How Even Highly-Targeted Censorship Can Lead To Overblocking
from the unintended-consequences dept
As the battle rages over SOPA and PIPA, censorship is very much on people's minds. But there are many different kinds of censorship, operating at different levels of precision. For example, while some forms are crude and inexact, like Homeland Security's shutdown of 84,000 sites, others are highly targeted, and designed to block in a very specific way.
That's the case for the attempted blocking of Newzbin2 in the UK. The judge, Justice Arnold, ordered the ISP BT to take a two-stage approach (possible thanks to the pre-existing "Cleanfeed" system it had set up to block child pornography).
If an IP address matches one of those contained in the blocking list, the request to access the site is routed to a proxy server where the exact URL – the specific address including the directory and filename – is examined. If that matches too, access is denied. The judge specified this technique, rather than simply ordering the IP address to be blocked, for an important reason, which he explained in one of his rulings:
the Studios now accept that the order should refer to IP address re-routing and not IP address blocking. It appears that IP address blocking could lead to "overblocking" of sites or pages that ought not to be blocked.
However, as James Firth notes in a blog post, overblocking is still likely to occur thanks to the combination of two factors:
The first is that Newzbin will - and there's strong evidence they have done already, several times - change their IP address. It is well known that IP addresses have all but run out. Nearly all IP addresses allocated are recycled - they've been in use before.
As Firth points out, one of the many worrying aspects of the Newzbin2 judgment is that there doesn't appear to be any mechanism for removing IP addresses once they have been placed on the blocking list – even if they are no longer used by Newzbin2. Adding new ones, by contrast, is explicitly permitted:
Pity the website owner who picks up Newzbin's old IP address. Under Arnold, J's BT ruling the new owner of the IP address would have some solace in that the URL would not match, therefore BT customers would still be able to access the website, albeit via a proxy. Re-routing via the proxy may cause some minor problems, but that's a bit of a side issue.
In the case of Sky, [another UK ISP now blocking Newzbin2] unless Sky happen to also use a 2-stage blocking system [like BT] - and my contacts tell me they do not - then whoever picks up the old recycled IP addresses from Newzbin will find themselves blocked.sites "whose sole or predominant purpose is to enable or facilitate access to the Newzbin[2] website" (para 10) can find themselves blocked, again without re-application to the court. If someone creates a website explaining how to work around the block, and this website did very little else but explain how to access Newzbin, it too could be blocked.
That would lead to yet more IP addresses being added to the list, which might then be handed out again to new users as they are recycled from ephemeral sites that pop up and then disappear.
What Firth's analysis shows is how even relatively "sophisticated" censorship systems that aim to minimize damage to other sites can lead to overblocking because not every situation can be foreseen or planned for. Now imagine what SOPA/PIPA will do.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: blocking, censorship, copyright, ip blocking, ip filtering, overblocking, pipa, protect ip, redirects, sopa, uk
Companies: bt, newzbin, sky
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
What about HTTPS?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Of course this is a pipe dream for those folks but hey they be smokin' the pipe this long.....
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Sounds like you're complaining about a non-problem.
[ link to this | view in chronology ]
Re: Sounds like you're complaining about a non-problem.
Who determines what constitutes legitimacy, and who pays for this automagic learning system which is impervious to the wanton discrimination of those put in charge?
[ link to this | view in chronology ]
It's like a court order to hold a car, which is later sold at auction. It was okay, it was seized, and then it is okay again.
Sorry Glyn, but this is simple scare mongering.
[ link to this | view in chronology ]
Re:
A car is a physical object that takes up space and is easily noticed.
An IP address is a string of numbers of little consequence to anyone except the poor sap that was assigned that IP address for his myfamilyblog.info site he decided to set up because his brother in law told him he should. Now he sits trying to figure out why no one in his family can access the site, but since to him url and IP are the same thing he has no clue how to proceed. No one is going to bother cleaning up IP addresses, least of all those that were responsible for getting them blocked in the first place.
His only hope is that someone like you that has an overarching desire to set things right in the world will invest the necessary time and effort to resolve his problem.
Sorry AC but if we leave it to the likes of you to set things right we have every reason to be scared.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Dirty IP
I have had so many problems with email due to a previous user of an IP being a spammer. It is a lot of work to clear an IP off of a blocked list.
[ link to this | view in chronology ]