Qwest has announced that it will block websites with child pornography, as determined by the National Center for Missing & Exploited Children. Qwest’s announcement comes on the heels of Time Warner and Verizon’s agreement with New York to remove the alt.* Usenet hierarchy from their servers.
Qwest’s plan is more troubling than the Time Warner and Verizon plan. Usenet is a shell of its former self, with more noise than content these days. Cutting off the alt.* heirarchy—even the overbroad step of removing all alt.* as opposed to alt.binaries.*—won’t really impact people who care about those groups. The impact is symbolic more than practical: another death knell for the old pre-commercial Internet some of us knew.
Removing Usenet groups is also an editorial decision. An ISP hosting newsgroups has to decide what newsgroups to carry, just as a library must choose which books to stock. An ISP could choose not to carry certain newsgroups because of disk space or bandwidth concerns. Given those concerns, the surprise is that Verizon and Time Warner were still carrying some of the alt.binaries.* groups until now.
Qwest, however, will be blocking traffic to third-party web sites. That’s a fundamentally different model than removing newsgroups. An ISP that controls what sites you may or may not visit is acting as a carrier, not a host, and in the U.S. we’ve grown accustomed to carriers forwarding all our communications regardless of content or destination. Sometimes that’s legally required because the letter carriers and phone companies are common carriers, who are required to carry traffic without preference. ISPs have successfully avoided that status.
One of the major questions in Qwest’s arrangement is the role of the National Center for Missing & Exploited Children. How accurate will its list of bad sites be? What are the criteria? Is any legal due process involved, or will it just be a list of sites the NCM&EC decides have child pornography? Will there be an appeal process?
Derek Bambauer points out that the U.S. is gradually joining the list of countries that filter Internet access in some way. As Professor Bambauer says, we typically think of countries that filter the Internet as “bad” (e.g., China, Iran, etc.). If we want to avoid the U.S. also being a bad Internet filterer, we need to consider how much filtering is appropriate, if any. Some interesting edge cases come up in that analysis. Consider these two cases where some Internet blocking would be considered (by many) to be good:
Blocking offshore child porn servers. Law enforcement has limited ability to deal with servers hosted outside the U.S. Suppose the FBI finds a server with child pornography that’s hosted in a country not overly prone to cooperating with U.S. law enforcement. A court grants an injunction against the site. Should the FBI be able to tell the ISP to block all access to that site? What if a court hasn’t granted an injunction? What if it’s the NCM&EC instead of the FBI? What if the site is text-only stories of underage sex? What if it’s text-only stories of consensual adult sex? At what point, procedurally, do we decide that blocking Internet traffic is okay?
Spam. It’s almost as hard to find someone in favor of spam as it is to find advocates for child pornography. Wouldn’t it be great if we could block spam at the source, or in the Internet backbone, before it ever reached a mailbox? But a lot of spam filtering is based on content (a lot of it isn’t—some techniques that would be useful at the ISP level involve checking that the claimed sender and source address are valid, which is more a matter of validating envelope information than content). If we take the position that all ISP content-filtering is bad, how can an ISP do anything about spam?
I don’t have any good answers to these. But I can suggest a few factors to include in the analysis:
How close to the edge is the filtering happening? In general, I think the closer the filtering is to the network edge, the more likely it is to be appropriate. If my local Internet provider blocks P2P traffic, I have other providers to choose from. If the handful of major backbone carriers all block P2P, I have no recourse. Consumers don’t have as much ISP choice as we did back when there were thousands of dial-up ISPs, but we do have some choice. We can avoid last-mile filtering, but backbone filtering catches everyone.
How much legal process is involved in the filtering decision? A court-ordered block has more legitimacy than one unilaterally declared by a private organization.
How transparent is the filtering decision process? This goes to some of the questions above. Can anyone see the list of blocked sites, or is it secret? Is there a process to remove oneself from the blocked list? If I can’t see the whole Internet, I’d like to know what it is I’m not allowed to see.
How much of the filtering decision is really government action in disguise? The First Amendment limits what the government can do directly to limit speech. But can the government suggest to ISPs that it would be very much in their interests to do things the government couldn’t force them to do? The recent FISA bill (now law) tells ISPs that even if what the government asks is illegal, Congress will bail them out anyway. The line between government action and private action is blurred when ISPs decide to limit information access by agreement with state Attorneys General.
We need to develop a policy that considers these factors. The alternative is ad-hoc filtering decisions based on least-common-denominator market forces and “suggestions” from government entities. If some form of ISP filtering is inevitable (and even desirable), we need to make sure that the filtering is as benign and transparent as possible.
Jim, these are great points. The spam one is rarely mentioned in discussions of filtering. Virtually no one would contest that ISPs should filter spam e-mail messages. I proposed at one point that ISPs should filter the URLs contained in spam – in other words, if a user clicks a link in a spam message, the ISP would blackhole that HTTP request. (I still think this is a good idea, though it could be problematic.) Yet that’s also a form of information control, and it’s very hard these days to find an ISP who will let you receive all the spam you want.
Having ISPs block offshore child porn sites could be quite helpful – it would likely reduce the economic viability of such sites and, hopefully, reduce child abuse. There are 3 concerns here. First, URL filtering is expensive, and ISPs are going to be reluctant to do this on a large scale. This means they’ll likely either do this crudely (e.g., IP address blocking), or they’ll press the government to pay for it. Second, the information I’ve seen suggests that a fair amount of child porn is hosted here in the U.S. This is worrisome in its own right, and it also suggests that foreign filtering won’t be as helpful as we might think. Finally, child porn isn’t the only evil out there. I’m reluctant to recommend filtering – a blunt policy instrument – as a remedy, given that there will be advocates for other (entirely worthy) content restrictions who will want it as well.
Finally, you raise good points about the Center for Missing and Exploited Children. The situation seems analogous to the role of the Internet Watch Foundation in the UK, except possibly that the NCMEC operates (I believe) on less clear legal authority. Procedural protections seem particularly important when there is a quasi-NGO involved, and where authorities will (understandably) be reluctant to publish their block list.
Thanks for the cogent analysis!
I’m curious how they block the sites. They presumably don’t have a giant web proxy or the great firewall of Qwest. Perhaps they’ll null route the offending IP addressed?
If so, the possibility for error exists, and could potentially be interesting. Suppose the NCMEC sends Qwest a list with a misplaced wildcard.
That’s an excellent question about how the blocking will work. It probably won’t be any more granular than per-IP blocking. I can’t find any details on how the NCMEC will get the list of sites to Qwest, but my first guess would be a manual process involving phone calls or e-mails. Then again, maybe I’m underestimating the number of sites involved.
Great post and great analysis, spam filtering can be such a double edged sword and blacklist/whitelist solutions seem inadequate in my experience. Dunno how much spam crap you get in your email/blog site but I’m really amazed these days at the sheer volume that gets through the filters.