Avatar Image

UK ISPs implement mass content filtering and break Wikipedia

9. December 2008 – 11:01 by Bengt Feil (TuTech Innovation GmbH)

There is no doubt that the large majority of internet users would agree that there has to be some sort of action against the proliferation of illegal content on the internet. The question is how this could be achieved without harming innocent and productive use of the web. In 2004 British Telecom in the United Kingdom went live with Cleanfeed, a content filtering system which targets material related to child sexual abuse identified by the Internet Watch Foundation. All other UK Internet Service Providers agreed on implementing a version of this system till the end of 2007. BoingBoing has posted a flowchart describing how Cleanfeed works in detail. The widespread use of this system since 2008 recently has produced its first major controversy:

The Cleanfeed system identified a certain picture on Wikipedia.org (an album cover by the band Scorpions) as being content related to child sexual abuse. The system is set up to block such content by blocking the IP address of the server providing the content for all costumers who use an ISP who has Cleanfeed implemented (which should be all UK ISPs by now). Wikipedia on the other hand provides one IP address to all persons who want to edit any article on the site. The result is that all costumers of UK ISPs are now unable to edit Wikipedia which “breaks” the purpose and a major function of the site. No internet user in the UK could for example start writing an article about this controversy on the Wikipedia.

This example shows the problems of widespread and general purpose filtering of internet content at the ISP level:

  • The catch-all method of filtering often kicks of whole sites or in this case IP addresses from the internet. The problem is that a URL or an IP address does not at all correlate to a person or a specific web page.
  • Even so the blocked picture in this case is illegal in the UK such filters have to be very strict to catch all targeted content, which consequently leads to many false positives (content which appeared to be illegal but actually is not).
  • The technical methods used to block content vary from system to system but almost always have negative side effects. The designers of Cleanfeed may not have had the Wikipedia way of assigning IP addresses in mind when building the filtering system it broke an important function of the Wikipedia site. Or in other words: Such a system is like shooting a bug with a shotgun.
  • There is a major privacy concern related to a system at the ISP level checking all URL requests by all clients.

As already stated in the beginning there is no doubt that certain kinds of content on the internet is illegal and in some cases even repellent, but mass content filtering at the ISP level does not fit the propose of fighting this kind of content. It may be better to educate individual internet users about how they can individually decide which content may be viewed on their computers or at least let users decided whether they want to be subject to a centralized content filtering system.

Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Blogplay

Tags: , , , ,

  1. 7 Responses to “UK ISPs implement mass content filtering and break Wikipedia”

  2. By Michael Grace on Dec 9, 2008

    These types of problem are resolved when the filtering system is capable of categorizing individual webpages.
    The problem is not the fundamental of whether we have the technology to filter accurately, it is a question today of implementing the right technology.
    Earlier on we have massive similar problems with anti-virus software, and haw many people today would run IT systems without AV systems?
    The difference here is that viruses do not come under state legislated censorship laws, whilst porn and terror sites etc do.
    Thus the state is forced to act as the industry failed miserably to self-regulate.
    BTW, naturally I do know one vendor that fixes this problem: Netsweeper, Inc: https://www.netsweeper.com

  3. By David Gerard on Dec 9, 2008

    Lots of people run servers without antivirus, because most servers don’t run Windows. What a strange example for you to pick.

    In this case, a lot of things broke because Virgin deliberately switched off the XFF headers, which Wikimedia used to distinguish different users. Then they had the gall to turn around and blame us.

  4. By Jon Seymour on Dec 19, 2008

    Just in case it isn’t absolutely clear, Michael Grace is the A/NZ Country Manager for Netsweeper and thus has a vested interest in denigrating existing industry efforts and helping the state to address issues of this kind.

    Michael: Cleanfeed does categorise individual pages using its 2nd stage filter. The Wikipedia issues arose because the 2nd stage is implemented by a transparent proxy and so most UK users hit Wikipedia from a small number of transparent proxy addresses.

    Are you claiming that Netsweeper doesn’t put a proxy in the HTTP path under any circumstances and so does not make traffic that hits Wikipedia appear to come from a small number of IP addresses?

  5. By Stilgherrian on Dec 20, 2008

    Michael Grace’s analogy of filtering for the purposes of censorship and anti-virus software is spurious.

    With viruses, the end user does not want to receive the content, is not actively seeking it, and is subject to an automated attack. A paedophile looking for child abuse material wants to receive the material, is actively trying to receive it, and is manually in control of their technology.

    Also, Cleanfeed and presumably the products being hawked by Michael Grace are about blocking a “blacklist” of known sites. Yet the evidence is that the vast bulk of child abuse material is transmitted peer-to-peer using encrypted connections. Perhaps Mr Grace might like to explain how this can be “filtered” using the products he’s selling when he doesn’t have the encryption keys — because my computing science background, 20+ years experience as a network administrator and countless conversations with infosec experts tell me it simply can’t be done.

  6. By Proxy Guy on May 11, 2009

    Can I quote you in my report for school?

  7. By Bengt Feil on May 11, 2009

    If this is directed to me than: Yes.

  1. 1 Trackback(s)

  2. Dec 20, 2008: Beyond The Fringe » Blog Archive » The Second Parable of Michael Kirby

Post a Comment

The PEP-NET Blog uses the gravatar service to display your picture next to comments!