Doing filtering right

Once upon a time quite a long time ago I was involved in the implementation of a porn filter at a public institution. At the time part of my role included “inappropriate use” investigations. I’ve spent far too many hours sifting through web and other access logs, writing up material for handover to the authorities, seizing equipment and seeing the flow on effect of a search warrant executed on someone’s home. I’ve sat across a table from someone I knew and made eye contact while I explained how I had discovered evidence he had repeatedly accessed a bestiality porn site. I wish I wasn’t so aware of just how bad porn has to be before it becomes illegal.

I strongly support voluntary at the border filtering for child porn, if I ran an ISP I would implement it and I would be grateful for any help the government provided. But… the government’s support and actions must be scoped, controlled and open to public scrutiny.

DIA should be doing this, but they should also be doing it right:

  1. The process should be public
  2. The scope should be public
  3. Both should be open to public scrutiny and comment (including a without prejudice process for challenging the filtering of a site).

Releasing the list of sites would be counterproductive but we do have a right to know what they’re up to. Is their mandate only child porn (2(a) of the definition of objectionable) or the other criteria as well? Who will make the decision? What is the review process? Will any monitoring be undertaken? Could that trigger an investigation? Will they guarantee it is only objectionable material? Is there scope for political interference? What does “voluntary” mean? Will there be negative consequences for ISPs that don’t opt in?

I totally support DIA’s stated intention, but the way they are approaching it is just plain wrong.