By Eerke Boiten, University of Kent
The worrying developments in UK internet freedom over the last year make predictions for 2014 gloomy to say the least. But censorship now affects us all so we should be thinking about it. And it’s not politically driven censorship we should be most afraid of.
This year has been characterised by tension between the UK government’s use of terrorism laws and free speech and, more recently, by concern over the unavoidable over-blocking of content in the name of protection. Yet there are greater threats to our internet freedom than the heavy hand of the government.
Oversight versus interference
Both the government and internet service providers have abdicated responsibility for the quality control of the security filters being put in place in a bid to prevent children from accessing pornographic content at home.
ISPs such as BT and Sky have delegated the task of deciding what to block to third party companies. For accountability and oversight that is bad news but in terms of possible political interference it is actually good.
There have been three main drivers for internet censorship. One is child abuse imagery, the banning of which is in line with the general population’s views. Websites containing child porn can be taken down, for example through the Internet Watch Foundation, and, since November, search engines have returned warnings and reduced results when certain terms have been searched for. Although porn in general is not illegal, the ISPs’ filters will have an impact on the blocking of child abuse by negatively affecting the distribution of borderline illegal material.
The second driver is combating extremism. It is still unclear how censorship will be applied here, but classification is highly problematic. No clear public mandate exists for this censorship, nor are links with legislation on issues such as hate speech or proscription of organisations, made explicit. In its filters, BT does not have an “extremism” category, although some content may fall within its “weapons and violence” or “hate” labels.
The final category is media organisations aiming to protect their copyright. The 2010 Digital Economy Act allows for ISPs to apply sanctions (such as bandwidth restriction and disconnection) to users who have downloaded copyrighted material. ISPs have also been forced to block file sharing websites, such as The Pirate Bay and BT includes the practice in its filtering. But file sharing isn’t always illegal and even when it is, public opinion is divided about whether or not it is acceptable. The heavy-handed measures that can be taken show the impact of the commercial interests in this domain.
It’s important to note that BT is filtering in 14 categories, even though David Cameron promised nothing broader than “porn” filters. The generous explanation for this is that the third party providers being used by ISPs already had a range of filtering options in place for parental controls or use in schools, for example filtering against high bandwidth activities like file sharing and media streaming already.
More worryingly though, it has been reported that the BT filters also restrict access to sites promoting the use of proxies. This is where the next battle over internet censorship will be fought. Restricting the technological means through which internet users can obscure their IP addresses and hide the content they are accessing from others is the next big target.
Again, the excuse may be that the third party providers already have this built into their products for good reasons. In the context of school web filters, for example, circumvention of filters needs to be prevented.
But it looks like these measures could well be broadened. The IWF and the Child Exploitation and Online Protection Centre have been
asked to investigate child abuse imagery in the “Dark Web”. The only predictable, and sensible, recommendation for reducing child porn to come out of this will be to restrict access to the Dark Web. And that has to be done by restricting a user’s ability to disguise their activities.
Media companies and the TTIP
This by itself will not cause the UK government to restrict access to Tor, VPNs, or proxies in general. However, the media copyright lobby will want to make it happen because peer-to-peer networks, content indexed through torrent sites, possibly using some form of anonymous routing along the way, carry the majority of the “illegal” file sharing load.
Media companies stand to gain significant powers, possibly trumping national legislation, through trade agreements such as TTIP. Using these, they will want to close off all avenues of illegal file sharing, and they are unlikely to care about collateral damage to internet privacy. Thus, we have to worry about restrictions on the use of Tor anonymous routing, VPNs, proxies, and any other ways that allow us to be more anonymous and protected on the internet.
This prediction then brings together the two big internet freedom storylines of the last six months. The government’s desire for quick internet censorship solutions will end up impeding our capacity to defend ourselves against overzealous surveillance from intelligence services and tech companies.
The Tor fightback
The good news is that Tor traffic has proved hard to detect and shut down. Many countries have tried and failed. Security companies claiming to have the required technology typically are only able to block older versions.
These days, Tor connections look like normal secure web traffic. Currently only China systematically and openly blocks Tor (with its Great Firewall) for long periods of time. They do this by blocking the eight “directory authorities” that form the entry point to Tor, in combination with Deep Packet Inspection. In response, the Tor project continually develops new camouflage methods, and also very promising tools for detecting internet interference. Russia and Japan have been reported to be considering blocking Tor. All is not lost, but we should be on our guard.
Eerke Boiten is a senior lecturer in the School of Computing at the University of Kent, and Director of the University's interdisciplinary Centre for Cyber Security Research. He receives funding from EPSRC for the CryptoForma Network of Excellence on Cryptography and Formal Methods.
Julio Hernandez-Castro does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.