250,000 sites blocked: ASIC’s massive crackdown

18

asic

The following article was published on the website of Electronic Frontiers Australia this morning by EFA executive officer Jon Lawrence. It appears under a Creative Commons licence.

news/analysis As reported by Bernard Keane in Crikey yesterday, Australia’s corporate regulator – the Australian Securities and Investments Commission – has admitted to another incident in which a website blocking request has lead to the inadvertent blocking of thousands of websites.

In a written statement provided to the Senate Economics Legislation Committee (PDF), ASIC has admitted that one previous blocking request in which it specified an IP address, rather than a domain name, resulted in some 250,000 websites being blocked.

The regulator claims: “The vast majority (in excess of 99.6%), appear to contain no substantive content. In this instance we believe that less than 1000 active sites (less than 0.4%) may have been temporarily affected. None of these are .au sites. There are various reasons why such a large number of sites with no substantive content may use the same address, such as through a ‘domain for sale’ operation.”

Given the evident lack of even a basic understanding of the functioning of the Internet’s addressing system within ASIC, these claims are simply not credible. Has ASIC actually reviewed all 250,000 sites to determine whether they contain ‘substantive content’? How does it define ‘substantive content’? Do they believe that ‘only 1000 active sites’ is an acceptable level of collateral damage? The fact that none of them were using .au domain names does not mean that they are not sites operated by Australian entities (such as melbournefreeuniversity.org) nor does that mean that they are not sites that Australians wish to access.

While ASIC’s motives are of course laudable – to protect Australians from fraudulent investment schemes – its use of section 313 of the Telecommunications Act to block these websites is extremely problematic.

In its statement, ASIC has committed to consult with other government agencies and police “to determine how we can best disrupt websites that are part of criminal operations without impacting on legitimate sites”, and are looking at: How to ensure only specific websites are targeted (use the domain name, not the IP address, it’s really simple!); Contacting hosting or domain name providers to have sites taken down at their source, and; Redirecting blocked sites to a landing page indicating why the site is inaccessible. ASIC has also committed to publicly report on their use of s313 on an annual basis.

These steps are all very necessary and have our support, but Electronic Frontiers Australia believes that ASIC must cease all use of s313 to block websites until it has: Learnt how the Internet addressing system functions; Implemented, in consultation with the Department of Broadband, Communications and the Digital Economy, clearly defined processes for the use of this power, including some form of independent oversight; and has implemented a landing page that will inform affected users trying to access a blocked website. EFA believes that the use of s313 to block websites should be subject to judicial oversight, through a requirement for a warrant to be issued for each request.

View Senator Ludlam’s questioning of ASIC officials from last night’s session:

Image credit: Screencap of ASIC officials at a Senate Estimates hearing this week.

18 COMMENTS

  1. On this logic, they would issue a cease and desist on “The Age” if there was a misleading advertisment (arn’t they all?) published.

    I would have thought it better to go after the perpetrator and stop the issue at the source.

  2. “some of the technology aspects, I have to say, Senator, I’m not totally across…”

    No shit. Like not knowing the difference between a telecommunications carrier and an ISP, for example?

    Get how ASIC’s notices aren’t really, notices but “requests”. The ISPs can alway refuse these “requests”, says ASIC. As long as they don’t mind a bit of jail time, presumably…

  3. And this is why you tell your friends and family and anyone that will listen not to get internet with Telstra or Optus, or any other ISP that comes on board with this filter.

    Not that you would anyway, any ISP that treats their paying customers with this much contempt will be treating them in similar ways in regards to download limits, pricing, speeds, service levels, etc.

    Can anyone confirm, is it definitely only Telstra and Optus signed up with this “voluntary” filter?

    • I can confirm that this is not the filter.

      Can people stop conflating them? This is ASIC using section 313 notices to get isps to block IP addresses.

      The filter is the AFP to get isps to change their DNS server to redirect people to an AFP block page. The AFP filter is bad and useless, but thousands of times less intrusive than the ASIC method referenced in this article. (250,000 times less intrusive)

  4. @Dylan – no definitely not. AAPT came on as did Iinet, we think.

    The biggest cause for concern, is that none of the ISP’s asked for a warrant, though it is required by proper law enforcement, which of course, being absolutely the universes most incompetent government department, it isn’t. It sees itself as a special case, presumably because it’s base disabilities preclude it from acting like anyone else is expected too.

    The toad that runs ASIC has been sent a copy of “DNS for Dummies”, which appears to be the most appropriate way to manage clowns like that, who runa council waste management depot one day, then become head of ASIC…

  5. @Daemon Singer
    Oh that sucks! Well, I was already in the process of transferring all our company’s home internet accounts from iiNet & Telstra to TPG anyway (about 30-40 of them). Just another plus for TPG then hey!

    • There are only a few transfers left to be done. As of the start of last year we had zero services though TPG. Now we have about 32 on-line with them. This article just confirms even further that all the work transferring the accounts was worthwhile.

    • Hey Daemon, while you are at it could you ask TPG how I am going to be able to stay with them when I get my NBN connection in the next few weeks on the Central Coast? Don’t want to leave but their status re the NBN is… nada…

  6. “… in the most efficient way we could.”

    Interesting how efficiency — i.e., how easy it is for them — is their primary goal, not assuring due process, lack of collateral damage, etc.

  7. I agree Mark, though I suppose that if they put 5% more effort into what they do, whether its corporate regulation or knocking off 250,000 websites, they may have somewhat better reputation as far as a regulator. Problematically, they don’t appear to be terribly concerned by what people think of them but I still wish they would find somebody qualified to lead them as they blindly stumble down the path of incompetence.

    • Who continues to let them get away with it even after their incompetence has been clearly shown?

  8. It was just getting interesting at the end!

    Well done Scott (i know you read these comments) keep up the questioning.

  9. So it is clear now what level of competence and capability they have in ASIC and probably getting paid +200k salary.

    Dumb as dog shit.

  10. I can´t get over how EFA, and others, keep trying to come up with ways to make S313 requests ¨workable¨. I´ve yet to even hear an attempt at explanation as to why they are supporting, or Australia needs, a Censorship scheme which is trivial to bypass and does nothing to arrest the perpetrators of Crimes; and that is ignoring the fact that I thought the EFA´s mandate was to oppose all Censorship, I appear to have been sorely mistaken on that point.

    I would have thought the mere fact that Conroy, the man who called all of us who opposed his Censorship plans ¨paedophiles¨, attempted to brush everyone off by claiming he had instructed his Department to present him with options on how to fix the problem and therefore all was well, so be quiet and go away, would have been a cause for major questions by EFA. Yet, to me at least, the EFA seems to have accepted Conroy´s assertion that there is some reason for keeping S313, and therefore they need to find a way to make it ¨workable¨.

    I would really like someone to ask the non-government players (EFA, Ludlam, etc.) If they think S313 should be repealed in total, and if not why not?

Comments are closed.