news The chairman of the Australian Securities and Investments Commission last week said the regulator would not “apologise” for using an obscure section of the Telecommunications Act to block websites suspected of fraud, and stated that the organisation would continue to use the controversial power to block more sites.
Several weeks ago the Federal Government confirmed ASIC, the financial regulator, had started requiring Australian Internet service providers to block websites suspected of providing fraudulent financial opportunities, in a move which appeared to also open the door for other government agencies to unilaterally block sites they deemed questionable in their own portfolios.
The move is based on the use of Section 313 of the Telecommunications Act, which allows government agencies to ask ISPs for reasonable assistance in upholding the law, a mechanism which is also being used for the Government’s limited Interpol-based filter to block child abuse material, under the auspices of the Australian Federal Police.
However, the law is not usually used to block websites, and there appears to be no public oversight of the process which ASIC is using, no appeals mechanism, and no transparency to the public or interaction with the formal justice system. ASIC’s action came to light after the regulator in April blocked several sites suspected of providing fraudulent investment information, but also resulted in the inadvertent blockage of some 1,200 other innocent sites. It has since emerged that ASIC has blocked “numerous” sites over the past nine months.
The news was immediately greeted with alarm by a number of political groups and digital rights lobby organisations, which expressed concern that ASIC’s move could herald the covert return of the Federal Government’s previous mandatory Internet filtering scheme, which the Government abandoned in November last year. Commentators immediately called upon the Government to reveal how widespread the blocking practice was, and the news spurred journalists and activists to file Freedom of Information requests in an effort to ascertain the full extent of the situation.
Last week it was revealed that a third agency in the Attorney-General’s portfolio had also used the power to block sites on the basis of “national security” concerns. However, the Government has refused to disclose the identity of the agency or the sites blocked.
In a major speech given last week to the Stockbrokers Association of Australia annual conference, ASIC chairman Greg Medcraft appeared to take a defiant approach to criticism of his agency’s actions. The full speech is available online in PDF format.
“The development of the internet has enabled cyber crime, and in particular, investment scams, to move online and to become a lot more sophisticated in their deception,” said Medcraft. “ASIC devotes a lot of time and resources to combating boiler room and investment scams. The criminal syndicates that operate these scams are sophisticated and often use offshore sites to target Australians. They are persistent and have fleeced many people of their money – hundreds of millions of dollars over the past 15 years, often with devastating consequences.”
“Cybercrime is something ASIC takes very seriously and we will keep fighting against these fraud sites. One tool we have is the ability to disrupt and block the websites of these criminal operators. Our results show that quick action can have a major impact on the amount of money being lost.”
“We don’t apologise for blocking the sites of criminal fraudsters, and we will continue to take action to prevent scammers ripping off Australians. We have seen first-hand the devastating consequences these scams have on Australian investors and their families. ASIC is all about ensuring investors can be confident and informed and this means cracking down on fraud when we see it.”
The executive noted that it had recently been reported that a number of other sites had been accidentally blocked in the process of the regulator blocking a suspected fraud site. In this case, Medcraft said, ASIC was “unaware that the IP address” used by the fraud site “was also shared by other websites”. “This was the first time we became aware we had blocked other sites,” he added. “We are reviewing our procedures to ensure this does not happen again, as obviously we are not targeting legitimate sites.”
The news comes as groups such as the Greens have continued to turn up the heat on the Labor Federal Government over the web site blocking issue. Greens Senator and Communications Spokesperson Scott Ludlam said last week that there was “virtually no oversight or transparency in how 313 notices are issued, which agencies and individuals can request one, or under what circumstances they’re permitted”.
“We now know that in addition to the ASIC and Australian Federal Police, a third agency has used the section 313 power to block websites, but the Government will not reveal which,” Ludlam said in a statement. “The Department of Communications was also unable to identify how many state, territory and Commonwealth agencies are legally empowered to demand ISPs block websites at will.”
Communications Minister Stephen Conroy has requested his department provide him with options to increase the transparency of the Section 313 process, and a number of Federal Government departments and agencies recently attended a meeting hosted by Conroy’s department on the issue.
It is good that Medcraft is at least aware enough of the website blocking issue to be able to address it in public; this isn’t always the case with the heads of Federal Government departments, agencies and regulators, who often don’t quite understand the technology they are speaking about.
However, the executive’s words contain no comfort for those concerned about the lack of transparency regarding ASIC’s moves. Medcraft was completely unapologetic in his speech, demonstrating an autocratic approach that will, no doubt, enrage civil libertarians demanding the Government apply a basic modicum of transparency and oversight of the use of Section 313 notices. I think the executive needs to acknowledge that there is a wider issue here beyond merely the blocking of websites with suspected fraudulent information. Right now, ASIC is using the equivalent of an atom bomb to squash an ant through the use of this power; and that’s never a good thing. As we’ve seen, when atom bombs are detonated, there is always collateral damage.
Image credit: Still from Gladiator