users of both ISPs have not complained publicly about speed issues with respect to the Internet filtering system. However, some segements of the community are still concerned about specific details of the Interpol filtering scheme.

For example, when Telstra and Optus implemented the Interpol filter, neither explicitly communicated with customers to let them know that the scheme was in operation and that their Internet connections were actively blocking a small list of sites; and neither is known to have updated their terms of service with customers.

In addition, in contrast with the mandatory Internet filtering policy (which was to have been administered by the Australian Communications and Media Authority) there is currently no known civilian oversight of the scheme, which is administered by the Australian Federal Police and international policing agency Interpol, apart from questions which parliamentarians may put to the Federal Police.

Furthermore, Section 313 of the Telecommunications Act does not specifically deal with child pornography. In fact, it only requires that ISPs give government officers and authorities (such as police) reasonable assistance in upholding the law. Because of this, there appears to be nothing to stop the Australian Federal Police from issuing much wider notices under the Act to ISPs, requesting they block other categories of content beyond child pornography, which are also technically illegal in Australia but not blocked yet.

A number of sites which were on the borderlines of legality — such as sites espousing a change of legislation regarding euthanasia, for example — were believed to be included as part of the blacklist associated with the Federal Government’s much wider mandatory filtering policy. It is not clear what safeguards exist to prevent the Interpol filtering scheme being extended by the Australian Federal Police to include such extra categories of content.

The current attitudes of ISPs apart from Telstra and Optus towards the Interpol filtering scheme are also currently unknown, with it being unclear whether they would implement the scheme if the Australian Federal Police issued them with a request to do so. In 2011, ISPs such as TPG and Exetel said right out that they would reject such an attempt.

The efficacy of the Interpol filter has also been publicly questioned. Optus has admitted that users would be able to defeat its implementation of the Interpol filter merely by changing the DNS settings on their PC. And information released under Freedom of Information laws by the AFP late last year shows as time went on, less and less requests were made by Telstra customers to access child abuse material on the list — presumably, as Telstra customers attempting to access the offensive material became aware that the telco had implemented a filtering system to block the requests.

For the first five weeks it operated, from 1 July through to 7 August 2011, Telstra’s filter blocked a total of 52,013 requests to access child abuse materials online, with 10,402 average requests per week. Average requests per day were 1,405, with the highest day recorded seeing 2,443 requests blocked and the lowest seeing 915 blocked.

However, over the succeeding weeks through to mid-October 2011, fewer and fewer requests were made. In the week commencing 13 August, 8,649 requests were made, but by September the figure was down to between 1,193 and 3,452 requests per week, and in the week beginning 15 October, just 989 requests were made — which had previously been close to the lowest requests received in one day, in the filter’s first month of operation. In the period from mid-September to mid-October 2011, the lowest day saw just 99 requests made by Telstra customers to access the blocked material.

opinion/analysis
So, far for the Interpol filter we have three major carriers — Telstra, Optus and now Vodafone — having implemented the system, and one other major ISP — iiNet — currently implementing it. We have another major ISP, possibly TPG, having refused to implement the system and most of the rest of the industry appearing to have initially ignored the AFP’s communications so far. It’s been a while since July 2011, when this issue first came up. Looks like the Interpol filter is the raging success which the AFP and the Internet Industry Association, which developed the scheme in the first place, would have liked the Interpol filter to be.

14 COMMENTS

  1. The phrase “worst of the worst” child pornography begs the question; what is the “best of the worst” and why isn’t it also banned?

  2. For that matter, why isn’t it all banned? Wouldn’t that be the best way to go? I don’t think it is an area where we should err on the side of tolerance.

    • The point of the whole argument gets missed…a lot…

      Conroy’s original mandatory filter provided a non-transparent mechanism for the arbitrary blocking of individual URLs, with little or no recourse for sites/URLs that were wrongly listed. This opened the potential for the abuse of the list for political purposes.

      He then tried to soften a bit by seeking to create an appeal and review mechanism.

      He then came along with the Convergence Review to provide an escape mechanism from the entire policy – which he used when he dropped it all for the Interpol list, which provides a list that isn’t beholden to national boundaries.

      Conroy’s “worst of the worst” slogan applied to the ACMA list, and shouldn’t be mistaken for the Interpol list.

      That any censorship mechanism exists is still a problem.

      If the ISPs have the functionality in place to take heed of the Interpol list, and given that it has been forced on them under the Telecommunications Act, there’s nothing to stop the mechanism being used for other purposes down the track, and also forced on ISPs via the Telecommunications Act.

      The whole problem with the concept of keeping these lists – (regardless of who administers them) – is that putting them into this kind of mechanism doesn’t stop the people who want to access this kind of filth from accessing it.

      They just bypass the filter.

      The better course of action for lawmakers is once they identify it, don’t just whack it on a list – (which doesn’t stop the people wanting to view it anyway) – but use the information to track down the low-lives running these sites, and charging them.

      Kiddie porn is already illegal. Making it “a little bit more illegal” is pointless.

      Find them, shut them down.

      Rescue the kids they are abusing.

      Put them in jail.

      If they can identify them to blacklist them, they can identify them to shut it down.

  3. How do we even know that the Interpol list is blocking just child porn? And why not use the list of “worst-of-the-worst” sites as a honeypot for identifying potential and actual offenders, rather than just telling them to start using a VPN or Tor?

    This is poor policy, poorly implemented.

  4. Can’t believe iiNet’s actually implementing this rubbish. And is no-one concerned that Conroy basically sidestepped parliament to implement what he wanted anyway? What else can the AFP force with these notices?

  5. this is not a problem howwever why are they not shutting the sites down in the first play
    they are chasing torrent sites and closing them down!
    gee no brainer there
    close the site problem solved!

  6. Doesn’t Vodafone have bigger priorities, like upgrading their “notworking” network?

  7. Why isn’t Interpol doing it’s policing thing and getting the sites closed down though it’s contacts in the various states?

    Politicians never cease to amaze me with what they come out with! Like the Swedish(?) politician that declared “being a criminal is illegal in Sweden”.*

    Or the US Senator(?), pushing for gun registration, saying “the criminals won’t buy guns if they have to register their name and address”! *

    * Both quotes are paraphrasing of what I seem to remember :)

  8. Stephen H summed up best, the enormous wasted opportunity in implementing the filter in this way …

    “And why not use the list of “worst-of-the-worst” sites as a honeypot for identifying potential and actual offenders, rather than just telling them to start using a VPN or Tor?”

    Telstra reports that it blocked a large number of requests initially. Why could not these be identified and passed on to the authorities? How is that those in charge are keen for movie & music downloaders to be reported, but not child pornographers?

    If there are perhaps some amongst the authorities who themselves may download child abuse material, and few would doubt that to be the case, this decision takes on rather sinister overtones.

  9. Shutting down the sites is beyond the jurisdiction of the Australian Govt, but yes more clearly needs to be done by Interpol if it can identify these sites buy they’re not being shut down.

    I, too, was surprised by the sheer number of Telstra customers who attempted to access blocked content when the filter was first introduced. Those numbers demonstrate to me that child porn is being accessed by a lot more people than anyone is willing to talk about (or willing to prosecute, apparently).

    Personally the filter doesn’t affect me in any way, isn’t difficult or costly for ISPs to implement and isn’t subject to political bias, so I’m not particularly concerned by its use right now. However, there is no oversight mechanism enshrined in law and that does concern me, as the potential for scope creep is far too tempting for Govt and regulators to ignore indefinitely.

    • It is a bit suprising. I wonder how many of those Telstra customers have infected computers though?

      • So do I, and imo it’s interesting that no ISP blocking statistics have been reported since October 2011. I wonder if that’s because at some time by June 2012, Telstra had become aware that at least 54,000 and potentially up to half of million of their customers’ computers had been enlisted into a global zombie army.
        http://www.zdnet.com/half-a-million-telstra-customers-zombified-1339339708/
        Also, in September 2011, it was reported that “Cybercrooks have set up a web store that offers rented access to compromised machines on the TDSS/TDL-4 botnet” which among other things reportedly turns compromised machines into a proxy, via which users of the botnet can access web pages.
        http://www.theregister.co.uk/2011/09/12/tdss_rented_botnet_shenanigans/
        Presumably there’s also other malware that does the same thing.

        Hence, it appears that one possible reason for the decreasing Telstra statistics, between July and October 2011, could be that increasing numbers of customer machines were cleaned of malware that had enabled them to used as proxies by criminals.

        Also seems that a possible reason for the lack of statistics reporting since Oct 2011, could be that some participating ISPs have woken up, and others have probably long known, that such statistics prove nothing – access attempts could be by zombie computers, or by the computer user attempting to access a URL that contains entirely legal material, but is on a domain that’s ‘blocked’ because some other page or section of the domain contains material that meets Interpol’s blacklist criteria.

    • I think it’s domain level blocking, so you don’t know what they were actually looking at. Think of that Dentist in Qld that was on the ACMA list.

      • So the diminishing numbers could be people who were looking up non-criminal sites, found that access was blocked, and simply stopped trying?

        I guess I find the idea that so many people were actually seeking unpleasant content and were blocked by the filter raises two concerns with me.

        Firstly, shock that there could be so many predators out there.

        Second surprise that so many predators would search so brazenly and without attempting to hide themselves.

Comments are closed.