‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, April 22, 2019 10:31 AM, Hal Ponton <[email protected]> wrote:
> I’m talking about restricting what they can see online The first problem straight off the bat is that any tech ISPs put in place to restrict/protect children is/has been co-opted for general Internet censorship (e.g. cleanfeed > piratebay). That is to say "they" could become "everyone" very quickly. > 7 - Another group I haven’t considered yet. I'm guessing this is where I chime in. 7 includes "internet freedom" type people (yes, myself included) which range from a subset of 6 (e.g. free proxies, Tor operators, free VPN operators etc) through to the civil rights / advocacy groups like EFF and Open Rights Group. Safe to say that if any measures demanded by any of the others that don't have sufficient safe guards (or just for being suggested at all) will be fought tooth and nail by #7. Whether it's Google's million dollar lobbyists, the people running "Pirate Bay Proxies" or just blogging about how to bypass the restrictions. It is worth noting that at the extreme end of #7, legality of action takes second place to fighting whatever the problem of the day is (see lulzsec / anonymous etc). > There is a group I haven’t mentioned above and that’s government. Government > obviously plays a role here, BUT… They have no direct involvement here. They > can regulate but the regulation would apply to one or more of the groups > above. Maybe to the parents? As Neil Brown put it; we've yet to see if leaving a child unaccompanied on the Internet counts as 'wilful abandonment' as per the Children and Young Persons Act 1933; https://twitter.com/neil_neilzone/status/1095303242957971456 > For example government can create a block list [...] others will hate it and > call it censorship. Because it's literally the definition of censorship :) https://en.wikipedia.org/wiki/Censorship > We also have to think about the ability to configure something like this. > Groups 2,3 and 4 I think we can all agree are fine here. But from my time > working help desk I know that groups 1 and 5 might struggle. I've [yet to see a convincing argument why](https://twitter.com/johnc1912/status/1119925264962560001), for example, the [ICRA](https://en.wikipedia.org/wiki/Internet_Content_Rating_Association) can't be resurrected (would probably cost the Government less than the [£10,000,000 it's set aside for the BBFCs year 1 legal fee](https://www.theregister.co.uk/2018/10/17/age_verification_legislation_bbfc/)s) this then opens the door for putting the control in the browser (where it should be) - we expect app publishers to self rate on [Google Play](https://support.google.com/googleplay/android-developer/answer/188189?hl=en-GB&ref_topic=3450987) / App Store, having a combination of this, Google's 'SafeBrowsing' tech and bringing back the[parental controls in the browser would be an option](http://docplayer.net/21101358-Icra-filtering-using-microsoft-internet-explorer.html). Yes kids could install a different browser but if they can do that (local admin privs aside) they can just download the portable version of Tor Browser and blow through *every* control. I'm guessing this has been kicked off due to the impending rollout of DoH? If ISPs want to snoop / filter / data gather on DNS then offer a DoH server on-net and educate customers as to how to configure their devices? > The ability to circumvent these measures is also important. We all know if > we’re faced with DNS blocking, we just change resolvers to one that doesn’t > block. Does this mean we just give up? Or do we try make a dent in the > problem and re-group after. The problem, to my mind, is that it is too easy for ISPs to become the gatekeepers / censors. If we'd have had DoH, CloudFlare and ubiquitous TLS 1.3 15 years ago then none of the current generation of filtering would have been possible. Government wouldn't be asking/demanding that ISPs be the censor. They'd be talking to the end point vendors (Mozilla, Google, Microsoft, Apple). Look at end-to-end encrypted messaging; Government aren't asking ISPs to help there because it's impossible to do so. The web shouldn't be any different. It's still just packets to us. ISPs should not be trying to resolve this problem. It is an endpoint issue. > I’m going to leave out my thoughts here and open it up to some discussion. > What are your thoughts around this subject? I think we’re beyond the point of > just leaving this for another day, governments and public opinion is changing > and we can’t just ignore it anymore. Either we start looking into self > regulation or assisting the other groups in helpful ways or we’ll end up with > backwards thinking regulation being imposed on us as an industry. I'm guessing "make it impossible for ISPs to be the censor" will get little in the way of support?
