ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
This article is also available in:
Deutsch: ENDitorial: Hallo CIRCAMP-Netzsperren, Tschüss Demokratie
Late in 2010, with the issue of web blocking still being discussed in the European Parliament, the European Commission decided, with complete disregard for the outcome of the democratic process on this issue, to invest a further 324 059 Euro in the COSPOL Internet Related Child Abuse Project (CIRCAMP). The purpose of the CIRCAMP project is to lobby for internet blocking in the European Union, both at an EU and a national level and to support its implementation.
CIRCAMP promotes the use of blocking at a domain level (blocking a full domain such as yahoo.com rather than, for example yahoo.com/personalpage).The danger to innocent websites from this approach is growing, as a result of a trend identified by the Internet Watch Foundation of "individual offenders increasingly exploiting legitimate hosting services to publish images.".
The inevitable blocking of innocent and entirely unrelated material as a result of such a primitive approach is sold as a positive advantage on the CIRCAMP website, which explains that "if a domain owner places, accidental or willingly, child abuse material on his/her domain, and it is blocked by the police, the blocking will not be lifted until the material is removed.
We believe that this will motivate content providers on the Internet to actively make an effort to avoid files with child sexual abuse on their systems/services." Despite this overt support for domain-level blocking, in response to a parliamentary question, the Commission was mysteriously unaware of the activities of the project it has been funding for years and stated "the CIRCAMP project did not promote a specific level of blocking."
CIRCAMP appears either unaware or indifferent to the fact that its analysis of its activities confuses basic concepts. Content providers (such as bloggers) and domain name owners (such as blogger.com) are entirely different. In a commercial environment, therefore, it is generally not the domain owner that is putting content on his/her domain, it is the company's customers. This leaves hosting companies with the threat of being blocked unless they seek to achieve an impossible level of permanent surveillance of their customers and delete anything that would risk the blocking system from being implemented - innocent or not. Therefore, in addition to entirely innocent material being deliberately blocked by the CIRCAMP system, it is highly likely that completely innocent material will be deleted to avoid an entire service from being blocked.
As the Commission and pro-blocking lobbyists have explained, most people would hit the "blocking page" set up in such circumstances by accident. Therefore there's no need to worry if you happen to find yourself on such a page - the police, as usual, have no intention of undertaking investigations, the activity is kept at a purely superficial level. That said, despite the fact that the stop page is there to fight the unquantified problem of accidental access, the CIRCAMP website explains that, in most countries involved in CIRCAMP, ISPs hand over log files related to the end-users that "hit" the blocking page (once directly personally identifiable data has been removed).
In particular, the CIRCAMP website explains that "the statistics from these logs will also provide an overview of the Internet usage related to child sexual abusive material in addition to information about search words, type of operating system, browser, time of day that most Internet users are redirected to the "stop page" etc. This will provide the police with the opportunity to have a qualified opinion about what their population look and search for, where on the Internet they originate, what time of day is most active and what kind of equipment they use." This volume of data means that, in the absence of directly identifiable data, there are still numerous ways that this data could be exploited to identify the individuals that are assumed innocent - such as via the search provider.
It is difficult to imagine how it is possible for the European Commission to put such an amount of money into a process described this month by the UN, IACR, OSCE and ACHPR as an "extreme action that should only be taken in accordance with international standards" (which is clearly not the case in relation to CIRCAMP.
It is difficult to imagine how the Commission can give a response to a parliamentary question on this issue which suggest that it either does not know or does not care about the collateral damage caused by CIRCAMP's support of domain level blocking.
It is difficult to imagine why the Commission invests so much money in promoting and lobbying for blocking rather than investing in international efforts to investigate and prosecute the crimes directly. This does, however, explain why it is strongly opposing the European Parliament's proposal of a reporting obligation for the Commission to explain what it is doing internationally to deal with these crimes.
International Human Rights organisations statement on blocking (1.06.2011)
Internet Watch Foundation 2010 report
Parliamentary question: Internet blocking and child pornography (26.10.2010)
EDRi blocking booklet
(Contribution by Joe McNamee - EDRi)