Journey with us to a state where an unaccountable panel of censors vets 95 per cent of citizens’ domestic internet connections. The content coming into each home is checked against a mysterious blacklist by a group overseen by nobody, which keeps secret the list of censored URLs not just from citizens, but from internet service providers themselves. And until recently, few in that country even knew the body existed. Are we in China? Iran? Saudi Arabia? No – the United Kingdom, in 2009. This month, we ask: Who watches the Internet Watch Foundation?

An excellent article that every UK user of the internet should read.

7 thoughts on “Blacklist”

  1. No surprise really when you consider that Britain has one of the strictest film censorship bodies in the 'free' world. Thanks to the BBFC we in Britain are 'protected' from a many films that are readily available on DVD across Europe and even in the USA.It is such a bizarre notion that even adults here in Britain need protecting from themselves.

  2. The claim “which keeps secret the list of censored URLs … from internet service providers themselves” is inaccurate. As the designer of no less than three ISP's networks, and as someone who was indirectly involved in the original “Safetynet” proposal that went on to become the IWF, I can categorically say that this isn't true. ISPs, quite obviously, need the list of censored URLs to actually implement the filtering.

  3. I don't doubt you, but could things have changed recently? Or is it possible that only one person at each ISP knows the URLs of the blacklist – or is the decoding software automatic?Either way, it doesn't encourage oversight.

  4. I read somewhere that there's a list sent to each ISP, but the list also contains some unique URLs for each ISP – so if someone leaks the list, they know where to look. (Which is probably a good thing – because you don't want that list leaked – it's a goldmine for those that way inclined.)

  5. I don't doubt you, but could things have changed recently?

    No, it's a question of technology. To implement this kind of filtering it has to be supported on a wide range of routing and switching gear. Traffic doesn't all take a single route through an ISP, hence it doesn't go through a single point you can filter at – you have to distribute the filtering across multiple routers and switches.

    Cisco and Juniper between them account for 90% of the router market. Neither have any method for installing encrypted filters so the filtering information *has* to be in plaintext*.

    Or is it possible that only one person at each ISP knows the URLs of the blacklist – or is the decoding software automatic? Either way, it doesn't encourage oversight.

    No, unless the network has only one engineer. Generally good ISPs engineer networks so that there is no single point of failure – which should include staff as well as kit. You could engineer it so that only a few people knew the full URL list, but any technician with router access would be able to at least see the list of IP addresses filtered.

    Knowing a lot of network engineers in the UK I'm quite confident that obvious misuse of the filter list for a non-stated purpose would get leaked very quickly.

    That said, I'd still like to see some independent formal verification of the IWF filter list by a reliable third party. However, the law as it stands on child pornography makes it an offence to access a listed URL to check that it was child pornography (assuming it was) and not mere censorship

    *It's not quite so simplistic but this isn't a treatise on how to implement transparent partial web proxying on an ISP network.

Leave a Reply

Your email address will not be published. Required fields are marked *