Project Cleanfeed Canada
(this is a follow-up to the Great Firewall of Canada)
spyblog.org.uk notes how “systems like British Telecom’s CleanFeed are inherently vulnerable to reverse engineering attacks, which can reveal the list of censored websites”. While I doubt the technique mentioned in the paper still works, it does give more technical information about CleanFeed than I’ve seen anywhere else.
Dr. Richard Clayton’s paper
Michael Geist has thrown in his support with Cybertip on the issue:
More importantly, while some may suggest that this opens the door to other blocking – hate content, defamatory content or copyright infringement to name three – there is a crucial difference with child pornography that should prevent a similar approach. While those forms of content may raise legal issues, in the case of child pornography, it is illegal to even access the content. That is a crucial difference since under current law there are no valid free speech arguments for either disseminating child pornography nor for seeking the right to access it. Given that difference, the right of appeal, and the active involvement of cybertip.ca, the arrival of Project Cleanfeed in Canada looks like a good news story that merits close monitoring.
The comments on his post are well worth reading, particularly those of Cory Doctorow of BoingBoing:
Michael, I think that you’re being entirely too sanguine about a secret blacklist of content. Having had my own material censored by such blacklists at the national and local level, I’m a lot less trusting of these systems.
The idea is fundamentally broken. First of all, it seems to me that keeping a secret list of “evil” content is inherently subject to abuse. This is certainly something we’ve seen in every single other instance of secret blacklisting: axe-grinding, personal vendettas, and ass-covering are the inevitable outcome of a system in which there is absolute authority, no due process, and no accountability.
The appeals process is likewise flawed. If the self-appointed censors opt to block, for example, material produced by and for gay teens about their sexuality (a common “edge-case” in child porn debates), then teens will have to out themselves as gay to avail themselves of the appeals process.
Notwithstanding this, it’s hard to imagine how an appeals process would unfold. How could someone who wanted a site unblocked marshal a cogent argument for his case unless he could see the content and determine whether it was being inappropriately blocked?
Likewise, there is no imaginable way in which such a system could possibly be comprehensive in blocking child porn. It will certainly miss material that is genuinely child pornography. The Internet is too big for such a list to be compiled, and the censorship problems are compounded as the lists grow.
If, for example, Canada were to import Australia’s secret list of bad sites, then Canadians would then be subject to the potential abuses of unscrupulous (or unintelligent) censors in Australia, as well as in Canada. You’d have to trust the Canadian censor-selector process, and the Australian one. The longer lists that would emerge from the merger process would be harder to audit — the haystacks of real porn larger, the needles of censorship smaller.
Worst of all is the problem of site-level blocking for user-created content sites like Blogger, Typepad, Geocities, YouTube, etc. These sites inevitably contain child porn and other objectionable material, because new, anonymous accounts can be created there by people engaged in bad speech. However, these sites are also the primary vehicle by which users express their own feelings and beliefs and are frequently posted to anonymously by whistle-blowers, rape victims, dissidents in totalitarian states and others who have good reason to hide their identities.
Site-level blacklisting can’t cope with these sites. They can try to block by subdomain or directory (e.g. childporn.typepad.com or blogger.com/childporn) but these URLs are very easy to change. The general response of net-censors to these sites is to block them entirely, or demand that they adhere to some imposed code of conduct that calls for eliminating anonymity and close monitoring of content.
Finally, these methods only stop stupid child pornographers from gaining access. Smart child pornographers use Tor, or IRC, or BitTorrent, or Usenet, or email to get their material. Any dedicated child pornography collector will not be stymied by Cleanfeed.
Like so many other systems that “keep honest users honest,” Cleanfeed will only serve to keep honest users in chains, and allow bad actors to skip off without any substantial inconvenience.
Michael Geist responds with:
1. There appears to be some confusion about the nature of the blocklist. First, ISPs will not maintain their own lists nor look to corporate providers. The sole source of the list will be cybertip.ca. Cybertip.ca tries to find middle ground between public and private. It has private supporters, but has been designated by the government as the national tipline for child pornography. This strikes me as a reasonable attempt to avoid charges of state-sponsored censorship and/or commercial incentives to block. Moreover, the suggestions that the block list should be made public is simply a non-starter – to do so would likely violate the Criminal Code.
2. There are several comments that suggest the blocking is government mandated. That is not true. Each ISP has voluntarily adopted Cleanfeed and there remain many Canadian ISPs that have yet to do so.
3. There are several puzzling comments that seem to suggest that the filters should be placed in the hands of individuals so that people can decide for themselves whether they want to access the blocked content. Let me repeat – accessing this content is illegal. I do not understand how people can suggest that they should have the right to access this content when the law clearly states that they do not.
4. There are also some suggestions that the system is ineffective and/or that the problem is exxaggerated. Note that a similar system is run by British Telecom in the UK. Earlier this year, BT reported that the system was blocking 35,000 attempts per day to access this content [[ link ]]. 35,000 blocks per day for a single ISP does not strike me as insignificant. With respect to its effectiveness, there has indeed been some studies of the UK that question its effectiveness. However, an Australian commentary on the BT approach lamented how few sites were being blocked. Far from overbroad blocking of thousands of sites, the Senator noted that there were under 1,000 child pornography sites[[ link ]]. The same criticism (a feature not a bug in my view) can be said of the Canadian approach.
Ultimately, I agree that there are risks with this approach and that Cybertip.ca must become far more transparent about its policies with respect to appeals. However, the risks identified in the comments must be set off against the risks of doing nothing about a very real harm. For now, I remain of the view that this is a risk worth taking.
Other blog posts worth reading: