ENDitorial: Hello CIRCAMP web blocking, goodbye democracy

This article is also available in:
Deutsch: [ENDitorial: Hallo CIRCAMP-Netzsperren, Tschüss Demokratie | http://www.unwatched.org/EDRigram_9.12_ENDitorial_Hallo_CIRCAMP-Netzsperren_Tschuess_Demokratie?pk_campaign=edri&pk_kwd=20110623]

Late in 2010, with the issue of web blocking still being discussed in the
European Parliament, the European Commission decided, with complete
disregard for the outcome of the democratic process on this issue, to invest
a further 324 059 Euro in the COSPOL Internet Related Child Abuse Project
(CIRCAMP). The purpose of the CIRCAMP project is to lobby for internet
blocking in the European Union, both at an EU and a national level and to
support its implementation.

CIRCAMP promotes the use of blocking at a domain level (blocking a full
domain such as yahoo.com rather than, for example
yahoo.com/personalpage).The danger to innocent websites from this approach
is growing, as a result of a trend identified by the Internet Watch
Foundation of “individual offenders increasingly exploiting legitimate
hosting services to publish images.”.

The inevitable blocking of innocent and entirely unrelated material as a
result of such a primitive approach is sold as a positive advantage on the
CIRCAMP website, which explains that “if a domain owner places, accidental
or willingly, child abuse material on his/her domain, and it is blocked by
the police, the blocking will not be lifted until the material is removed.

We believe that this will motivate content providers on the Internet to
actively make an effort to avoid files with child sexual abuse on their
systems/services.” Despite this overt support for domain-level blocking, in
response to a parliamentary question, the Commission was mysteriously
unaware of the activities of the project it has been funding for years and
stated “the CIRCAMP project did not promote a specific level of blocking.”

CIRCAMP appears either unaware or indifferent to the fact that its analysis
of its activities confuses basic concepts. Content providers (such
as bloggers) and domain name owners (such as blogger.com) are entirely
different. In a commercial environment, therefore, it is generally not the
domain owner that is putting content on his/her domain, it is the company’s
customers. This leaves hosting companies with the threat of being blocked
unless they seek to achieve an impossible level of permanent surveillance of
their customers and delete anything that would risk the blocking system from
being implemented – innocent or not. Therefore, in addition to entirely
innocent material being deliberately blocked by the CIRCAMP system, it is
highly likely that completely innocent material will be deleted to avoid an
entire service from being blocked.

As the Commission and pro-blocking lobbyists have explained, most people
would hit the “blocking page” set up in such circumstances by accident.
Therefore there’s no need to worry if you happen to find yourself on such a
page – the police, as usual, have no intention of undertaking
investigations, the activity is kept at a purely superficial level. That
said, despite the fact that the stop page is there to fight the unquantified
problem of accidental access, the CIRCAMP website explains that, in most
countries involved in CIRCAMP, ISPs hand over log files related to the
end-users that “hit” the blocking page (once directly personally
identifiable data has been removed).

In particular, the CIRCAMP website explains that “the statistics from these
logs will also provide an overview of the Internet usage related to child
sexual abusive material in addition to information about search words, type
of operating system, browser, time of day that most Internet users are
redirected to the “stop page” etc. This will provide the police with the
opportunity to have a qualified opinion about what their population look and
search for, where on the Internet they originate, what time of day is most
active and what kind of equipment they use.” This volume of data means that,
in the absence of directly identifiable data, there are still numerous ways
that this data could be exploited to identify the individuals that are
assumed innocent – such as via the search provider.

It is difficult to imagine how it is possible for the European Commission to
put such an amount of money into a process described this month by the UN,
IACR, OSCE and ACHPR as an “extreme action that should only be taken in
accordance with international standards” (which is clearly not the case in
relation to CIRCAMP.

It is difficult to imagine how the Commission can give a response to a
parliamentary question on this issue which suggest that it either does not
know or does not care about the collateral damage caused by CIRCAMP’s
support of domain level blocking.

It is difficult to imagine why the Commission invests so much money in
promoting and lobbying for blocking rather than investing in international
efforts to investigate and prosecute the crimes directly. This does,
however, explain why it is strongly opposing the European Parliament’s
proposal of a reporting obligation for the Commission to explain what it is
doing internationally to deal with these crimes.

International Human Rights organisations statement on blocking (1.06.2011)
http://www.cidh.oas.org/relatoria/showarticle.asp?artID=848&lID=1

Internet Watch Foundation 2010 report
http://www.iwf.org.uk/assets/media/annual-reports/Internet%20Watch%20Foundation%20Annual%20Report%202010%20web.pdf

Parliamentary question: Internet blocking and child pornography (26.10.2010)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+WQ+E-2010-8802+0+DOC+XML+V0//EN

EDRi blocking booklet
http://www.edri.org/files/blocking_booklet.pdf

(Contribution by Joe McNamee – EDRi)