The Great Filter

Dr Eric Crampton
28 August, 2019

A couple of years ago, I wrote a short report making the case that New Zealand is the world’s last sane place. Or, at least, if it’s going mad, it’s going mad more slowly than the rest of the world.

Perhaps I was too hasty.

Internal Affairs Minister Tracy Martin this week told Newshub about the government’s plans for protecting children from online pornography. Newshub reported that the government is looking to the United Kingdom as example, and that nothing is yet ruled out.

Some things should be ruled out. Let’s have a look at what has been going on in the United Kingdom, and why it is a bad idea to follow their example.

The Great Firewall of Britain

The UK has a long history of internet filtering. In the 2000s, the government encouraged ISPs to block access to websites blacklisted by the Internet Watch Foundation as potentially including child pornography – not unlike New Zealand’s Digital Child Exploitation Filtering System.

The implementation of the filter did come with a few problems. In one famous 2008 case, clients of ISPs using the filter were barred from editing any page on Wikipedia because the Wikipedia page for a Scorpions album included an image of that album’s cover; the decision was reversed a few days later. New Zealand’s Child Exploitation Filtering System has not had similar problems.

From 2013, the Great Firewall of Britain became rather more stringent. David Cameron’s government sought to protect people from pornography by changing the defaults. Previously, those who wished to prevent anyone in their home from accessing pornography would need to turn on filtering, whether by subscribing to an ISP providing a filtered experience, or by purchasing a service like NetNanny.

Under Cameron’s changes, the default switched. Everyone’s internet access would be filtered to prevent access to pornography. Those who wished an unfiltered experience would need to inform their Internet Service Provider that they wished to have access to pornography.

But, perfectly predictably, the filter went a bit wider than pornography, and included websites relating to alcohol, smoking, suicide, anorexia and more. One reader of my blog, Offsetting Behaviour, reported that about half of the blogs linked by fellow Kiwi blogger Lindsay Mitchell were classified as adult content and were blocked – none of those sites could reasonably be considered objectionable. He could not opt-out as opting out required having a UK credit card with a UK postcode as proof of age.

In 2014, the UK Council for Child Internet Safety began implementing a whitelist to deal with overblocking. Overblocking occurs when the web filters erroneously identify a website as pornographic. Overblocked sites included suicide prevention websites, drug advice, sexual education and sexual health sites and more.

The UK is looking to tighten things further, with a requirement that pornography websites verify the ages of those visiting their sites; noncompliant sites would be blocked by the Great Firewall. How would sites check visitor ages? Wired reports that credit cards, passports, or drivers’ licence details could suffice. But there are a lot of dodgy websites out there providing access to free but copyright-infringing pornography, coupled with a risk of a malware infection for your computer. It seems a bad idea to force people using those sites to provide material that could easily be used in identity theft.

If New Zealand government wishes to follow the UK down this rabbit hole, the government will have more than a few problems it will need to solve.

It will need to develop a comprehensive list of sites deemed pornographic and consequently requiring age checks, as well as processes for whitelisting sites mistakenly listed as pornographic. What would the appeal provisions be for sites wrongly listed? Many foreign-based sites simply won’t care if Kiwis no longer have access to their pages and will not undertake any kind of costly whitelisting process.

It will need to develop a trustworthy mechanism for age verification. This is not a simple problem. If the government requires foreign websites to collect personally identifiable details on Kiwis, what obligations would those sites face under New Zealand’s privacy regime? How could we tell whether those obligations are being met? What recourse might a Kiwi have in case of breach? And, if the foreign site was compromised and Kiwis’ passports or drivers’ licence details used in age verification were then used in identity theft, where would liability lie? The latest messes over at the Ministry of Culture, where passport details of hundreds of kids applying for a programme were compromised in a data breach, might give the government pause.

And if the government wishes to leverage its existing RealMe online identity system for age verification, might we worry about whether the government is keeping track of everyone’s viewing habits? If Winston Peters was unhappy about his superannuation details being leaked, we can imagine what Shane Jones might think about the dangers inherent in this proposal.

During 2016’s Parliamentary Select Committee hearings on Uber, Parliament proved itself to be completely ignorant of the basic details of the technology at play. Any Select Committee hearings on the proposed pornography filter promise to be at least as entertaining. I look forward to hearing whether the Select Committee knows whether the letters V, P, and N might have any relevance to their proceedings.

But all of it risks New Zealand’s coveted status as the world’s last sane place.

Stay in the loop: Subscribe to updates