InfoTech: ISPs act against child porn

Andrew Cuomo, the New York Attorney General certainly thinks that the technology is present for ISPs to take steps to block access to child pornography, although the question remains open as to how it is to be identified.

Yesterday, Cuomo announced an agreement with Verizon, Time Warner Cable and Sprint to block access by their users to newsgroups and user groups which promote or publish pornography involving children.

And the threat of legal action, although the grounds for such are uncertain, was enough for the three companies to not just block access to 88 newsgroups identified by Cuomo's team but also to stump up USD1.125 million to fund future efforts to identify offensive newsgroups.

The basis of any potential action arises from the way that newsgroups work. They predate the internet - originally accessible only on a single server by dialling into it - and are often seen as somewhat arcane technology. But as the vast majority of users have migrated to web-based technology, newsgroups have slipped out of the conciousness of the general population. And they remain below the radar because they are, generally, not indexed by search engines in the same way as web pages, even though there are now several ways of accessing newsgroups using web-based software, and from any internet touch-point rather than direct dial-up.

As the internet developed, newsgroups were a primary source of information exchange - the command-line precursor to web-based bulletin boards. Often called "list-servs" or "USENET" anyone with access to an internet server - and some technical knowledge - could set one up. Technically, newsgroups are distributed across the internet by UUNet using the NNTP protocol.

Often membership of newsgroups is closely controlled. It is through this that criminal gangs control access to, for example, illegal copies of software, films, and other intellectual property, lists of stolen credit card numbers, where to buy pre-cursor chemicals for drugs production, the secret messaging for illicit funds transfers for terrorism and the tools of the trade in various forms of human misery from people trafficking to the most degrading and violent forms of adult and child pornography.

Once in USENET, and not all newsgroups are, they are distributed around the internet - and ISPs, as a service to their customers, update the newsgroups on their own servers.

It is this storage of copies of newsgroups that provides one pressure point for ISPs. Even if local law says that this is not "publishing" that does not preclude a prosecution for facilitating access or even conspiracy. This, apparently, is one of the things Cuomo has recognised.

In fact, at its darkest side, usenet is just the same as the darkest side of any physical community, aided by a variety of techniques - mostly simple - to secure anonymity from prying eyes outside the community.

When I began looking at the internet as a means of facilitating crime (I do not believe that "cybercrime" is, in substance, any different from crime committed by any other means) in the early 1990s, I pointed out that policing the internet was, then, impossible. I recommended that, instead of trying, governments should use their resources to warn those joining the internet about its dangers.

In the past 15 years, monitoring technology has improved: but it has not improved enough. It only works if there are a limited number of gatekeepers and pressure can be put on them. In China, monitoring of international internet access has proved possible because of the limited number of connections to the international internet. In India, it is impossible - the country has many international connections due to its enormous call centre industry.

What the New York decision does is to put onto ISPs the responsibility of removing sites that are identified by state investigators, but not the duty to identify such sites.

This is important: net vigilantes get prosecuted. Pete Townsend of The Who was undertaking research into child pornography on the 'web for a book. He stored examples on his PC and was charged (but later charges were not proceeded with) with possessing child porn.

It is also important because the offending content is not restricted to closed groups: some people, for motives that range from "I'm protecting the First Amendment" to "it's, like, cool, man" to hoping that viewers will use that as a jumping off point to paid-for-pornography choose to post offensive material in otherwise innocuous fora. For example, at the time of writing a newsgroup dedicated to information and discussion of domain name registries has just two entries since mid 2003. One of those, in 2004, is headed "CCTV Rape Video." It is posted with an email address to an identifiable user, raising the spectre that an innocent person has been wrongly identified as someone who possesses and distributes offensive material.

In fact, one of the features of USENET is that it is populated with newsgroups that see no activity for months or even years. Just like sudden activity on a bank account may be an indicator of money laundering, or sudden increase in purchases by a customer may be an indicator of a fraud in progress, sudden activity on an otherwise dormant or lethargic newsgroup may be an indicator that it has been temporarily identified and used by a criminal gang.

Because anyone can set up a USENET group, and because such a high proportion of internet users now use web-based bulletin boards, the concentration of undesirable elements on USENET has led to an disproportionate amount of its content being crime or pornography related.

But users are not safe if they stay away from USENET: this is because many criminals set up "Groups" at services such as yahoo.com. Fraudsters of all types commonly use this method of attracting "members" to their groups. There will be few readers who have not received an invitation to join a yahoo.com group from someone they have never heard of.

For a friendly front end to newsgroups, see www.webnews-exchange.com. There you can search for newsgroups on any topic you seek. But be warned: this is not an anonymous service and your own ISP and your own IT department may be monitoring your search requests.

So, is the New York decision a restriction on free speech?

Not yet - but if it is seen as a foot in the door for repressing access to information just because it is subversive or undesirable, then there is that risk.

In the USA, it's a long way from reaching that position.

However, in countries where free speech / expression is already restricted the decision will encourage governments to put pressure on ISPs to restrict access to a much wider array of groups.

That leaves the one big question: who decides what groups will be blocked? The US decision makes it clear: the New York District Attorney's office has just become the arbiter of what users of the co-operative ISPs can view. A three year operation threw up just 88 newsgroups.

Why only 88? Is it because there are only 88, or because despite that three years of work with the backing of government resources, only 88 out of a far greater number were identified?

And why only child-porn? Is it because it's an easier sell than e.g. promoting fraud - but the plan is to be a thin-end-of-the-wedge?

The decision, on the face of it is very good. But it throws up a disturbing picture of a future policed by government agencies even in the land of the free.