The Great Firewall of Cameron: Why The UK's Filtering By Fiat Won't Work, and Won't Help
David Cameron, the British Prime Minister, could have buried almost any bad news on the same day as a royal birth. Instead, the main grievous news he had to offer — his plan for pervasive censorship of the British Internet — was entirely his own making. His speech has been critiqued for its grandstanding and for ignorance of how the Internet works, but the lasting damage of his new initiative will serve to extend the precedent that the UK government and private actors can interfere with Internet communications without regulation or legislative oversight, and to undermine the safety of the children it seeks to protect.
Britain already has, since 1996, a voluntary system of Internet censorship through a web address blacklist determined by the Internet Watch Foundation, a private charity. The secret blacklist is used by a number of ISPs and mobile phone providers to filter their users. Sites entering the blacklist take months to actually be taken down, as opposed to the days for other (unblocked) unlawful sites, such as banking fraud sites. The list has included false positives, including a reported image on Wikipedia, which lead to all scanned UK traffic for Wikipedia passing through the filtering servers, causing Wikipedia to be briefly inaccessible to most of the UK.
Cameron's announcement (and leaked confrontations with ISPs) has used recent events to ramp up this voluntary system of control. Search engines in Britain will now be asked to comply with blocking a blacklist of terms, as well as hold a "hackathon for child safety."
These steps will do nothing to help the fight against abuse. Child abuse images are illegal to possess or distribute by anyone in the UK — including, as the Open Rights Group has pointed out, anyone who accidentally accessed such images as part of that child safety hackathon. As a consequence, search engines and ISPs alike already take extraordinary steps to identify and eliminate such content. As with any system of Internet blocking, this means that almost all such distribution evades these routes, and occurs instead out of the sight of search engines or censorship.
More damagingly, Cameron has demanded and apparently gained grudging consent from the primary UK ISPs to implement a "default on" filtering system, to be rolled out to the majority of public wifi and broadband users. British Internet users will be presented "with an unavoidable decision about whether or not to install family friendly content filters," he announced. This will be to prevent children seeing, he says, "adult content."
Such a system is, in theory, conducted with the end-users' consent. At EFF, however, we often talk of the "tyranny of defaults". A checkbox that is set on by default will determine reality for most users. That makes whoever runs these blacklists of "adult content" will have considerable influence on what the British public normally can and can't see.
Who will construct such lists? Will they be commercial companies, who frequently both under and overblock content (including one service which censored ORG's own discussion of the Cameron announcement)? If they block by keyword, those filters will have to intercept and inspect, in real-time, all the content of a user's communications. If so, how will they "protect" users from adult content, when the default encryption of services that relay "adult" content like Facebook, Google, and Youtube, and millions of other sites? And how will they separate the subtle difference between a site that is pruriently discussing, say, sex issues in adolescence, and a site that is sharing medical or psychological advice on that experience?
A secret blacklist can have no transparency; an unregulated filtering system will have no oversight; and the long and sad history of attempts of Internet censorship show it will be a specious distraction from the real problems. When the British Prime Minister announces that default-on censorship will be easy as "One click to protect your whole home and keep your children safe," he is not only grandstanding, he is being dangerously misleading.
If you wish to defend your child from adult content, an Internet filter is insufficient as a solution, especially when it is operated from afar by your ISP and your government, and not you. And if you wish to defend your nation's children from abuse, when such abuse is frequently from within the family then locking children away from external but "adult" advice and giving the key to those who control the rest of their lives, is the worst possible strategy. That's why youth advice charities and abuse survivors have come out against these filters. Meanwhile, the precedent is set: private service providers have been positively encouraged to interfere with their users' Internet traffic at the hands of the government.