Labor’s Mandatory ISP Internet Blocking Plan

Created: 29 Mar 2006
Last Updated: 4 Mar 2008

On 21 March 2006, the Federal Labor Opposition announced in a media release that a Labor Government would require all Internet Service Providers (”ISPs”) to implement a mandatory Internet filtering/blocking system.

This proposal was retained as policy by the Rudd Labor government elected on 24th November 2007 (see Media Release by Stephen Conroy 19 November 2007 - Federal Labor To Lead On Cyber-Safety). Further information about the policy is in Labor’s Plan for Cyber-safety released prior to the election. Few concrete details have been announced since the election, but early in January 2008 Minister Conroy confirmed that the policy remained in place. EFA and other concerned groups are currently attempting to obtain additional information. EFA is strongly opposed to this policy, for the reasons outlined below.

Contents

  1. Introduction
  2. Why two-thirds of parents do not have Internet filters installed
  3. Why a mandatory filter will not enhance online safety
  4. Why Labor’s proposed system would not be a “clean feed”
    1. Size of the ACMA blocking list
    2. What type of content would be blocked?
  5. Who would decide what is to be blocked?
  6. Is mandatory ISP filtering technically feasible and effective?
  7. Would ISP server level filtering slow the Internet down?
  8. Why comparisons to overseas initiatives are not valid
  9. History of mandatory ISP filtering advocacy by Australian filter vendor
  10. Why ‘index’/URL based filtering is not effective in protecting children, nor in preventing access
  11. Why content ‘analysis’ filtering is not technically practical in an ISP based filtering system
  12. Why Spam Filtering can be more accurate and effective than Web Page Filtering
  13. Why end-user/PC based filtering is more effective than mandatory ISP filtering
  14. Is an Opt Out system (for adults) technically feasible and technically practical?
    1. Residential Premises
    2. Internet Cafes, Libraries and Schools
  15. Why an Opt-Out (or Opt-In) government mandated system is not appropriate
  16. How many people would wish to opt out?
  17. Cost of establishing and maintaining a national ISP based filtering system
  18. Why the ‘Crossway Christian Filtered ISP Service’ does not use server side filtering
  19. References
  20. Time Line of Mandatory ISP Filtering Proposals and Religious Right Group’s lobbying campaigns, 2003-2006


Introduction


On 21 March 2006, a Labor media release[1] stated that a Labor Government would require all Internet Service Providers (”ISPs”) to implement a mandatory Internet blocking system applicable to “all households, and to schools and other public internet points” to “prevent users from accessing any content that has been identified as prohibited by the Australian Communications and Media Authority“.

On the same day, the then Minister for Communications, Information Technology and the Arts, Senator Helen Coonan, issued a media release titled Labor very late to the Internet filtering debate[2] stating that recent filtering tests conducted by NetAlert showed that forcing ISPs to “filter the Internet will only result in slowing down the Internet for every Australian without effectively protecting children from inappropriate and offensive content“. NetAlert also issued a media release titled Education the Best Filter for Young Australians on the Internet[3] containing information about their recent filtering tests. On 27 March 2006 the Minister, Senator Coonan, also responded to a Question without Notice[4] in the Senate concerning Labor’s plan.

Nevertheless, the “clean feed” policy has been retained by the new Labor Government and has been enthusiastically endorsed by the new Communications Minister, Senator Stephen Conroy. Despite coming under fire in the media and in Parliament,[4a] several crucial details about the plan are still to be revealed, such as precisely which material will be targeted for blacklisting. Although the Senator has made references to lists of illegal material, and labelled critics of his plan defenders of child pornography [4b], in other contexts it has become clear that he intends to render the Internet free of any adult-themed material that could distress children.[4c]

EFA’s commentary and analysis of the mandatory ISP blocking plan as described by Labor[5] during the November 2007 Federal Election and in subsequent remarks by Senator Conroy is provided below. We conclude that mandatory ISP filtering would not be effective in protecting children, whether or not it is, or becomes, both technically feasible and technically practical. PC based filtering remains more effective than a national mandatory ISP based filtering system, and that is most likely to remain the case into the future.


Why two-thirds of parents do not have Internet filters installed


A major justification for the clean feed is the inability of Australian parents to get a PC-based filter installed due to technical and cost consideratins. Reviewing the previous Government’s NetAlert program, which offers free Internet filter software to all Australian homes, Senator Conroy said in February 2008:

“With less than 150,000 filters accessed or downloaded, and only 20 per cent of these still in use, the program has clearly failed.” [5a]

An earlier Labor media release[6] claimed:

The reality is that cost and poor computer literacy mean almost two-thirds of parents don’t have internet filters on their family computers.

According to research undertaken by the Australian Communications and Media Authority (”ACMA”) and published in their 2005 report kidsonline@home Internet use in Australian homes[7], it is true that almost two-thirds of parents (of children aged 8 to 13 years) do not have Internet filters installed. However, approximately 90% of those parents do not install filters for reasons other than “cost and poor computer literacy” as claimed by Kim Beazley.

The ACMA report states:

Software to filter inappropriate websites was reported to be used by 35 per cent of parents: 29 per cent used filtering software on a regular basis and six per cent on an occasional basis. This is an increase since 2001, at which time 17 per cent of Internet-connected households with a child aged under 18 reported using such software. The use of filtering software was similar across all children’s age groups, however, parents with three or more children were also more likely (p<0.05) to have blocking software in use than parents with fewer than three children (54 per cent compared to 33 per cent).

The ACMA report also provides information about why other parents did not have filters installed:

Parents’ reasons for not installing filter software varied.

Fifty per cent did not install filters because they trusted their child. Seventeen per cent of parents felt that installing software was redundant because of their use of other safeguards.

A minority of parents did not use filters because they were either unsure how to install the software (five per cent), unaware of the utility of filters as a safety strategy (four per cent) or unsure where to obtain filter software (three per cent).

A small proportion of parents (four per cent) reported not using filter software because it had proven too restrictive.

The ACMA report also stated:

Almost all parents (92 per cent) reported that they were involved in their child’s Internet use in some way. The proportion of parents not involved in their child’s online activities was higher among those with older children (five per cent of parents with eight or nine year olds versus 10 per cent of parents with 12 or 13 year olds). Two-thirds of parents (67 per cent) reported supervising their child’s Internet use by watching their activity to some degree.

Another ACMA report, Media and Communications in Australian Families 2007, supports the view that parents do not consider aggressive filtering necessary or desirable. 61% of parents in this study expressed no concern about their child’s Internet use, while only 8% were very concerned.[7a]


Why a mandatory filter will not enhance online safety


A filtered internet feed, if it could be fully implemented, would help only to mitigate so-called “content risks” - the risk of a child being exposed to content inappropriate for their age or maturity level. However, even the Government’s own literature suggests that content risks are the least serious of concerns to parents or children themselves. The 2008 ACMA report Developments in Internet Filtering Technologies and Other Measures for Promoting Online Safety identifies the further categories of “communication risks” and “e-security” risks. The former include issues such as scams, inappropriate advances from strangers, and online harassment, while the latter includes things such as viruses, spam, and the theft of personal information.

Labor’s own policy document, Labor’s Plan for Cyber-safety, identifies several risks children face online, including:

  • online identity theft
  • cyber-bullying
  • having photos published online without their permission
  • computer addiction
  • picking up a virus or trojan
  • online activities of child predators

None of these risks would be in any way mitigated by the clean feed internet filter. This all suggests that resources to protect and educate children about online risks and appropriate online behaviour could be spent better than on the clean feed, especially as free filters are already available to all parents concerned with content risks for their children.


Why Labor’s proposed system would not be a “clean feed”


Labor’s policy document states:

“Labor’s ISP policy will prevent Australian children from accessing any content that has been identified as prohibited by ACMA, including sites such as those containing child pornography and X-rated material.

“Labor will also ensure that the ACMA black list is more comprehensive. It will do so, for example, by liaising with international agencies such as Interpol, Europol, the Federal Bureau of Investigation (FBI) and the Child Exploitation and Online Protection (CEOP) Centre and ISPs to ensure that adequate online protection is provided to Australian children and families.” [page 5]

Previous documents about the policy, and subsequent remarks by the Minister, confirm that the clean feed is to operate under the auspices of the ACMA and its content classification regime.

The use of the term “clean feed” to describe such a sytem system is highly misleading. The system would not result in anything remotely like a “clean feed” and would be nothing more than a token gesture in terms of protecting children. If Labor’s system were to be implemented under the misnomer “clean feed”, it would have very high potential to lure some parents into a false sense of security in relation to their children’s online safety.

Size of the ACMA blocking list


If Labor’s system were to be put in place now, the Australian Communications and Media Authority’s (ACMA’s) blocking list would consist of less than 3,236 web pages. That is the total number of items that ACMA identified as prohibited during the 5.5 years to 30 June 2005 since ACMA (formerly the ABA) commenced identifying prohibited content in 2000. ACMA identified 3236 items (web pages and newsgroup postings) as prohibited. Of those, 334 items deemed hosted on Australian sites (which includes a high proportion of newsgroup postings) were taken down, and 2902 items hosted on overseas web sites were notified to filter vendors for blocking. (See Six-month Report on the Online Content Co-regulatory Scheme - Reporting Period 11: January to June 2005[8], tabled by the Minister for Communications, Information Technology and the Arts, October 2005.)

Obviously a system that blocked only the small quantity of content identified as prohibited by the ACMA would not be remotely effective in protecting children. At the least, it would be necessary to provide ACMA with significantly more funding to enable them to employ a large number of staff to look for potentially prohibited content and classify it. (The estimated total cost quoted in the Government report titled Report on Review of Schedule 5 to the Broadcasting Services Act 1992[9] did not include such costs).

There are clear indications, including the Senator’s vague but frequent reference to “inappropriate” material, that the clean feed might mandate the filtering of R18+ rated material. For instance, the Labor Herald carried a Q&A stating that “Labor will require ISPs to filter out R, RC and X rated material as part of a clean feed for home internet connections.”

However, given the millions of web pages that could contain prohibited content, it would be physically impossible for a group of humans, even a very large group, to find and classify all potentially prohibited content, or even a large proportion of it. A recent estimate[9a] puts the number of web pages around the 30 billion mark. If one tenth of one percent of those pages were to be reviewed for material inappropriate for children, that would be 30 million pages. At 100 pages per day per person, you would need approximately 1000 people working for a year to review all these, at which point the list would already be hopelessly out of date. For instance, between 2004 and 2005 the size of the Google index grew from 4.28 billion web pages to 8 billion, and this level of growth is continuing

Further, according to advice to EFA from a relevant Labor Party policy adviser, Labor’s system would not involve additional funding to ACMA to look for potentially prohibited content, the complaints-based nature of the existing regulatory system would remain. (Under the existing system, ACMA staff do not spend time looking for potentially prohibited content, they decide whether or not particular content is prohibited after receiving a complaint about it). EFA was advised that the Labor Party expects that if ISP based filtering was implemented, then more people would make complaints to ACMA and so ACMA’s blocking list would increase in size. EFA finds such a possibility unlikely given that, for the last 6 years, members of the public have been able to make complaints to ACMA so that prohibited content would be added to filtering software blocking lists (if it was not already on those lists).

What type of content would be blocked?



Currently prohibited content


Content identified by the ACMA as ‘prohibited content’ under Australian law is a relatively small category of content in terms of the many categories of content that parents may consider unsuitable for their children. The ‘prohibited content’ category consists of content that would be ‘Refused Classification’ (child sexual abuse, acts of extreme violence or cruelty, etc) or would be classified X18+ (non violent sexually explicit). It does not include content that would be classified R18+ that is hosted on overseas site, nor does it include any content that would be classified MA15+, M or PG. Hence blocking of only ‘prohibited content’ would not be effective in protecting children from material that may be unsuitable for them.

Proposed extension to R18+ content hosted overseas


There are clear indications, including from the Senator’s vague but frequent reference to “inappropriate” material, that the clean feed might mandate the filtering of R18+ rated material. For instance, the Labor Herald carried a Q&A stating that “Labor will require ISPs to filter out R, RC and X rated material as part of a clean feed for home internet connections.”[9b]

In response to an earlier enquiry by EFA, a relevant Labor Party policy adviser stated that Labor’s system would block R18+ content hosted on overseas sites that had been the subject of a complaint and had been classified by ACMA and that the existing legislation, which does not apply to R18+ content hosted overseas, would be changed accordingly.

EFA considers that Labor’s intention to extend the regulatory scheme to R18+ content on local or overseas sites makes Labor’s one-size-fits-all system even more impractical than it would otherwise be.

Significantly more adults are likely to wish to opt out of a filtering system that blocks R18+ content (in addition to X18+ and RC) because content that would be classified R18+ includes a wide range of material that does not involve sexually explicit or violent material. A high proportion of material classified R18+ under Australian law is so classified for other reasons, that is, because it contains detailed information and/or discussion about “adult themes” that is, aspects of adult life that are potentially harmful or disturbing to minors. According to the Office of Film and Literature Classification (”OFLC”) “adult themes” include references to and depictions associated with “issues such as suicide, crime, corruption, marital problems, emotional trauma, drug and alcohol dependency, death and serious illness, racism, religious issues” (OFLC Guidelines for the Classification of Films and Videotapes and Internet Content, issued September 2000).

The following statistics showing the reasons for R classifications have been extracted from the tables in OFLC Annual Reports for the three years ended June 2000 (this type of statistical information has not been made publicly available in OFLC Annual Reports since the year ended June 2000, the year in which the online regulatory scheme commenced):

According to a Labor Party policy adviser, Labor believes that the ACMA does not enforce the existing online regulatory regime against R18+ content of the above mentioned type (”adult themes”), i.e. that ACMA does not enforce the law in accordance with the existing legislation, and the Labor Party plans to ensure that would continue to be the case. EFA considers it unlikely that ACMA is not properly enforcing the existing law and it is not apparent how Labor could know whether ACMA is or is not because details about why online content has been classified R18+ are kept secret. Such information is not made publicly available, unlike details about why offline films and publications have been classified R18+ which are provided in associated consumer advice information and in the OFLC’s online database.

Furthermore, the existing legislation does not apply to R18+ content hosted on overseas sites, and it is unlikely that law abiding content providers (individuals, non-profit organisations, or businesses) would be making such information available on Australian hosted sites because existing law requires such material to be placed behind an adult verification system. Adult verification systems are impractical for non-commercial sites, that is, sites that do not charge for access and therefore cannot use credit cards for the purpose of assuming the credit card user is an adult. Therefore non-commercial content providers are likely to have such content hosted on overseas sites. Hence, EFA believes there would be very little, if any, R18+ content involving adult themes being brought to ACMA’s attention because the existing legislation would not apply to it. Therefore, there is no means of knowing how, or if, ACMA would enforce the law if complaints about such material on overseas sites were able to be made to ACMA.

EFA has also been informed that the Labor Party might decide to change existing legislation to ensure that Labor’s blocking system would not apply to R18+ content involving adult themes as distinct from sexually explicit or violent material. EFA considers such an idea completely impractical and undesirable. A different set of classification rules for online content compared to offline content would result in confusion among parents and other Australians about what R18+ material is, and thereby undermine community trust in the existing classification category system. It would also introduce a greater level of complexity in classifying material for members of the Classification Boards and ACMA’s online content classification staff. Furthermore, any proposal to restructure the R18+ category into subsets for both online and offline material would be highly unlikely to be achievable because it would require the agreement of all State and Territory Governments. The reason Australia does not have an R18+ category for computer games, despite widespread public support for an R18+ rating, is because reportedly one State Government (S.A.) refuses to support such a rating. It seems extremely unlikely that all, if any, State and Territory Governments would support a fundamental change to the well understood existing classification scheme to create sub-sets of the R18+ classification.

Labor’s plan to include R18+ content presents a high risk that adults would be blocked from accessing content classified R18+, including material that does not involve sexually explicit material or violence, when using Internet cafes and libraries due to technical and administrative problems involved in attempting to implement an ‘opt out’ system, as discussed later herein.


Who would decide what is to be blocked?


As discussed above, Labor’s mandatory ISP filtering scheme would be a token gesture that blocked only a few thousand pages identified by ACMA. Labor’s plan does not include provision of additional funding to enable ACMA to employ a large number of staff to look for potentially prohibited content among the 8 billion pages on the World Wide Web, in order to develop a vastly larger blocking list necessary to more effectively protect children.

Some proponents of mandatory ISP blocking may be of the view that ISPs could use lists developed by commercial filtering vendors, or rely on the artificial intelligence of filter software “guessing” engines. However, neither option would be appropriate in a government mandated scheme. The use of software guessing engines would undoubtedly result in blocking of content that would not be prohibited. In the case of blocking lists, filtering vendors (most of which are American businesses) cannot know what content is or would be “prohibited content” under Australian law unless the content has been classified by an Australian government authority and the filter vendors notified accordingly.

Irrespective of the location of filter vendors, Australian government classifiers often disagree over what should, or should not be censored, and their decisions are from time to time highly publicly controversial. Australians’ Internet access should not be restricted by decisions made by artificial intelligence and/or the opinions of commercial filter vendors. Existing Internet censorship legislation requires classification decisions to be made by Australian government censorship agencies. This role should not be handed over to businesses, either ISPs or filter vendors.


Is mandatory ISP filtering technically feasible and effective?


Mandatory ISP filtering may be technically feasible but currently there is no method of ISP server based filtering that is both technically practical and effective in protecting children.

There are two types of filtering techniques that could, in theory, be implemented in ISP server based filtering. These are:

  1. Index filtering
    This type of filtering blocks access to content on a pre-determined list (index). There are three types of ‘index’ filtering:

    • URL based filtering
      This type of filtering blocks access to content on a pre-determined list of URLs (uniform resource locators - alpha-numeric web addresses).Ovum’s report[14] to the government stated that “[i]t is more practicable from a technology perspective to implement URL and IP address based filtering [than it was in 2000]. This is as a result of a combination of small improvements in vendor products related to search algorithms and an increase in processing power.”
    • IP address based filtering
      This type of filtering blocks access to content on a pre-determined list of IP addresses (Internet protocol addresses - 32-bit numbers identifying points on the Internet).As the Government report correctly stated “[F]iltering based on [lists of IP addresses] blocks access to all traffic from web sites on the same IP address. Many modern hosting services host thousands of domains on a single published IP address. Accordingly, IP address based filtering may result in significant overblocking of content that is not prohibited but is located on the same IP as listed prohibited content“. For detailed information see: Web Sites Sharing IP Addresses: Prevalence and Significance[15], Benjamin Edelman, Berkman Center for Internet & Society, Harvard Law School, 13 Sep 2003.
    • DNS blacklisting
      Although ultimately all internet traffic is between computers (hosts) with an IP address, the Domain Name System (DNS) exists to associate human-readable and memorable names with these numbers. For instance, the name “www.google.com” might be associated with the IP address 74.125.19.99. When a user requests a web page using a domain name, the computer first contacts the ISP’s DNS server to retrieve the IP address, then requests the page content from the remote web server at that numeric location. DNS blacklisting (also called DNS “poisoning”") is a type of filtering whereby requests to host names on a prohibited list are answered with an incorrect IP address, causing the web browser to retrieve a different page (such as a “forbidden” notice) to the one intended. For a technically astute user this system is easily circumvented by using a third-party DNS server, many of which are available all over the world. This system also suffers from a lack of granularity, as there is no way to block a subset of web pages or sites under a given domain. This is the filtering mechanism employed by the Norwegian/Swedish ISP Telenor (see below).
  2. Content analysis filtering
    Content analysis filtering techniques use artificial intelligence to analyse and assess the content of a web page prior to providing access to, or blocking access to, the page. They are sometimes referred to “guessing engines”.Ovum’s report stated that “[i]t is no more practical to use complex filtering analysis techniques such as textual and image analysis to automatically filter web content” than it was at the introduction of the regulatory scheme (2000) and that there had been “no major developments in technology“.Further, as the Government report stated “Textual, image and profile type analyses can have a significant impact on network performance, as greater accuracy typically requires increased system resources resulting in slower response times” and “analysis-filtering techniques are more practical in PC-based products, where the filter is required to deal with the requests of only one computer“.

In summary, the only type of filtering that may now be technically feasible in a mandatory ISP filtering system is URL based/index filtering. However, because URL based/index filtering only blocks access to pages on a pre-determined list, it is not effective in blocking access to content that is unsuitable for children, nor in blocking access to material that would be identified as prohibited by the ACMA if the ACMA became aware of that particular content among the more than 8 billion pages on the World Wide Web. As stated in the Government report:

[F]iltering that utilises only index technologies is limited by the list employed, as it does not block unlisted content. Maintaining an effective list is complicated by the dynamic nature of the Internet where new pages are constantly posted online. Moreover, while filter vendors commonly update their indices at least daily, some pages will be miscategorised during automated analysis [by the filter vendor’s list creating system] and [therefore] many vendors manually check each new URL identified for blocking. This requires significant resources and may create additional delays in listing pages for blocking.”

Filter vendor claims

It should be noted that one or more filter vendors have claimed that they have a content ‘analysis’ filtering product that is technically feasible for use in a mandatory ISP filtering system. However, such filter vendors rarely make technical details about how the system operates available to the public or for independent testing, usually citing “patent pending” issues, etc.

Filter vendor’s claims about the suitability of their product need to be treated with extreme caution given filter vendors stand to make a very large amount of money if their product were to be selected for a government mandated system. Of the estimated $33 million per annum cost (as at 2004) stated in the Government report, $14.3 million per annum was the cost of filtering software licences that would be paid to filter vendor/s.

EFA has been informed that one (or more) filter vendors have recently (as at March 2006) been making claims to some politicians that they have filtering technology that is technically practical for a mandatory ISP based filtering system but that they are not willing to be publicly named yet and are not able to make the details of how their system operates available yet because the technology is patent pending. Hence, EFA is not able to know who those filter vendor/s are. However, we note that one Australian filter vendor, Telnet Media, has been promoting their Internet Sheriff product as suitable for installation in a mandatory ISP filtering system since at least 1999. The Internet Sheriff product includes a “patent pending Content Classification Engine (CCE)”[16] which has, according to documents on the Telnet Media web site from time to time, been patent pending since at least March 2003, and may have been patent pending since 2000[17]. David Ramsey of Internet Sheriff was a speaker[18] at the “Sexual Integrity Forum” in August 2005. A short history concerning promotion of Internet Sheriff is provided later herein.


Would ISP server level filtering slow the Internet down?


Kim Beazley’s media release claims:

Last year a Government report confirmed that the technology to implement mandatory filtering by ISPs is feasible and won’t slow the internet down.

The above misrepresents the findings in the Government report titled Report on Review of Schedule 5 to the Broadcasting Services Act 1992[19] (which was issued in May 2004). The Government report did not state that ISP filtering would not slow the Internet down.

In fact, the Government report stated:

Ovum [U.K. based consultants commissioned by DCITA] states that index [URL-based] filtering is now more feasible in a proxy system [at the ISP level] than it was at the commencement of the Scheme. Index filtering technologies are based on blocking access to pre-determined lists of URLs (uniform resource locators- alpha-numeric web addresses) and/or IP addresses (Internet protocol addresses- 32-bit numbers identifying points on the Internet). Ovum states that improvements in index filtering, including more sophisticated search algorithms and greater processing power at the server level, have reduced the delay of such filtering at the ISP level to approximately ten milliseconds per request. This delay generally is not noticeable to the end-user.

While the Ovum report states that index filtering at the ISP-level would not make broadband unfeasible (p. 24), this conclusion is not supported by the Internet industry or its representative body which has argued that mandating the use of filters at the ISP-level could significantly reduce the access speed of broadband connections. Speed is the leading value proposition for broadband customers, and any reduction in performance may impact on this key advantage. One Australian ISP consulted during the Review stated that it offers ISP-level filtering on its narrowband connection but not on its broadband connection, due in part to the time lag of the filtering. It stated that the delays associated with the filtering it employs are not noticeable on the slower narrowband connections, but would be noticeable to end-users on its broadband connections. In this context, the ISP recommends that broadband subscribers use a PC-based filtering tool.

It should be noted that Ovum’s “10 millisecond” figure was the delay claimed by vendors of filtering products. According to Ovum’s report[20], cumulative delays caused by multiple simultaneous accesses would lead to bottlenecks:

They [filtering vendors] said that to minimise the delay, a server running their products should have a large amount of RAM (ideally 1GB or more) and be configured to locally store copies of downloaded pages, to speed up future accesses. (Note: this requires a large amount of hard disk and may not necessarily be the way an ISP wants to set up such a service).
A small whitelist of sites introduces a delay of about 1-2 milliseconds per URL, whereas a large (multi-million address) blacklist would introduce a delay of about 10 milliseconds per URL. This delay, in common with all delays given, would be experienced at around the same average value regardless of how many users are on the system, up to the point of saturation (i.e. where the system is handling as many URL requests as it can, dependent on the system configuration). Beyond saturation point, the delay will increase with the number of extra users attempting to use the system.

Other research, undertaken by NetAlert, indicates that the views of Australian ISPs concerning broadband access above may be more realistic than Ovum’s was in 2003. On 21 March 2006, NetAlert’s media release Education the Best Filter for Young Australians on the Internet[21] announced that:

Findings from recent NetAlert research into the use of filters in the broadband environment confirms that accessing the Internet through a content filter at the Internet Service Provider (ISP) level leads to a significant reduction in network performance. The research shows that network performance was reduced by 18 per cent for the best performing filter and almost 78 per cent on the worst performing filter. The research also demonstrated variable filter performance across the different categories of restricted content. Even the most effective filter in terms of accuracy, only blocked 76 per cent of the selected list of potentially offensive URLs used in the testing. The research also demonstrated that the technical challenges for ISPs would be significant. …

The NetAlert research was “conducted by researchers from RMIT as part of the Government-funded Launceston Broadband Program, in partnership with ACMA and with the assistance of Telstra” according to the Minister for Communications media release (Labor very late to the Internet filtering debate)[22] on 21 March 2006.

A February 2008 ACMA study, “Developments in Internet Content Filter and Other Measures for Promoting Online Safety” examined the performance impacts of ISP-level filtering and concluded that any filtering beyond a very small list would inevitably cause performance issues and would result in a need for significant expenditure on networking equipment:

“As a general rule, solutions that have been deployed in other countries to filter and block illegal content using index filtering cause no more than a small reduction in the performance of the network in which they are installed. This is because the magnitude of the task (blocking content associated with up to a few thousand URLs) does not significantly
increase the demand on the processing resources of the hardware on which the solution is installed.

“However, filtering and blocking solutions that must manage and process much larger indexes, or undertake complex analysis of content, or both, inevitably create a more significant drain on processing resources, and can cause a corresponding reduction in the
performance of the hardware or the particular network…

For ISPs that implement filtering and blocking solutions, the size of the task is closely related to the number of subscribers whose internet access is filtered. Without substantially augmenting the processing capability of its existing hardware, an appreciable reduction in network performance is inevitable... For ISPs, the cost of such upgrading or augmenting the expensive hardware that they typically deploy may be substantial, particularly for smaller providers.” (Page 42, emphasis added)


Why comparisons to overseas initiatives are not valid


Although the proponents of the clean-feed have made claims to the contrary, there are no comparable ISP-level filtering systems operating in any democracy today. The systems typically cited as operating successfully in Europe are designed merely to prevent accidental access to a very small list of illegal sites containing child-abuse material.

The most commonly cited systems are those operated by British Telecom (BT) in the U.K, and Telenor in Norway and Sweden. For instance, on 31 December 2007, Senator Stephen Conroy said “The internet hasn’t ground to a halt in the UK, it hasn’t ground to a halt in Scandinavian countries and it’s not grinding the internet to a halt in Europe.”[22a] In a media release dated 21 February 2008 the Minister’s office claims that “ISPs in a number of countries, such as the United Kingdom, Sweden, Norway and Finland, have successfully introduced ISP level filtering.”[22b]. In Senate Estimates hearings on 18 February 2008, the Senator and a delegation from the ACMA referred to BT and “similar systems in Scandinavia.”[22c]

A comparison between the current clean-feed proposal, which would filter out “R, RC and X-Rated” material, and these cited systems, is not valid. Those systems do not use third-party/commercial filtering software, nor do they attempt to block millions or even thousands of pages unsuitable for children. Both the above-mentioned systems filter on order 1000-1500 sites at any one time. [22d]

The Labor policy document cites research claiming the BT and Telenor systems did not result in a slowing in service. However, BT’s so-called “CleanFeed” system (which does not provide a “clean feed”) uses technology developed by BT and the system was not announced[23] until June 2004, 15 months after Ovum completed its filtering technologies report to DCITA. The Telenor system uses technology developed by Telenor and was not announced[24] until September 2004. As the U.K. Internet Services Providers’ Association (ISPA) said[25] in relation to the BT technology:

“Each ISP has a different infrastructure. This means that there is no ‘one size fits’ all technical solution to preventing access to websites offering illegal images in territories outside of the UK.

While there have been calls in the U.K. since 2004 for all U.K. ISPs to implement BT’s system, not all ISPs have done so, reportedly because the BT developed technology is not suitable for implementation within their networks.

Further, although Labor’s media release implies that “Labor’s ‘cleanfeed’ system” would be similar to the so-called “cleanfeed” system implemented by BT Telecom in the U.K., that system is entirely different from Labor’s proposal. Unlike Labor’s proposed system, both the BT and Telenor systems block only web pages containing child pornography material. The BT system uses a blocking list provided by the Internet Watch Foundation, and the Telenor system uses a blocking list provided by KRIPOS, the Norwegian National Criminal Investigation Service[26]. Moreover, testing of the BT CleanFeed system, completed in March 2006, for the New Zealand Department of Internal Affairs reportedly found that “even Britain’s CleanFeed system to block child pornography only stops about 10-15 per cent of offending websites[27].

Systems such as the above that are limited to blocking web sites containing child pornography would use a vastly smaller blocklist than would need to be implemented for Labor’s system to include R18+, X18+ and RC material.

It cannot be known whether the same technology would be suitable or effective for the purpose of implementing a plan to block a much larger range of material (including material that it is not illegal for adults to access online or offline) because the BT and Telenor systems can not be subjected to independent testing including efforts to circumvent the system. This is because a successful attempt to circumvent those systems would result in the persons undertaking tests accessing material that it is a criminal offence to view/possess.

Nevertheless, tests of the BT system in 2005 that do not involve actually accessing illegal content have shown weaknesses in the system which give rise to the probability that “If CleanFeed is used in the future to block other material, which may be distasteful but is legal to view, then there will be no bar to anyone assessing its effectiveness. It must be expected that knowledge of how to circumvent the system (for all material) will then become widely known[28]. For more information, see:

Back door to the black list[29], The Guardian (UK), 26 May 2005

BT’s CleanFeed system, which blocks access to a register of websites containing sexual images of children, can also be used to discover the contents of the secret blacklist, according to new research.
Technically skilled users of BT’s internet service can use the system to find out which sites are blocked, says Richard Clayton, formerly internet expert at service provider Demon and currently a doctoral student at Cambridge University’s Computer Laboratory. This means they are able to gain access to a secret blacklist provided by the watchdog Internet Watch Foundation (IWF). …
BT’s Galvin describes the academic quality of Clayton’s work as quite high …
‘We’ve built a system that won’t stop the hardened paedophile,’ admits Galvin, who says that CleanFeed’s main aim is to stop accidental access from users following links such as those in spam email. …

Failures in a Hybrid Content Blocking System[30], Richard Clayton, University of Cambridge, Computer Laboratory. Paper presented at the Workshop on Privacy Enhancing Technologies, Dubrovnik, Croatia, 30 May 2005 - 1 June 2005:

6 Conclusions
BT’s CleanFeed was designed to be a low cost, but highly accurate, system for blocking Internet content. At first sight it is significant improvement upon existing schemes. However, CleanFeed derives its advantages from employing two separate stages, and this hybrid system is thereby made more fragile because circumvention of either stage, whether by the end user or by the content provider, will cause the blocking to fail.

This paper has described attacks on both stages of the CleanFeed system and set out various countermeasures to address them. Some attacks concern the minutiae of comparing URLs, while others address fundamentals of the system architecture. In particular, the CleanFeed system relies on data returned by the content provider, especially when doing DNS lookups. It also relies on the content provider returning the same data to everyone. All of this reliance upon the content providers’ probity could well be entirely misplaced.

The CleanFeed design is intended to be extremely precise in what it blocks, but to keep costs under control this has been achieved by treating some traffic specially. This special treatment can be detected by end users and this means that the system can be used as an oracle to efficiently locate illegal websites. This runs counter to its high level policy objectives.

Although legal and ethical issues prevent most experimentation at present, the attacks are extremely practical and would be straightforward to implement.

If CleanFeed is used in the future to block other material, which may be distasteful but is legal to view, then there will be no bar to anyone assessing its effectiveness. It must be expected that knowledge of how to circumvent the system (for all material) will then become widely known and countermeasures will become essential.

An important general conclusion to draw from the need for a manual element in many of the countermeasures is that the effectiveness of any blocking system, and the true cost of ensuring it continues to provide accurate results, cannot be properly assessed until it comes under serious assault. Thinking of these systems as ’set-and-forget’ arrangements will be a guarantee of their long-term failure.” [emphasis added]

In Scandanavia, Telenor’s filtering method implemented on its own systems and subsequently by some other ISPs in various Western European countries, is much less expensive to implement than a URL filtering system because it uses DNS blacklisting. The DNS blacklisting method is completely unsuitable for the Australian Government’s plan because DNS-based methods can only be used to block every page on an entire domain. It cannot be adapted to block individual URLs as the Government’s proposal requires. For instance, if one or more pages on MySpace, YouTube, etc. were required to be blocked, this could not be achieved without also blocking every other page on the same site. The DNS blacklisting systems used in Scandinavia have, unsurprisingly, been found to be blocking legal sites due to the inability of the method to block only pages containing illegal material.[30a]


History of mandatory ISP filtering advocacy by Australian filter vendor


As mentioned earlier herein, EFA understands that one or more filter vendors have recently been informing some politicians that their filter product is suitable for mandatory ISP filtering, but the filter vendor/s are not willing to have their product/s publicly named. Hence EFA does not know who those vendor/s are.

One Australian filter vendor, Telnet Media (previously Clairview Internet), has been promoting their Internet Sheriff product as suitable for installation in a mandatory ISP filtering system since at least 1999. The Internet Sheriff product includes a “patent pending Content Classification Engine (CCE)[31]” which has, according to documents on the Telnet Media web site from time to time, been patent pending since at least March 2003, and may have been patent pending since 2000[32]. David Ramsey of Internet Sheriff was a speaker[33] at the “Sexual Integrity Forum” in August 2005. A short history concerning promotion of the Internet Sheriff product is below.

22 Dec 1998: The Australian (Serving up a porn remedy) reported that:

Consumers will be able to filter out pornography on the Internet with a new product that blocks site access at the server. Brisbane-based provider Clairview Internet began stocking its first domestic anti-pornography product, called CVue, in Brisbane retail stores yesterday. … The CVue product works directly from the server, which means consumers do not need any special set-up, additional anti-pornographic software or upgrading. … CVue initially will be rolled out to the Brisbane region, and will be launched on a State-by-State basis in 1999.

The CVue product available in Brisbane stores was a startup kit for access to the CVue filtered ISP service.

5 March 1999: Business Queensland (New porn filter a clear winner) reported that “Clairview began operations as an ISP three months ago and about the same time stimulated significant attention for its software package, Internet Sheriff.

(The CVue ISP service in Brisbane had ceased to operate by a year or two later, perhaps due to insufficient market demand. It is not known whether the service was available at any time in other States.)

3 May 1999: Clairview Internet (later renamed Telnet Media) were prominent in the debate concerning mandatory filtering by ISPs in 1999. They appeared before the Senate Select Committee on Information Technologies on 3 May 1999 during the Committee’s public inquiry into a Bill involving mandatory filtering by ISPs. During testimony before the Committee[34], the representatives criticised various aspects of the CSIRO’s findings and report and demonstrated Internet Sheriff. The bulk of their testimony appeared designed to give the Committee the impression that Internet Sheriff was an ideal product for mandatory installation by ISPs. However some Committee members asked a number of questions indicating they were not gullible to claims made by filter vendors. For example:

Senator Calvert [Liberal Party] - You have told us about how your technology works basically…[b]ut one of the things that has been put to us in evidence is that blocking techniques might have the effect of blocking out wanted material rather than unwanted material. With your technology, is that possible?Mr Jones [Chief Executive Officer, Clairview/Telnet Media] - My oath it is. You can make two mistakes. You can make mistakes whereby you accidentally block material out versus mistakes whereby you let material through. Will any blocking philosophy make mistakes? The answer is yes.” (Senate Hansard, 1999)

Subsequent testing of the Internet Sheriff product (using the publicly available commercial CVue ISP filtered service in Brisbane) demonstrated that if such technology were to be mandated by any government for use by adults, either large portions of the Internet would be frequently and incorrectly blocked, or pornographic material would often be let through, as detailed in EFA’s Report Clairview Internet Sheriff: An Independent Review[35], May 1999.

13 May 1999: A ZDNet Australia article titled Connect.com says Internet censorship could cost it $1.5 million reported:

In an open letter to Senator Alston, John Stuckey, Connect’s CEO sought to counter recent remarks made in the media about trials his company is holding of Internet filtering software. Connect has been trialing the use of a server side filtering solution called ‘Internet Sheriff’ which is being developed by Brisbane based company Clairview. …’It MUST be made very clear that “The Sheriff” is an untried product,’ he wrote. ‘The overhead associated with implementing the product across our whole network would be in excess of $1.5 million dollars. Further, we have already seen ways of “The Sheriff” being bypassed by clever application.’ The letter goes on to note that while Connect is trying to make the technology work that Stuckey feels that if this is a central part of the proposed censorship proposal that it should be carefully considered.”

7 June 1999: Newswire reported in an article titled Web filtering company answers criticism:

Much of the controversy is the result of an informal study by EFA which found that Internet Sheriff blocked access to several major sites which did not contain illegal content. Jones admitted that the slip could occur, saying that the system’s strength was high-speed filtering. ‘Can we make mistakes? You bet we can. You can never be perfect,’ he said.

March 2002: The Australian Broadcasting Authority (”ABA”) had “commissioned the CSIRO [Commonwealth Scientific and Industrial Research Organisation] to test that scheduled filters block content that has been the subject of notifications by the ABA. Each scheduled filter was tested using some 200 URLs that were notified by the ABA in the period 1 June to 30 September 2002“. The CSIRO’s report Effectiveness of Internet Filtering Software Products [PDF 1591 Kb][36] was released by the ABA in March 2002.

The CSIRO found that the Internet Sheriff product failed to block 8% of items notified to them by the ABA, one of the lowest rates of failure in that regard. However, tests undertaken by the CSIRO indicated that Internet Sheriff had a high rate of incorrect blocking. According to the CSIRO report, “TelnetMedia set up a proxy-server with the following categories blocked: Drugs illegal, Vilification and intolerance, Antisocial and offensive, Adult sex (including Adult sex related, and Sex non-explicit). Other adult content categories, such as Adult Nudity, were allowed”. The CSIRO’s report shows, however, that while Internet Sheriff blocked approximately 91% of “pornography/erotica”, it also blocked a significant percentage of material that apparently should not have been blocked with the particular settings, for example:

  • Filtering Information 15%
  • Drug Education 18%
  • Medical/Health 26%
  • Sexual Health 33%
  • Sex Education 25%
  • Contraception 20%
  • Abortion 9%
  • Anti-racism/hate 8%
  • Politics 2%
  • Gay Rights/Politics 50%
  • Free Speech 15%
  • Art/Photography 43%
  • Nudism 27%
  • Swimsuit models 77%
  • Glamour/Lingerie models 80%

(Note: The percentages above are approximate within 1-2% as the CSIRO report[37] shows the test results in bar charts.)

3 March 2003: The Australia Institute issued its report calling for mandatory ISP filtering and on 11 March 2003 the Australian Financial Review (ISP censor vocal from sidelines) reported:

Hamilton [Executive Director of The Australia Institute] confirms he did not speak to the IIA or any ISPs when formulating his views, but says it was unnecessary. ‘When we did a review on greenhouse issues we didn’t think it was important to speak to oil companies,’ he says.

Hamilton has undertaken his own technical review of filtering software with the assistance of IT software company Telnet Media… A letter sent to Alston and Prime Minister John Howard by a product manager at Telnet, Fraser Larcombe, challenged the view held by many ISPs that making them responsible for filtering all internet content would slow down the internet for everyone.

4 March 2003: The Sydney Morning Herald (Net Nanny ‘a part-time supervisor’) reported:

Advertising agency George Patterson Bates has used Internet Sheriff to filter unwanted content from its 500 employees for almost two years. Network manager Chris Robinson said the system has been almost 100 per cent successful in filtering out unwanted content, but there have been some problems with over-filtering - blocking desired content.

Given the way in which the Internet Sheriff technology operates, it is unlikely the full extent of over blocking would become apparent in a business environment of 500 employees, as distinct from if used by the millions of adults and children in Australian homes with widely varied interests.

8 & 9 August 2005: David Ramsey of Internet Sheriff was a speaker[38] at an event called the “Sexual Integrity Forum” in Parliament House, Canberra, that was attended by “almost 100 people” (according to the Forum web site). The Internet Sheriff product was also promoted by the American keynote speaker, Dr. Mary Anne Layden, who also called for mandatory Internet filtering by ISPs (see The Wire’s report of 9 August 2005 titled Sexual integrity forum condemns porn industry[39] and The Wire’s audio report (MP3 file[40]) which includes an interview with Layden). The Forum was organised by the Fatherhood Foundation (”FF”), a Religious Right group formed in 2002 by Warwick Marsh. The Fatherhood Foundation includes the makers of Internet Sheriff in its small list of recommended “ISP consultants”[41].


Why ‘index’/URL based filtering is not effective in protecting children, nor in preventing access


As stated in the Government report:

“[F]iltering that utilises only index technologies is limited by the list employed, as it does not block unlisted content. Maintaining an effective list is complicated by the dynamic nature of the Internet where new pages are constantly posted online. Moreover, while filter vendors commonly update their indices at least daily, some pages will be miscategorised during automated analysis [by the filter vendor’s list creating system] and [therefore] many vendors manually check each new URL identified for blocking. This requires significant resources and may create additional delays in listing pages for blocking.”

Further, for a URL based filtering system to be effective in blocking access to content at the URLs on the block list, the system would need to incorporate numerous measures in an attempt to prevent circumvention of the blocking.

Such measures would require blocking access to a vast amount of innocuous information and useful online resources. This includes, for example, language translators, privacy and anonymity tools, archives of documents like the WayBack Machine, Google’s cache, search of Google’s image archive, etc. These are blocked by, as one example, N2H2 which is on the Australian scheduled filter list, because they are regarded as “loopholes”. Of course, this results in massive overblocking.

As reported by the CSIRO[42]:

One of the problems with blocking Internet content is that the filters are easily bypassed unless severe, and probably commercially unacceptable, restrictions are placed on the services offered. The OzEmail service mentioned [in the CSIRO report] is ’safe’ but achieves this by severely limiting access to the possible range of Internet services. [For example, it is not possible to run a Java applet that opens a connection back to an application running on its Web server, such as might be used for Internet banking.] Simpler measures, such as filtering Web pages to disallow access to specific sites and pages, are subject to simple countermeasures. …

Web access is usually via TCP port 80 but a Web server can run through any port number quite easily. URLs can specify the port number to be used so it is trivial for a Web server to avoid filters that are looking for Web access only on port 80.

Sites that are on black lists can easily avoid their banning by changing their name or IP address, by adopting aliases or by redirecting traffic from other, non-banned, sites. The constant indexing of the Internet makes changing site names more feasible as the new names will soon be picked up through the search engines and then made available to inquisitive users.

As Nart Villeneuve (Director of Technical Research at the Citizen Lab, at the University of Toronto) states in The Filtering Matrix[43], published in First Monday January 2006:

…In order to counter attempts to bypass the filtering restrictions, countries frequently heavily block public anonymizer and circumvention sites. Anonymizers are sites that allow users to browse through the site itself, thus bypassing Internet filtering restrictions. Anonymizer Web sites contain software that retrieves a requested page on behalf of a user and thereby evades filtering as the user never directly connects to the blocked site.

There are numerous circumvention technologies, also known as anonymizers, available that allow users to access filtering content. These anonymizers operate by allowing users to request content through computers located in unfiltered locations. The filtered user connects to a computer in an unfiltered country that is configured to retrieve the requested content and transmit it back to the users in the filtered location. There is no direct connection between the user and the filtered Web site. There is a wide range of circumvention technologies available ranging from simple scripts to complex peer-to-peer protocols [NV Ref [45]]. The most commonly used circumvention technology is a Web-based circumventor. Essentially, a Web-based circumventor is a Web site that has a standard Web form through which users can submit requests for filtered URLs. This Web site has a specially designed script that fetches the request page for the user and re-writes all the links in the page to point back through the Web-based circumventor. Using this technology a user can seamlessly browse the Internet without being subjected to Internet filtering.

This type of circumvention technology is being used by Internet users in China to bypass the filtering restrictions in that country [NV Ref [46]]. The U.S. Government has sponsored similar technology, albeit poorly designed, for use by Iranian Internet users [NV Ref [47]]. While many users may be unwilling to use circumvention technology for fear of reprisal, determined Internet users will always be able to use this type of technology to bypass filtering restrictions.

Although governments and commercial filtering manufacturers actively target public anonymity and circumvention sites, they are unable to effectively counter distributed, private circumvention strategies.

Hence, for a mandatory ISP blocking system to be effective, ISPs would have to prevent Australians from undertaking a range of innocuous activities such as translating a page from say French to English, because the same tool can easily be used to get round a filter that does not block the translation service. For more information in this regard, see the following studies:

Furthermore, index/URL based filtering cannot be effectively applied to any web site using HTTPS encryption, such as most banks and e-commerce sites. Because the address of the page requested is part of the encrypted payload sent in the request by the browser, an ISP filter is unable to determine whether or not a prohibited page is being accessed. In fact in many cases there would be no way for any ISP-side component to know that a web page was being requested at all. Content-based filtering would also be thwarted by the use of HTTPS. Therefore, any web site that does not already employ encryption could turn it on and enable its users to bypass any ISP-based filters in place. Most PC-based filters do not suffer from this limitation, as they are able to examine the web request before it is encrypted by the browser or the response after it has been decrypted by the browser.

In summary, URL based filtering by ISPs would not be effective in preventing access to pages on the blocking list, unless the system also blocked a vast quantity of legitimate and useful services and innocuous content.


Why content ‘analysis’ filtering is not technically practical in an ISP based filtering system


Due to the ineffectiveness of solely URL based filtering (as discussed above), many filtering vendors’ products include a dynamic content ‘analysis’ component. These products use artificial intelligence to analyse and assess the content of a web page prior to providing access to, or blocking access to, the page. They are sometimes referred to “guessing engines”. As the Government report stated:

Textual, image and profile type analyses can have a significant impact on network performance, as greater accuracy typically requires increased system resources resulting in slower response times” and “analysis-filtering techniques are more practical in PC-based products, where the filter is required to deal with the requests of only one computer“.

It is the time taken to analyse content before permitting or denying access that results in such filtering techniques not being technically practical in an ISP based filtering system. As Ovum’s report stated:

[i]t is no more practical to use complex filtering analysis techniques such as textual and image analysis to automatically filter web content” than it was at the introduction of the regulatory scheme (2000) and that there had been “no major developments in technology“.

However, even if in the future there were major developments in the technology resulting in content analysis filtering techniques becoming technically practical for ISP based filtering, they would not be appropriate in a mandatory ISP filtering system. Content analysis filtering can result in a high degree of false positives (incorrect/accidental blocking) due to the automated analysis by artificial intelligence. Such filtering techniques have a much higher rate of blocking innocuous content than systems that only block URLs containing content that has been viewed/analysed by a human. This would be highly problematic in a mandatory ISP based filtering system because, unlike PC based filtering systems, adult users would not be able to over-ride or disable a block immediately if desired (they would need to contact the ISP seeking to have the page unblocked, which may or may not be done, because unblocking would apply to all the ISP’s customers). It should be noted that while in the 1990s such filters commonly blocked pages based merely on the existence of a word such as “breast”, few filter vendors now rely solely on single keyword blocking. Some filter vendors that do still include a single keyword blocking feature, as just one of a number of artificial intelligence components, enable parents to turn off that ‘feature’. This may or may not result in significantly less effectiveness in blocking unwanted content, depending on the other artificial intelligence components of the particular filter.

In addition, a content analysis filtering system on an ISP system could not analyse the content of pages being transmitted from a secure web site (e.g. those starting with “httpS”) because the content is encrypted (scrambled) during transit between the content provider’s web site and the browser used by end user. Hence content providers who wish to prevent their content from being blocked by such a system could easily make their content available on a secure web site, the same as is used by banking and e-commerce sites. In order to prevent access to prohibited content made available on a secure web site, a national filtering system reliant on content analysis filtering techniques would have to block access to all secure sites including banking and e-commerce sites, or implement a means of intercepting all secure transmissions at the ISP’s system (e.g. by terminating the secure session at that point) in order to decrypt and analyse the content. Such interception by ISP systems would cause the end user’s browser to warn the user that their connection to the destination site is not secure and trustworthy and hence destroy confidence in the security and confidentiality of online banking and e-commerce transactions because it would be apparent that their banking passwords and credit card details etc would be able to be captured and read by a third party during transit.


Why Spam Filtering can be more accurate and effective than Web Page Filtering


During the last 18 months or so, one or more Australian ISPs have made a spam filtering service available to their customers and informed customers that the particular spam filtering product in use is Brightmail which “protects 300 million users worldwide and has the highest spam filtering accuracy rate. This means that only one in every one million email messages has the chance of being incorrectly filtered[48]. (Symantec states that its Brightmail product catches spam with a 95% effectiveness rate, and prevents false positives with a 99.9999% accuracy rate). This has resulted in some organisations issuing newsletters etc. indicating that they are under the impression that ISPs could provide equally accurate and effective filtering of web pages to block pornography. For example:

If ISPs like [ISP name] can provide effective anti-spam and anti-virus solutions free of charge in response to community feedback, why can’t ISPs also provide free, effective, porn filtering in response to concern from parents about children accessing adult sites? The technology needed to efficiently and correctly filter out the majority of porn sites accessible on the internet is no more complicated than that needed to filter out spam from our email inbox. It requires the same level of analysis of incoming content.[48]

However, spam filtering products that are said to have (and possibly do have) such high levels of accuracy and effectiveness do not rely on analysis of the content (message text and images) of an email message.

Automated content analysis of the text and images in an email message is no more accurate than content analysis of a web page. An ISP-based spam filter that relied solely on content analysis would be extremely likely to identify legitimate and wanted messages about goods and services (e.g. emails from a user’s bank, insurer, credit provider, etc) as spam because the artificial intelligence of a content analysis spam filter can not know whether the intended recipient of a particular email has a business or other relationship with the sender.

Although the problem of accurately identifying e.g. pornographic spam may appear to be the same as that of accurately identifying pornographic web pages, there are a number of key technical differences between email messages and web pages, and even more differences between spam email and unwanted/undesirable web pages. Among other things, email is a “push” technology (transmission is initiated by the sender) and web pages are a “pull” technology (transmission is initiated by the recipient (or their computer)). As a result the technical challenges involved are different, and there are a number of techniques that can be used to identify unwanted email messages (spam), in order to filter or block them, that can not be used to identify pornographic, or any other type of unwanted, web pages (see below).

In addition, email messages are generally much smaller in size than web pages and therefore less time is necessary to process an email through a filter than a web page. Even if an email message is large, due to the store-and-forward nature of ISP email, the recipient will not generally be aware of any delay that occurs during filter processing at their ISP’s mail server, unlike when waiting for a wanted web page to be displayed on a user’s screen. Also, to minimise processing delays and computational resources needed, some spam filters include an option to skip large sized messages.

Techniques that can be used to identify spam, but not unwanted/undesirable web pages, include:

  • Identification of unsolicited bulk email messages
    Spam filters are designed to identify and filter unsolicited bulk messages irrespective of the type of content of the message, that is, they are not specifically designed to identify pornographic or any other particular type of content. The unsolicited and bulk nature of spam is one aspect that can make accurately identifying and filtering spam easier than accurately identifying and filtering undesirable web pages after a user has clicked on a link (whether intentionally or not). When a new, or changed, web page is made available online, there is no means by which web filtering vendors can immediately know the page exists in order to check whether it should be added to their blocking list. However, because spam email is sent out to email addresses, spam filtering vendors can use “spam traps”, also known as “honey pots”, to attract and therefore rapidly capture new spam messages and then promptly distribute new spam filtering rules to identify and filter such messages.The use of “honey pots” is one of the techniques used by Symantec’s Brightmail Anti-Spam product. As stated in Symantec’s article How Filtering Techniques Can Screen Out Spam[49]:

    In Symantecs case, the effectiveness and accuracy of its spam filters are made possible by its multiple logistics and operations centers. These centers work globally, evaluating mail for new variations of spam and issuing filters to identify and capture similar messages. Spam analysis at these centers begins with the Probe Network, an array of more than 2 million decoy email addresses and domains, also known as spamtraps or honeypots. This global network of email accounts attracts and collects large quantities of spam — tens of millions of spam messages pass through the Probe Network every month. As messages come into the centers, automated processes and expert technicians go to work, analyzing incoming spam and developing countermeasures.

    More information is available in an article titled Filtering Spam With Blocklists[50] by Nathan Segal (published by SmallBusinessComputing.com):

    ‘With Brightmail, we install filtering software at our customer sites,’ says [Linda Munyan, marketing communications manager for Brightmail]. ‘Our solution is comprised of three components. The first part is called the Probe Network, a network of decoy email accounts that we’ve put out across the Internet. Each customer that we bring on board is required to provide us with a certain percentage of statistical representation of their total email box universe. These are brand new accounts that have never been used.’ ‘At Brightmail, our business intelligence team creates names for those new, unused accounts and they seed them across the Internet, into places such as Usenet groups where spammers are known to harvest email addresses,’ Munyan says. ‘Our Probe Network has a statistical reach of 100 million email boxes and that’s what we use as our net (sometimes known as a spam trap or honey pot). The Probe Network attracts an incredible amount of spam and our business intelligence team constantly monitors the probes, refining them and making sure that they’re productive.’

    ‘Then we have a pretty sophisticated set of algorithms which groups this spam into attacks. A spam attack is any group of messages that are similar in nature. Many spammers try to randomize their messages so that filtering software techniques such as ours are thwarted. But our grouping algorithms strip out all that randomizing stuff, (numbers, spaces, dashes, dots, the university diploma, etc.) to its core essence and groups it into a spam attack. From there, we can write rules against it,’ she says.

    Some other spam filtering vendors also use “honey pots” and/or have facilities enabling customers/users to submit spam (that was not identified as spam by their filtering product) to them as soon as it is received, so that they can promptly create and distribute new rules to catch such spam.

  • Analysis of email message header fields
    Email messages include header fields (which are hidden from view by default in most email programs[51]). The header fields contain information about the sending source of the email which can often enable a message to be identified as spam without necessarily analysing the content (text and images) of the message. Email headers include, but are not limited to:

    • Return-Path:
    • Delivered-To:
    • Received:
    • Message-ID:
    • MIME-Version:
    • X-Mailer:
    • Content-Type:

    Spam filtering software looks in the header fields of messages for typical characteristics of messages sent by spammers. For example, a few of the many characteristics that the Spam Assassin software looks for are:

    MSGID_OUTLOOK_INVALID Message-Id is fake (in Outlook Express format)

    FORGED_YAHOO_RCVD 'From' yahoo.com does not match 'Received' headers

    FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format

    DATE_IN_PAST_12_24 Date: is 12 to 24 hours before Received: date

    MIME_BOUND_NEXTPART Spam tool pattern in MIME boundary

    FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

    RCVD_NUMERIC_HELO Received: contains a numeric HELO

    HEAD_ILLEGAL_CHARS Header contains too many raw illegal characters

    RCVD_DOUBLE_IP_SPAM Bulk email fingerprint (double IP) found

    If an email message header contains characteristics matching a sufficient number of rules similar to the above, it will be identified as spam.

  • Analysis of hidden text and formatting code in email messages:
    Many spam messages are sent in HTML format and the underlying HTML code of the body of the message (which is not automatically visible when reading an email message) contains hidden words and HTML code that are typical of spammers efforts to evade spam filtering software. Spam filtering software looks for these symptoms and suppliers of anti-spam software constantly monitor and study spam to find the latest evasion techniques used by spammers, so that they can add new spam rules to their software in order to catch spam that uses a new evasion technique. (While some such evasion techniques could also be used in web pages, they are techniques known to be commonly and frequently used by spammers rather than providers of web pages.)
  • Other spam filtering techniques include, but are not limited to:
    • Attachment filtering
    • Masked and obfuscated URLs (such as used in phishing emails) filtering
    • Statistical filtering (bayesian filtering)
    • Checksum-based filtering
    • Blocking messages sent via known open mail relays
    • DNS-based Blackhole Lists

    For information about the last four techniques above, see Wikipedia’s Stopping e-mail abuse page[52].

Spam filters also use content analysis of the body of emails to look for particular words and phrases, etc. However, if content analysis alone was used, spam filters would be no more accurate and effective than web page filters.

It is because unsolicited commercial bulk email (spam) is entirely different from web pages, and therefore spam filters are also able to use the other techniques set out above, that spam filters can be more accurate and effective than web page filters. However, while spam filters can have a very high level of accuracy and effectiveness, very few do. Achieving high levels requires the filter vendor or the end user to devote a large amount of time and resources to classifying messages as spam/not spam (in the case of most bayesian-based filters) and/or writing new rules to catch new types of spam.


Why end-user/PC based filtering is more effective than mandatory ISP filtering


PC based filtering is the most effective technological means of protecting children because:

  • PC based filtering products can block a vastly larger number of web pages that are unsuitable for children because these products use a dynamic real-time ‘content analysis’ method of filtering, as well as using the URL method of filtering which blocks access to a pre-determined list of URLs. The ‘content analysis’ method of filtering is not technically feasible in ISP based filtering (without significant slow down of access) and, even if it was, this type of filtering technique is not suitable for an ISP filtering system due to the high potential for blocking of innocuous content as discussed above. Mandatory ISP based filtering would only block access to the URLs of pages that had previously been found and placed on the blocking list - it would not promptly, if ever, block new pages or pages which have changed their URL, etc. (4 billion pages were added to Google’s search index in the 14 months to April 2005).
  • PC based filtering products can block a vastly larger range of categories of content that some parents may not wish their children to see, and the software can be customised to meet particular family needs (dependent on blocking requirements, ages of children, etc). Labor’s mandatory ISP filtering scheme would be a ‘one size fits all’ system that would only block content previously found and identified by the ACMA as ‘prohibited content’ under Australian law. This is a relatively small category of content in terms of protecting children - it consists of content that would be ‘Refused Classification’ (child sexual abuse, extreme violence, etc.) or would be classified X18+ (non violent sexually explicit activity between adults). It does not include content that would be classified R18+ that is hosted on overseas site, nor does it include any content that would be classified MA15+, M or PG. Hence it would not include pages showing nudity, nor hate sites, nor a wide range of other types of material unsuitable for children of varying ages.
  • PC based filtering products can assist in protecting children from many other Internet dangers, e.g. stranger danger in chat rooms, whereas mandatory ISP based filtering would only block web pages. As the ACMA research[53] found:

    A significant proportion of both parents (92 per cent) and children (89 per cent) mentioned at least one issue of concern in relation to children’s use of the Internet, but while parents were most concerned with content and communication issues, children were most concerned with security.
    The single issue of greatest concern reported by parents in relation to their child’s Internet use was online pornography (40 per cent), then follow communicating with strangers (22 per cent).
    The most common issues of concern for children (26 per cent) related to electronic viruses, hacker attacks and spyware.
    Few parents (10 per cent) and even fewer children (one per cent) reported a concern about violent Internet content.

    PC based filters include features[54] such as the following:

    • chat monitoring, blocking and/or filtering
    • newsgroup blocking
    • instant messaging port blocking
    • Peer-to-Peer (P2P) blocking
    • FTP Blocking
    • Popup Blocking
    • Personal Info Blocking
    • Reporting Capabilities, e.g. Log Reports, History, Logging of Security Violations, etc, available to parents (which in an ISP based system would be available to the ISP, not the parents).
    • etc.
  • PC based filters enable parents to set one level of access for themselves (e.g. no blocking) and a different level of access for each of their children depending on the child’s age and needs. This is most unlikely to be practical in a mandatory ISP filtering system due to technological difficulties (see later herein).
  • Most PC based filters enable parents to quickly unblock a page that has been incorrectly blocked, or which they themselves wish to see. In an ISP based filtering system, users would have to contact their ISP seeking to have incorrectly blocked pages unblocked, resulting in delay and inconvenience and/or a refusal to unblock. (ISPs would need to carefully consider unblocking requests because unblocking would make the content available to all of the ISP’s customers).

Is an Opt Out system (for adults) technically feasible and technically practical?

The Government has sent mixed messages on the opt-out provisions for this service. In January, Senator Conroy has said that “anyone wanting uncensored access to the internet will have to opt out of the service.”[54a] Previously in August. however, he said that “We have an opt-out provision, so for X-rated (content) they can opt out, but for child porn and violent sites, they’re completely blocked, there’s no opt-out.”[54b]

To date, to the best of EFA’s knowledge, none of the proponents of an opt out ISP based filtering system have addressed the matter of whether or not a system enabling adults to opt out of filtering is technically feasible and technically practical. Apart from the cost of simply administering such a list and validating opt-out requests, an opt-out system could place even more of a burden on an ISP’s network. Internet traffic from a filtered home must take a different path than that from a unfiltered home, requiring the ISP to implement a mechanism to make some complicated routing decisions. Inspecting the IP address of the web request, looking up which account is using that IP, and checking whether it is filtered or not would incrementally add to to network times and leave the ISP with the task of maintaining this extra mechanism.

It appears the first proposal for an opt out system was made by the Australia Institute in 2003. However, the Australia Institute did not discuss with Australian ISPs whether this (or other aspects of their proposal) would be technically feasible and practical for implementation by ISPs. As reported by Australia Financial Review on 11 March 2003:

Hamilton confirms he did not speak to the IIA or any ISPs when formulating his views, but says it was unnecessary. ‘When we [the Australia Institute] did a review on greenhouse issues we didn’t think it was important to speak to oil companies,’ he says.


Residential Premises


While it may be technically ‘feasible’ to implement a system enabling an account holder (e.g. an account used by all members of a household) to opt out, it is very doubtful that it would be technically practical to implement a system that enabled each adult to opt out if they wished in the case of households (families and other shared premises) with broadband “always on” connections. Such services involve only one logon account and the account logon identification details are stored in, for example, the ADSL modem. Even if it was found to be feasible and practical for Australian ISPs to make changes to their infrastructure and billing systems for the purpose of providing separate logons for each of multiple users of the same broadband “always on” connection, given it has been claimed by Mr Beazley that mandatory ISP based filtering is necessary due to “poor computer literacy” by parents, it is extremely doubtful that a parent who did not know how to install and/or use PC based filtering software would know how to re-configure their ADSL or cable modem. Further many of those who are capable of doing so would find a need to do so, each time a different person wished to use the Internet, highly inconvenient.

It seems unlikely that an opt out (or opt in) system would enable parents to choose to have an unfiltered service when they are online and a filtered service when their children are online, nor would it be likely to enable different levels of restriction for persons of different ages. Hence parents who wished to have filtered access only for their children, or different levels of restriction for children of different ages, would still need to install PC-based filtering software. In addition, if it was technically practical to do so in a mandatory ISP filtering system, the overall cost of the system would be higher than estimated in the Government 2004 report, because that estimate did not include the cost of implementing, or maintaining, an optional system.

This is one of the reasons why PC based filters are vastly more practical than Labor’s one-size-fits-all ISP based filtering system. PC based filtering software provides the user (e.g. parents) with the ability to create local accounts within the filtering software setup on their own computer, for various members of the household with varying levels of Internet access restriction.

Further, the proponents of an opt-out system are yet to explain how an opt-out system would operate in terms of the means of opting out. For example, how could an ISP know whether a person requesting that filtering be switched off on a particular account is (a) an adult and (b) the subscriber authorised to do so in relation to that account? Would the adult subscriber have to present themself at an ISP’s premises with photo identification?

Internet Cafes, Libraries and Schools


Kim Beazley’s media release states:

Under Labor, all Internet Service Providers will be required to offer a filtered ‘clean feed’ internet service to all households, and to schools and other public internet points accessible by kids.

It is also not apparent how Labor’s proposed system could operate in a technically practical manner to enable adults using computers in Internet cafes, libraries and schools, to ‘opt out’ of having their Internet access filtered when an ISP is providing a filtered service to such premises. The problem for Internet cafes, libraries and schools would be similar to that outlined above in relation to households with broadband access. Perhaps Labor imagines ISPs would provide two feeds to such premises, one filtered and one unfiltered, and imagines that the staff at those premises would develop some means of managing which feed was connected to various computer terminals depending on who wished to use them. Labor should publicly explain how, if at all, their proposed opt-out blocking system could operate in a technically and administratively practical manner in relation to public Internet access points.

Given Labor’s intention to amend the existing legislation in order to include R18+ content in their blocking scheme, which as discussed earlier herein includes a wide range of information that does not involve sexually explicit or violent material, it would be highly inappropriate to implement a scheme that did not include a readily available and practical method of ensuring that adults would not be prevented from accessing such information when using public Internet access points.


Why an Opt-Out (or Opt-In) government mandated system is not appropriate


Kim Beazley’s media release states:

Through an opt-out system, adults who still want to view currently legal content would advise their ISP that they want to opt out of the “clean feed”, and would then face the same regulations which currently apply.

Whether or not an opt out system is technically feasible and technically practical, a system that requires users to opt out of having their Internet access filtered is totally inappropriate and breaches the fundamental human right to privacy.

Such an approach appears to have the objective of discouraging people from opting out because the only way of opting out is, in effect, to tell a stranger (i.e. an ISP staff member) that they wish to access content that some other people find offensive (but which is not illegal for adults to view or access either online or offline).

Further, any persons who support a mandatory ISP based filtering system on the theory that they themselves would be able to opt out should give careful consideration to the fact that once the infrastructure of a national ISP based filtering system is in place, any government/parliament (either the one that established the system, or one elected at a future time) could mandate that ISPs switch off the ‘optional’ component of the system. The same risk exists in relation to any mandatory national ISP based filtering system established on an ‘opt in’ basis.


How many people would wish to opt out?


As discussed earlier herein, EFA considers that Labor’s intention to include R18+ content in the blocking scheme would result in an even more adults (including parents in relation to their own access) wishing to opt out than would otherwise be the case.

According to ABS research (HOUSEHOLD USE OF INFORMATION TECHNOLOGY 2006-07[55]), the number of households with internet access was:

Households without children under 15: 3.356 million
Households with children under 15: 1.782 million
Total: 5.138 million

When the objective of an ISP based filtering system is “to give peace of mind to mums and dads” (as indicated in a Labor media release), it seems it would be an irresponsible waste of tax payer funding to implement a mandatory system applicable to 100% of households with Internet access (5.1 million) when only 34% have children under 15 years (1.8 million), due to the likelihood that most households without children would not particularly want a filtered service.

Further, the 34% of households with children under 15 years would include:

  • the third of parents of children aged 8 to 13 years who have a filter installed; and
  • the two-thirds of parents of children aged 8 to 13 years who do not have a filter installed, 67% of which choose not to install filtering software because either they trust their child or feel that installing software is redundant because of their use of other safeguards. It is highly questionable whether those parents would want mandatory ISP filtering.

It is notable that Ovum reported that:

According to ISPs, there is currently very little demand for filtering services from domestic users of the Internet within Australia - typical levels of take-up of filtering services range between 1 and 2% of an ISP’s customer base.

and that:

A medium sized ISP invested over AUD$30,000 in deploying a server-based filtering system in 2001. Initially the service was offered as a free trial to the ISP’s customer base. Once the trial was over, the service was offered at AUD$3.95 per month. Out of the ISP’s 14,000 customers, 1,200 took up the free trial, and only 300 went on to pay for the service over a period of time. So at least 9% of the ISP’s customers were aware of the service by taking up the free trial and only 25% of these (or 2% of all customers) were willing to pay for the service. This is in contrast to virus scanning software that the ISP provided to customers. Within 6 months of launching the service, over 2,000 (14% of current customer base of 18,000) subscribers had taken up the service and 4,500 (25%) customers are now using it.

There is evidence to suggest that filtering services in other countries also lack popularity - even in more stringent countries such as Singapore, where content filtering is more strictly regulated.

Similarly, the ACMA 2005 research[56] found that, of the two-thirds of parents who had not installed filters, only 3% said that was due to cost.

The current plan is no more popular. The Australian Broadband Survey for 2007, conducted by Australian broadband portal Whirlpool from December 2007 to February 2008, received and verified surveys from 17,881 Australian Internet users. Of those, 13.3% agreed with the filtering plan, and 74.4% disagreed. Tellingly, 51.5% of all respondents strongly disagree with the plan, while only 2.9% strongly agreed. This is clearly not an initiative that has widespread support amongst the Australian public.[55a]

Accordingly, it seems likely that some 80% or more of households with Internet access would not particularly want to have their Internet access filtered. How many would opt-out would depend on a range of factors including principled objection to government mandated filtering (likely to be a large number in a Western democracy), restrictiveness of the blocking system, whether or not innocuous content was inadvertently blocked, ease of opting-out, privacy concerns in relation to monitoring of filtered Internet usage, etc.


Cost of establishing and maintaining a national ISP based filtering system


Kim Beazley’s media release states:

Labor recognises the introduction of this filtering will impose costs on Internet Service Providers. We will work with industry to ensure this service is provided at no extra cost to the householder. We will ensure that the costs of providing a clean feed are shared fairly and competition is not adversely affected, particularly for small providers.

However, the costs will be substantial, as the ACMA has reported:

“On the performance impact of filters, ACMA said: ‘In the case of personal computers the cost of upgrading processing power may be modest (although significant in terms of household income). However, for ISPs the cost of upgrading or augmenting the expensive hardware that they typically deploy may be substantial, particularly for small providers.’”[55b]

The Government 2004 report contained an estimate of the cost of mandatory ISP filtering:

On the basis of Ovum’s estimates and factoring in the most recent ABS data of ISP numbers in Australia, the total cost of implementing ISP-level filtering would be over $45 million for initial setup and over $33 million per annum. Details are at Table 5.1.3.

Table 5.1.3 shows details concerning a total of 563 ISPs and >$46.5m for initial set up and >$33.5m per annum.

The estimate of initial setup costs covered only the cost of extra servers to run the software and ISP personnel to set up the system (filtering software licence costs etc were included in the annual cost). Furthermore, the initial set up estimate was for non-redundant systems. It is doubtful that any competent ISP would be willing to rely on a non-redundant system because failure of a server would result in either customers not being able to access the Internet at all, or customers accessing the Internet without filtering operative, depending on the set up.

Ovum stated that their estimated cost of extra servers “gives a rough indicator of the cost of a non-redundant system. A redundant system would cost roughly twice as much”. The estimated cost of extra servers was $29 million.

Hence for redundant systems, the total initial setup cost would be over $75 million, plus the cost of ISP personnel to set up the duplicate servers, and over $33 million per annum.

However, estimated costs would now be higher. The Government 2004 report figures were based on there being 563 ISPs (ABS data as at September 2002). As at March 2005 there were 689 ISPs according to the most recent ABS data of ISP numbers in Australia[57], and the total number of subscribers was 5.98 million, an increase from 4.56 million in September 2002.

Factoring in the most recent ABS data of ISP numbers in Australia, the total cost of implementing ISP-level filtering would now be over $49 million for initial setup for a non-redundant system (or $79 million for a redundant system) and over $34 million per annum.

The estimated server costs were based on the number of ISPs, and subscribers as stated in Ovum’s report (EFA has not investigated whether the below figures, equipment and prices were, or are now, realistic):

Server system
Vendor specifications for their products suggest that a server with two Pentium III class CPU at 800MHz or higher processing speed with 1GB of RAM could support 2000 users (assuming 10% concurrency - 200 users online at once). This sort of server would cost approximately AUD$10,000. A smaller ISP could utilise a single CPU version with 512MB of RAM (an estimated cost of AUD $8,000).

For ISPs larger than 2,000 we have multiplied the cost of the 2,000 user machine to cover the maximum number of subscribers in each category (except for very large ISPs, where the minimum is used). This gives a rough indicator of the cost of a non-redundant system. A redundant system would cost roughly twice as much.

The size of the system employed by each ISP would be dependent on the number of concurrent connections that that ISP supports and the actual cost will be dependent on the relationships the ISP has with its vendors.

It should be noted that Ovum’s calculations assumed 10% of users online at the same time. It is questionable whether that would be an appropriate estimate given the increased number of broadband “always on” connections.

In addition, the estimate of costs did not include costs that would be incurred by ACMA (or another entity) in developing and updating a blocking list to be used in ISPs’ systems. Ovum suggested that if the government asked a filter vendor to provide a customised blocking list (customised to meet government regulatory requirements) vendors would be likely to charge only half of their normal fee. According to Ovum, the estimated cost would be approximately $4 million per annum, if half normal price was charged.

In summary, based on ABS data as at March 2005 and Ovum’s equipment, software and ISP staff cost estimates, the total cost of implementing ISP-level filtering would now be over $49 million for initial setup for a non-redundant system (or over $79 million for a redundant system) and over $34 million per annum (including in the year of initial set up). These figures do not include the initial cost of developing a blocking list, nor ongoing annual costs in updating/adding to it, nor costs involved in establishing and administering a system that is optional for adults.


Why the ‘Crossway Christian Filtered ISP Service’ does not use server side filtering


EFA notes that in some countries, for example the U.S.A. and Canada, there is apparently sufficient market demand for ISPs serving the Christian family market to have resulted in the establishment of specialised ISPs.

The Crossway Christian Filtered ISP Service[58], which provides services in the U.S.A. and Canada, explains on their web site:

Why we do not use server side Web Filtering. We are often asked: why don’t you provide server side filtering, I thought that is what Christian ISP services do? The short answer is that we believe in individual responsibility. For to[o] long parents have allowed the television to be their surrogate parent, trusting those who promised to be responsible and police themselves. We know what the result of that has been. As a result, our Christian ISP promotes individual responsibility and parental control by providing PC-side filtering.

We do not believe Christians should abandon their responsibility to monitor themselves or their children when using the Internet. No filtering system, either client side or PC side, is 100 percent effective. This lures parents who depend on server side filtering into a false sense of security and endangers children as a result. Furthermore, false doctrines and cult activities to lure children are no[t] excluded by filters at all. This opens the door to the spiritual compromise of children whose parents abdicate their responsibility to monitor their children thinking the server side filter will keep them safe.

We provide Access to free PC-side web filtering as well as a paid Web Filter-only products. PC-side filtering technology gives parents control and promotes individual responsibility as opposed to server side filters which remove parental control and cannot be turned off if needed for adult research or college age students. Some allow you to block or unblock sites on a case by case basis which would also be a daunting task for any researcher. Since we only provide services to Christians, this is what we have found works best. Most Christians who agree with our statement of faith and beliefs also agree.
…”


References


1. Labor’s Plan To Protect Kids From Internet Pornography, Kim Beazley (Leader of the Federal Opposition), Media Release, 21 March 2006. <http://www.alp.org.au/media/0306/msloo210.php>

2. Labor very late to the Internet filtering debate, Senator Helen Coonan, Minister for Communications, Information Technology and the Arts, Media Release, 21 March 2006.
<http://www.minister.dcita.gov.au/media/media_releases/labor_very_late_to_the_internet_filtering_debate>

3. Education the Best Filter for Young Australians on the Internet, NetAlert Ltd, Media Release, 21 March 2006.
<http://www.netalert.net.au/03004-Education-the-Best-Filter-for-Young-Australians-on-the-Internet.asp>

4. Answer to Question without Notice - Internet Safety, Senator Helen Coonan, Minister for Communications, Information Technology and the Arts, Senate Hansard, 27 March 2006.
<http://parlinfoweb.aph.gov.au/piweb/TranslateWIPILink.aspx?Folder=HANSARDS&Criteria=DOC_DATE:2006-03-27%3BSEQ_NUM:10%3B>

4A. See testimony in transcript of Senate Estimates, 19/02/2008,
Environment, Communications, and the Arts. <http://www.aph.gov.au/hansard/senate/commttee/S10632.pdf>

4B. “Conroy announces mandatory internet filters to protect children” (ABC) <http://www.abc.net.au/news/stories/2007/12/31/2129471.htm>

4C. See Note 4B; also, the following Labor eHerald article states: “What category of material will be banned under Labor’s plan? Labor will require ISPs to filter out R, RC and X rated material as part of a clean feed for home internet connections.” <http://eherald.alp.org.au/articles/0306/natp24-01.php>

5. See Steven Conroy’s announcement Federal Labor To Lead On Cyber-Safety of 19 November 2007. <http://www.alp.org.au/media/1107/mscoit190.php>

5a. Reported in The Australian, February 26, 2008 <http://www.theaustralian.news.com.au/story/0,25197,23274806-26077,00.html>

6. See Note 1.

7. kidsonline@home Internet use in Australian homes, Australian Communications and Media Authority, April 2005.
<http://www.acma.gov.au/acmainterwr/aba/about/recruitment/kidsonline.pdf> [1.2 Mb]

7a. Media and Communications in Australian Families 2007 p. 28 <http://www.acma.gov.au/WEB/STANDARD/1001/pc=PC_310893>

8. Six-month Report on the Online Content Co-regulatory Scheme - Reporting Period 11: January to June 2005, Department of Communications, Information Technology and the Arts. Tabled by the Minister for Communications, Information Technology and the Arts, October 2005.
<http://www.dcita.gov.au/__data/assets/file/32781/online_content_co-reg_scheme_report_Sept_2005.rtf>

9.