Should ISP block child pornography?

• Previous message (by thread): Should ISP block child pornography?
• Next message (by thread): Where you think the market/network will be heading
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 7, 2018 at 12:08 AM Lotia, Pratik M
<Pratik.Lotia at charter.com> wrote:
> Hello all, was curious to know the community’s opinion on whether an ISP should block
> domains hosting CPE (child pornography exploitation) content?

"Whether an ISP should block" ?!

Probably not in most cases,  except may be required in some jurisdictions
mostly outside our region that are under authoritarian regime requiring ISPs
block any resource banned at the whim of any blanket order from their executive
(without due process);  this is within the same vein as a phone company
hearing a rumor that a certain payphone is being used for illegal activity and
banning all calls from their customers to/from the number,  under the
presumption that  _all_ calls from that phone are for criminal acts.

Assuming: said hosting IP address is on a remote network:
the ISP does not provide authoritative name service for that domain,   and
the customer accesses the resource over the network not through a cache or
application proxy/other service provided by the ISP ---- the customer expects
their ISP merely routes packets and does not participate in content,  and an
ISP deliberately interfering with expected connectivity jeapordizes stability
of the network and the ISP's business relationship with their customers;
the best possible affect on the ISP is neutral.

Notable exception is emergencies where blocking an IP address or domain
actually stops behavior such as DoS that directly disrupts the network,
and blocking mitigates a negative affect on the network.

For example,  let's say we receive a report that
www.twitter.com[104.244.42.65]
hosts CPE.    In that example, the report should be sent to law enforcement and
Twitter: no action by anyone else should be required UNLESS  Law Enforcement
produces to the public a court order to disconnect/block Twitter's
communication
services, that would normally come after a hearing,  and same principle applies
regardless of if the domain name is a top1000 domain or not.

If each ISP wants to be extra helpful, then perhaps they would like to
log all their
traffic to Twitter (in that example) and forward to law enforcement as suspected
CPE trafficking activity  -- although that is a risky invasion of
customer privacy;
at least reporting suspected potential of access to CPE doesn't deliberately
lobomitze IPs from the network or disrupt traffic:  not all of which traffic is
necessarily CPE-related.

In case the ISP oversteps and blocks Twitter traffic that includes legitimate
non-CPE traffic  (It may even affect e-mail traffic where people are
communicating
with the site to try to identify the CPE for removal); the ISP may
face a loss of
subscribers,  and in that example Twitter would hopefully pursue
various lawsuits
or regulatory complaints against the ISPs blocking their IPs for
deliberately creating
an unreasonable disruption to the network.

Possible negatives for the ISP are the risk of those repercussions
PLUS the ongoing
maintenance costs,  personnel time,  and  other resources required for
the ISP to maintain the blocking policy --  and service the extra blocklist, any
removals or exceptions needed ---  helpdesk hours for all the
additional customer
complaints that will occur;  potential loss of good will and negative
reputational
affects on the ISP.

It begins to seem fairly difficult to business justify the policy and likely
fiscally irresponsible for an ISP to start opening this can of worms.

> On one side we want the ISP to not do any kind of censorship or inspection of customer traffic
[snip]

Blocking domains or IP resources is not MERELY censorship.
Censorship, which is itself
far less objectionable:  is  selective blocking or removing  content,
for example,
redacting a chapter from a book.

Blocking domains or IPs is disconnecting infrastructure, for example: seeking to
block  twitter  due to alleged CPE  has an impact that affects much more
than the CPE --- its like blocking an entire publisher;  it doesn't
matter they have
printed mostly books that don't contain the content you've objected to
-  since you
(ISPs)  lack a censorship system --- censorship is not even an option,
and the measures you're talking about are much more drastic than
censoring content.

Also,  when the domain holder eventually responds and works with law enforcement
to remove the found example of CPE,   the domain block does not go away
on its own -- therefore evidencing it is MUCH more than censorship.

Furthermore, if the domain is then unblocked any other examples of CPE
that had been overlooked (not detected by anybody yet) may become
accessible again.

Its fair to say a domain block is not technically related to content
at all --- its in effect an
"Independent ban"  of access to a generic host identifier registered
to a remote network.

(Generic host identifiers aren't content,  don't refer to content, and
don't have a 1:1 relationship to content)

> Pratik Lotia
--
-JH

• Previous message (by thread): Should ISP block child pornography?
• Next message (by thread): Where you think the market/network will be heading
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]