5 reasons to worry about the Interpol filter

This month Telstra and Optus start to block their users from visiting a "worst of the worst" list of child pornography sites defined by international agency Interpol. Here are five things we find disturbing about the whole thing.

1. Telcos aren't informing users: Telstra's implementation of the filter went live last week. However, to our knowledge, Telstra hasn't yet informed its millions of customers that their internet connections are being filtered by a blacklist of sites. There has been no mass customer emails that we know of, no press releases and the telco only confirmed its blacklist filter had gone live when asked.

   Furthermore, the telco does not appear to have modified its end user agreement to include a section about filtering, so that new customers know what to expect.

2. There is no civilian oversight: you would expect that if millions of Australians are having their internet connections filtered that there would be an independent government agency overseeing the process such as the Australian Communications and Media Authority. Not so with the Interpol filter scheme.

   The scheme was developed by industry group the Internet Industry Association (IIA), along with internet service providers (ISPs) like Telstra and Optus and law enforcement groups such as the Australian Federal Police and Interpol itself. Those who are curious about how the whole filter process works currently have to inquire about the matter to one of these bodies.

   Out of those groups, only the IIA has been forthcoming with details about the intricate workings of the filter over the past several weeks since the scheme was revealed. And the IIA is not directly answerable to the public — only its members, which are mainly ISPs.

3. The law is unclear: the legal mechanism under which the filter is being introduced is Section 313 of the Telecommunications Act. Under the Act, the Australian Federal Police (AFP) is allowed to issue notices to telcos asking for reasonable assistance in upholding the law. The AFP has said that it has issued such notices to selected telcos.

   However, other ISPs such as iiNet, Internode, TPG and Exetel appear to be uncertain as to where precisely they would stand if the AFP issued such a notice to them. Would they be forced to implement a filter against their wishes? Would they even be able to publicly disclose that they had received a notice? Is ISP filtering itself actually currently illegal? Right now, nobody knows.

4. The potential for scope creep is strong: Section 313 of the Telecommunications Act does not specifically deal with child pornography. In fact, it only requires that ISPs give government officers and authorities (such as police) reasonable assistance in upholding the law.

   Because of this, there appears to be nothing to stop the Australian Federal Police from issuing much wider notices under the Act to ISPs, requesting they block other categories of content beyond child pornography, which are also technically illegal in Australia ("Refused Classification") but not blocked yet. A number of sites that were on the borderline of legality, such as sites espousing a change of legislation regarding euthanasia, were believed to be included as part of the blacklist associated with the Federal Government's much wider mandatory filtering policy. Could the AFP request these be blocked as well?

5. There is no open and transparent appeal process: Rright now, if a website is wrongfully included on Interpol's blacklist of sites, there is only one way to appeal and get it removed — through Interpol or associated law enforcement agencies such as the Australian Federal Police. And Interpol doesn't appear to want to discuss the matter very much. Its "complaints procedure" page states:

   "Interpol will not be in position to engage in dialogue with complainants, nor will they receive any information on whether the domain has been removed from the list of blocked domains or not."

   In contrast, the Federal Government has pledged to introduce much more transparent review processes into its much wider internet filtering scheme. For example, its blacklist will be reviewed annually by an independent expert, feature "clear" avenues for appeal of classification decisions and a policy will be put in place to allow for all decisions to be reviewed by the existing Classification Review Board.

Now, we don't want to be too harsh about the IIA's Interpol filtering scheme as it is being implemented by Telstra and Optus. It is quite hard for a site to get on Interpol's blacklist, with multiple agencies having to authorise additions, and there is a certain attraction around the idea that we're only blocking the "worst of the worst" sites containing child pornography, instead of a much wider category of content. In addition, it doesn't seem as if there have been many instances internationally where implementation of the list has caused problems.

However, we are mystified as to why the IIA, Telstra, Optus and the AFP are displaying such a lack of transparency in their implementation of the scheme. We are talking about a filtering scheme that is being implemented behind closed doors, with little notification to customers, with no civilian oversight, an unclear legal framework, the potential for scope creep, and a limited and secretive appeals process overseen by the agency which drew up the list to start with.

Come on, Australia. Is this the best we can do?