ASIC blocked “numerous” sites over 9 months

18

road-closed

news The Australian Securities and Investments Commission revealed tonight that it had in fact blocked “numerous” websites over the past nine months which it suspected contained illegal material, as fears about the extent of the agency’s covert Internet filtering scheme continue to grow.

Last night the Federal Government confirmed ASIC, the financial regulator, had started requiring Australian Internet service providers to block websites suspected of providing fraudulent financial opportunities, in a move which appeared to also open the door for other government agencies to unilaterally block sites they deemed questionable in their own portfolios.

The move is based on the use of Section 313 of the Telecommunications Act, which allows government agencies to ask ISPs for reasonable assistance in upholding the law, a mechanism which is also being used for the Government’s limited Interpol-based filter to block child abuse material. However, the law is not usually used to block websites, and there appears to be no public oversight of the process which ASIC is using, no appeals mechanism, and no transparency to the public or interaction with the formal justice system. ASIC’s action came to light after the regulator in April blocked several sites suspected of providing fraudulent investment information, but also resulted in the inadvertent blockage of some 1,200 other innocent sites.

The news was immediately greeted with alarm by a number of political groups and digital rights lobby organisations, which expressed concern that ASIC’s move could herald the covert return of the Federal Government’s previous mandatory Internet filtering scheme, which the Government abandoned in November last year. Commentators immediately called upon the Government to reveal how widespread the blocking practice was, and the news spurred journalists and activists to file Freedom of Information requests in an effort to ascertain the full extent of the situation.

In a new statement tonight, ASIC revealed that the blocks in March and April were only the latest in a series of such actions it had taken over a sustained period. “ASIC has used this power numerous times over the past 9 months,” a statement issued by the regulator said. “This is the first time we have encountered this problem. We are reviewing our processes to ensure this doesn’t happen again.”

In an earlier statement today, the regulator also confirmed statements made last night by the office of Communications Minister Stephen Conroy on the issue, noting that it had been responsible for the April incident.

The regulator said it used “various legal powers and techniques” to protect Australian investors from becoming the victims of fraudulent activities such as cold-calling and the use of fraudulent websites. “This includes requesting telecommunications carriers that access to a specified IP address of a fraudulent website be blocked Section 313(3) Telecommunications Act (Cth) allows us to make these requests,” the regulator said.

ASIC noted that in the period September 2009 to April 2013, it had conducted investigations into at least 17 cases of cold-calling ‘Boiler Room’ fraud amounting to in excess of $8 million in losses to Australian investors. “Most of these scams include access to fraudulent financial services websites that are used to lure potential investors,” the regulator said, although it did not note for how many such cases it had applied the website blocking technique used in April.

“Advances in technology have led to the rise of cybercrime in the financial system globally
Computers and the internet permeate our lives today. While there are many benefits, unfortunately this means there are online scams promoting ‘bogus’ investment,” ASIC wrote.

However, even as ASIC has revealed its website blocking technique has been more commonly used than was used, questions are increasingly being asked as to what extent the regulator’s practice is consistent with the legislation. Queensland University of Technology senior law lecturer Peter Black told ABC Radio tonight that Section 313 of the Telecommunications Act was now being used increasingly for a purpose it may not have been intended for.

“It does seem as though since the government formally abandoned their policy of mandatory ISP-level internet filtering, they do seem to be moving towards using Section 313 to effectively introduce some form of filter through the back door,” said Black. “The big problem from going down this particular path is that we’re not seeing proper parliamentary or public scrutiny about this process. It certainly has the potential for it to be mandatory web filtering but by another name. The difficulty is we don’t know how widespread this practice is.”

Meanwhile, ISPs have also started to question ASIC’s action. iiNet regulatory chief Steve Dalby told the Financial Review today that the ISP didn’t want to have to start making decisions about whether it should comply with a blocking instruction from a law enforcement agency. “They have an enforcement role to perform but they also have an obligation to do it in such a way that it complies with the normal tests of evidence and onus of proof,” Dalby said. ASIC has not disclosed the burden of evidence it has used to justify blocking sites in the past, nor revealed whether it had successfully prosecuted any of the sites it had blocked — or whether the formal courts system was involved at all.

The Greens have also heavily criticised ASIC’s use of the Telecommunications Act in this manner, with Communications Spokesperson, Senator Scott Ludlam, noting in a statement today that ASIC’s move “opens the door to wide-scale banning of sites”. “It also means no-one is effectively in charge; other Government agencies could demand sites be blocked with no coordination or accountability in place … this is a filter by stealth that operates with no explanation and no transparency,” said Ludlam.

“The Australian public overwhelmingly rejected the Government’s plan to introduce a mandatory filter and welcomed the news in November that the scheme had been abandoned in favour of more effective and more fair methods of fighting crime online such as child abuse material,” the Greens Senator added. “We now know the Government has introduced a filter by stealth, one that has already caught 1200 perfectly legal websites in its net. The Government needs to abandon this scheme and come up with methods to tackle online fraud that don’t involve widespread censorship of harmless material.”

Delimiter has contacted the office of Shadow Communications Minister Malcolm Turnbull for a comment on the issue, but no response to ASIC’s actions has been issued by the Coalition as yet.

opinion/analysis
I am completely unsurprised to find that ASIC has been blocking websites for some time with Section 313 notices — I had surmised that if it had suffered this issue in March/April, that that would have actually been something like the tip of the iceberg. Given this fact, I would expect the ongoing investigation into how widespread this practice is within the Federal Government, to go on for some time. It’ll likely take a few months for the various Freedom of Information requests to come back with enough information to paint the whole picture of what’s going on here behind the scenes.

18 COMMENTS

  1. The really alarming thing is that it seems any government official can send these notices and no one has any recourse to check if they are even legit. Most government departments have legal powers to take people to court over issues from their area of expertise, and now it seems they don’t even need to go to court to pass sentence. it really is a travesty of justice…

    And if Scott reads Delimiter, best of luck in Sept mate, Australian politics would loose one of it’s “best and brightest” if you don’t get re-elected.

    • ‘And if Scott reads Delimiter, best of luck in Sept mate, Australian politics would loose one of it’s “best and brightest” if you don’t get re-elected.’

      +1

    • The other really alarming thing is that as usual there is no response from the opposition. A bit like the good old days waiting for the coalition to hedge its bets on the proposed Internet filter or its actions on data sharing and airport full body scanners. Unless there is a huge public outcry we can expect both parties to duck and cover while we watch another civil liberty be usurped by the public service.

      • Take their silence on the subject as you will. The churches, for years, also had no comment…

  2. a statement issued by the regulator said. “This is the first time we have encountered this problem. We are reviewing our processes to ensure this doesn’t happen again.”

    More likely this is the first time an innocent got caught in the crossfire that could figure out what was going on and knew who to go to about it. How many might be out there that have been in the same boat as FMU and didn’t even realise why site traffic has dropped to nothing?

    • Exactly my thought as well.

      ‘This includes requesting telecommunications carriers that access to a specified IP address of a fraudulent website be blocked’

      A specific IP address.. It’s sad how an agency that has such a piss poor understanding of even how something simple as more than one website can be hosted on the same IP let alone other services all of which likely to be completely unrelated..

  3. This honestly scares the crap out of me. This kind of loose-cannon enforcement would literally destroy our business, as surely as an out-of-control tank in a shopping mall.

    Tell me, who do I sue if they manage to ‘accidentally’ sideswipe me with one of these enforcement actions?

    • You sue no-one – government has crown immunity and legal immunity for the telco is right there in Section 313 subsection 5!
      “(5) A carrier or carriage service provider is not liable to an action or other proceeding for damages for or in relation to an act done or omitted in good faith in performance of the duty imposed by subsection (1), (2), (3) or (4); or in compliance with a direction that the ACMA gives in good faith in performance of its duties under section 312.”

      • Just because the legislation prohibits it doesn’t mean you can’t challenge it through the judiciary, as that is one of its primary functions (at least in theory). There’s a big difference between the target of a block being able to sue (when they’re allegedly involved in criminal activity) and someone else being caught up as collateral damage due to bureaucratic incompetence.

        • Particularly when the legal foundation for 313 being used in this way is so questionable.

      • My understanding is Crown immunity doesn’t apply in Australia. S8(1) of the Act binds the Crown, but s8(2) protects the Crown from civil and criminal prosecution. However s8(3) excludes “an authority of the Crown”.

        So from my understanding you could sue ASIC, but not The Commonwealth of Australia.

        I can’t see how a court could overturn s313(5), and in any case I can’t see a court allowing against the ISP anyway. What sort of court would set a precedent permitting corporations/individuals to ignore legal government directives for fear of being sued?

        • No of course it’s not the ISPs fault, they have to follow the law unless they wish to challenge it in court themselves. It is absolutely ASICs fault though.

  4. I have a recolection of the AFP being questioned at a Committee on a couple of occassions and the number of sites being blocked by the Interpol filter rising up to around 1,200 from around 500.

    If I am right, I would suggest that sites are being added to the Interpol Filter by Government Departments with some sort of conivance with the AFP.

    I think we need to know whether the use of Sec313 in the way that has happened is in fact legal. I would also like to know why Sec 7 of the Interception Act seems to have been side lined. It is my belief that these two pieces of legislation are complimentary and not totally separate.

    We need to know who is co-ordinating the blocking action and organising the block with the ISPs.

    We need to know if there is a suitable review process in place.

    We need to know how much it is costing to have these blocks in place and for how long they are in place.

  5. I see no reason why they can’t publish publicly, the sites they block, excluding child pornography. Not that I agree with blocking other sites.

    • I see no reason to exclude child porn sites from a public list. By publishing URL’s people would begin to ask from one month to the next why the URL is still there, why has the site not been taken down and the owners prosecuted. I do not accept the fact that in certain countries nothing can be done. If entire domains can be taken off the air for email spam then I see no reason why the international community can not address countries that will not take action against criminals in their various forms. By keeping everything private and hidden we do not advance justice we merely propagate the sort of public sector knows best nonsense and scope creep that we see so often in Australia and for which ASIC is merely the latest example. Our government is demanding ever greater intrusion into our lives, it is not unreasonable to expect such transparency back the other way and we should not allow the government to erect taboo’s to shield themselves.

      • Indeed I would rather see them monitoring the traffic to those sites and catching up with the visitors…

  6. Isnt this what was feared when the covernment and Conroy proposed to have internet censorship at a federal level??

    What happened? exactly what was feared, the gvoernment ‘accidently’ blocked legit sites, causing issues….

    Well, for once the civil libertarians where right with this one, the cencership is in, and it means the gvoernment can block access to data outside the Australian network, which means it can now dictte what information we get, and is able to block what it doesnt want us to know…… Weclome to China/Australia! Believe your government is good…….

Comments are closed.