As the debate around SOPA in the US brings the topic of blocking websites to the forefront, we look at how blocking websites has been handled in Europe in recent years.
In the past few months, UK ISPs BT and Sky have been taken to court to block access to the Newzbin site that makes it easier for users to locate (potentially) copyright infringing content from Usenet News posts.
The original version of Newzbin had been hosted in the UK, so it was easily shut down using existing legislation. So, as all good pirates do, the owners just moved the site outside the UK into a more friendly territory and started-up up the service again. This annoyed various parties including the Motion Picture Association (MPA) who took BT to court, forcing them to block access to the Newzbin 2 site at source (i.e. to block users accessing the site from BT itself), followed by another case against Sky.
That all sounds good in practice, as ISPs have the ability to do simple URL blocking as part of the ‘Cleanfeed‘ system that all consumer ISPs have to implement to stop access to child pornography and other illegal material. The court mandated that BT and Sky use existing systems to implement the filtering which in real-terms meant using Cleanfeed.
Cleanfeed has been previously shown to have a few flaws, such as when Wikipedia noticed that pretty much all of the UK traffic was coming from around 6 IP addresses (which are the 6 web proxies used by the 6 major UK ISPs). This happened as someone had reported that an image on the Wikipedia site (the cover of a Scorpions album) portrayed a naked girl. The image had been there for years, but when it was reported to the Internet Watch Foundation (which combats child sexual abuse websites in the UK), it was blocked via Cleanfeed, which meant the whole of Wikipedia got caught.
This is because of the way Cleanfeed works: an offending URL is put into the Cleanfeed system and when a user tries to access the URL a very basic URL match is performed by the ISP filtering equipment i.e. say the offending URL is https://thenextweb.com/uk/2011/12/16/sky-is-the-second-uk-isp-forced-to-block-newzbin-2-talk-talk-and-virgin-to-follow/ then only https://thenextweb.com is matched and if that matches the user’s request, it’s passed the Cleanfeed Web proxy which then does the actual full URL match, so if that particular URL was bad, then any URL following https://thenextweb.com would go through the proxy).
So the actual judgement is really a public facing “we won” exercise, as even changing the protocol from http to https (i.e. using SSL) or adding a new domain means that a site can evade the Cleanfeed system.
It could have been a lot worse, or not
In 2004 a Belgium ISP, Scarlet Extended SA, was taken to court by SABAM (The Belgian Society of Authors, Composers and Editors) for allegedly distributing copyright content, specifically on peer-to-peer (P2P) networks. Filtering content on P2P networks is complicated as it involves looking inside the Internet traffic flows between users (and other users or sites) using a technique called Deep Packet Inspection (DPI), and ISPs have to install complicated (and more to the point expensive) equipment on their networks to do so.
In general ISPs have used the ‘mere conduit’ defence (under the Electronic Commerce Directive) meaning they don’t know what their users are doing and are really just ‘pipes’ and so can’t be held liable for content that passes through their networks.
In 2007 the court ruled against Scarlet (ignoring the ‘mere conduit’ defence) and gave them 6 months to install filtering equipment that would detect copyright material and block it.
Scarlet duly complied, installing technology from a US company Audible Magic, as recommended by the music industry. Audible Magic can inspect P2P traffic using ‘signatures’ of copyright material, thus allowing the ISP to block infringing traffic.
Scarlet tried to block infringing traffic, but it found that it was impossible to implement effective filtering on an ISP-scale network.
Meanwhile Scarlet had taken the case the Belgium’s Court of Appeal who decided that before determining whether filtering is technically impossible, it should first confirm that the court order was lawful in the first place, and referred the case to the European Court of Justice (ECJ) in 2010.
Several member states supported Scarlet, including Belgium, Czech Republic, Italy and Poland and the focussed on several main issues (the requested massive filtering measure is in contradiction with the Art.15 of the e-Commerce Directive; doubt on the efficiency of such measures; the requested measure is not proportionate because it would apply to all customers in abstracto and as a preventive measure; at the costs of the ISPs and without limitation in time, concerns about e-privacy rights; ISP should not decide on the illegal character of a communication; cost of filtering should not be borne by ISPs in order to avoid that all end users pay for some infringers i.e. disproportionately and interests of rightsholders; ISPs and consumers should be balanced).
An eye on filtering’s future
On 24th November 2011 the ECJ ruled that the imposition of an obligation to filter network traffic on Scarlet is contrary to EU law (and thus affects every EU member state).
This has far wider implications than just Scarlet as it could have a direct impact on any future legislation or prosecutions in the EU. It also means that if BT and Sky had to perform any more complicated filtering on Newzbin2, that it would have then fallen foul of the ECJ ruling.
Of course in the US, things are different. ISPs and Telecoms providers have always had the ‘Common Carrier’ defence which meant that they are just pipes when it comes to content. However, this has the potential to change in the face of the Stop Online Piracy Act (SOPA), which could make things very difficult for ISPs and others, forcing them to block websites accused of hosting copyright infringing material. However there’s been a huge backlash and a massive campaign against it, and debate will continue after the winter recess.