June 30, 2012

An old New York Times article headline change - "Censorship" vs "Filtering"

Recently Jacob Appelbaum asked about early censorware investigations. In writing back to him, I mentioned the 2001 New York Times profile of me, which I thought was called (my emphasis) "Cracking the Code Of Online Censorship". Except when I went to find what the article's URL was these days (I remember back when URLs were supposed to be permanent locations, which seems naively hubristic now), I discovered the article is currently called "Cracking the Code Of Online Filtering". I wonder when it changed, and why.

First, I determined I'm not hallucinating. There's a contemporary mailing list post "NYT Profile of Cyberian Seth Finkelstein" which clearly shows the "Censorship" title.

So - to the Wayback machine:

A 2010 version has "Censorship".

While a 2011 version has "Filtering".

Thus it seemed the change was sometimes between 2010 and 2011. Or was it? Some more searching turned up a 2001 version with the "Filtering" headline, which looked like it came from a news briefs distribution. Still, it seems strange to have the New York Times website article headline changing after so many years.

I think the original "Censorship" headline was more accurate (given the heavy use of these programs by various governments, if nothing else). But it's not worth any effort (I doubt that old article has many readers anyway).

Posted by Seth Finkelstein at 11:50 PM | Comments (3)
October 31, 2011

"Index on Censorship" censorware article

Index on Censorship reprints a censorware article I wrote for it a while back:

Web filtering: Keeping it clean? 11 Oct 2011

David Cameron has announced plans to block access to pornography online, with providers offering the choice to turn on a filter.

In a 2009 edition of Index on Censorship magazine Seth Finkelstein examines how indiscriminate blocking systems can be a source of censorship

I wish discussion of these censorware system would include the implications against privacy and anonymity. But in all the years of my trying to make this point, it never seems to get across into the debate.

Posted by Seth Finkelstein at 11:57 PM | Comments (1)
June 25, 2010

.XXX domain - an idea whose time should never have been

My old .XXX domain Guardian column started out "The idea of a ".xxx" web suffix for porn sites is the internet's vampire: it seems nothing can kill it.". And it's risen again, where it'll suck not blood, but money. [sad face image] A point I've repeated made, to no avail, is almost nobody wants it except the people trying to profit from it. As I put it: "... if everyone from civil libertarians and censors to adult industry webmasters says .xxx is a bad idea then maybe we can all agree it's a bad idea ..."

"money quote" (literally and pun intended):

Lawley said he thinks the new address could easily attract at least 500,000 sites, making it after ".mobi" the second biggest sponsored top-level domain name. He expects to make $30 million a year in revenue by selling each .xxx site for $60 and pledges to donate $10 from each sale to child protection initiatives via a nonprofit he has set up.

Value-add, so this post is not just an echo of the news - there's a "Full summary and analysis of dot-xxx comment period" on the blog of the XXX-domain registry, for example detailing all the campaigns which took place.

Posted by Seth Finkelstein at 01:58 PM
June 26, 2009

"Green Dam" vs Cybersitter

There's a quote attributed to Henry Kissinger about the Iran-Iraq war, where he said, "the ultimate American interest in the war [is] that both should lose.". I feel that way about the conflict with Cybersitter censorware company versus China's "Green Dam" censorware.

I've sat out the whole "Green Dam" China censorware story. There's many prominent organizations doing reports, and an abundance of punditry. There's zero point in at best my duplicating the effort of those with far more resources and reach, and at worst wasting my time (as well as quite possibly hurting my life).

I do want to comment on just one specific aspect, the whine:

This isn't the first time Solid Oak's code has been stolen, Milburn said. In the late 1990s, hackers reverse-engineered CyberSitter, which prevents underage children from accessing pornography or other adult content, to allow users to access such content.

The hackers, as well as other detractors, have previously accused Solid Oak and CyberSitter of censoring the Internet. "That's why we don't want to be associated with it," Milburn said of Green Dam.

I don't think they mean "hackers" in the positive sense of the word. I think a more relevant term is "civil-libertarian software engineer activists" Note reverse-engineering Cybersitter[update: is should be] legal. And Solid Oak had the "CYBERsitter Partners Program"

The new CYBERsitter Partners Program allows concerned organizations to create and maintain their own lists of objectionable Internet sites for either private or public distribution. This gives CYBERsitter users several blocking lists to choose from, selecting ones that more accurately reflect their needs.

Third party blocking lists can be used in addition to the default CYBERsitter lists or as a replacement. Each time users update their files on-line, the index of available lists is updated. Users need only click on the lists they desire to use and they are maintained automatically.

As I've said, from a technical standpoint:

"if parents can limit what teenagers can see, then governments will be able to limit what citizens can see. And the other side is if citizen governments, teenagers will be able to circumvent parents."

Posted by Seth Finkelstein at 10:05 AM
January 21, 2009

My _Guardian_ column on Real Sex And The Google Search

"Google should learn the difference between real sex and spam"

"If humans argue so much about distinguishing between erotica and pornography, imagine the difficulty search algorithms have"

I can live with the title, but I suggested per above "Real Sex And The Google Search" - the idea was to make a pun on the search [real sex] discussed in the article, and real sex in reference to the sex-bloggers rather than commercial material aimed at purely prurient interest.

Amusingly (and self-referentially), right now the article is ranking at position #4 for a Google search for [real sex].

Posted by Seth Finkelstein at 09:36 PM | Comments (3)
December 07, 2008

Reflections on Wikipedia vs CleanFeed, Censorship and British ISP's

Wikinews (a separate project from Wikipedia): British ISPs restrict access to Wikipedia amid child pornography allegations

The Register: Brit ISPs censor Wikipedia over 'child porn' album cover

Someone else can do the pundit argument that the general material is horrible, but does it justify censorship? It's not for me, and nobody cares anyway (well, except for people who'd like to take a line out of context to smear me, but no need to cater to them). This post is for pointing out that this incident gives a golden opportunity to see the technical details of how the UK "CleanFeed" national censorware system works in practice.

Note the "Internet Watch Foundation" which maintains the blacklist, has confirmed the event.

Apparently only one or a few Wikipedia pages are on the UK blacklist, but it seems the effect of a site having even one page on that blacklist is to force all site traffic though a proxy, which assigns it to a single Internet address per Internet service provider. This aspect of putting a huge number of users on a single IP has the effect of severely disrupting Wikipedia's administrative controls for the relevant population.

In the discussion pages on Wikinews, and on Wikipedia, there's a rare instance of true aggregated user research, as people from across the UK are posting what error message they see when they try to access the blacklisted material (e.g. an old album cover by the band "Scorpions" called Virgin Killer), and what's happening from various UK ISP's. And poor Wikinews gets no respect for journalism, as the huckster A-listers are enamoured with hyping Wikipedia as much as possible, even though Wikipedia is a very poor fit for journalism.

I'm not going to speculate where this all will end up now. But it's as big an explosion over national censorware as has even been seen in the Western world.

Update: "CleanFeed" flow chart

Posted by Seth Finkelstein at 04:30 PM | Comments (6)
November 21, 2008

"The big business of net censorship"

Echo: The big business of net censorship - "Clamping down on free speech on the internet has been a lucrative enterprise for software manufacturers" - Jo Glanville

We know as much as we do because of the great research of organisations such as the OpenNet Initiative and because of the brave detective work done by researchers such as Seth Finkelstein and Ben Edelman. Under the Digital Millennium Copyright Act in the US, no one can legitimately examine the lists of blocked sites or ask for a review.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
October 15, 2008

My _Guardian_ column on truth, Tim Berners-Lee, World Wide Web Foundation

Please, Sir Tim Berners Lee: try investigating how corporations rule the net

"Seth Finkelstein on Tim Berners-Lee who raises the issue of separating truth from fiction on the internet"

[Note: I didn't pick that title - my own suggested title was 'Tim Berners-Lee takes on "The Net of a Million Lies"']

Here I discuss the ever-popular topic of finding truth among the lies. But I hope I acknowledged some of the cliches about the subject, and got beyond them a little.

Long-time net civil-liberties people might enjoy the references to the old "PICS" ("Platform for Internet Content Selection") proposals, which I sardonically note were derided as "Platform for Internet Censorship System".

I also weave in the effect of Google, from the uncommon angle that it's algorithmic technology wasn't very successful until the company turned into a advertising-selling platform. There's a profound lesson there.

[For all columns, see the page Seth Finkelstein | guardian.co.uk.]

Posted by Seth Finkelstein at 08:20 PM | Comments (2)
October 01, 2008

Breaching Trust: surveillance and security on China's TOM-Skype

I'll echo:

Information Warfare Monitor
ONI Asia
Joint Report
An analysis of surveillance and security practices on China's TOM-Skype platform

Nart Villeneuve, Psiphon Fellow, the Citizen Lab


Our investigation reveals troubling security and privacy breaches affecting TOM-Skype--the Chinese version of the popular voice and text chat software Skype, marketed by the domestic Chinese company TOM Online. TOM-Skype routinely collects, logs and captures millions of records that include personal information and contact details for any text chat and/or voice calls placed to TOM-Skype users, including those from the Skype platform. These records are kept on publicly-accessible servers, along with the information required to decrypt these log files. These files contain the full text of chat messages sent and/or received by TOM-Skype users that contain particular keywords that trigger TOM-Skype's content-filtering capability.

Just amazing stuff. I shouldn't say any more.

[ Memesterbation: (linking so that this post shows up on trackers)]

Posted by Seth Finkelstein at 11:33 PM | Comments (1)
September 12, 2008

Job Ad - Nonprofit Seeking Anti-Censorware Tech Manager

[I don't have any special connection to the following ad, and I'm not interested in moving to DC. But I figure that among my tiny tiny audience, call it targeted traffic, there's a significant probability that someone might find this of interest.]

EFF has been asked to help find a tech manager for a very cool project.

International non-profit seeks manager to oversee innovative multi-country, multi-year project to combat internet censorship by facilitating expanded use of circumvention technology (such as Tor). Desired skills: management (ideally in the non-profit world, and even more ideally using US government grant resources), understanding of internet architecture, international experience in developing countries, languages (such as Chinese, Farsi, Vietnamese, Russian, Arabic). Position will be in Washington, DC.

Contact Eric Johnson directly for more information, please contact: imiafamiliya[at-sign]gmail.com

Posted by Seth Finkelstein at 11:58 PM
July 24, 2008

COPA - "Children's Internet Protection Act" Censorware Politics Goes On

As has been widely reported, e.g. ACLU press release "a federal court once again upheld a ban on a law that would criminalize constitutionally protected speech on the Internet. The American Civil Liberties Union challenged the unconstitutional Child Online Protection Act (COPA)". I've previously written several COPA blog posts, mostly about the censorware-related politics of the case.

To say something both meaningful and different from the herd, I'll point out that Susan Crawford has a post on COPA which extensively discusses the legal strategy STILL driving the promotion of censorware now. As in, right now, in 2008 and beyond. And she said it, not me.

"Justice Kennedy said then - that it is the Court's job to consider what alternatives are out there in the world to help parents, and to decide whether they're more effective/less restrictive than COPA ... Justice Breyer was very sympathetic to [an opposing] view the last time around. His point is that filtering doesn't count as an alternative to COPA."

Concluding in part:

This case is a big deal because it turns on the question whether private, edge-based solutions to speech issues should be taken seriously.

Note the language there: private (good good good) edge-based (buzzword) solutions (business jargon). Words like unaccountable or secret blacklist are not to be found.

These were the issues which led to a smear campaign waged against me due to my blacklist decryptions and extensive opposing censorware. (and people don't like to hear this, but objective evidence is that the mudslinging worked!). When I explain all the political reasons for what has happened over the years, I'm sometimes told (too often in a sneering, belittling tone) that the matter is ancient history. It's not. It'll continue to be significant into the foreseeable future.

Posted by Seth Finkelstein at 11:56 PM | Comments (3)
June 12, 2008

Judge Alex Kozinski "Porn Site" links

Some resources on the Judge Alex Kozinski "Porn Site" story:

A closely watched obscenity trial in Los Angeles federal court was suspended Wednesday after the judge acknowledged maintaining his own publicly accessible website featuring sexually explicit photos and videos.

Quick overview: "Judges Gone Wild"

In one of the wonders of the Internet, much of the material itself has been collected elsewhere:

What "Stuff" was on Judge Kozinski's Personal Website?

USLaw.com has been able to partially recreate the content which was described by Judge Kozinski as "funny... odd and interesting... part of life" (and we agree). The hundred plus files constitute the type of "viral" videos and images that are commonly circulated among men of a certain humor by email.

Apparently this was done by someone who wanted to settle a score against Kozinski:

The L.A. Times's Tipster on Kozinski's Porn: Cyrus Sanai

Small world: I had, err, something to do with the specific anti-censorware effort years ago mentioned in many of the articles describing his opposition to having censorware imposed on the courts.

Posted by Seth Finkelstein at 05:37 PM | Comments (1)
June 11, 2008

Obligatory ISP blocking deal agreement post

I feel morally obligated to write about the ISP blocking deal agreement. However, I can't see what I'd write on my blog will do any good in the world, especially given the inflammatory nature of the topic. I'll leave it other people - people who have far bigger platforms and more social protection - to do at length the civil-libertarian counter-point that child pornography is a horrible horrible thing and anyone involved in it deserves the worst possible punishment, but we should not have vague and broad blocking due to a small number of evildoers ...

Value-add: Link for Official Press Release

Value-add2: Repost from a while back

Irene Graham - ISP "Voluntary" / Mandatory Filtering

"This page contains information about ISP-level filtering systems implemented, by various ISPs in various countries, to prevent accidental access to child sexual abuse material on web pages/sites. It has been researched and produced in the context of the Australian Federal Labor Government's 2008 "plan" to mandate that Australian ISPs block access to a vastly larger type and quantity of web pages."

Posted by Seth Finkelstein at 02:28 PM | Comments (4)
May 29, 2008

My _Guardian_ column on Cisco and China Censorship as Market Opportunity

"The difference between politics and pornography is a social one"

The tools companies use to control workers serve equally well for governments to combat "evil religion"

Also titled "Weapons of mass censorship" on the front page of the site. I didn't submit either title, though they're OK. My suggested title was "What if censorship is in the router?"

The main point here is in terms of they-said-it-not-me. Part of Cisco's defense is in fact the technological (not moral) equivalence, "The tools built into our products that enable site filtering are the same the world over, whether sold to governments, companies or network operators."

[For all columns, see the page Seth Finkelstein | guardian.co.uk.]

Posted by Seth Finkelstein at 02:49 PM | Comments (2)
May 21, 2008

Censorware Roundup: Column, Australia NoCleanFeed, Cisco China

Shameless self-promotion: The Australian newspaper "Sydney Morning Herald" reprinted my Guardian column discussing the OpenNet Initiative's "Access Denied" world censorware report and implications for government censorship

Seth Finkelstein looks at the insidious control that governments and corporations want over your internet use.

(and somebody actually read it!)

Electronic Frontiers Australia (not related to the US EFF) has a campaign "No CleanFeed" against mandatory ISP censorware, No Internet Censorship for Australia:

The [Australian] Federal Government is pushing forward with a plan to force ISPs to filter out all material "inappropriate" for children from Australian homes.

Echo: "Cisco File Raises Censorship Concerns"

In its PowerPoint presentation, Cisco referred to the Chinese government's project to control the Internet, including its use by groups such as Falun Gong. After a slide referencing the crackdown on Falun Gong, the next slide proclaims: "Cisco Opportunity: High start-point planning, High standard construction, Technical training, Security and operation maintenance."

Sigh. WHAT DID YOU EXPECT? Repressive governments make for great censorware customers. China's a big market. No surprise here.
(note on the politics civil-libertarian funding: I'm aware someone is likely to get a grant out of this. It's not something for me. You have to be "connected" to get that sort of money, and I'm not a "club-member").

Posted by Seth Finkelstein at 11:52 PM | Comments (3)
April 16, 2008

My _Guardian_ column on "Access Denied" World Censorware Book

"If you block online porn, you'll surely block dissent in China"

"The issue of whether the internet can be censored, and how governments are trying to do it, continues to be fought around the world"

[Sigh ... remember, I don't get to write the titles ...]

This column is about the OpenNet Initiative's book "Access Denied: The Practice and Policy of Global Internet Filtering", and what it might portend.

[For all columns, see the page Seth Finkelstein | guardian.co.uk.]

Posted by Seth Finkelstein at 09:03 PM
February 26, 2008

libertus.net: Censorware Report on ISP "Voluntary" / Mandatory Filtering

Echo: Irene Graham - ISP "Voluntary" / Mandatory Filtering

[Description sent to a mailing list below]

Contains information about ISP-level filtering systems implemented, by various ISPs in various countries, to prevent *accidental* access to child sexual abuse material on web pages/sites. Page has sections about:

Europe (EU) Overview | Norway | Sweden | Denmark | Finland | Netherlands | Switzerland | Britain | Italy | Canada

The most notable thing about all of the Scandinavian and other European systems (except Britain and possibly Italy) is that they are using DNS blacklisting, which as some people on this list would already know, can only be used to block an *entire* domain/site, not a particular page, and is *trivially* easy to bypass. It's much less expensive to implement (than e.g. BT's hybrid URL-based system) which might well be why some of the ISPs in those countries were willing to voluntarily prevent *accidental* access to child sexual abuse material sites. However in, at least, the Netherlands and Switzerland there are a number of ISPs declining to voluntarily do so for a range of reasons.

Posted by Seth Finkelstein at 11:59 PM
December 31, 2007

Australian national censorware news report notes

First, a link to an Australian national censorware news article, without which this post would languish in even more obscurity than it will already.

Now, there's a basic issue of confusion: Is this for "illegal" material (under Australian law), in which case an opt-out makes no sense, or "adult"-only material, in which case there'd be a serious problem managing all the opt-out which would be needed.

I believe this is about "illegal" material, though the most recent reports and blustering make it sound like it's about "adult"-only material.

Paul Montgomery has the best local coverage. Which of course is relegated to obscure discussion status compared to the BigHeads.

One correction for this column: Why Australia isn't the new China

most recently in a column about the Australian approach by Seth Finkelstein pointing out that censorware never works.

I shouldn't be ungrateful for a press mention. Except I didn't say that :-(. The headline-writer did. The title "The internet can't be censored and it's wrong for governments to try" was not my words. I have a much more worried view of the effects of national censorware.

Posted by Seth Finkelstein at 09:52 AM | Comments (11)
December 20, 2007

"Psiphon" anti-censorware program articles

Echo: The Psiphon network frustrates censors by using trusted friends (via Ronald Deibert)

MIT Technology Review has published a nice feature article about the Citizen Lab's software, psiphon. I thought some of you who know about the project might find it interesting.

I've mentioned Psiphon a few times myself, mostly because of the way it has, let us say, wide-ranging anti-censorship applications.

Note also Black marks appearing for commercial internet filters?

"We citizens don't have access to the block lists [of prohibited Web sites] that are put together by these companies because that is considered proprietary. Even researchers like myself can't explore the filtering technology that is being sold and used by governments around the world."

Sigh ... :-(

Posted by Seth Finkelstein at 06:59 PM | Comments (2)
October 15, 2007

"When US-made 'censorware' ends up in iron fists"

Excellent article: When US-made 'censorware' ends up in iron fists, not the least because I'm quoted

"Some people say [censorware] is ineffective because dissidents can get around it," says Seth Finkelstein, a programmer and anticensorship activist. "I say political control doesn't have to be 100 percent to be effective. Controlling the ability of the vast majority of the population to see outside information is still very effective for the goals of the totalitarian regime."

And it's an accurate quote. In the course of conversation, I gave a version with parallelism "Some people say censorware is ineffective because dissidents can get around it, some people say censorware is effective because only dissidents will get around it". But the version used is just fine.

It's good to see that the connections between censorware companies and repressive governments is continuing to make news.

Posted by Seth Finkelstein at 12:06 PM | Comments (4)
October 10, 2007

"Everyone's Guide to By-Passing Internet Censorship"

Echo: Everyone's Guide to By-Passing Internet Censorship for Citizens Worldwide

[Via Ronald Deibert]

Internet censorship, or content filtering, has become a major global problem.

Whereas once it was assumed that states could not control Internet communications, according to research by the OpenNet Initiative (http//opennet.net) more than 25 countries now engage in Internet censorship practices. Those with the most pervasive filtering policies have been found to routinely block access to human rights organizations, news, blogs, and web services that challenge the status quo or are deemed threatening or undesirable. Others block access to single categories of Internet content, or intermittently to specific websites or network services to coincide with strategic events, such as elections or public demonstrations.

Posted by Seth Finkelstein at 11:59 PM
September 30, 2007

Nart Villeneuve on Myanmar/Burma and Internet censorship

Echo: Nart Villeneuve, of Open Net Initiative about Myanmar/Burma and Internet censorship:

Media coverage of Internet censorship is usually framed through one of two lenses: The "1984" approach overstates censorship capabilities claiming that legions of internet police monitor everything in "real time" and are just one kick away if you make the wrong click. The "technoptimist" approach understates censorship capabilities and claims that circumvention technology is proliferating and the internet is a democracy-battering-ram chipping away at the crumbling walls of oppressive regimes. ...

Posted by Seth Finkelstein at 08:00 PM
September 17, 2007

Iran and the Google Blocking / Unblocking

Or, "It is worse than a crime, it is a blunder"

Iran blocked then unblocked Google, as I assume people have heard by now.

"Due to an error, the Google site was filtered on Sunday evening but the error was corrected and now Google and its different sites like Gmail can be used," said an official from the state-run communications company.

Well, what is there for me to say? I actually tend to believe them that it was an "error". If they were really going to shut-off search engines, they would have taken out Yahoo and MSN too. And I don't think they'd want to shut off Gmail short of a war or a coup d'etat. They apparently blacklisted a pattern like "*.google.com", which, just speculation, might have been a typo for some sort of typosquatting, or a misfire from some sort of link-spamming.

I could harp again on how this shows how fragile a free Internet is, how with censorware widely deployed, vast amounts of information can be censored quite arbitrarily. But I've been saying that for more than a decade, so I doubt saying it once more is going to help anything (or help me in any way).

Posted by Seth Finkelstein at 11:59 PM
September 13, 2007

My _Guardian_ Column on Government Of Australia National Censorware Plan


"What is really under discussion is control of people. Calling it 'censorware' has the advantage of clarity"

I'm glad they used that as excerpt, though I don't like the title given ("The internet can't be censored and it's wrong for governments to try" - I don't assert categorically that the Internet can't be censored, in fact "Can you censor the Internet?" is the question I've explored for many years).

Posted by Seth Finkelstein at 08:00 PM | Comments (1)
September 10, 2007

Franco Frattini EU Censorship Proposal - QUESTIONS AND ANSWERS

Franco Frattini, European Union Justice Commissioner, has set off a minor blogstorm from the following censorship proposal:

BRUSSELS (Reuters) - Internet searches for bomb-making instructions should be blocked across the European Union, the bloc's top security official said on Monday.

Internet providers should also prevent access to any site giving instructions on how to make a bomb, EU Justice and Security Commissioner Franco Frattini said in an interview.

"I do intend to carry out a clear exploring exercise with the private sector ... on how it is possible to use technology to prevent people from using or searching dangerous words like bomb, kill, genocide or terrorism," Frattini told Reuters.

Putting aside the phrasing silliness (I know, it's like blogger catnip, ha-ha-he's-so-dumb), he has been making the same noises for a while:

Voice Of America News August 2006

"But I think it is very important, for example, to explore further possibilities of blocking websites that concretely incite to commit terrorist actions or for example providing of the diffusion of expertise or knowledge about bomb making," said Frattini.

However, it turns out that an organization http://SpyBlog.org.uk has compiled a VERY LONG Q-and-A about such censorship proposals

Below is the first part of our letter to Franco Frattini, and the preliminary, general answer, by Jonathan Faull the Director General for Justice, Freedom and Security of the European Commission.

See subsequent blog postings for Questions and Answers numbers 1 to 17

I doubt my audience needs me to say anything more about the battles of censoring the Internet, and he certainly doesn't care what I think reading ...

Posted by Seth Finkelstein at 11:25 PM | Comments (2)
August 29, 2007

"Are web filters just a waste of everyone's time and money?"

Not my column, but mentioned here for the obvious reason:


Are web filters just a waste of everyone's time and money?

Charles Arthur
The Guardian Thursday August 30 2007

As our regular columnist Seth Finkelstein would tell you, the only people who truly benefit from web filters are the people who make them - such as those who laboured on those provided under the Australian government's NetAlert filter scheme (netalert.gov.au) at a total cost of A$84m

I should note that the 84 million dollars (Australian) represents a pure subsidy to censorware companies, for something like a country-wide site-license, not development cost done by the Australian government (people typically don't get it when I talk about the money, and the part it played my giving up).

Value add: another journalist writes: How to crack the Aussie $84m porn filter in five clicks

Posted by Seth Finkelstein at 11:59 PM | Comments (5)
August 10, 2007

Australia's government censorware initiative - slippery slope in action

In the news about Australia's censorware initiative, which encompasses various subsidies and hotlines, one aspect has gone unremarked (h/t Ian Burrows):

Other changes include an extension of the ACMA Blacklist, which includes pornography denied classification by the regulator, to cover malware and terror sites.

Note the slippery slope is no conjecture. Here it began with porn. Once the blacklist system was in place, then it encompassed "terror" sites. But who could be in favor of "terror"?

It's just too easy to have mission creep like this. With secrecy and lack of accountability and outside review, there's an incentive to ban more rather than less.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
August 03, 2007

"Child Safe Viewing Act of 2007" ("V-chip 2.0")

The "Child Safe Viewing Act of 2007" was recently passed:

The bill requires the FCC to review, within one year of enactment, technology that can help parents manage the vast volume of video and other content on television or the Internet.

For whatever good it does, and that's somewhere between not much at all, and none, I'll point out that we have been here before, with the FCC / CIPA (library censorware) order, where the FCC had to determine basic acceptable censorware regulations for libraries. It wasn't a big deal. They basically went through the motions and ducked the difficult questions.

I expect a similar result this time around. The real negatives are that the censorware companies will be able use the proceeding as a marketing-fest (not that the FCC will suddenly censor the Internet). Since of course no real evaluation will be done, the PR flacks can claim anything.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
July 26, 2007

Commerce Committee Net Censorware Hearing - looks like posturing

I suppose I'll write a few words on the censorware story: "US Senators call for universal filtering"

The measures they are calling for include directing the Federal Communications Commission to identify industry practices "that can limit the transmission of child pornography" and requiring the Federal Trade Commission to form a working group to identify blocking and filtering technologies in use and "identify, what, if anything could be done to improve the process and better enable parents to proactively protect their children online."

I looked at the hearing's testimony, and various statements but actually didn't see much beyond a lot of speechifying. If they're calling for a report here, and working group there, all about "industry practices", I'd say it looks like more generic posturing than a serious attempt to get a new law on the table.

Posted by Seth Finkelstein at 06:41 PM | Comments (2)
July 21, 2007

Nigerian One-Laptop-Per-Child Porn-Browsing and Censorware

Thanks to everyone who mailed me about the "Nigerian pupils browse porn" story:

Nigerian schoolchildren who received laptops from a U.S. aid organisation have used them to explore pornographic sites on the Internet, ... [snip]

A representative of the One Laptop Per Child aid group was quoted as saying that the computers, part of a pilot scheme, would now be fitted with filters.

I wasn't sure if there was any point in my saying anything about this story, since it looked like it was going to be extensively echoed, so what would be the point in my adding my marginal voice to the chorus?

I think the "One Laptop Per Child News" (an independent site) had the best commentary about the utterly mundane situation that sex draws interest: "To focus on it this much means that the reporter really wanted a headline grabbing story or is against the project on a personal level."

I could note that adding censorware to the machines seems problematic. If these are open-source, then removing the censorware will be trivial. And who is going to control what goes on the blacklist? Etc. But it's not like anyone is going to press those issues (oh, I could try playing "citizen journalist", but there's nothing I could do if my phone calls weren't returned, or I was routed to a flack who just kept repeating a PR line).

Frankly, the One Laptop Per Child idea has always struck me as very ill-considered, a bad combination of techno-utopianism and paternalistic colonialism. But I'll get in trouble if I say what I really feel.

Posted by Seth Finkelstein at 04:45 PM | Comments (4)
July 13, 2007

Google Video Cache Bypasses YouTube Age Verification

Echo: http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064625.html

Youtube.com requires account creation and login before allowing visitors to view videos flagged by users as inappropriate.

Sample flagged video: http://www.youtube.com/watch?v=[video_id]
"This video or group may contain content that is inappropriate for some users, as flagged by YouTube's user community.
To view this video or group, please verify you are 18 or older by logging in or signing up."

.....alternatively, download the video directly from Google video


[h/t Google Blogoscoped forum]

I've said it before, cache is the bigggest threat to censorware.

Posted by Seth Finkelstein at 11:59 PM
June 06, 2007

Amnesty: "The Struggle for Freedom of Expression in Cyberspace"

Amnesty event: The Struggle for Freedom of Expression in Cyberspace

Event: Some People Think the Internet is a Bad Thing

6 June 2007 1:30 PM EST

Amnesty and the Observer Newspaper will use the internet to link activists from around the world to discuss the struggle against internet repression and to celebrate the irrepressible desire of people towards freedom of expression. The meeting will include participation from internet gurus, cyber dissidents as well as net activists, writers and journalists. Everyone will be able to participate to the debate online through a webcast on the day.

Event venue: Online at www.amnesty.org.uk/webcast - broadcasted from the Human Rights Action Center in London

Related: Doctorow - See no evil?

There's an inverse correlation between the regulation of speech and the freedom of a society. In the new global world of censorware, we all live on Syria's internet, China's internet, filtered by companies whose first priority is to ensure that Beijing is happy with its work.

I was originally going to title this post "Internet Censorship Conferences Are The New Black", but I decided that was churlish as well as reeking of sour grapes. I have to remind myself not to have my assessments clouded by bitterness. Anything that gets the message of censorware use by repressive governments into the public mind, is good for all censorware critics.

Posted by Seth Finkelstein at 12:57 PM | Comments (1)
May 30, 2007

Censorship, Politics vs Porn

Echo: Porn-Surfing By Proxy

Summary: If works for politics, it works for porn. And there's a whole lot more people interested in porn than in politics

Mr. X first visited CNN.com and a few other media pages, but when Hunter checked his psiphonode [proxy] log again hours later, he discovered Mr. X had moved on to a search for nude pictures of Gwen Stefani and photos of a panty-less Britney Spears.

Then he spent five hours on hard-core sex sites.

This is the flip side of the values vs. implications argument. That censorware for {parent, child, sexual material } and {government, citizen, human rights} are the same technical issue. It does no use to repeat endlessly that one's one values are in favor of the former and not the latter. The implications are independent of the personal values.

Not that this reflects badly on the goals of Psiphon and other such projects. But it's a fact of life.

Posted by Seth Finkelstein at 05:27 PM | Comments (1)
May 27, 2007

Columnist asks readers if they've evaded censorware

Circumventing censorware seems to be going mainstream. "Network World" has a column: Getting around Web filtering:

So, what kind of filtering and for that matter logging does your company have in place and do you and or your co-workers use any of these free public proxies to circumvent them? If you are on the IT management side, do you attempt to block these proxies?

The tone of this column is interesting. It's not the standard kids/porn piece. Rather, it's about (high-status) employees escaping company controls, and is sympathetic to the workers.

There's also discussion that translation systems can act as proxies, and hence are blacklisted.

Posted by Seth Finkelstein at 11:59 PM
May 18, 2007

OpenNet Initiative - Censorware All Over The World

ObPost: BBC: Global net censorship 'growing', covering the Open Net Initiative censorware report


"It's an alarming increase," said Ron Deibert, associate professor of political science at the University of Toronto, one of four universities participating in the yearlong study along with Harvard, Oxford and Cambridge. "Once the tools are in place, authorities realize that the Internet can be controlled. There used to be a myth that the Internet was immune to regulation. Now governments are realizing it's actually the opposite."

What more is there for me to say, that I haven't said already, too many times? :-(

Posted by Seth Finkelstein at 12:14 PM | Comments (2)
April 26, 2007

Free Press: "WiFi filters raise worries of city censorship"

Free Press: "WiFi filters raise worries of city censorship"

Banned site result of glitch, Boston official says

By: David Brand

As the city advances its plans to expand wireless Internet service to all of Boston, some website operators and civil liberties advocates say the city-sponsored network is censoring some sites -- but city officials have attributed this to glitches on the network's filter.

Lots of quotes in this piece, including me (accurately):

Anti-censorship activist and server programmer Seth Finkelstein, who maintains a website that provides information about censorship cases, said the site was blocked as the result of an arbitrary "dumb computer program," adding it is likely many less popular sites also get caught in Boston's network filter.

"We only heard about this since BoingBoing is very popular," he said. "What else was banned [but] didn't have the ability to publicize it?"

That point is key - Boing Boing is one of the absolute top blogs, and they have the power to make a media fuss when they're affected. But it's like cockroaches, if you see one of these, it's virtually certain there's many more which are hidden.

There's also been some discussion about the legality of Boston Wireless censorware. I'm not sure anything will come of it all, but it does seem that there's ways to make a good argument against it.

Posted by Seth Finkelstein at 11:59 PM | Comments (5)
April 24, 2007

David Sheets Tests Of "BostonWireless" censorware

David Sheets tested "BostonWireless" censorware. Rather than echo his laundry-list of censorware silliness (everything from breast implant procedures to many encyclopedia entries on lotteries), let me cut to the chase:


From a technical standpoint, the stupidly simplistic the artificial "intelligence" algorithms used to censor content are beyond sad. After over a decade of work on spam detection, the fact that a system like this has been implemented is beyond reproach. The engineers or systems administrators who chose and implemented this system should be fired and Mayor Menino should think long and hard about his stance on free speech.

I should note here that spam detection, though it may look similar, is actually a structurally different problem. A system which catches 95% of spam is very useful. But catching 95% of porn sites just means someone has to click a few more times. It's the difference between something you don't want to read, and something you do want to read.

But anyway, this shows that ridiculous bans are still very much a reality in practice.

Note also "Oh, and when I tested the network, BoingBoing was no longer restricted." - since evidently the post with the "banned combination phrase" has scrolled off the page now.

Posted by Seth Finkelstein at 08:43 AM
April 22, 2007

WHY Boing Boing Is Censorware'd "Banned-In-Boston" from Dan's Guardian

[Original research here!]

I ran a copy of the relevant censorware and found why Boing Boing got censorware'd by Boston Municipal Wi-Fi.

Remember: "The phrase "Banned combination phrase found" is a characteristic message of the censorware Dan's Guardian. http://www.dansguardian.org/ It seems some combination of words has triggered the "isItNaughty" flag (that's what they call it).

This is the message that appeared in the server log:

http://www.boingboing.net *DENIED* Banned combination phrase found: google, &safe=off

It looks like the "Banned combination phrase" was the following link, because of the search with SafeSearch set to "off":

Much more of Biskup on Boing Boing <a href="http://www.google.com/search?hl=en&safe=off&domains=boingboing.net&q=%22Tim+Biskup%22&btnG=Search&sitesearch=boingboing.net">Link</a>

"Arbitrary and capricious" seems the relevant characterization.

[Update: BoingBoing should be viewable again on that network when the offending post scrolls off the main page, which should happen in a day or so. But that post itself will remain censorware'd until someone changes the phrase blacklist entries]

[Welcome Slashdot/BBoing readers - feel free to read more of my past extensive censorware research]

Posted by Seth Finkelstein at 01:01 AM
April 21, 2007

Boing Boing "Censorware'd" Banned-In-Boston - Dan's Guardian

[Not a pure echo, original research here!]

Boing Boing got censorware'd by Boston Municipal Wi-Fi.

I sent them the following information:

"The phrase "Banned combination phrase found" is a characteristic message of the censorware Dan's Guardian. http://www.dansguardian.org/ It seems some combination of words has triggered the "isItNaughty" flag (that's what they call it).

It would be an interesting legal case to see if you had the right to file a Freedom Of Information Act for the settings and block logs to find out the exact reason you got censorware'd."

Note, to be clear, this looks like a words-on-the-page blacklisting, rather than a prohibited-site blacklisting.

Sigh. Why bother? I see Slashdot is spreading a rumor over it, and it's a huge joke to think I'm going to make any difference blogging about it :-(.

Posted by Seth Finkelstein at 11:30 PM | Comments (5)
March 30, 2007

.XXX domain rejected

Via Susan Crawford, the .XXX domain proposal has been voted down.

The [.XXX domain registry] Application raises significant law enforcement compliance issues because of countries' varying laws relating to content and practices that define the nature of the application, therefore obligating ICANN to acquire a responsibility related to content and conduct.

And there was much rejoicing, among everyone except the registry investors who wanted monopoly rents.

Posted by Seth Finkelstein at 07:33 AM | Comments (1)
March 28, 2007

My _Guardian_ column on COPA and the censorware effectiveness argument


"Would you be surprised to hear US civil liberties groups arguing that Internet censorship is cheap, easy, relatively effective and difficult to circumvent? While in reaction, the US government claimed that such efforts had an unacceptable amount of collateral damage?"

Posted by Seth Finkelstein at 08:19 PM
March 25, 2007

Free Expression Policy Project on COPA and censorware

Worth echoing: Free Expression Policy Project on COPA (and censorware)

Ironically, in view of the ACLU's educational materials pointing out the massive censorship potential of filters, the ACLU and its fellow plaintiffs now presented experts touting filters' virtues, while the government, which had praised filters a few years earlier when it successfully defended a federal law that mandated their use in schools and libraries now pointed out their flaws. The ACLU explained its apparent inconsistency by saying that filters are fine as long as nobody is compelled to use them.

Posted by Seth Finkelstein at 11:46 PM | Comments (3)
March 19, 2007

XXX Domain Decision Delayed, Expected Soon

I don't see the latest "XXX domain" saga news mentioned anywhere much, so I might as well pretend I'm doing some good in blog posting about it. At the March 13 meeting of ICANN (the organization in charge of approving such new domains), they eventually decided not to decide at that meeting, but:

The Chairman asked if the Board would be prepared to vote on this matter at the Lisbon meeting [March 28] and suggested that it would be useful for the Board Members to engage in additional deliberation on the materials already received and that they spend time setting out their positions in writing and reaching a clear rationale regarding to any proposed board action.

Reading between the lines, I suppose that means prepare for an upcoming flamestorm, whatever the outcome. To wit:

John noted in relation to community input that since the initial application on the proposed application and revised contract, there had been over 200,000 emails sent to ICANN and additionally over 1300 separate comments had been received in the public comment forums established by ICANN. Paul Twomey added that he had personally received many personal emails, mainly from the American Family Association, opposed to the creation of the domain. John confirmed that those emails were included in the overall count and that Staff had attempted to post all of them. John stressed that it was important that the ICANN Board take into account the unprecedented public comments regarding this matter relating to any decision that might be made on this topic.

In terms of strange bedfellows (pun unintended), the two groups which have been lobbying intensively are the Religious Right and the "Adult Industry" - both against the domain. My superficial take is that many at ICANN now realize that the XXX domain is a horrible idea, but they don't want to be seen as caving into political pressure.

Posted by Seth Finkelstein at 09:25 PM
February 21, 2007

.XXX domain public comments to ICANN - Round 2 IN PROGRESS

The .XXX domain proposal has been revised and is going through a second round of comments:

Consistent with the direction given by the ICANN Board as described in the Preliminary Report of the 12 February 2007 Special Meeting of the Board, ICANN today posted for public comment a revised Appendix S [PDF, 108K] of the proposed registry agreement with ICM (sponsoring organisation for the proposed .XXX registry).


Deadline seems to be March 9 2007 (the website says Feb 9 2007, I think that's a typo).

Money quote:

Roberto Gaetano said that he believed that there was significant opposition from the adult entertainment industry as they come to understand the repercussions and operation of this domain. He thought a substantial number in that community had changed their mind over the last six months. He said when the Board has evidence of substantial opposition that must be taken into account. He noted for .TRAVEL the Board had only one statement of opposition. In this case there had been hundreds.

Rita Rodin echoed what she saw as both Vint and Roberto's views. She believed that the reason ICANN had public comment periods was to take into account the views expressed during them. If the Board does not pay attention to those views, she said, this would support the oft-mentioned argument that the Board does pay attention to the community.

There you have it - the more they hear against it, especially from the intended monopoly rent-payers, I mean sponsored community, the harder it is to put the monopoly rent machine in place.

Posted by Seth Finkelstein at 01:03 PM
February 06, 2007

.XXX ICANN comments - enormous opposition

I skimmed through the dot-XXX domain ICANN forum to see how the public comment on the .XXX domain was proceeding, and my impression is that it's overwhelmingly negative towards .XXX.

For example, in terms of opposition based on trademark concerns: MarkMonitor's concerns regarding the intellectual property impacts associated with the .XXX Application and Agreement

In order to address the second issue, we would like ICANN and the ICM registry to recognize that brand holders as well as many other individuals and organizations view the launch of .xxx as an unfair means of extracting fees for defensive registrations and STOP proceedings. ... [snip]

As we represent a large number of brand holders, we urge ICANN and ICM to consult with intellectual property community before finalizing the .xxx agreement to ensure that appropriate brand related protections are adopted to minimize the potential damage to major brands throughout the world.

Internet Commerce Association Opposes Approval of the Revised Proposed Agreement on .XXX and Urges Rejection with Finality

Interesting nuanced objection from: Government of Canada comments on the proposed ICM Registry Agreement

ICANN was not conceived to be the global Internet content regulator. It has had some difficulty establishing legitimacy and full acceptance in carrying out its primary function related to managing the domain name system. ICANN's becoming engaged in content regulation through its contracts with TLDs risks undermining its legitimacy and purpose at a time when these need to be reinforced and strengthened.

There's a few professional pro-.XXX submissions in the pile, but I'm not going to comment specifically on them here since I don't want to be unfair to their arguments (I think the arguments put forth are generally ludicrous and monetarily self-interested, but a detailed rebuttal would take substantial time to write).

Posted by Seth Finkelstein at 11:19 AM
January 31, 2007

Global Internet Freedom, aka Company Censorship Collaboration Squirmfest

AP: Tech Firms Seek Action on Net Censorship: "WASHINGTON (AP) - American technology giants urged the U.S. government Tuesday to do more to confront China and other countries about Internet censorship."

And how to confront? To wit:

Andrew McLaughlin, senior counsel for Google, told a State Department-sponsored conference on Internet freedom that his company is trying to use its presence in countries that are restrictive to provide communication options, such as e-mail and blogs, for people who may not have other ways to talk to each other freely.

Ah, blog-evangelism. But the obvious counter-argument is that Google's services of "e-mail and blogs" form an incredibly centralized honey-pot of monitoring and censorship for those restrictive governments to monitor and censor. And those governments won't be playing around with puny subpoenas for research over which Google can make a huge PR fuss. They'll just order Google to provide them with "dissident alerts".

McLaughlin urged the U.S. government to fight for technology and information companies' rights in the international trade arena.

"What we need is for censorship to be treated as a trade barrier and be put right up at the top of our agenda when it comes to bilateral" free trade agreements, he said.

Ha ha ha. The man is funny. Part of being a lawyer is training to make outrageous arguments with a straight face. Free trade agreements do not exactly have a distinguished record as tools for human rights enforcement. Though I appreciate the rhetorical purpose of the argument, the deflection of the issue into what would certainly be an economic-growth-solves-everything response (but it would be someone else's response, and so get Google off the hook).

Now, I'll grant this is not a simple problem, because of the obvious dilemma that any company which doesn't go along with repression loses market share to a company which will (which is in fact an argument for a legislative approach). On the other hand, I don't have too much sympathy for the companies involved trying to weasel it away.

Posted by Seth Finkelstein at 12:55 PM | Comments (1)
January 07, 2007

"The Geopolitics of Asian Cyberspace" - Ronald Deibert

[Underechoed (h/t: XarxAsia)]

The Geopolitics of Asian Cyberspace
Far Eastern Economic Review, December 2006, by Ronald Deibert

"Conventional wisdom had it that the Internet was an unstoppable force for liberalization, with nondemocratic states powerless to control this sprawling, seamless network of networks. But this vast international "underbelly" of the Internet -- almost completely invisible to most Internet users -- has become an object of geopolitical contestation among states, and a site where political power is being asserted." ...

"The increased sophistication of Internet content filtering practices can be attributed, in part, to the services provided by Western (mostly U.S.-based) software and Internet service firms. Whereas once the best and brightest of Silicon Valley were associated with wiring the world, and opening up access to vast stores of information, today they are just as likely to be known for doing the opposite. Although Microsoft, Cisco, Yahoo!, Skype, and Google have all come under scrutiny for colluding with China's Internet censorship practices, perhaps the most significant, serious, and yet overlooked contribution to Internet censorship by Western corporations comes from the manufacturers of the filtering software used to block content."

Posted by Seth Finkelstein at 09:37 PM | Comments (3)
November 29, 2006

"Censorware Chronicles" advice - recapping recent censorware news

Walt Crawford asks for censorware advice regarding the relevant section of his library-oriented (though not exclusively) publication Cites & Insights:

2. Censorware Chronicles ( appeared once this year, in September, although censorware was mentioned in two other issues ).

I think this one's a fait accompli - there just isn't very much happening. The one lawsuit I'm currently aware of is against a library that's failing to follow the post-Supreme Court CIPA (that is, not unblocking sites at an adult patron's request), and thus really has no effect on CIPA. There's the ongoing DoJ attempt to revive COPA, and that's interesting, but others are covering that a lot better than I could.

Where to start ...

To the contrary, that lawsuit is quite significant with regard to CIPA (the Federal library censorware law). Whether an adult patron could have censorware disabled on request was a major factor in the Supreme Court opinions on the law. Showing such ability is not true in practice would be very significant as part of further legal challenges to censorware in libraries (this has to do with a complicated concept of two type of legal challenges "facial" vs "as-applied", which is about roughly theory vs. practice).

And while there's certainly been much coverage of the "Child Online Protection Act" (COPA), it's my view that the censorware implications could be explored much better than they often have been. I've been writing about that, but frankly, very few people read me, certainly compared to the overall media reports. I think it's useful for more people punditing on the topic to point out the censorware least-restrictive-means argument is NOT new, going back more than a decade (to some vicious politics of touting censorware). And it leads to deep problems of talk-up/talk-down censorware. The superficial punditry is going to snark that those problems are a contradiction, then there's going to be somewhat knee-jerk contrarian articles claiming it's not really a contradiction because there's different contexts: parents/children/government/law/etc. But there's not a lot of good writing with a deep perspective, pointing out that even taking into account different contexts, there's still a problem since that overall situation just doesn't stay so neatly partitioned or ideally formalized. The legal argument over the sufficiency of censorware for parents tends to turn into a public-relations argument about how well it works.

Then there's the recent DMCA censorware exemption loss (due to, well, I've said it too many times :-( ...). But maybe that's worth an item.

The Psiphon censorware circumvention project is getting a lot of publicity. And I seem to be the only one so far pointing out that if it really worked, that would undermine one of the ACLU's arguments in COPA in favor of censorware (that in practice censorware is difficult to circumvent).

Note: If "psiphon is a human rights software project developed by the Citizen Lab at the Munk Centre for International Studies that allows citizens in uncensored countries to provide unfettered access to the Net through their home computers to friends and family members who live behind firewalls of states that censor." - that works just as well for libraries that censor. In fact, even better, since nobody involved is going to be killed as an enemy of the state. It might even make for some interesting guerrilla activism against censorware in libraries.

And in general censorware news, there's the Great Firewall Of Canada, where Canada wants to have national ISP censorware to ban illegal-in-Canada sites.

There's also been mentions that the The Open Net Initiative is going to have a big report in the near future on country censorware, which feeds back into all the above.

So there's much going on.

Personal note: NONE of this is helpful to me. It does not change my political baggage or the unfavorable economics of employment. In fact, I have to remind myself that though it may break my heart, getting involved is likely to be as hugely destructive to me (in both stress and money) as happened to me before (in fact, probably all the censorware blog posts I've been writing recently are not as good for me as if I had been doing Google-related blog posts).

Posted by Seth Finkelstein at 09:48 AM | Comments (7)
November 27, 2006

Psiphon vs. COPA - "When Titans Clash"

NYT: Web Tool Said to Offer Way Past the Government Censor (about Psiphon)

TORONTO, Nov. 21 -- Deep in a basement lab at the University of Toronto a team of political scientists, software engineers and computer-hacking activists, or "hactivists," have created the latest, and some say most advanced tool yet in allowing Internet users to circumvent government censorship of the Web.

... "Governments have militarized their censorship efforts to an incredible extent so we're trying to reverse some of that and restore that promise that the Internet once had for unfettered access and communication," Dr. [Ron] Deibert said.

Now let's compare Ed Felten's testimony in the "COPA" trial:

Q. ... I want to discuss with you the ease which filters can be circumvented. Do you have an opinion regarding the ease with which minors can circumvent Internet filtering technology?

A. Yes, I do.

Q. What is your opinion?

A. My opinion is that it's quite difficult for minors to circumvent filters.

[Later ...]

There are some other methods in which the user could try to set up their own intermediary site on some other computer, and that turns out to be fraught with all kinds of technical difficulties. You really have to have a lot of facility with installing and configuring networking software in order to have any hope of getting that to work in practice.

Now, of course, both might agree that's the current state of affairs.

But either changing that state of affairs will succeed, in which case one of the pro-censorware arguments against the "Child Online Protection Act" will then be invalidated. Or it will fail, in which case, you can censor the Internet.

Pick one (and don't shoot the messenger).

Posted by Seth Finkelstein at 09:33 AM | Comments (2)
November 23, 2006

DMCA 2006 Circumvention Rulemaking - no more censorware exemption

Per AP, the US Copyright Office has now issued the 2006 anticircumvention exemptions for the Digital Millennium Copyright Act (DMCA).

Sigh ... the attackers won.


"Although the notice of proposed rulemaking made clear that proponents of renewal of an existing exemption must make their case de novo, proponents in the current rulemaking proceeding made no attempt to make any factual showing whatsoever, choosing instead to rest on the record from three years ago and argue that the existing exemption has done no harm, that nothing has changed to suggest the exemption is no longer needed, and that if anything, the use of filtering software is on the rise. In a rulemaking proceeding that places the burden of coming forward with facts to justify an exemption for the ensuing three-year period on proponents, one cannot assume that the elements of the case that was made three years ago remain true now. Nor is there any evidence in the record that there has been any use of the exemption in the past three years, or that there would be likely to be any use of an exemption during the next three years. While this is not necessarily fatal, nevertheless a record that reveals no use of an existing exemption tends to indicate that the exemption is unnecessary. Together, the absence of any quantification of the current scope of the problem along with the absence of any demonstration that the existing exemption has offered any assistance to noninfringing users leaves a record that provides no basis to justify a recommendation for renewal of the exemption."

Posted by Seth Finkelstein at 10:08 PM | Comments (1)
November 20, 2006

COPA - Closing Argument - ACLU: Censorware Works, Govt: Censorware Doesn't Work

In the closing arguments of the "Child Online Protection Act" (COPA) Internet Censorship trial, the censorware "talk-up" vs. "talk-down" divide was prominent.

ACLU press release, censorware "talk-up":

... But as the ACLU showed during the trial, Internet filters would be far more effective at blocking sexually explicit Web sites.

... "It is also clear that other alternatives, including education and filtering, are far more effective for those parents who want to limit access by their children to certain websites using their own values."

[later] ... In addition, according to the government's own expert, America Online's filter blocks more than 98 percent of all sexually explicit sites.

Now let's compare the government statements (AP article), the censorware "talk-down"

PHILADELPHIA - Justice Department attorneys, defending a law aimed at keeping online pornography from minors, argued that software filters often block valid sites -- on gay rights or sexual health, for example -- that teens might seek out.

"Filters are hindering minors from learning about the world around them. That's a huge problem," government lawyer Joel McElvain said Monday. "There may be reasons the teenagers have problems speaking to their parents about these (issues)."

Here's where the side-switching happens, that people sometimes mistakenly refer to as a "contradiction". It's formally consistent for the ACLU to argue that parents can use censorware on minors, and the government shouldn't apply censorware to adults in public libraries. But the issue tends to drift from those bare control-rights based statements. Here, the ACLU is "talking-up" censorware in their own press release ("more than 98 percent"!). While the government is "talking-down" censorware in their public comments ("hindering minors"). These are not legal statements, but short bits for popular consumption. Both would agree that censorware catches some porn sites and makes mistakes. But the switch comes that here the ACLU is emphasizing the accurate part and the government is emphasizing the inaccurate part, while in a library censorware case, the emphasis would be reversed. And more deeply, that the accurate aspect is claimed to be what matters, while the inaccurate aspect is dismissed as an acceptable cost (and elsewhere, vice-versa)

On a personal note, I'm hoping this all helps me get across to people what I went through in trying to get support in opposing censorware. And why those issues are still a factor. But I'm probably being over-optimistic. [sad face image]

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
November 17, 2006

ACLU(WA) Sues Library Over Refusing To Disable Censorware For Adults


Represented by the American Civil Liberties Union of Washington, three library users and a nonprofit organization today brought suit to ensure that patrons of a library system in Eastern Washington have access to useful and lawful information on the Internet. The lawsuit challenges the library system's policy of using a restrictive Internet filter to bar access to information on its computers and of refusing to honor requests by adult patrons to temporarily disable the filter for sessions of uncensored reading and research. The suit was filed in U.S. District Court in Spokane. ...

The North Central Regional Library District (NCRL) operates 28 community libraries in Chelan, Douglas, Ferry, Grant, and Okanogan Counties. The NCRL has used a blocking software product called SmartFilter, Bess edition, manufactured by the California-based company Secure Computing Corporation, to filter Internet content on all public computers at its branch libraries. Bess blocks a very broad array of lawful information, and the NCRL has refused to unblock sites for patrons. ...

Libraries that receive funds for Internet access under two specific federal programs are required to have the ability to block minors from seeing "visual depictions" of sexual activity. But the U.S. Supreme Court has interpreted the law to mean that libraries should disable those filters upon the request of an adult. The ACLU believes that the NCRL filtering policy goes far beyond what is allowed under federal law.

[full text of complaint]

It's not irony, given that this is about adults being about to turn off censorware in a public library. But still, given the tendency of COPA to have the ACLU "talk-up" censorware, and that this lawsuit (by a different ACLU division) will "talk-down" censorware, there could be some press confusion. So it's still a bit of a surprise that this lawsuit was announced while the trial for the "Child Online Protection Act" (COPA) is still taking place.

Posted by Seth Finkelstein at 06:38 AM | Comments (3)
November 15, 2006

COPA - Censorware Report Media Coverage And "1 Percent" Result

More news articles are being written about the Child Online Protection Act censorware report. I've dug up a reference to illustrate what I keep saying about there being no surprise in the conclusion:

Here, Accessibility and Distribution of Information on the Web, 1999:

Information distribution

83% of sites contain commercial content and 6% contain scientific or educational content. Only 1.5% of sites contain pornographic content

COPA censorware expert-witness report 2006:

About 1 percent of the websites in the Google and MSN indexes are sexually explicit.

Yes, another go-around in 2006 is a nice confirmation and additional data-point. But essentially nothing has changed. Which means that whatever one's position beforehand about censorware and COPA, there's nothing changed from this study.

The only thing which has changed is to temporarily quiet the objection that those other studies were old and hence no longer valid. Oh, and maybe debunking media hype about how The Internet Is For Porn.

[Update - Consider this item in the Pittsburgh Post-Gazette:

Net not so dirty?

Conventional wisdom has it that the Internet is loaded with porn. But, according to the San Jose Mercury News, only 1 percent of all Web pages contain sexually explicit material (based on random samples taken from the Yahoo, MSN, Google and AOL search requests). This may well be meaningless, though, because the analysis cannot reveal whether this is a declining or increasing amount or whether the weight of the estimated 55 million blogs is drowning out the porn. Seth Finkelstein, a civil-liberties activist quoted in the piece, has another theory. "What we are learning about the Internet is that it reflects life and that the Internet is not -- contrary to what some people might think -- more sexual than people are in general."

Note, exactly what I've said - the value in this study is getting the word out to "conventional wisdom". The writer is apparently unaware that the results are consistent with other studies going back several years, because that's not the "conventional wisdom". ]

Z-list blues note: The MSNBC / FT.com article has this statement:

The findings, first reported in the San Jose Mercury News, were disclosed in Federal court in Philadelphia last week during the latest hearing into the ACLU's injunction.

Cough. Ahem, ahem, ahem ... Not that I'm especially annoyed - as I said, the findings were released in an authorized email to many reporters and other interested case-watchers. But I do think I had the first material on the web about it. Again, it doesn't matter, as I didn't really do anything except be awake at the time (which is a dubious achievement) and have a blog. So I'm noting this more for amusement than anything else. But it's yet another little point about the silliness of blog triumphalism.

Posted by Seth Finkelstein at 05:10 AM | Comments (3)
November 14, 2006

Quoted in Mercury News about COPA Censorware Report

Study: About 1 percent of Web pages have sexually explicit material

Seth Finkelstein, a programmer and civil-liberties activist, said Google's stance was "horribly self-serving."

"There were no privacy implications in the sense that the data was restricted to a very small set of researcher who were under various sets of protective orders," Finkelstein said.

Finkelstein said Stark's findings about the prevalence of pornography on the Internet are similar to other academic studies.

"What we are learning about the Internet is that it reflects life and that the Internet is not -- contrary to what some people might think -- more sexual than people are in general."

The quotes are accurate, though of course it was a small part of a much longer conversation.

I'm climbing the pundit-ladder! :-)

[h/t: Catherine Crump]

Posted by Seth Finkelstein at 05:49 AM | Comments (6)
November 13, 2006

"Google Subpoena"-related Expert Report On Censorware Now Released

[Small scoop, though several reporters will probably have items shortly - updated with full report ]

The expert witness censorware report which set off the media frenzy Google Subpoena has now been released, almost completely. There are only some small redactions having to do with specific numbers related to various sizes of search engine indexes, which the companies regard as proprietary information.

I was on a list of recipients who inquired and received the full text in a mailing when it was approved for release by the Department Of Justice. As the report will probably show up on the big search blogs, I'll save my disk space and let them post it. It's not all that, err, sexy, anyway.

Money shot:


This study reports on the Google and MSN indexes, on AOL, MSN and Yahoo! queries, and on the most popular Wordtracker queries. About 1 percent of the websites in the Google and MSN indexes are sexually explicit. About 6 percent of queries retrieve a sexually explicit website. Nearly 40 percent of the most popular queries retrieve a sexually explicit website. Close to 90 percent of the sexually explicit websites retrieved by queries are domestic. Filters that block more of the sexually explicit websites also block more of the clean websites. The most restrictive filter blocks about 94 percent of the sexually explicit search results, but also blocks about 13 percent of the clean results. Of the sexually explicit websites that get through the filters, 30 percent to 90 percent are domestic.

The number of sexually explicit websites is huge. Search results often include sexually explicit material. A lot of sexually explicit material is not blocked by filters. Of that, a substantial percentage is domestic.

[But we all knew that last paragraph already ...]

[Update: Looks like nobody else bothered:-), and it turns out I can host it, so here it is:]

Main Report:




Supplement 2:


Posted by Seth Finkelstein at 01:33 AM | Comments (1)
November 10, 2006

COPA - Censorware Statistics Studies Reported

The "Child Online Protection Act" (COPA) Internet Censorship trial discussed censorware statistics on 11/8, where we finally got to hear the results from the report which sparked the net firestorm of the Google Subpoena.

Executive Summary: blah, underblocking, blah blah, overblocking, blah blah blah, number number ...

It was without a doubt the most statistical sophisticated expression of the idea that a censorware blacklist catches some stuff but not everything, and usually more than intended. All else is elaboration. And frankly, I've yet to find anyone for whom the precise numbers make much of a difference. Maybe the judge cares here.

Most amusing moment:

A. No. As I answered previously, I think that one needs to consider the overblocking as well as the underblocking. If all you were concerned about was underblocking, you could just disconnect the computer from the Internet.

Q. What would the effect be of disconnecting the computer from the Internet?

A. There would be no underblocking at all, however, the overblocking would be rather severe.

Posted by Seth Finkelstein at 01:00 AM | Comments (1)
October 27, 2006

COPA - Civil-Liberties Witnesses Say Internet Censorship Effective And Easy

[Very interesting testimony on this topic in the "Child Online Protection Act" (COPA) Internet Censorship trial. As I say about censorware, if it works on minors in America, it'll work on citizens in China. And if it doesn't work on citizens in China, it won't work on minors in America. It's irrelevant here that someone may hold the social values that it's OK regarding minors in America, and not OK regarding citizens in China. The technical issue is the same. Pick one, but you can't have it both ways.]

[Lorrie Faith Cranor, 10/24]

Q. What steps did filtering companies take to make sure that their products can't be circumvented? Can you give us a few examples?

A. Well, so they monitor the various websites where children talk about how to circumvent the products and they -- when they hear about techniques they make sure that their software is not susceptible to those techniques and they use -- they password protect all aspects of the software, such as changing the settings and removing it.

[Note that while the answer uses the term "children", it works equally well with "political dissents" - indeed, those are not mutually exclusive categories, given student protest!]

[Ed Felten testimony, 10/25]

Q. ... I want to discuss with you the ease which filters can be circumvented. Do you have an opinion regarding the ease with which minors can circumvent Internet filtering technology?

A. Yes, I do.

Q. What is your opinion?

A. My opinion is that it's quite difficult for minors to circumvent filters.


Q. You mentioned a second approach to circumvention. What was that approach?

A. Second approach is to try to somehow route the Internet traffic through some kind of intermediary on the net in the hope of obscuring what is going on so the filter would not block it.

Q. What are the difficulties of that approach?

A. Well, there are a number of -- there are a number of different ways this approach can be tried.

One method is to try to find -- is to use one of a well-known set of sites on the net that will act as an intermediary for your web traffic. And the difficulty with using that method is that the filtering companies know about these sites as well. And so if they see traffic that tries to go to one of these well-known proxy or intermediary sites, the filter can just block that traffic. The filter will notice that this looks like an attempt to circumvent the filter and it can just block that traffic.

There are some other methods in which the user could try to set up their own intermediary site on some other computer, and that turns out to be fraught with all kinds of technical difficulties. You really have to have a lot of facility with installing and configuring networking software in order to have any hope of getting that to work in practice.

[I should note I actually agree with him, but don't want the arguments it usually gets me, or accusations of defeatism or "sour grapes", with those who believe censorware circumvention is substantially workable - take it up with him, not me!]

Posted by Seth Finkelstein at 07:49 PM | Comments (8)
October 26, 2006

Department of Justice Says Censorware Doesn't Work

[For "amusement", I present here an excerpt of the "Child Online Protection Act" (COPA) Internet Censorship trial (10/23), where in an opening statement, as part of their strategy, government lawyer Eric Beane argues vigorously that censorware does not work. My snark in brackets]

The evidence will show that a shocking amount of pornography slips through these filters and into the hands of children. The evidence will show that the patchwork of status quo solutions is not working well enough.

[Shocking. Censorware doesn't work. Later he really gets into this:]

We provided pictures to you that got through filters tested by plaintiffs' own expert. Each of those pages had gotten through a filter. And you are also going to hear testimony from our experts, Paul Mewett and Philip Stark, describing their comprehensive study of the effectiveness of the filters.

[They can prove it. It's science.]

The results of the study confirm what the public already knows. Filters don't solve the problems.

One filter failed to block over 60 percent of the sexually explicit web pages it was tested against, over 60 percent. We refer to this problem as underblocking.

Many other filters missed more than 25 percent of those sexually explicit websites.

Even the filter that underblocked the least sexually explicit pages still allowed 8.6 percent of the sexually explicit pages through. Don't let a small percentage fool you. This percentage translates to hundreds of millions of sexually explicit pages.

[Porn pornn pornnn, it's everywhere ...]

If a water source was mixed with a sewer system, and you had a filter that screened out but 6.6 percent of it, would that be a solution to the problem? Would that cure the problem of the drinking water? I think that analogy works here with kids. It's the fact that there are still all of these images there, there were speeches that can be done directed at the source that can address that problem where filters will never be able to.

[Trying to bail the ocean with a spoon doesn't work. But, I must say, neither does commanding the waves.]

A low underblocking rate also comes at a cost. The filters that are most successful at blocking out sexually explicit pages also block out many other pages that contain no sexual content at all. 23.6 percent of the pages that were blocked had no sexual explicit content.

[You heard him! Censorware doesn't work!]

For example, one filter even blocked a website promoting a marathon to raise funds for breast cancer research. Part of the CIA's World fact Book was blocked. And a page with an ACLU calendar. In fact each of the plaintiffs websites in this case was blocked by at least one filter, and the united states has consistently taken the position that none of the plaintiffs' websites are covered by COPA.

[The "breast" issue isn't obsolete, it's still a problem!]

So in the absence of the solution offered by COPA, parents are left with a very difficult choice of allowing their children to be exposed to sexually explicit material or of cutting off their children's access to a significant portion of other materials on the worldwide web, materials that in many cases are necessary for a child to complete his homework.

[Wow - Censorware interferes with children's ability to do homework. The government wouldn't say it if it weren't true, right?]

As you might imagine the task of keeping an up-to-date black list is mammoth. It is simply impossible to catalog the entire worldwide web. So the overall effectiveness of a filter will always depend on the performance of automated classification software or dynamic filtering.

On this point you will hear from Dr. Stephen Neale who is a nationally renowned expert in linguistics. He will explain that image filtering does not work and that robot filters that operate by sorting language and text will never be able to stop pornographic images from reaching children.

[It's an impossible task - you have word of the US Department Of Justice on it]
[Of course this is posturing - but the quotes might be useful for anyone dealing with a censorware-maker]

Posted by Seth Finkelstein at 09:21 AM | Comments (4)
October 25, 2006

"Child Online Protection Act" (COPA) Internet Censorship trial begins

ACLU COPA press release:

PHILADELPHIA -- The American Civil Liberties Union today presented opening arguments in federal district court in its longstanding challenge to an Internet censorship law, ACLU v. Gonzales.

Best coverage I've seen so far is at law.com. See also nerve.com COPA blog

Frankly, is there anyone reading who 1) doesn't already know what I have to say on the topic, and 2) cares?

Posted by Seth Finkelstein at 08:47 AM | Comments (1)
October 15, 2006

Welcome, SurfControl.com reader! Please introduce yourself.

I see I have acquired an interested reader from the censorware company SurfControl.com. Welcome! Please introduce yourself. As I asked the "Smith & Metalitz LLP" reader - who are you? Where do I rank in terms of "threat level"? Do I rate a Vice President reader? Marketing researcher? Intern?. Frankly, I don't think I'm much of threat at all these days, so maybe you're just a random company person who has stumbled upon my obscure thread of the web. Inquiring minds want to know.

I've always wondered what people assigned to do long-term surveillance of their ideological opposites think about it all. As in, if you get stuck wiretapping a mob conspiracy, it's going to be a pretty dull job. You're never going to wonder if the mob guys have a point after all, or admire something they've done except in grotesque way. But if its, e.g. the FBI and John Lennon, did any of the agents ever have a positive thought about the music, or even, maybe the war wasn't such a good idea after all?

So far, no assigned "opposition researcher" of me has ever been both willing to discuss it with me, and also thoughtful about the topic. So the mystery remains.

Posted by Seth Finkelstein at 01:33 PM | Comments (5)
October 13, 2006

Censorware Blacklisting Roundup

A bunch of censorware-related items have crossed my screen recently, so I decided to collect them for a spit into the wind, err, democratic aggregatory gesture. Interestingly, none of these have to do with porn, but more like the difference between broad category labels versus the practical effects.

"Emergent Chaos" (a group blog on security, privacy, liberty, and economics) recently ran afoul of SmartFilter.

The vdare.com (see self-description) site has post on its experiencing various blacklisting issues.

Doc Searls: "Oddly, I can listen to Howard Stern at my hotel, but I can't visit his website. I can't do (AIM-based) instant messaging or send email either. " Later: "... it turns out that what looked like censorship the other day was an installation glitch. The service company had installed a severe (corporate? school? I dunno) firewall in the hotel, when a much more open one had been called for."

[N.b.: I have a few thoughts on this as it relates to earlier discussion of What Can't Be Fixed, but this example is really extremely minor. I mean, I could have asked for some attention patronage, and he probably would have granted it, but the point is that I am a peasant begging alms, and it's not worth it. I only wish I wouldn't get personally attacked when the topic makes the rounds. ]

Posted by Seth Finkelstein at 10:29 AM
October 05, 2006

DailyKos Now UnBlacklisted by SmartFilter from "Profanity", "Mature"

Following-up, the DailyKos censorware blacklisting is now minimal:

DailyKos UnBlacklisted Profanity,Mature By SmartFilter

There's various ways this incident can be viewed - e.g. whether you consider it a big problem that a site can be prevented from being read in many places (including certain public libraries) via being added to a secret blacklist, or whether you want to say that the censorware maker didn't want to push this cause-celebre so that proves censorware is responsive, or maybe even that nobody in the real world cares about a ranty political forum site so it doesn't matter.

Last week was the American Library Association's "Banned Book Week". Sadly, my idea of "Banned Websites Week" is now just futile blog-posts of what could have been.

Posted by Seth Finkelstein at 10:29 PM
October 03, 2006

DailyKos Gets Censorware Blacklisted by SmartFilter as "Profanity", "Mature"

Yup, as being discussed, it's censorware blacklisted:

DailyKos Censorware Blacklisted By SmartFilter

Update: In a comment Kos himself says:

I'm working behind the scenes to see if I can resolve this quietly. Computer Associates apparently uses this filter, which is why I was seeking someone from that company earlier. But if Secure Computing is the source, then even better.

I have reached out to their PR department to see if they can facilitate a reversal of action. If they don't respond favorably within the next 48 hours, then I bring out the big guns.

lol, this is definitely an example of how I've changed in the last four years. Even a year ago, I would've burst out with guns blazing. But it's amazing how much you can accomplish with a little sugar.

I think I'm mellowing with age...

Posted by Seth Finkelstein at 07:54 PM | Comments (4)
August 11, 2006

"Race to the Bottom" - Corporate Complicity in Chinese Internet Censorship

Human Rights Watch has released a new report "Race to the Bottom" - Corporate Complicity in Chinese Internet Censorship

It's a thorough examination of the topic. I won't attempt to extensively summarize, since that'll be done by many others.

I'm mentioned (with regard to Google censorship) at the bottom of page 61, in very good company:

For more on this issue see Bill Thompson, "The billblog: Google censoring web content," BBC News, October 25, 2002 [online], http://news.bbc.co.uk/1/hi/technology/2360351.stm; Jonathan Zittrain and Benjamin Edelman, Berkman Center for Internet and Society, "Localized Google search result exclusions," October 26, 2002 [online], http://cyber.law.harvard.edu/filtering/google/; Seth Finkelstein, "Google Censorship - How It Works," Sethf.com, March 10, 2003, http://sethf.com/anticensorware/general/google-censorship.php; and Philipp Lenssen, "Sites Google Censors," Google Blogscoped, January 25, 2005, http://blog.outercourt.com/archive/2005-01-15-n50.html (all retrieved July 12, 2006).

[Hat tip: Philipp Lenssen

Posted by Seth Finkelstein at 09:36 PM | Comments (2)
August 01, 2006

"DOPA" and What Is A "Social Networking Website"?

In some "DOPA" discussions, the issue of "what is a Social Networking Website?" gets examined. The legal language is:

(J) COMMERCIAL SOCIAL NETWORKING WEBSITES; CHAT ROOMS- Within 120 days after the date of enactment of the Deleting Online Predators Act of 2006, the Commission shall by rule define the terms `social networking website' and `chat room' for purposes of this subsection. In determining the definition of a social networking website, the Commission shall take into consideration the extent to which a website--

(i) is offered by a commercial entity;
(ii) permits registered users to create an on-line profile that includes detailed personal information;
(iii) permits registered users to create an on-line journal and share such a journal with other users;
(iv) elicits highly-personalized information from users; and
(v) enables communication among users.'.

My contribution: While people can have fun coming up with the most twisted interpretation possible, as a kind of party-game ("it bans all ISP's, because ISP's collect personal info, generally have free webpages, and enable communication among users"), I'm virtually certain that the eventual answer is going to be pretty simple:

A "Commercial Social Networking Website" will be whatever the censorware company puts on the blacklist for "commercial social networking websites". End of story.

Why is this true? Simple. Because that's what happened the last time regarding FCC censorware compliance regulations. They basically amounted to saying that the censorware companies could do whatever they wanted. There's no reason to think it'll be any different this time.

Posted by Seth Finkelstein at 11:59 PM | Comments (3)
July 30, 2006

"DOPA" - HR 5319, Deleting Online Predators Act of 2006

The "Deleting Online Predators Act of 2006" (DOPA) act was recently passed. To quote Library Journal for a summary:

"This unnecessary and overly broad legislation will hinder students' ability to engage in distance learning and block library computer users from accessing a wide array of essential Internet applications including instant messaging, email, wikis and blogs," said ALA president Leslie Burger. "Under DOPA, people who use library and school computers as their primary conduits to the Internet will be unfairly blocked from accessing some of the web's most powerful emerging technologies and learning applications. As libraries are already required to block content that is "harmful to minors" under the Children's Internet Protection Act (CIPA), DOPA is redundant and unnecessary legislation." DOPA would extend CIPA by tying receipt of E-rate funds to blocking social networking and other sites. The legislation now will go to the Senate, which ALA said may or may not have time to vote before their session ends for the year.

I was going to sit this one out because of preaching-to-the-choir, but Kent Newsome asked my thoughts (disclosure: he's said nice things about me), so here's a rundown, and an attempt to say a few thing not everyone else has said.

1) We've been here, this is called "moral panic"

Set the WayBack machine for ten years ago, and you'd see similar articles about AOL. Here's a good one, from *1995*


AOL wants to have its cake and eat it, too. It wants a family system that appeals to kids. It also wants to keep making money off the hotchat crowd. And it's terrified that the Microsoft Network is going to eat its lunch, so it's selling harder than ever.

Unfortunately, in the process it's built a system that makes it easy for predators to operate, and has then turned around and aggressively marketed it to prey. AOL had better figure something out. As it stands, this is not going to end well for it.

2) Observe the slippery slope in action

I don't know how many times the point has been made that once censorware was woven into the fabric of school and library Internet access, racheting up the blacklists would be very easy. The next moral panic, the next political campaign to pander to social conservatives, the next time a demagogue needs a hot button to push, it's just the flip of a switch. Here's another proof.

3) However, this particular law matters less than one might think

Broad application of censorware blacklists is already in place

* Federal law requires Internet blocking only of sites with certain visual depictions -- such as "obscenity" -- yet, some libraries have gone beyond this obligation, choosing to censor other types of material as well, including such ill-defined categories as "gambling" and "illegal" sites.

* The minimum blocking level that the software system for the state's public libraries has adopted for all computers exceeds what federal law requires, so that even libraries opposed to unnecessary filtering are forced to deny patrons access to protected material.

* Many libraries in the state [of Rhode Island] have done little to make patrons aware of their legal right to gain access to information blocked by the deeply flawed "filtering" software now in use.

People just don't hear much about it, since the civil-libertarians generally have no money to publicize the issue. Which brings us to:

4) Politically, Republicans fighting _Fox News_ is a sign of desperation

I suspect this bill is part of the Republican election strategy, of pandering to the right-wing base. Flag burning, gay marriage, the recent "Teen Endangerment and Grandmother Incarceration Act", it's all red meat for the campaign. However, MySpace (social networking site) is owned by the same enormous corporation which owns Fox News, and they can fight back. If anyone is able to exploit this potential wedge between the theocrat and plutocrat wings of the Republican party, the result could be interesting indeed.

5) Singing "What's The Matter With Kids Today?" never goes out of style

Just on general principles, there tend to be few arguments more futile than lecturing about what youth *should* do. And the youth are usually not around to defend themselves. But "DOPA" is dramatically beyond legislating morality - it's legislating against interactivity.

Posted by Seth Finkelstein at 02:20 AM
July 25, 2006

Google Germany Censored Sites vs. Germany's Voluntary Self-Monitoring Blacklist

Philipp Lenssen asks Why Is Stormfront.org Missing in Google Germany?, discussing Google censorship:

How does Google know which sites they need to censor? One thing Google and others in Germany do is to access blacklist data on a server by the Association for the Voluntary Self-Monitoring of Multimedia Service Providers, FSM("Freiwillige Selbstkontrolle Multimedia-Diensteanbieter eV") ... Stormfront.org, however, is not on this BPjM blacklist module, according to the BPjM.

My comment on this was that he hasn't found a bug in Google's censorship, he's found a bug in the "BPjM blacklist" :-).

The response he got from Google was unhelpful as usual.

One of the reasons I've opposed censorware is that secret blacklists preclude judicial review. This may be a commonplace now, but it's acquiring new resonance with, let's say very prominent cases involving claims of secrecy and national security:

pp.39-40, "If the government's public disclosures have been truthful, revealing whether AT&T has received a certification to assist in monitoring communication content should not reveal any new information that would assist a terrorist and adversely affect national security. And if the government has not been truthful, the state secrets privilege should not serve as a shield for its false public statements. In short, the government has opened the door for judicial inquiry by publicly confirming and denying material information about its monitoring of communication content."

But then, we're back to the same problem - I'm preaching to choir here, and marginalized to anyone else :-(.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
July 19, 2006

India ISP Blog Censorship Update

Kingsley Joseph wrote an update in the comments of the previous post:

Seth, you're bang on. The government wanted about 20 sites blocked, not for terrorist activities, but for hate-speech reasons. The stupid ISPs, too lazy to put in sub-domain blocks, blocked IP addresses instead.

It's been resolved, and we should be back to almost normal in a day or two.

There's another article in the Indian Express. It's very strange, some of the sites don't make sense as targets for censorship.

I spent some time (probably too much time ...) trying to find a pattern, with a lead or two, but nothing obvious. Even if I did find anything, I'd then have to devote time to writing it up, and then further running around trying to get some credit, probably unsuccessfully. Not worth it. That's unpleasant to write, but it's the reality of unpaid freelancing, err, "citizen journalism".

Posted by Seth Finkelstein at 08:23 PM | Comments (2)
July 17, 2006

India ISP Blogspot Blocking - Conjecture

I've read a bit on the story of ISP's in India blocking certain blog services. Many people have confirmed that it's happening, so it's apparently true. But it doesn't make sense. India is a democracy, so one wouldn't expect the sort of extreme censorship found in e.g. China.

I briefly considered it might be a case of bans of a few particular blogs accidentally leading to widespread overblocking by cutting off entire servers, since many blogs are hosted on a single server (i.e. banning meant to be by-name was instead implemented by-IP address). But that can't be right, since while one ISP might make that mistake, several ISP's wouldn't *all* make that mistake, especially after complaints started coming in.

It sure can't be a terrible fear of the Voice Of The People, since only some services are being censored. If the government was afraid of self-agonizing emergent intarwebizens, all such services would be blocked. So that explanation is nonsense.

I wonder if we'll find out that somebody said that terrorists were using *blogs* to communicate, so in a panic, prompted by the recent terrorist bombings in Mumbai, some government official issued a hasty "national security" directive to block certain blog services. That would fit the observed pattern, because those sort of panic directives are both overbroad, and people won't want to talk about them. It also implies that this should clear up in few days, as sanity prevails. We'll see.

Posted by Seth Finkelstein at 11:33 PM | Comments (1)
July 06, 2006

Jerry Pournelle Censorware'd From Otis Air Base By SmartFilter

Jerry Pournelle is well-known science fiction writer and computing/space-tech pundit. He has some material now on his site being blocked, starting from a reader report:

Dr. Pournelle,

You might be interested to know that at Osan [Air Base], your website domain is explicitly blocked under the category "entertainment, online sales".

First reaction:

I have no knowledge of this. I sell nothing. Well, I suppose I "sell" copies of Strategy of Technology through Paypal and I push my wife's reading program, but that's hardly online sales. I do hope to be entertaining. I really don't know why any Air Base would think me a danger to the troops.

It seems the censorware program involved is SmartFilter. He further describes his experience with its website procedures:

I went to that URl and perhaps it is because my head aches, but I could make no sense of it or of what to do. I suppose it has been explained to how "services" like this "Secure Computing" work, and why anyone would allow them to dictate who is allowed access to whom, but the explanation didn't take. Are these outfits owned by private individuals? Corporate stock holders? "Western Enterprises" (a one-time front name for a CIA overseas corporation)? A religious group? Are they fronts, money makers, or just what? Because they do seem to have considerable power to determine what will be seen by at least some of our citizens.

Does that need discussion?

All journalists want to be entertaining, because no one will read their works if they are not, but I certainly would not call this site primarily an entertainment, and while once in a while I offer things for sale that is hardly my primary purpose. Do they ban all sites that accept Google ads? How does this work? And who decides whether or not to follow the advice of this group?

It's very interesting what happens when writers get "filtered" by censorware.

Posted by Seth Finkelstein at 11:53 PM
June 28, 2006

"Ignoring the Great Firewall of China"

[Echoed for a good cause]

Ignoring the Great Firewall of China

Richard Clayton, Steven J. Murdoch, and Robert N. M. Watson

Abstract. The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall's resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.

But see the comments in the blog post thread:


Particularly the claim it doesn't work in practice:


Posted by Seth Finkelstein at 11:59 PM
June 20, 2006

Censorware Blacklisting Amusing Message

I found this funny: I was putting a few sites into a censorware site's blacklist look-up form, and got the following supplemental info when testing for the Boing Boing blog (my emphasis below):

Check or Request Site Rating

Use this page to find out the rating of a website. Enter a valid site, and see what categories K9 calls it. You can send us comments or suggest a different category here, too.

Review Page: http://www.boingboing.net/ (Check another site)

This page is currently categorized as Proxy Avoidance, and Newsgroups

This web page has already been submitted many times, and has been verified as rated correctly.

They don't say "stop bugging us about it already" - but it seems that way :-).

Posted by Seth Finkelstein at 07:06 PM
May 17, 2006

"Internet Filters: A Public Policy Report" - Free Expression Policy Project

"Internet Filters: A Public Policy Report":

The Children's Internet Protection Act (CIPA), requires [censorware] in most schools and libraries for adults and minors alike. A new report from the Free Expression Policy Project at the Brennan Center for Justice explains the effects of CIPA and then analyzes nearly 100 tests and studies that demonstrate how filters operate as censorship tools. "Internet Filters: A Public Policy Report" concludes: Although some may say that the debate is over and that filters are now a fact of life, it is never too late to rethink bad policy choices. The report is available at http://www.fepproject.org/policyreports/filters2.pdf

This is a great resource for collecting much of the references for censorware research.

Skimming through it was a bittersweet trip down memory lane for me. I was the secret decryption source for many of the early studies mentioned, though that's not mentioned anywhere (and I'm not criticizing them at all, no particular reason they should note it, just describing why it's so bittersweet). Some later reports done under my own name are there, which is good. So all in all, I suppose I did make a difference.

Posted by Seth Finkelstein at 11:09 AM | Comments (2)
April 13, 2006

EFF: "Unintended Consequences: Seven Years under the DMCA"

EFF has released a new DMCA report :

Unintended Consequences: Seven Years under the DMCA

I'm mentioned:

Censorware Research Obstructed

Seth Finkelstein conducts research on "censorware" software (i.e., programs that block websites that contain objectionable material), documenting flaws in such software. Finkelstein's research, for example, revealed that censorware vendor N2H2 blocked a variety of legitimate websites, evidence that assisted the ACLU in challenging a law requiring the use web filtering software by federally-funded public libraries.

N2H2 claimed that the DMCA should block researchers like Finkelstein from examining it. Finkelstein was ultimately forced to seek a DMCA exemption from the Librarian of Congress, who granted the exemption in both the 2000 and 2003 triennial rulemakings. The exemption, however, has not been a complete remedy, since it is limited to the act of circumvention, and does not permit researchers to create or distribute tools to facilitate research.

Posted by Seth Finkelstein at 12:03 PM | Comments (2)
April 04, 2006

Censorware in Australia, "YesterDMCA", DMCA and censorware work

Collected noteworthy items, on censorware/DMCA and my past work.

Electronic Frontiers Australia (no relationship to US EFF) has a report out opposing a proposal by an Australian political party to require mandatory ISP censorware, if that party gets into power.


My work is cited in the middle of the report (sometimes it seems that that I'm more cited in Australia than my own country!).

Last week, the DMCA Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures had a hearing on censorware, as part of that process. As a very small milestone in my quitting activism, let the record show I did not testify. The experiment was run, the measurement's been done, the bad guys won :-(.

Speaking of the DMCA, a doggerel take-off song I wrote a while back, "YesterDMCA", has been recorded and posted to the web, by Quentin Smith. For the brave of heart:

"YesterDMCA" - audio

And touchingly, Domoni at templeofme.com wrote many kind words about my censorware work (concluding: "While I was an administrator I fought censorware locally. Seth fought it globally. I know what I'm about to say isn't enough. It's all I have to give. Seth, you have my respect. Thanks."). Thank you.

Posted by Seth Finkelstein at 02:26 PM
March 07, 2006

BBoing: "Did Secure Computing lie about amount of net porn to tout SmartFilter?"

BBoing, reposting Yorkshire Ranter:

Interesting tidbit from the Yorkshire Ranter about a 2004 "porn study" issued by Secure Computing (makers of SmartFilter, the censorware company that sells tools of oppression to dictators and labels every Boing Boing post as "nudity," even though 99.5% of Boing Boing's posts do not contain nudity.)

"Take this report they put out back in 2004. Apparently there were 307,000 pages of feeelthy pictures in the .st domain, Sao Tome's TLD. Which would have been mildly interesting, if it had been the truth. ..."

Ah, I remember that "study" well.

SmartFilter / Secure Computing Web Porn Study is "Fabricated", claims target and Update

.NU Domain Ltd, the US-based operator of the .nu top level domain name registry, today announced that it will take legal action against Secure Computing Corporation (NASDAQ:SCUR) for making false claims that .NU Domain is hosting millions of pages of pornographic material. The company also stated that it will take legal action against anyone who republishes this inaccurate and defamatory study.

They never did take that legal action.

I thought of getting involved in some way, but let it pass. Nobody (essentially) would have heard me debunk the "study", so why bother?

Posted by Seth Finkelstein at 11:58 PM | Comments (2)
March 02, 2006

The Censorware Taint-Of-Blood Topic

[Non-echo, historical, material below. You won't find it in any other blog before here]

I rarely get a chance to write the following, so I'm going to cheerlead BoingBoing's latest censorware post:

While we don't know which internet filtering product/s is/are to blame in other cases, we're hearing that several other blogs with large audiences, including Wonkette, have just become inaccessible for many fans (including active duty US Marines overseas, hooray freedom!). Censorware is a blunt tool that renders harmless information inaccessible, and fails to prevent "bad stuff" from leaking in. The economic and social impact of internet filtering is a much bigger story than the fact that BoingBoing or Wonkette are blocked -- but if products like SmartFilter dump blogs that post Michelangelo's "David" in the same sandbox as porn sites, just how smart can these products really be?

Yay! Yay! Go, Boingers!! It's so nice to see that shouted from the mountain-top, instead of squeaked from the basement.

Now, though, let me pull out a post from my archives. Compare:

Unfair, Dan. What I told you was:

"On a user home page, generally indicated by the ~, we assume that said user could add additional inappropriate content at any time, so we block the root directory or tilde directory where we find the info. In this case, it is kip."

This is a general rule, which we apply to *any* user homepage that contains adult material. Not specifically to any one user, as you seem to imply below.

We apply the rule based on experience -- users do add new pages/directories of material to their sites. If we blocked each page, page by page, we would have a list that would soon grow too large for our users PCs. And of course, our users can over-ride our list at any time, or not use it at all if they so choose.

And, you are correct, when you have a general rule, it may not be perfect. We are trying to make it better.

One way we do that is by working with site owners who want to isolate their adult material in an easily identifiable directory so we can restrict only the adult material. We would be more than happy to do that with ~kip or any other site that believes that it has material of both kinds -- appropriate for children and inappropriate for children.

Our job is to provide the best possible product for our users. I think we do that. I also think we get better every day, in part because of the feedback we get from our users and the 'net community.

Guess when that was from.

1997. A mailing-list message from Cyberpatrol's then PR-flack (who I actually asked today if she minded my posting that, she said it was a public message, so I could use it. She doesn't work there anymore, no personal views should be inferred).

That is, people were complaining about whole sites being blacklisted for a few files, around a *decade ago* (sigh ...). And censorware companies were saying PR things about it.

So I'm not sure it's different this time :-(.

Posted by Seth Finkelstein at 11:27 PM | Comments (2)
March 01, 2006

PR Flacking Strategy and Secure Computing v. BoingBoing

In following some of the postings about BoingBoing Censorware'd as Nudity, I was intrigued by Susan Getgood's assessment. This is notable since it's coming from a past PR flack for a censorware company (CyberPatrol/SurfControl):

What I am interested in are the PR and business implications. Because this will end up being more than just a PR firestorm that will blow over in a few weeks. This will become a business nightmare. Blogs are going to spread the word further faster and more furiously than we ever faced in the old days of the Communications Decency Act. And the folks at BoingBoing have much more clout -- through the blog and their other business and personal interests -- than any of the opponents the filtering companies faced before.

Figure it out fast, Secure -- blogs *are* more than just "personal diaries" and now, you've got the most popular one in the world gunning for you.

Like I said, glad I'm outta this space!!!!!

I'm interested in the PR implications too, but from the opposite perspective :-).

Hmm. I have a hard time making an estimate, since the Boingers operate on a whole different level from me, being that they're on top of blog-mountain (my first instinct is to refer to how little blogging has helped my own anti-censorware activism, but that's not relevant, since I'm a marginalized Z-lister). However, I can think of a couple of obvious tactics that Secure Computing's flacks could take, which I won't detail now since I don't want to give them ideas.

My sympathies are of course clear. But I'm also quite Eeyore-ish after all I've seen happen.

[Update - Susan Getgood, from comments - "Seth - You didn't quote my whole post. I said that Secure had made a bad decision, in the initial categorization, and how they handled it subsequently.". Right, I took that as understood from the context, though I'm happy to add this update if it was unclear.]

Posted by Seth Finkelstein at 11:48 PM | Comments (4)
February 28, 2006

BoingBoing Censorware'd, Blacklisted As Nudity, and "Secure Computing" Note

The top-1 blog BoingBoing got blacklisted by SmartFilter as "Nudity", leading to the most publicity about censorware seen in a while.

As an unpaid freelancer, err, I mean, a "citizen journalist", I called up the censorware company ("Secure Computing") to ask if they had any official statement on the matter. I was told someone would get back to me, though they never did, which I suppose is just as well. On the off chance they'll come by and read me (as I gave my role as a blogger and the name of my blog), I'll have to refrain writing a few things I would otherwise do.

In the course of the conversation, I got a bit of censorware news confirmed publicly (I'd previously known it privately, but unsure whether it was off-the-record or not). This may not mean much to many readers, but long-time censorware critics will be interested to know that David Burt, censorware-advocate from way back, has left his position as a PR flack at censorware company Secure Computing for a position as a PR flack at Microsoft. All indications are that this was a jump and not a push, and that's all I'll say on that.

[Update: No action the following day either. Where's the glamour of being a blogger when you need it?]

Posted by Seth Finkelstein at 11:52 PM
January 19, 2006

Google searches and government investigation of pornography sites

It's the return of Free porn, Google, spam, Internet censorship, and the Supreme Court! (really)

Bush Lawyers Ask Judge To Make Google Hand Over Data; Google Promises A Fight:

The Bush administration on Wednesday asked a federal judge to order Google Inc. to turn over a broad range of material from its closely guarded databases.

The move is part of a government effort to revive an Internet child protection law struck down two years ago by the U.S. Supreme Court. The law was meant to punish online pornography sites that make their content accessible to minors. The government contends it needs the Google data to determine how often pornography shows up in online searches.


As a result, government lawyers said in court papers they are developing a defense of the 1998 law based on the argument that it is far more effective than software filters in protecting children from porn. To back that claim, the government has subpoenaed search engines to develop a factual record of how often Web users encounter online porn and how Web searches turn up material they say is ``harmful to minors.''

[via John Battelle's Searchblog]

I hope this doesn't lead to another round of touting censorware.

On the other hand, maybe I'll finally be hired as an expert-witness for a fat consulting fee :-).

Posted by Seth Finkelstein at 05:55 AM
January 03, 2006

"Cool Tools for Tyrants" - Governments Applying Censorware

The article "Cool Tools for Tyrants", by Derek Bambauer, is a fascinating examination of dictatorial government's use of censorware:

[my emphasis added below]

"Despite China's five million bloggers, the Communist Party remains firmly in control of the nation and, for the most part, the Internet within its borders. Iran's blogging community is perhaps the country's liveliest political arena, yet the authoritarian Iranian government is stronger than ever, especially after a resounding victory in February 2004 elections. Contrary to the utopian view that the Internet evades local control, governments are proving adept at controlling the information that their citizens receive and share. Market freedom does not necessarily lead to personal freedom. We must at times limit the first to safeguard the second; the right to sell must sometimes yield to protect the right to speak."

This is the sort of stance that, politically, I'd be poorly positioned to advocate. Too many experiences of being flamed by Libertarians, combined with bad memories of all the times I was accused of being against technology. In a way, it's heartwarming to see it becoming so respectable (though sadly, not all that helpful to me personally :-().

Posted by Seth Finkelstein at 12:32 PM | Comments (1)
November 05, 2005

Websense Microsoft, and Marijuana


Microsoft's software download site was briefly categorised as a marijuana-related site and blocked by censorware outfit Websense on Monday. Websense blamed human error for the slip-up (or should that be splif-up), which it was able to quickly correct.

Note this was admitted by Websense (taking the news report as true, which seems justified given the screenshot).

[Hmm, a while back, Websense was in the news for "free sex". Now it's "drugs". When do we get "rock and roll"?]

This is an interesting incident, because it helps show that for all the mystification of censorware as "technology", it's basically someone sitting in a room making up a blacklist. A slip of the fingers, and Microsoft is marijuana.

Posted by Seth Finkelstein at 01:42 PM
October 25, 2005

Iran Censorware Again

"Red Herring" magazine has an item on Iran censorware:

Iran Tightens Web Filters

An Iranian tech company claims it can stop censorship circumvention tools.
October 24, 2005

Civil liberties advocates voiced concern Monday over Iran?s plans to tighten its grip on Internet use with new technology that allegedly can get around counter-censorship tools.

The country has contracted an Iranian company, Delta Global, to set up a new online censorship system, according to a report by Reporters Without Borders. Delta Global head Rahim Moazemi told the Iranian press that he wanted to end "the anarchy of the Internet Service Providers." ...

The rest of the piece quotes some Usual Suspects saying roughly either this can, or can't, be done. Though what caught my eye was see the claim again:

"We don't sell any software to any entity in Iran. The ISPs are using it illegally," Mr. Burt said, adding that Secure Computing is now blocking downloads from ISPs in Iran.

Value added observation: There's such opportunities for investigation here. I wish someone would probe this more strongly. I don't have the backing or support to do it ("citizen journalism", ha! :-( ). But a person with a voice, with a platform, might be able to find something very interesting in going beyond face value.

Posted by Seth Finkelstein at 07:55 PM
October 15, 2005



Dear Peacefire...ers,

FYI, if you are looking for a quick and easy way to bypass blocking software on a machine somewhere, we have set up a free site at
Obviously, since we are publicizing this URL and linking it from our site, it's likely to end up on the block lists of all the major blocking programs. However, we've found that a high proportion of computers where these programs are installed, do not have their blocked-site lists updated very often, either because the program came with a limited subscription for list updates and that ran out, or the admins who are supposed to do the updating just rarely get around to it. So there is a good chance this URL will work even from a censored computer.

That page also has a form where you can enter your email address to be notified of the locations where we set up any future blocking-software-bypass sites. So even if blocking software companies start responding faster to block new bypass sites when they're announced, by getting on that updates list you can get one step ahead of them whenever we create and announce a new bypass site, since they're cheap and easy to set up. ...

Given the politics and situational conflicts of interest, I'll just say this will be intriguing to watch.

[Disclaimer: I think I'm still technically listed as a member of Peacefire, but any active connection was years ago, and there's no material connection now.]

Posted by Seth Finkelstein at 09:28 PM | Comments (7)
October 10, 2005

ACLU (Rhode Island) "Reader's Block" Report Helps Un-Censorware Libraries

As is being reasonably reported:


Following ACLU Action, Rhode Island Public Libraries Agree to Give Patrons Increased Access to Internet

October 7, 2005

PROVIDENCE, RI -- Responding to a report released earlier this year by the American Civil Liberties Union of Rhode Island, the state's library network has revised its Internet blocking procedure to increase access to information for public library patrons, addressing ACLU fears that libraries were "inappropriately discouraging or barring patrons' access to constitutionally protected material."

"We are pleased that the state's public libraries have taken a positive step toward ensuring that library patrons have the freest possible access to the Internet," said Steven Brown, Executive Director of the ACLU.

Now, not-an-echo - none of the articles seem to be linking to the actual report, which is at:

This report was written by Amy Myrick, Program and Development Coordinator at the RI ACLU. And on general principle, I believe that deserves a mention for credit.

The gist of the report (mentioned earlier) - and the press release now - is that far more had been (and to some extent, still is) blacklisted than legally problematic material, and contrary to the blithe assurances, libraries had "failed to facilitate "unblocking," or temporary disarming, of the software during Internet use by adult library patrons, despite the fact that this option is required by both the law and a U.S. Supreme Court decision interpreting the law."

Sigh. I'm preaching to the choir - or to the other side's deacons.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
September 12, 2005

Jonathan Zittrain's Censorware Adventure

Jonathan Zittrain is a Harvard Law Professor. As relayed by isen.blog:

[He] is at a "cybersafety" conference in the UK this week, where he ran into some breath-taking content blocking. He writes

. . . I searched for the "virtual child pornography case," to find Ashcroft v. Free Speech Coalition. What I got instead was not only a block page, but a note that the IT manager would be investigating whether the "attempted access to illegal material" was intentional or unintentional.

This is very interesting (and worth my echoing) for a non-obvious reason. The details indicate that the keywords in the search triggered the censorware ban (it's obvious why :-)). And what came up was a pretty standard block page, if more verbose than just-the-blacklists-slam:

The webpage you have tried to download has been blocked. This page may pose a threat to network security, or contain offensive, pornographic, illegal or other inappropriate material. Attempted access to blocked webpages is logged and in cases of intentional access computers and users will be traced.

If you inadvertently attempted to access the unauthorised content, no action will be taken.

Intentional access to websites containing offensive, pornographic, illegal or other inappropriate material is in breach of School and University regulations and may lead to suspension of network access and disciplinary action. Browsing or downloading files from websites containing illegal material may lead to criminal prosecution. If you believe the website should not be blocked please contact the Network Manager, Said Business School.

It's not a personal note. But, if a big-time Berkman Center CyberLawProf had the impression, even momentarily, that he might be investigated for illegal access (and it was reported that way, see TechDirt) - imagine what students and library users think! Such intimidation disproves the idea that it's trivial for people to merely ask to have censorware turned off (when they can).

[Disclaimers: I'm acquainted with Jonathan Zittrain, but have no agenda or any project connection in posting this. And no "advice", please. ]

Posted by Seth Finkelstein at 11:51 PM | Comments (1)
August 02, 2005

"Third Way", the "porn tax", and Secure Computing lying with statistics

Last week, a think tank called "Third Way" released a report, well, I'll quote:

New Third Way Report Finds Children Are Major Users Of Internet Pornography; Porn Sites Target Kids
Group Endorses New Bill To Require Age Verification and Impose "Smut Tax"

The first point of this "report" was:

# Online pornography is proliferating online at an alarming rate - from 14 million web pages in 1998 to 420 million today.

These are lying with statistics, which I've debunked before. The misdirection is to neglect that the web itself has grown since 1998.

But it's been widely echoed credulously by the press:

Report says porn Web sites "exploding" as Internet goes unchecked

July 27, 2005, 5:57 PM

LITTLE ROCK, Ark. (AP) -- A report released Wednesday by a group of Democrats seeking a moral authority some say their party has lost says the number of pornographic Web pages has grown 3,000 percent since 1998 and federal laws must be changed to keep children away from them.

The think tank Third Way says there were 14 million pornographic Web pages in 1998 and 420 million today. Even amid broad discussion of morality issues, politicians are surprised by the sudden growth that has allowed adult Web sites to dominate the Internet almost unchecked, Third Way spokesman Matt Bennett said.

So, as a good little blogger, I have fact-checked the press, and exposed the censorware company sleaze.

But - WHO CARES! It shows the structural bankruptcy of blog evangelism. What good does it do for me to say this to a tiny audience, of the choir (and opposition-researchers!)? The only way this could ever possibly make a difference is if an A-lister or similar echoed it. Otherwise, I'm just shouting to the wind. It's a meager pleasure to indulge myself with ineffectual ranting.

Posted by Seth Finkelstein at 11:49 PM | Comments (2)
July 18, 2005

Government Commission Hearings On US Company's Censorship Collaboration?

The news article U.S. Tech Firms Help Governments Censor Internet summarizes recent events regarding complicity of US companies with totalitarian regimes. The most explosive aspect is potential violation of US laws by Secure Computing, given that their censorware software "SmartFilter" is being used by the government of Iran - while allegedly without the company's knowledge, the implications remain troubling. Much attention is devoted to the China controversies of Cisco and Microsoft.

Notable quote: "D'Amato said the [U.S-China Economic and Security Review] commission, which reports to Congress, hopes to put pressure on these companies by bringing them in for hearings, soon. "I'm not so sure they'll come," he said. "They're running for cover."

Now, some tantalizing question are: What specific US laws might Secure Computing be violating, which specific government office is charged with enforcing them, and who might have the power to issue a nice juicy subpoena to extract information rather than PR flackery?

So much opportunity, and I have so little power ... :-(

[Update - excellent material in a comment below]

Posted by Seth Finkelstein at 07:31 PM | Comments (1)
July 12, 2005

Secure Computing ("SmartFilter") Iranian Censorship Defense Is Censorware Doesn't Work?

A further note on Secure Computing ("SmartFilter") and Iranian Censorship: Does it strike anyone as interesting that one of their PR defenses to a violation of US laws, is in effect to claim that their censorware product does not work? That is, what is the business of a censorware company? Keeping third parties from reaching content that an authority has determined is prohibited (remember, exact authority relationship is a social value, not a technical matter). We have an authority - the US government - which has various laws against dealing with third-parties - such as the government of Iran. Now, a censorware product is not a one-time acquisition, but requires repeated downloading of the blacklist database. Let's look at the exact PR statement:

1) We block update requests from IP addresses that we know originate in Iran.

Now - "we know"? Is it the case, that, say, using an open proxy for access is enough to defeat the censorware company's ability to comply with US law? (or is it a matter of "Don't ask, don't tell", with respect to what they know ...). Can we make a negative inference about their actual ability to enforce content control over sexual material in general, given that they evidently plead they can't effectively comply with a specific legal obligation for a particular file of their own?

I wish someone had the ability to hold their feet to the fire on this matter of compliance with US law (I sure don't). Perhaps through some Qui Tam-like private right of action (I suspect Qui Tam isn't the exact method, I cite it here just for the idea). Again, it's not a crime to be a censorware company. But violating US export regulations or trade embargoes can be a serious legal matter.

Posted by Seth Finkelstein at 11:44 PM
July 11, 2005

Iran censorship and SmartFilter censorware / Secure Computing

A little while ago, the OpenNet Initiative produced a report on censorware used by the government of Iran, exposing that Iran used SmartFilter censorware. I've stayed out of the ensuing controversy, since given the history of (Secure Computing PR flack) David Burt's tactics, I'm more than happy that Harvard people get to tangle with him in pure unalloyed form. But since the issue has settled down now, I'll summarize and add some references that won't be found anywhere else.

A US company selling censorware to a totalitarian government is not a legal problem in itself. However, selling to Iran in specific is problematic. So I will quote the company line:

"We sell to ISPs where the law allows. It's really up the customer how they use our software."


"Secure Computing has sold no licenses to any entity in Iran, and any use of Secure's software by an ISP in Iran has been without Secure Computing's consent and is in violation of Secure Computing's End User License Agreement. We have been made aware of ISPs in Iran making illegal and unauthorized attempts to use of our software. Secure Computing is actively taking steps to stop this illegal use of our products. Secure Computing Corporation is fully committed to complying with the export laws, policies and regulations of the United States. It is Secure Computing's policy that strict compliance with all laws and regulations concerning the export and re-export of our products and/or technical information is required. Unless authorized by the U.S. Government, Secure Computing Corporation prohibits export and reexport of Secure products, software, services, and technology to Iran and destinations subject to U.S. embargoes or trade sanctions."

Further statements:

... ONI responds with:

"The statement does not address whether automatic updates to block lists routinely made available to SmartFilter users by Secure Computing have also been made available to Iranian ISPs, nor does it address the extent to which the adoption of SmartFilter and its updated block list for "non-profit and advocacy organizations" by additional governments (such as Saudi Arabia; see OpenNet Initiative, Internet Filtering in Saudi Arabia in 2004, available at http://www.opennetinitiative.net/studies/saudi/) is part of Secure Computing's market."

David Burt, public relations manager for SC, provides [a] statement on the charge:

1) We block update requests from IP addresses that we know originate in Iran.

2) We sell to ISPs all over the world, including the Middle East. Like most Internet security companies, we do not disclose our customer list.

Now, in order to evaluate the likelihood of any truth in the censorware company's statements, it's helpful to have a historical perspective. Such as an archived front page of Censorware Project discussing a Secure Computing press release:

This was a lie. Secure Computing then issued a misleading press release with that same lie, which prompted us to take action.

Which had a Slashdot article also in defense (gee, isn't it interesting when Slashdot's front page is used to publicly call people liars to help defend someone's report?)

Anyway, while it may be technically an ad-hominem argument, I think the evidence as to credibility is clear. Though these days, there's not much I can do about it.

Posted by Seth Finkelstein at 09:46 AM | Comments (2)
July 01, 2005

Note on GAO Peer-to-Peer Network Report vs. Censorware Research

Ed Felten writes about "GAO Data: Porn Rare on P2P; Filters Ineffective", extensively analyzing "GAO-05-634 - File Sharing Programs: The Use of Peer-to-Peer Networks to Access Pornography" To me, the most interesting part oif the article was the conclusion:

The policy prescription here is clear. Don't mandate the use of filters, because they don't seem to work. And if you want filters to improve, it might be a good idea to fully legalize research on filtering systems, so people like Seth Finkelstein can finish the job the GAO started.

(and echoed by Ernie Miller).

Thanks guys ... it's a long weekend, I'll leave it at that.

Posted by Seth Finkelstein at 10:34 PM
June 30, 2005

"Who -- and Where -- are the New Media Gatekeepers?" - IEEE DSO

Greg Goth, "Who -- and Where -- are the New Media Gatekeepers?"
IEEE Distributed Systems Online, vol. 6, no. 7, 2005.
http://dsonline.computer.org/portal/site/dsonline/index.jsp? pageID=dso_level1_article&TheCat=&path=dsonline/0507&file=o7003.xml

The questions surrounding who will ensure that online information remains accessible and authoritative have received much attention in recent months. Concerns range from European unease that a new book digitization partnership might result in an American-skewed repository of digital books, to apprehension over the Chinese government's near-ubiquitous control of search engines and Web sites. This debate over ensuring freedom of access and accuracy of information -- and who will assume the role of gatekeeper -- has raised old problems in new technological contexts.

I'm quoted:

How effective the unofficial bloggers' efforts will be in maintaining a window into China is a matter of debate among Western China-watchers. Longtime blogger and anticensorship activist Seth Finkelstein doubts that blogs alone will significantly alter the Chinese power structure.

"There are always people who win some victories under the present system, but I'm very much against technological determinism -- the idea that blogs are going to overthrow the government of China, -- Finkelstein says. "The idea that suddenly technological change will give a huge advantage to one side is [an] extremely dubious proposition."

Posted by Seth Finkelstein at 01:00 AM | Comments (3)
June 09, 2005

Utah Censorware Law Challenge by ACLU-Utah, CDT ("The King's English v. Shurtleff")


SALT LAKE CITY--Citing free speech and interstate commerce violations, a broadly-based group of Utah bookstores, artistic and informative websites, Internet service providers and national trade associations filed a federal lawsuit today challenging the constitutionality of a Utah law meant to restrict children's access to material on the Internet.


The new law, passed by the 2005 session of the Utah legislature, has three primary components:

1) Utah Internet content providers must evaluate and rate their speech, at the risk of criminal punishment.

2) The Utah Attorney General must create a public registry of Internet sites worldwide containing "material harmful to minors" - speech that is unlawful to intentionally distribute to minors but that is constitutionally protected for adults.

3) It extends existing criminal restrictions on distribution of "harmful" materials to distribution on the Internet. Similar provisions have been uniformly held unconstitutional under the Commerce Clause and the First Amendment by federal courts across the nation.

Text of lawsuit: "The King's English vs Shurtleff"

Anyone who knows the relevant Internet censorship court cases, knows that this Utah censorware law was dead-man-walking the moment it was born. The only issue was how long it would take for the resources to be spent to put it out of its misery. Kudos for ACLU-Utah and CDT or doing so.

Per my earlier "HB 260" post, the coverage of this case from the Religious Right might be interesting.

In terms of non-echoing, I skimmed through the lawsuit to see what technical censorware research was used. Much material about "virtual hosting", where many website share the same IP address. It seems to flow from an earlier CDT case in Pennsylvania, which makes perfect sense given that CDT is part of this case.

On a personal note, if anyone is inclined to be "helpful" and to suggest to me that I might find support here, please abandon that idea immediately. Between certain issues of their staff, and stories I haven't told, it's not going to happen.

Posted by Seth Finkelstein at 11:59 PM
June 07, 2005

Ex-Ex-Ex Domain And The Economics Of Domain Profit

Let me clarify my focus on the subject of the "Ex-Ex-Ex Domain", laying out again how I'm analyzing it.

The .XXX domain is an instance of ratings/labelling system, and so intrinsically has all the civil-liberties issues which are generic to that class of systems: Often not truly voluntary no matter what the PR, potentially a marginalization tool, useful more for the industry than the supposed users, and so on. But, considered as a ratings/labelling system, .XXX is a particular crude and bad one. That's not just my activist/partisan opinion, it's the opinion of professional censors, who are saying it's not technically helpful in censorship ("It won't make software filters any more effective"). From my perspective, it's a standard scheme (I call it "The Scarlet Letter"). The issues surrounding that sort of proposal are well-settled, and unlikely to change the slightest whenever somebody comes up with it again (as they will ...). The general ratings/labelling battle has been fought over far more complex efforts (keywords: "PICS", "RSACi", "ICRA", etc.)

So, who wants it? Not, what could it be turned into, but who wants it? Follow the money!.

The first thing that happens when any new domain registrations begin, is the landrush of speculators. People are going to be trying to register everything from sex.xxx to whitehouse.xxx to benedictxvi.xxx, just on the off chance that they can resell it to someone else. Note registries make no profit whatsoever on domain resales - they make their profit on initial sales and renewals.

From a registrar's point of view, domain-name speculators are great customers. They tend to do bulk orders. They're sophisticated, so they don't require a lot of hand-holding and technical support. They make good clients for various after-market services to manage their many speculative domains.

And domain renewals are almost pure profit. So a bunch of speculators sitting on what they think might be very profitable names, is a flock of golden geese for the farming.

And golden they are, because instead of the approximately one dollar or two dollar chump-change net profit margin for standard domains, it seems we're talking around $50 profit - FOR EVERY NAME!

"We're In The Money" ...

Posted by Seth Finkelstein at 11:59 PM | Comments (1)

Censors Against dot-XXX domain

Continuing the analysis of dot-XXX "domain pornography", note the very strong statements of censors (my emphasis):

CWA Says ICANN'S XXX Domain Should Be Canned

Washington, D.C. -- Concerned Women for America (CWA) says the plan by the Internet Corporation for Assigned Names and Numbers (ICANN) to create a XXX domain for Internet porn sites is an idea that should be canned because it creates more problems than it can possibly solve. ...

"The only restriction on XXX domain participants is for any sexually explicit content to feature only adults, but there's no requirement to block access to kids. It legitimizes pornography and makes it even easier for kids to find it. It won't make software filters any more effective," [CWA's chief counsel Janet] LaRue added. "People who equate this with zoning brick-and-mortar sexually oriented businesses are clueless about cyberspace and how it operates.

"Most of the porn sites offer hard-core porn that is prosecutable under federal law. Giving them a XXX domain makes as little sense as giving illicit drug cartels a domain," LaRue concluded.

Also heard from: Family Research Council Voices Opposition to '.xxx' Domain Name: "The '.xxx' domain also cloaks the porn industry with legitimacy. The industry will have a place at the table in developing and maintaining their new property".

And Enough-Is-Enough quoted (my emphasis) "It's a nice little red-light district for the pornographers, but I don't think it's going to do anything to protect kids," said [Donna Rice] Hughes, president of the group Enough is Enough. "It's not going to make filters work any better."

When notable censors are saying very loudly, essentially, "THIS WON'T HELP US CENSOR", so they don't want it, I tend to think that's useful to know. It's not dispositive. But a good rule of thumb all the same.

Contrast this with censorware history, where the Religious Right did "Filtering Facts" funding, and well as interesting connections, and the utility of the indicator should be clear.

Posted by Seth Finkelstein at 01:34 AM | Comments (6)
June 03, 2005

.XXX Domain Pornography

[Investigation! Uncommon links! Not a regurgitation like the zillions of other posts echoing this topic!]

I'm terming the .XXX domain, "domain pornography", as a pun on its denotation and connotation.While it's theoretically domain-name-FOR-pornography, in practice, it's domain-name-AS-pornography. That is, people find the concept salacious in itself ("red-light district!")

The above application really should be read to get a concrete sense of the agenda:

The .xxx TLD is intended primarily to serve the needs of the global online adult-entertainment community. ..."

And here's the "money quote" (pun intended):

"In terms of possible domain name related litigation, ICM and IFFOR believe that registrants may be better positioned to use an affirmative statutory defense in connection with prosecution under newly enacted US law. Under Section 108 of the Protect Act, entitled Misleading Domain Names on the Internet (aka Truth in Domain Names), it is now a crime in the US to knowingly use a domain name to deceive a person into viewing obscenity or to knowingly using a domain name to deceive a minor into viewing material that is harmful to minors. However, Section 108 further provides that for the purposes of this section, a domain name that includes a word or words to indicate the sexual material on the site, such as `sex' or `porn', is not misleading."

In short, it's clearly a way to extract rents from bona-fide pornographers in return for a weak certification against prosecution. Not a bad business plan, since they managed to get ICANN on-board.

The dot-XXX discussion is intriguing, for the message from distinguished free-speech lawyer Robert Corn-Revere, who's on retainer ("Legal Protections for the Voluntary Nature of the .xxx Domain"). And also Usual Suspect Talking Head ("WiredSafety and its WiredKids, Cyberlawenforcement and WiredPatrol divisions") Parry Aftab's message.

Follow the money, follow the money, follow the money ...

Posted by Seth Finkelstein at 12:01 AM
June 02, 2005

.XXX Domain Approved

The .XXX domain is now ICANN approved, per an orgy of reporting. Before people get too hot and bothered, it's more a pornographic titillation itself as opposed to hardcore action.

Though it seems that the only result of my writing is unsatisfied self-gratification, on the off chance there are some voyeurs out there who may derives some pleasure from legal exhibitionism, I put forth the following for display:

Perversely, commercial pornographers would remain relatively unaffected by the [Communications Decency] Act, since we learned that most of them already use credit card or adult verification anyway. Commercial pornographers normally provide a few free pictures to entice a user into proceeding further into the Web site. To proceed beyond these teasers, users must provide a credit card number or adult verification number. The CDA will force these businesses to remove the teasers (or cover the most salacious content with cgi scripts), but the core, commercial product of these businesses will remain in place.

(ACLU v. Reno, District Court decision)

The sites which will buy the XXX domains are the same sites which register for every blacklist and already want credit-cards. It's not about protecting-the-children. Rather, this is a protection-racket, selling compliance to sex sites.

But, let the domain pornography begin!

Posted by Seth Finkelstein at 12:01 AM
June 01, 2005

"The Net Effect" - On The Great Firewall Of China

The Net Effect

"As China's Internet gets a much-needed makeover, will the new network promote freedom or curtail it? - By Steven Cherry [IEEE Spectrum Online]

Highly recommended. But I'm biased:

How will censorship work with four different companies' products? According to Seth Finkelstein, a Cambridge, Mass., network programmer and an expert on Internet censorship, router-based censorship can and does take place at any point in the network. Each of the routers in the CN2 contract - in all three rings - can be expected to access a database of banned names and words, either within the router itself or in a subsidiary server connected to the router. ...

And in conclusion:

"The Internet is fairly centralized in the United States, too," notes Finkelstein, the Cambridge, Mass., programmer. "Not for political reasons but for economic ones." It turns out that the largest Internet providers push all their packets of data through large regional routers connected to proxy servers that already examine packets for evidence of quality-of-service or other problems.

"Our political system is vastly different from China's," Finkelstein says, "but if we had a national panic, if we felt we had to censor the Internet, it's scary how easily it could be done. There's a famous saying, 'The Internet considers censorship to be damage, and routes around it.' I say, what if censorship is in the router?"

Posted by Seth Finkelstein at 08:02 AM
May 25, 2005

Richard Clayton - "Failures in a Hybrid Content Blocking System"

Richard Clayton sent me a notice about his new paper on BT's (British Telecom) "Cleanfeed":

Failures in a Hybrid Content Blocking System

Abstract. Three main methods of content blocking are used on the Internet: blocking routes to particular IP addresses, blocking specific URLs in a proxy cache or firewall, and providing invalid data for DNS lookups. The mechanisms have different accuracy/cost trade-offs. This paper examines a hybrid, two-stage system that redirects traffic that might need to be blocked to a proxy cache, which then takes the final decision. This promises an accurate system at a relatively low cost. A British ISP has deployed such a system to prevent access to child pornography. However, circumvention techniques can now be employed at both system stages to reduce effectiveness; there are risks from relying on DNS data supplied by the blocked sites; and the system can be used as an oracle to determine what is being blocked. Experimental results show that it is straightforward to use the system to compile a list of illegal websites.

It'll "be presented at the Workshop on Privacy Enhancing Technologies, Dubrovnik, Croatia, 30 May 2005 -- 1 June 2005", and he say in email he'll also give a luncheon talk on the topic at the Berkman Center on June 7th. (sigh ...).

Posted by Seth Finkelstein at 05:35 PM
May 24, 2005

"Safe Eyes" follow-up

As a follow-up to my Letter to Consumer Reports about ad violation by SafeEyes censorware, my message to Consumer Reports has been read by a human who acknowledged it personally, though evidently busy. Being overworked is entirely understandable, and I'm just happy that my message was read at any level.

In checking news articles since that Consumer Reports piece came out, I've yet to find any news report which does any more than basically echo it. That's expected, but still disappointing.

Every once in a while, I'm tempted to pull some material out of mothballs (I don't want to be too specific so as not to completely tip off the "opposition research" - it's sort of amusing that there's at least one person who has it as part of his job to check on me). But, as I've written, it's been several turning-points down the road since I did that work. So to deal with temptation, I just remind myself of what got me here ("Get thee behind me, censorware").

Posted by Seth Finkelstein at 11:59 AM
May 20, 2005

[Historical, not report] N2H2 and secret ABORTION, HOMOSEXUALITY categories

[Historical, not a report - but 100.0% original content, you will not find this anywhere else in the great bloviating blog mass of echoing and opinionating, I guarantee it]

While I'm on the topic of censorware and religious connections, especially of N2H2 (censorware company), this is a good time to mention one tale from the bowels of the censorware blacklist.

When I first decrypted N2H2's blacklists, one of the intriguing discoveries I made was the presence of additional blacklists labeled "ABORTION" and "HOMOSEXUALITY". Important - these were not used in the ordinary retail product. They might have been a supplement or add-on used in Religious-Right contexts, it was unclear (as I joke, I can't exactly call up technical support and ask them about these topics). But ... hmm! It certainly meant something. But there wasn't any obvious way to do further investigation.

I'm not counting this as a censored censorware report, because I never could figure out how to put it all together to publishable material. More "one that got away". At a certain level, the mere existence of the categories might be news. But since it was not verifiable by any means other than decryption, and I had NO SUPPORT (but plenty of attacks), there didn't seem to be any way of having it matter.

Posted by Seth Finkelstein at 04:48 PM | Comments (2)
May 19, 2005

Letter to Consumer Reports about ad violation by SafeEyes censorware

[Lis Riba made some great constructive suggestions, such as that I write Consumer Reports about a potential violation of their ad policy by the censorware "Safe Eyes" (thanks!). This is what I've now sent to Consumer Reports.]

Date: Thu, 19 May 2005 17:27:42 -0400
From: Seth Finkelstein <sethf[at-sign]sethf.com>
To: nocomm[at-sign]legal.consumer.org
Subject: Report an ad violation - Safe Eyes website

Dear Consumer Reports:

According to your policy:

"Our Ratings, reports, and information are intended solely for the use of our readers. Neither the Ratings nor the reports nor any other information, nor the name of Consumers Union or any of its publications, may be used in advertising or for any other commercial purpose, including any use on the Internet or mention in any press releases or newsletters in print or electronic form."

I would like to bring to your attention that the product Safe Eyes currently advertises on their website (see attached):

"Safe Eyes 2005 Rated The #1 Internet Filter!

Independent and unbiased testing by the leading consumer reporting publication confirms what our customers already knew....Safe Eyes is the best."

In one version of the site (with "Flash"), that passage then refers to the URL:

[see link - omitted from post text because of formatting issues]

Which is the "Ratings: Filtering software" report.

Note again that the use of "Flash" animation, may not be obvious depending on browser configuration (if you see a big blank white area, the browser is not configured properly). The URL for the most elaborate version of the site is:

One version of the text above is in an image, see:


Please feel free to contact me if you need further elaboration in enforcing that "Consumers Union will take all steps open to it to prevent commercial use of its materials ...".

Seth Finkelstein Consulting Programmer sethf[at-sign]sethf.com http://sethf.com

Posted by Seth Finkelstein at 05:37 PM | Comments (2) | Followups
May 18, 2005

SafeBrowse.com/"Safe Eyes", Consumer Reports, and reports undone

"Safe Eyes" / SafeBrowse.com censorware is now touting the Consumer Reports "Filtering software: Better, but still fallible" article:

Safe Eyes 2005 Rated The #1 Internet Filter!

Independent and unbiased testing by the leading consumer reporting publication confirms what our customers already knew....Safe Eyes is the best.

(note the message is a flash animation)

I'm not sure if Consumer Reports really did their testing as extensively as possible. I can see a way in which they took a reasonable course, which would have been the most obvious way to proceed if one is starting out with little knowledge of the internals of censorware (i.e. randomly try some URLs to see which are blacklisted). But there's much more information available, such as censorware blacklisting the Google cache, translation sites, and more. And note since it's a repackaged version of N2H2, all of N2H2's flaws apply.

In an alternate world, I'd do a report on this, with the "newsworthiness" peg about Consumer Reports' pick of censorware. It would then be publicized (remember, I'm talking fantasy here) getting the information out and being an important contribution to the body of knowledge on technology and policy. Which would be a reputation-credit for me which would have helpful implications in, for example establishing DMCA exemptions and discouraging potential censorware lawsuits.

In reality, I'd be marginalized to the same tiny fan audience which has heard it all before. While this audience is of course most excellent and discerning, they're also the choir, the convinced, exactly the people least in need of hearing my spiel. It's well past the point of diminishing returns. I'd again be faced with the temptation to go too far up the legal risk curve. And even if I kept low enough down so as not to have to worry, just in terms of PR I'd likely lose much more than I could gain (in the language of probability, I have a large negative expected value).

Recursively, maybe I shouldn't have written this post in the first place. But I'm inured to the sort of criticism I'll get for it. And I do think there's some value to documenting reports which won't be done because of the lack of support. [sad face]

Posted by Seth Finkelstein at 09:18 AM | Comments (2)
May 13, 2005


SafeBrowse.com is a censorware program that's mentioned prominently in the just-published Consumer Reports "Filtering software: Better, but still fallible" article. It turns out this product is merely a repackaging of the well-known censorware N2H2:

We are proud to be using the industry's most reliable filtering software, N2H2. N2H2 employs a full-time staff to compile its extensive categorized database of Web content. While others rely solely on technology to detect and harvest Web content, N2H2's proprietary process uses a unique combination of technology and human review.

That part about "unique combination" is total nonsense (but who is listening to what I say?)

And how interesting, it turns out SafeBrowse.com is "a Christian owned and operated company":

As a Christian owned and operated company, these three founders have a common goal of making SafeBrowse.com the leading provider of filtered Internet services to the world!

There's definitely interesting connections here, per another press release:

With this agreement, Safe Eyes will become an integral part of the Setting Captives Free program. All students of their Way of Purity course will be encouraged to install and use Safe Eyes as part of the pornography addiction recovery process. Safe Eyes will also receive exclusive placement on the Setting Captives Free website and at all conferences and workshops.

When asked about this new partnership Shane Kenny, President of SafeBrowse.com, Inc. said, "I am very excited about this new partnership with Setting Captives Free. The combination of the best pornography recovery resource with the best in Internet filtering and monitoring is a win-win situation for everyone involved. It is a pleasure to work with the people over at Settings Captives Free and to know that Safe Eyes is being used to help those that need it and want it so badly."


Setting Captives Free is a non-profit ministry that exists to help those that are held captive by an addiction. Started by Mike Cleveland and his wife in 1999, this ministry has quickly grown to cover the entire United States and several foreign countries. ...

Now, before people jump all over me, let me note I don't know the exact extent of the links here. But I think there's a problematic implication in secret blacklists that are heavily connected with religious censors, if only from a very understandable market-based skewing toward those sensibilities. And given the Federal law regarding censorware and public libraries, this is indeed a matter of public concern.

Sigh ...

Posted by Seth Finkelstein at 02:47 PM | Comments (2)

Calling All Gun-Rights Activists : Beware Censorware

Consumer Reports has a censorware article, Consumer Reports "Filtering software: Better, but still fallible". (thanks, Ernie, CoCo). Before I say the usual things, to the usual people, for the usual uselessness, I'd like to highlight one sentence of the piece in the vain hope of stirring some unusual interest:

Informative sites are snubbed, too. The best porn blockers were heavy-handed against sites about health issues, sex education, civil rights, and politics. For example, seven products blocked KeepAndBearArms.com, a site advocating gun owners' rights. Most unwarranted blocking occurred with sites featuring sex education or gender-related issues.

That's presumably with standard defaults, since there are many blacklists. But censorware's never been just about sex.

Posted by Seth Finkelstein at 02:22 PM
May 11, 2005

Google Web Accelerator As Circumventor Of China Censorware?

According to Fons Tuinstra at "China Herald" blog:

But a reader of this weblog suggested that in combination with IE Google's new tool would also beat the internet censor. Well, that was enough encouragement for me to have a try. Indeed, the web accelerator helps to beat our internet nanny, at least I got to the BBC news services very easy. I do not think that Google wanted to bring down the firewall (as far as it still is in place with so many proxies around) but they effectively did.

[Note the "obvious" solution is to censorware Google]

Posted by Seth Finkelstein at 11:42 AM | Followups
May 03, 2005

Michael Geist : "Face To Face With The Great Firewall Of China"

Michael Geist has a report
"Face To Face With The Great Firewall Of China"

There's some interesting nuggets here, and hopefully my commentary is worthwhile.

As the Internet was taking flight in the early 1990s, John Gilmore, one of the co-founders of the Electronic Frontier Foundation, a leading online civil liberties group, is credited with having coined the infamous phrase that "the Internet interprets censorship as damage and routes around it." Gilmore's view has since been regularly invoked whenever there are failed attempts to limit the dissemination of information.

Right. But as I reply - "What if censorship is in the router?"

Beginning with a string of cases dating back to the Paul Bernardo trial in the mid-1990s, the Internet has undermined court-ordered publication bans in Canada with surprising frequency. The latest incident occurred last month when a U.S. website posted evidence from the Gomery inquiry that was subject to a publication ban. The ban was lifted within days, however, as Judge Gomery acknowledged what had become obvious to all - supposedly secret testimony was readily available to anyone with Internet access.

Granted, this is for a newspaper article, but the stories are often oversimplified, to serve the Internet-changes-everything hype. Canada gets overflow from all US Media - newspapers, radio, TV. There is often far more complexity in a story than That Darn Internet. Here, see one Canadian analysis - "... from my cynical viewpoint it looks a lot more like U.S. conservative bloggers were used, via Captain Ed's "Deep Throat," to further the political agenda of the Canadian Conservative Party".

While these events seemingly affirm the notion that the Internet is beyond the reach of governments and courts, my recent trip to China provided a powerful reminder that unfettered Internet access is far more fragile than is commonly perceived.

Agreed! Nothing like seeing an example of an alternate future. The Internet does not necessarily equal freedom, no matter what some bubble-blowers blather.

My frustration increased when I attempted to download my own email. While I was able to access my Canadian-based mail server storing my messages, the download was short-circuited midway as I suddenly lost the connection. Although I initially thought that perhaps the error lay at the Canadian end, when the experience repeated itself, it became clear that the Chinese system was filtering my email messages and cutting off the connection.

Now that's fascinating. I never know how to go about testing these things, in a political sense. Just as a statement of fact, Harvard people can go fooling around with random proxies for investigations, but marginalized activists have to worry more.

Having experienced limits in accessing both news and email, it came as little surprise to find that the search engines were subject to similar restrictions. Searches for articles on circumventing the Chinese filters yielded a long list of results, none of which could be opened. Moreover, inputting politically sensitive words such as the "Falun Gong" cut me off from the search engines completely.

Exactly. Censors are perfectly capable of searching for means of subverting censorship, and censoring them. In extreme cases, they might even pose as freedom-fighters, and inform on their comrades.

Etc. Geist concludes:

The Internet may be accessible from Toronto to Beijing, yet people in these two cities do not access the same Internet. The challenge in the months and years ahead will be to promote Gilmore's vision of online freedom through lobbying for greater access abroad and rejecting unnecessary and potentially dangerous limits at home.

Sigh ...

Posted by Seth Finkelstein at 11:59 PM | Comments (9)
April 21, 2005

News - The RI ACLU IS NOT Planning "As-Applied" Library Censorware Challenge

[Original news! Blogger Reporting! CITIZEN JOURNALISM!]

Jessamyn West of the widely-read librarian.net wrote

One of the very interesting things about CIPA was the way the Supremes analyzed the law as written but did not rule on the law as applied. Requiring libraries who take federal funds to filter computers in the interests of protecting children was, as written, acccording to them, not unconstitutional. However, if that law as it was applied wound up blocking protected speech, especially for adults who have free speech rights, then it might still be unconstitutional. So, if a library has filters it can’t disable for adult patrons who request it, for example, that might be unconstitutional. Many censorware activists have been waiting for this other shoe to drop, to see if an “as applied” challenge to the law might be forthcoming. A recent press release from the Rhode Island ACLU [full pdf report here] seems to imply that this might be in the works. It outlines a survey done of Rhode Island libraries who filter as part of a consortium, so they share software and expenses, to see how they were handling CIPA-compliance and the filtering it mandated.

See also,, e.g. Walt Crawford.

I decided to engage in a little unpaid free-lance labor, I mean "citizen journalism", and pick up the telephone, call the Rhode Island ACLU (the number's on the press release), and ask.

I spoke with the author of the report, Amy Myrick, Program and Development Coordinator at the RI ACLU. She stated, explicitly on-the-record (I'm careful when I play journalist), that the RI ACLU is not planning an "as-applied" challenge. And as far as she knew, the ACLU did not have such a challenge in the works. So this censorware report was not a precursor to that sort of litigation.

Sadly, a beautiful theory slain by an ugly fact ...

Posted by Seth Finkelstein at 05:25 PM
April 20, 2005

"Reader's Block": Rhode Island ACLU Report On Library Censorware



This report was written by Amy Myrick, Program and Development Coordinator at the RI ACLU.

The result of censorware in action will be no surprise to readers:

X. CONCLUSION Some ten months after its commencement, Internet blocking in Rhode Island public libraries presents a mixed, but surprisingly troubling, picture. CLAN itself the group responsible for administering the blocking software has harbored mistaken notions that the filters could be "turned off" only on a site-by-site basis, lest compliance be compromised. Individual librarians show similar confusion. Pleading technical handicaps, many have failed to familiarize themselves with the blocking software and its deactivation options. Those that lack this knowledge are placing themselves at the mercy of a private company's technology that should never be permitted to take control.

Same story. Whatever the Supreme Court blithely assumed as an ideal in theory, regarding being able to disable censorware if needed, that's often not how it works out in practice.

All deactivation requires help from the librarian who either supplies or enters the password. In practice, this means that a library's official policy may or may not be followed when a patron makes a request. A recent visit to the Providence Library by the author of this report raised concerns in this regard. There, a librarian responded to a deactivation request for a blocked Google search on nudism with questions about subject matter, judgmental comments, and ultimately a refusal to disable the filter for viewing of what she wrongly characterized as "pornography."

Sigh. These days, I just skim through these sorts of reports out of vanity, to see who is cited, for example:

... [Websense] database's accuracy, however, has been subject to question since free-speech watchdog groups began monitoring it in the late 1990s. The most recent report, released in 2001 by Peacefire.org, found inexplicable blocks on, among others, an educational site about autism (blocked as "gambling"), the Jewish Federation of Northeastern Pennsylvania (blocked as "sex"), and a religious ministry site (blocked as "tasteless").

Noting analyses like the above, the federal court that struck down CIPA in 2002 based its decision partly on the blocking software's inability to distinguish between illegal and protected speech.

I don't know if I should point this out, but if you know the decision, that's a very odd phrasing. Maybe I'm reading too much into it.
[Update 4/21 - per a conversation with the report's author, it looks like I was reading too much into that phrasing]

This is also a good place to note the following: A few months ago, a small civil-liberties organization asked me if I'd be interested in writing one of these kind of briefing missives. With great sadness, I turned it down. They even offered to pay me something as a contractor (however, though we never got down to exact amount, it was clearly going to be nonprofit-organization writer rates, not high-powered lawyer fees). This was an example of the turning-points for me from quitting censorware investigation and poisonous attacks. I'm obviously not in it for the money. If all I'd done over the years was insufficient for me to reach a sufficient reputation-level, a policy paper wasn't going to do me much good. And it could likely even work out negatively personally, if it provided a PR opportunity to smear me and (yet again) I did not receive a defense. So every way I looked at it, I just couldn't justify doing it, on a personal level. The turning-points matter, there's real consequences.

Posted by Seth Finkelstein at 11:59 PM | Comments (2)
April 19, 2005

Atheist site gods4suckers.net censorware'd as "Cult/Occult"

[Unverified, but specific enough to likely be true]


Saturday, 16 April 2005

God is for Suckers! is now blocked by the SonicWALL Content Filtering System. I found this out because I sometimes use the excellent free wi-fi access at Panera Bread, and they use SonicWALL to filter their content.


But why GifS? It's not porn, and it doesn't advocate violence against anybody (OK, W could use a good slapping, but no serious violence). What's the problem, then? According to SonicWALL, GifS is blocked as "Cult/Occult", ...

Now, there's in fact a very long history of suspicious actions regarding censorware treatment of non-Christian sites, dating back to at least 1997 CyberPatrol vs. Pagan sites

It's important to note it's very hard to prove anything in terms of censorware bias. It's always possible to see patterns which aren't there. But it's also possible that a certain bias can be denied as random error. However, there's grounds for suspicion from research such as Filtering Software: The Religious Connection. Since the censorware blacklists are secret, we'll never know for sure.

Posted by Seth Finkelstein at 10:56 PM | Comments (3)
April 15, 2005

Journalists discover being censorware'd

Preface: A while back, I had long-running (private) argument with an activist who is far better known than me. His view was that I could be much better known myself if I just worked harder (I found this very offensive). My rebuttal was that he had gotten some very good press, for complicated reasons, and basically didn't realize how lucky he was (he found this very offensive).

Well, [redacted], if you're reading this, here is another proof that what matters is press-reach, far more than anything else.


A censorware program typically has many blacklists, not only "pornography". One common blacklist is for pages on free hosts - such as big blog services. Many organizations ban such pages indiscriminately, on a batter-safe-than-sorry theory. This has been known for almost a decade. It's now news.

Tapscott's Copy Desk:

Dan Gillmor has two links that provide information that may well be crucial to everybody who like me uses Blogger or Typepad to host a blog. The bottomline is there appears to be more than a few corporations that don't want employees to be able to access blogs hosted by Blogger or Typepad. That of course won't be the end of it. Credit Robert Ambrogi with breaking this story.

Sigh. There's just no point to my ever doing censorware investigations ever again (yes, I am bitter). If it's not noticed by the gatekeepers, it might as well not exist. And conversely, if it is noticed by the gatekeepers, legally risky, difficult, decryption, is far more than necessary. That's simply the facts of the matter.

[Update: Note James S. Tyre gives an explanation of censorware to other lawyers]

Posted by Seth Finkelstein at 05:20 PM | Comments (1)
April 14, 2005

"China uses ever more effective Net filters"

From the future :-) (note date):


China uses ever more effective Net filters
New Feature
The Associated Press
Friday, April 15, 2005

NEW YORK The Chinese government has become increasingly sophisticated at controlling the Internet, taking a multilayered approach that contributes to precision in blocking political dissent, according to a report released Thursday.

The precision means that China's filters can block just specific references to Tibetan independence without blocking all references to Tibet. Likewise, the government is effective at limiting discussion about Falun Gong, the Dalai Lama, Tiananmen Square and other topics deemed sensitive, the study from the OpenNet Initiative found.

Numerous government agencies and thousands of public and private employees are involved at all levels, from the main pipelines, or backbones, hauling data over long distances, to the cybercafes where many citizens access the Internet.

That breadth, the study found, allows the filtering tools to adapt to emerging forms of communication, like Web journals, or blogs. ...

[More at the link]

Posted by Seth Finkelstein at 09:25 AM
April 12, 2005

Censorware Is About Controlling People Not "Filtering", Again

My DMCA opponent David Burt (censorware activist / PR flack ) makes a telling point in a quote in the following newspaper article (annoying registration required) "Snuffing out Net's benefit to democracy":

David Burt, a spokesman for Secure Computing, said the company sells "neutral technology," that customers can use as they see fit. SmartFilter allows a customer to block Web sites in 62 different categories, including religion and ideology.

A company trying to keep employees from spending hours shopping on eBay or reading online newspapers can use SmartFilter and other software programs to block access to those sites. But a censor in Iran or Uzbekistan can do the same to keep the population in the dark.

"We sell to ISPs [Internet Service Providers] all over the world. It's up to them how they employ the technologies," Mr. Burt said.

He said it, not me. Censorware is about controlling people, not "filtering".

To repeat myself: If it works for employers to controls employees, it works for governments to control their citizens. And conversely, if it cannot work for governments to control their citizens, because "The Net interprets censorship as damage, and routes around it" (but "What if censorship is in the router?"), then it cannot work for employers to controls employees. Pick one.

Don't reply: "In my personal value system, I think employers have the right to control employees, while governments do not have the right to control citizens". That wasn't the question. It's an issue of architectural implications.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
April 05, 2005

Censorware vs. Blogs

The following Blocked by Bess (a censorware program) blog story is thought-provoking in a subtle way:

Saturday, April 02, 2005
Blocked by Bess

I work for a school district in PA and recently alot of the students have been able to blog in school. Apparently the Network Administrator has picked up on it because any and all blogs including Yahoo photo's, Flickr, and a host of others are now blocked by Bess, our filter. I won't be able to update from work anymore which really bites. Now I will have to fight over the computer that is connected to my cable modem. ...

posted by Gabby at 12:22 PM

Note this is not really a case of wrong blacklists. Here, the intent of the authorities is to forbid blogs, and that's what being blacklisted.

Rather, the problem is the peer-to-peer issue, appearing in a censorware vs. blogs conflict. If you let students freely communicate with each other (e.g. on blogs) ... they are going to talk to each other about matters that the authorities might not want them to talk about. So no blogs allowed.

Maybe it's considered a "resources" issue here rather than a "harm" issue. That would be more palatable reason for the constraint. Still, somehow, I think the blog promoters are going to have a hard time in this context. Imagine if this was taking place in a foreign country.

Posted by Seth Finkelstein at 12:56 AM | Comments (4)
March 28, 2005

CyberPatrol censorware violates "Rules of Robotics", says columnist

The columnist said it, not me. In response to a question regarding how to fix a censorware installation gone amuck:

Q. My CyberPatrol Internet filtering software has gone haywire. ... My question is how do I rehabilitate CyberPatrol or uninstall it if it won't allow me to get to the place where you can change/check settings or uninstall the program?


A ... You are going to need to fish out the original software--either downloaded or on a CD--that you used to install this nuclear-powered Internet decency-enforcement software. Then you need to reinstall the software in order to override the robotic feature called Internet Disable.

I mention robots because CyberPatrol pretty much violates the Rules of Robotics as drafted by Isaac Asimov in the novel "I, Robot," by attacking humans who try to protect themselves from robotic damage.

Not that he's against censorware. But the implications of needing absolute control over someone's reading can have extreme effects.

Posted by Seth Finkelstein at 11:59 PM
March 25, 2005

HB260 Utah Censorware Law and Censorware Research

One more note on the Utah state HB 260 censorware law. It has an intriguing provision for state-sponsored censorware research:

(3) (a) There is appropriated for fiscal year 2005-06, $50,000 from the General Fund to the Division of Consumer Protection.

(b) It is the intent of the Legislature that the Division of Consumer Protection use the monies appropriated for fiscal year 2005-06 in Subsection (3)(a) to research the effectiveness of:

(i) existing and emerging technologies for limiting access to material harmful to minors on the Internet;

(ii) obstacles to consumers limiting access to material harmful to minors on the Internet; and

(iii) methods of educating the public about the dangers of using the Internet.

(c) The Division of Consumer Protection shall report the findings of the research for which monies under Subsection (3)(a) are appropriated to the Utah Technology Commission before December 1, 2005.

Who gets to spend that $50,000, and where? (There are some deserving programmers who would love to get a piece of it ...). What safeguards are in place so that censorware company lies are challenged? Or will this be a rubber-stamp commission which gets its information from marketing material?

Posted by Seth Finkelstein at 11:59 PM
March 24, 2005

Utah Censorware Law (HB 260) - subsidy to Religious Right lobbyists?

Besides amusingly funding a free hardcore pornography site list, the Utah state HB 260 censorware law has a very strange provision for spending tax money. First, they want publicity:

Section 10. Appropriation.

(1) (a) There is appropriated for fiscal year 2005-06 only, $100,000 from the General Fund to the Division of Consumer Protection for public service announcements advising consumers about the dangers of using the Internet.

[$100,000 is not exactly chump change]

(b) It is the intent of the Legislature that the money appropriated in Subsection (1)(a) shall be used to publicize in various forms of media:

(i) the dangers of using the Internet, especially Internet pornography;

[I can just see it - "This is Internet pornography. This is your brain on Internet pornography!"]

(ii) steps a consumer may take to learn more about the dangers of using the Internet;

[as in, buy censorware ...]

(iii) information about how a service provider can help a consumer learn more about the dangers of using the Internet, including the service provider's duties created by this bill; and

[... which this law requires the ISP to market to you at cost]

(iv) how a consumer can monitor the Internet usage of family members.

[and spyware too]

But elsewhere, there's a provision:

(2) Monies appropriated under Subsection (1) shall be paid by the Division of Consumer Protection to a person only if:

(a) the person is a nonprofit organization; and
(b) the person agrees to spend private monies amounting to two times the amount of monies provided by the Division of Consumer Protection during each fiscal year in accordance with Subsection (1).

This seems an odd requirement to me. Does anyone in my vast audience of many dozens of readers, know the significance of that "private monies amounting two times" requirement? (I miss the days when there were good mailing-lists for this sort of query). As I read it, if Utah pays $1, the organization has to spend an additional $2 itself. That apparently makes the number of eligible organizations rather small, and of a particular type. How many nonprofit organizations are there which want to spend a large amount of their own money on "the dangers of using the Internet, especially Internet pornography"? Frankly, I wonder if that's in effect a give-away to Religious Right lobbyists.

Posted by Seth Finkelstein at 06:53 PM | Comments (2)
March 22, 2005

State Of Utah to Provide List Of Free Hardcore Pornography Sites (HB 260)

Utah's HB 260 censorware bill has become law. While other commenters will deal with its almost-certain unConstitutionality, and I've previously noted HB 260 coerces censorware marketing, an under-explored section of the law has the amusing consequence of turning the state of Utah into a purveyor of an interesting porn site list:

67-5-19. Adult content registry.

(2) The attorney general, in consultation with other entities as the attorney general considers appropriate, shall:
(a) create a database, called the adult content registry, consisting of a list of content providers' sites, that shall be based on a Uniform Resource Locator address, domain name, and Internet Protocol address or a similar addressing system, that:
(i) are added to the database under Subsection (2)(b); and
(ii) provide material harmful to minors that is not access restricted;
(b) add a content provider site to the adult content registry only if the attorney general determines that the content provider is providing content that contains material harmful to minors that is not access restricted;

Note "harmful to minors" is a legal standard, which is doubly vague, but basically means obscenity-lite. According to HB 260, the Utah government porn list will consist of such site which have been presumably really human-reviewed (since this is a government determination), and are also not access restricted, i.e. free. And they'll make the list available:

(3) The attorney general shall make the adult content registry available for public dissemination in a readily accessible access restricted electronic format.

Remember, "access restricted" there doesn't mean encrypted, but age-checked:

76-10-1230. Definitions. As used in Sections 76-10-1231 , 76-10-1232 , and 76-10-1233 :

(1) "Access restricted" means that a content provider limits access to material harmful to minors by:
(a) properly rating content;
(b) providing an age verification mechanism designed to prevent a minor's access to material harmful to minors, including requiring use of a credit card, adult access code, or digital certificate verifying age; or
(c) any other reasonable measures feasible under available technology.

But I believe it's not copyrighted information. And I'm sure many people will be happy to mirror the State Of Utah's official list of hard-porn sites which don't restrict access. As well as, err, fact-check it.

I expect the law will be swiftly challenged and overturned. But it would be fascinating in the meantime to see what happens with the above provision. Your tax dollars at ... work?

Posted by Seth Finkelstein at 11:59 PM | Comments (3)
March 09, 2005

"No Child Left Behind" and Censorware Blacklists

"No Child Left Behind" is a particularly controversial Federal education law. It's also the program which was connected to a scandal of conservative commentator Armstrong Williams being paid to promote it.

An opposition site to the law - http://nochildleft.com/ - finds itself on a censorware blacklist, as "Political/Advocacy Groups", and so it's not readable in certain schools: Big Brother Comes to School: Telling Teachers What to Read and What to Believe (via LISnews.com).

It's a tale of a typical "censorware shuffle". The administrators have no idea what blacklists are in place and what's blacklisted (they probably think censorware "filters pornography"). The service reseller (SonicWall), as a hardware manufacturer, just repackages the censorware blacklists (here, "Cerberian"). The censorware company will say the site fits their category, so it's the school policy maker's fault. Everyone's fingers point to someone else. And the eventual effect of it all is that the government has a free hand to propagandize. While critics - who remember, are sometimes told by net-bubble-blowers that The Uncensorable Internet gives them an equal opportunity to be heard, because you can put up a website - are marginalized from important audiences.

There's an excellent accompanying overview by Nancy Willard of Constitutional and Legal Issues:

1. Who is making the decisions about what categories to block and on what basis?

2. Has this decision been left to the tech director, who likely has not had an educational law class so may be unaware of issues related to a student's constitutional right to access information?

3. Have categories been blocked based on a desire to avoid controversy?

4. Or has the school official taken advantage of the grouping done by the company to block categories that are likely to be more controversial.

I really shouldn't read these articles, no point for me.

Posted by Seth Finkelstein at 11:59 PM
March 05, 2005

Utah Censorware Law (HB 260)

Out of morbid curiosity, I read through the Utah Censorware law's text. (via LISnews)

As from the perennial topics of what-is-porn, and the-Internet-is-global, the real, err, money quote, in the law may be:

(1) (a) Upon request by a consumer, a service provider shall filter content to prevent the transmission of material harmful to minors to the consumer.

(b) A service provider complies with Subsection (1)(a) if it uses a generally accepted and commercially reasonable method of filtering.

That reads to me as having the effect of essentially decoupling price information about censorware from consumer demand. It artificially inflates the market for censorship.

Sigh. Nothing I can do.

Posted by Seth Finkelstein at 11:59 PM | Comments (1)
February 19, 2005

EFF: Dangerous Terms A User's Guide to EULAs

"Dangerous Terms A User's Guide to EULAs" is EFF's latest white paper, written by Annalee Newitz:

They're called End User License Agreements, or EULAs. Sometimes referred to as "shrinkwrap" or "click-through" agreements, they are efforts to bind consumers legally to a number of strict terms ? and yet you never sign your name. Frequently, you aren't even able to see a EULA until after you've purchased the item it covers.


With consumer activism, as well as actions that push our legislatures and courts to change consumer protection laws, we can prevent corporations from taking away our rights one mouse click at a time.

If you have been harmed by a EULA, or threatened with legal action because of one, EFF wants to hear your story. E-mail us at EULAharm@eff.org.

[Via Copyfight] This seems to be connected to the legal proceeding of the Blizzard vs BNETD case.

Harmed ... Well, where do I start ...

Might as well just repost something I wrote a while back, about reverse-engineering vs. fair-use, and censorware examples

Findlaw [had] an interesting article "Should Software Companies Be Able, Through Contracts, To Prevent Competitors From "Reverse Engineering" Their Products", by Chris Sprigman. It's a very good discussion of the subject. But there's a few places which could use some commentary:

Minor point:

Now, however, some companies whose software has been reverse engineered have started to fight back. They have added anti-reverse engineering provisions to the "shrinkwrap" licenses that accompany their products.

"Now"? This isn't new. I can't recall ever seeing a commercial shrinkwrap license without prohibitions against reverse-engineering. I found a censorware example from 1997, with a reply indicating this issue goes back decades (n.b., this is in part why I did my pioneer work against censorware , in virtual anonymity for so long).

Major point:

Reverse engineering itself, then, has been held to be fair use.

There's a difference between the idea that "Reverse engineering itself, then, has been held to be fair use", per se, intrinsically, and that certain instances of reverse engineering have been held to be fair-use, but others have been denied as fair-use. That is, between is fair-use, versus could be, but also might not be, fair-use. A reader of that article can easily get the impression that the courts have said reverse-engineering itself is always permitted as fair-use, whereas they've also said in other cases that it's not fair-use.

In particular, of special interest to me, the Cyberpatrol lawsuit, regarding programmers who reverse-engineered that censorware, has the following nasty things to say about that reverse-engineering of censorware:

43. Jansson and Skala admitted that they reverse engineered and decompiled Cyber Patrol Cyber Patrol, which violates the Cyber Patrol license agreement and creates an intermediate copy of Cyber patrol. ... In either case, by creating an intermediate copy of the Cyber Patrol software the defendants committed a prima facie copyright violation. ...

No Fair Use Defense

44. Fair use is a statutory affirmative defense to conduct otherwise actionable under the copyright law. ...

45. In general, any claimed "fair use" must be "consistent with the ultimate aim [of the Copyright Act] to stimulate artistic creativity for the general public good" ...

46. It is the defendants' burden to demonstrate such "fair use." ...

47. The individual defendants have no "fair use" defense here because they have neither asserted it nor submitted evidence supporting any fair use defense. ...

48. In addition, the purpose of the copying here is inconsistent with the general public good. The individual defendants' avowed purpose for decompiling CyberPatrol was to allow "youth access" to inappropriate content on the World-Wide-Web. That purpose contradicts the public interest as specifically found by Congress ...

49. Finally, to negate fair use one need only show that if the challenged use should become widespread, it would adversely affect the potential market for the copyrighted work ...

50. By their own admission, Jansson and Skala created the Bypass Code to "break" CyberPatrol ... Software explicitly designed to make CyberPatrol ineffective for its intended use can do nothing other than "adversely affect the potential market for the copyrighted work" ...

So whether reverse-engineering is fair-use also has to do with whether the court finds the specifics to be in "the general public good".

Disclaimer: I'm not a lawyer. But as the saying goes, the hound was only running for his dinner, but the hare was running for his life.

Posted by Seth Finkelstein at 09:06 PM
February 12, 2005

OpenNet Initiative on South Korean Government Censorware Collateral Damage

The OpenNet Initiative recently had a study

"Collateral Blocking: Filtering by South Korean Government of Pro-North Korean Websites"

"Tests undertaken by the ONI in December 2004 and January 2005 reveal that South Korean blocking extends to far more than the 31 web sites targeted by the orders. An additional 3,167 unrelated domain names hosted on the same servers as the blocked sites are also blocked. These web sites are completely unrelated to North Korea. This collateral blocking remains in place today."

The related Internet Censorship Explorer blog entry (not the report itself) was kind enough to mention in passing my much earlier cyberpatrol report on similar massive "collateral damage":

Blocking by IP address generally leads to the blocking of content that was never intended to be blocked since many thousands of domains can be hosted on a single IP. ...
Also, the same problem (or is it a feature?) has been documented in commercial filtering software as well.

Non-echo note: In fact, this is a big issue driving the internal structure in creating the censorware blacklists. The overall blacklists are often divided into bans by-name, and bans by-address. I actually wanted to investigate this issue from the "inside-out" (i.e., from the blacklist entries themselves). Sigh ... sad face

Posted by Seth Finkelstein at 11:59 PM
January 26, 2005

Utah Censorware Network Deliberately Bans Google Translate

Further regarding persistent censorware problems, let me echo the material below, since it's an official admission of a topic I've been emphasizing for years. In order for censorware to achieve its control, even sites such as language translation are problematic, because they're a "LOOPHOLE". I exposed this myself many years ago, but unfortunately my decryption-based research was very poorly publicized and had minimal impact, due to various grudges. Emphasis added below.

From the EDTECH mailing list, post available at

EDTECH Editor-Beil Nov 14 2004, 12:12 pm

From: Guy Durrant

Filtering in Utah is done by a statewide subscription to N2H2/Bess. We are not required to use N2H2, but I suspect most districts use this as it is available to them at no additional cost. The state picks up the tab.

The state filters the "Translate this page" option which comes up with some search results. The reason for this is that students could search for sites which the N2H2 filter will block, click on Translate this page, and if the original page was in English, it was "translated" and displayed, filter notwithstanding. It is unfortunate, because the translation feature was quite a boon to ESL and foreign language teachers. The images part of Google http://images.google.com is not blocked in Utah, but many of the sites it presents are.

Guy Durrant
Technology Director
Daggett SD

Posted by Seth Finkelstein at 11:57 PM | Comments (2) | Followups
January 25, 2005

N2H2 censorware blacklists Oregon libraries network as Pornography

According to the the Oregon libraries network's staff information blog, the censorware company N2H2 has blacklisted the entire Oregon libraries network as "Pornography": screenshot.

I sent this over to LISnews. I usually don't even bother with this stuff anymore, and there's a bunch more sites similarly blacklisted, but I thought they'd richly enjoy that example. Remember, I have a huge amount of censored censorware research that was destroyed or I can't publish - either nobody will hear it and/or I 'll be sued.

[Update 1/26 - N2H2 finally fixed it - as I put it,"Alacrity varies with publicity"]

Posted by Seth Finkelstein at 12:59 AM
December 13, 2004

European Internet Censorship

Andreas Bovens send me the following information on what's happening in European censorship, thanks:

For your info, there are some interesting moves on the European internet censorship front: http://www.alertnet.org/thenews/newsdesk/L09166684.htm
> The European Union has launched a 45 million euro ($60 million) plan
> to protect children from pornography and racist sites when they surf
> the Internet.
> [...]
> It will increase the number of hotlines, finance technology to filter
> out pornography and raise awareness among parents and children, though
> it was not clear if the funds will be distributed to member states or
> used at the European level.

Official Press Release: http://europa.eu.int/rapid/pressReleasesAction.do?reference=IP/04/1456&format=HTML&aged=0&language=EN&guiLanguage=en

Also have a look at the Safer Internet Programme page:

And one of the programme's "success stories": Surf-Mate

Posted by Seth Finkelstein at 08:05 AM | Followups
November 23, 2004

"Internet Filtering in Saudi Arabia in 2004" from OpenNet Initiative

"Internet Filtering in Saudi Arabia in 2004" has just been released by the OpenNet Initiative. This studies the implementation of censorware in Saudi Arabia (which uses "SmartFilter"). Disclosure: There was once some talk of my being hired as part of this project, but that was many months ago, and as far as I know, it's now a very dead idea for reasons ranging from cost to baggage - so don't suggest it, please!

I'm cited twice in the footnotes, which warms my heart. Approximately zero people have followed those footnotes to my site, so it's not going to be a source of readers, though it's good to know at least one person read that work.

In terms of what I've just been discussing currently regarding my Censored Censorware Reports, this passage from the report is very relevant:

Fourth, we base SmartFilter categorizations on tests run using the SmartFilterWhere tool ... The SmartFilterWhere tool lets users check SmartFilter's current categorization of a URL in three versions (version 4, version 3.x Standard, and version 3.x Premium) of the software. The tool does not allow checking a URL's past categorization; thus, it can be difficult to determine whether a URL's classification has changed over time. SmartFilter categories change frequently; of the roughly 26,000 URLs we checked on both dates, 10% changed between dates through having at least one category added to or removed from the URL.

Sigh. Guess what? I WROTE THIS TOOL FOUR YEARS AGO!. That is, I wrote a tool which did not have the limitations of SmartFilter's little web form, a tool which allowed past testing (if one has the past blacklists).

I couldn't publish it. Remember, even the DMCA exemption specifically does not cover tools.

This is where everything such as attacks by famous lawyers to Slashdot's actions, all matters. As a human being, I just can't smile while deeply worried about potentially being smeared and sued.

Posted by Seth Finkelstein at 10:57 AM | Followups
November 16, 2004

Reports You Won't See - A Survey Of Censorware Cryptography

[Another Censored Censorware Report]

Having examined more censorware internals than anyone else in the world, I've considered there might be an interesting academic survey paper describing the encryption algorithms employed various programs. It ranges all the way from the trivial encryption of "XOR" with a single byte (the original version of CyberSitter), to the full-blown Data Encryption Standard (DES). Of course, using the power of the Data Encryption Standard algorithm doesn't help too much when they give out the key in first place if one knows where to look.

Digression: During the DMCA exemptions testimony, when censorware company representative David Burt was taking the tactic that no American military was in Iraq no censorware decryption had been done, I thought of replying along the lines of "David, does the string [recite N2H2's private decryption key] mean anything to you?". But sadly, as a mere PR flack, he probably could have truthfully answered that the random letter/number combination which was N2H2's private decryption key, did not mean anything to him (and I couldn't remember it right then anyway).

But in terms of lawsuits, this isn't playing with fire, it's playing with WMD's (Weapons Of Mass Destruction). Or Lawsuits Of Massive Damages. A few years ago, when CyberPatrol sued two programmers, they opened with a $75,000 damage claim. Remember, that was just the start. These days, given the success of the music industry litigation tactic of loading up on claims of huge damages, gallows humor is whether a censorware lawsuit would confine itself to claiming mere millions of dollars, or go for billions of dollars.

Let's recall, even the DMCA 1201(g) research exemption is full of wiggles such as:

... the person made a good faith effort to obtain authorization before the circumvention;

[elsewhere] ... whether the information derived from the encryption research was disseminated, and if so, whether it was disseminated in a manner reasonably calculated to advance the state of knowledge or development of encryption technology, versus whether it was disseminated in a manner that facilitates infringement under this title or a violation of applicable law other than this section, including a violation of privacy or breach of security;

... whether the person is engaged in a legitimate course of study, is employed, or is appropriately trained or experienced, in the field of encryption technology; ...

There's almost a paradox here, in that low-hanging research fruit is likely snapped-up already by high-ranking researchers, leaving hard foraging for those further down the ranks. But that's exactly the sort of work which is going to involve more risk, yet at the same time apparently has less legal protection, because one almost needs to already have good formal credentials ("appropriately trained or experienced") in order to qualify in the first place! (i.e., want a job, get some experience, want some experience, get a job).

A paper which does very little for me personally, but has a reasonable chance of pauperizing litigation, yet I have no organization backing, is all a losing proposition. I am chilled.

Posted by Seth Finkelstein at 11:59 PM | Comments (4) | Followups
November 15, 2004

Banned Censorware Report - SmartFilter Reverse-Engineering

[I'm returning to my series of Censored Censorware Reports, where I describe research I cannot publish due to the lawsuit risk, and corresponding lack of necessary legal and journalistic support.]

There isn't all that much to describe regarding this report, because it was intended to outline some reverse-engineering of the censorware program SmartFilter. It's hard to give details here without actually writing the material, and so defeating the purpose.

However, the following news item, from Susan Crawford, should make the derailed and destroyed report relevant and perhaps even poignant (my emphasis below):

3. Speaking of EFF, they're looking for amicus briefs to be filed by December 22, 2004 in the Blizzard v. Internet Gateway case in the 8th Circuit. The district court decision [pdf] in that case upholds a very broad license agreement forbidding any kind of reverse engineering or fair use; key issues before the appellate court will be preemption and the scope of the 1201(f) exception in the DMCA for reverse engineering.

("Blizzard v. Internet Gateway" is the same case as the previously mentioned Blizzard vs BNETD, that's just a variation in the name)

Note it's unclear if my plight would even be fodder for an amicus ("friend of the court") brief here. There are legal details I don't completely understand, having to do with rules that appeals are supposed to refer only to facts already in the trial record. This is very different from e.g. the (failed) "affirmative" case against N2H2, where the facts there were developed specifically for the legal challenge.

It's not worth years of litigation to publish this research, even if I eventually won. Not when there's so little backing and support.

[Update: I should have explained than an amicus brief is by "someone who is not a party to the litigation, but who believes that the court's decision may affect its interest." - I hope the application is obvious ...]

Posted by Seth Finkelstein at 11:59 PM | Followups
September 29, 2004

Banned Censorware Report : "BESS (N2H2) and The Ineffable Name"

[Continuing the homage to Banned Books Week, I've described below another Censored Censorware Report ]

BESS (N2H2) and The Ineffable Name


For no one can utter the name of the ineffable God; and if any one dare to say that there is a name, he raves with a hopeless madness.

-- The first Apology of St Justin, Chapter 61

This report was going to discuss "unsearchable names" of N2H2's censorware program BESS. That is, names which could not be searched because they matched banned keywords. Just to illustrate the concept, though not banned here, consider "Dick Van Dyke" (if you didn't know that was a real name, wouldn't it sound made-up?). As N2H2 (the censorware company) put it:

Search Terms
This category restricts access to search result pages based on key words that are known to return offensive results, but does not block access to search engines.

Examples of these key words are very offensive, so are not included here.

So offensive that they cannot be named?! That's almost Biblical. When I decrypted N2H2/Bess, one of the blacklists was a long sequence of various names and name-patterns. It was actually pretty amusing. As in, who were all these people? How (in)famous did you have to be, in order to get your name on the list?

There was plenty of material here. Compare for example China censored keywords. But this wasn't about China, it was about a US company, which could sue me. So since I didn't have the protection or support I needed, the report was derailed, and eventually the research was essentially destroyed.


Do not play the Name Game if you are called Chuck.

[I don't know if I would have left in this little joke, it's edgy. I always want to have my material be good reading in terms of the writing itself. But I get flack for it. One very well-known free-speech activist claims I don't get my reports read and covered because the literary quotes are too much fluff]

Granted, this material was not the most earth-shattering of revelations. But I think the specifics were a worthwhile research contribution, which would have been a useful addition in opposing censorware propaganda. However, the mathematics was that the upside was likely there would be only a few readers, versus a downside of lawsuit and smear risks. Now, not every report has exactly the same amount of legal risk, and I don't want to ignore distinctions. This one was in fact arguably on the lower end. But not zero or practically so. On the other hand, it wasn't a blockbuster, so my paucity of press meant the readership would be minuscule. On the balance, this was low-probability Russian Roulette, but that's still Russian Roulette. It wasn't worth it.

Posted by Seth Finkelstein at 11:59 PM | Followups
September 28, 2004

Banned Books Week

It's Banned Books Week. Though I search in vain among the PR for much consideration of the banning of websites, which seems to me to be so relevant after the library censorware law went into effect.

The ACLU's Banned Books Week page actually makes a mention of censorware, among all the Patriot Act references (emphasis added):

Libraries are at the center of the struggle to preserve everyone's freedom to access a diversity of ideas, information and opinions. Banned Books Week, from Sept. 25 to Oct. 2, calls attention to the wealth of creative expression that is stifled when libraries are forced to remove some books from their shelves.

When a Web site is blocked on a library computer or a book is taken off the library shelves, it is easy to see how your freedom to access information is being compromised. But other threats to our freedoms in the library can occur in secret. When you check out a book and visit a Web site, do you know if somebody else is watching?

I've long had the idea for Banned Websites Week. But that project was another casualty of my having quit censorware decryption, and soured on activism in general. I actually got a nibble about it a few months ago, and declined. I just didn't want to go through another project where I likely wouldn't get much reputation-credit, wouldn't reach people, but had several possible ways to lose. Maybe it doesn't matter. All I can do is note that here's another effort which would have been done if I hadn't been ground-down and driven-out, and I've outright given up on it due to the lack of support, draining attacks, and marginalization (regrets, remember, I gave notice of upcoming gloomy postings).

Posted by Seth Finkelstein at 11:56 PM | Followups
September 27, 2004

N2H2 (censorware company) PR "statistics" in news article

The infamous example of lying with statistics from censorware company N2H2 appeared yet again in a news article:

Workplace porn: alive and well
Friday, September 24 2004
by Deirdre McArdle

Filtering technologies can also play a part in protecting both companies and their employees from inappropriate material. ...

Perhaps the biggest mistake firms can make is to do nothing to stop this growing problem, and it is just that: a growing problem. "Internet and e-mail usage is continuing to grow, as is the number of adult websites online," said Wisdom. The scale of growth of these adult websites is phenomenal: filtering software company N2H2.com said that there were more than 260 million pornographic web pages on the internet in 2003, compared to only 14 million in 1998.

Now, what is the use of my pointing out that the numbers quoted here rely entirely on the censorware company's own words, with no check as to their honesty? That any implication about "a growing problem" should be placed in the context of the fact that the relative proportion of "pornographic web pages" has arguably not changed at all? (that is, relative to the total web). Who is reading? Who cares?

Give my marginalization, the people hearing me about censorware are generally either a tiny number of hardcore fans, in which case nothing is gained by my going over the topic again, or, oppositely, those who don't care, such as censorware company employees (really - practically, these are some of my most dedicated readers!). Remember the N2H2 legal case - I can't risk a lawsuit for any decryption research.

This is one example of why I have such a dim view of the blog blather. My voice is nowhere near the reach of N2H2's flacking. Preaching to the choir is useless from the standpoint of having any effect.

Posted by Seth Finkelstein at 11:36 PM | Comments (7) | Followups
September 20, 2004

Military censors icasualties.org, CNN casualty page

Eric Umansky reports on the the site icasualties.org being censorware'd, along with a CNN casualty page (thanks, Lis).

As a non-echo aspect for this post, I'll point out that some echoing of his report has elided a subtle aspect. It's clear in his original post that the banning message "Your request was denied because of its content categorization: "Extreme;Politics/Religion"" (that's SmartFilter) refers to a different, earlier, example of banning "The Memory Hole". But that message doesn't necessarily apply to the current incident - no specific messages are cited.

A spokesman's response (Captain Chris Karns) indicates this banning is apparently intentional, not "collateral damage".

[Note to people who aren't my regular blog-readers - I've done extensive censorware investigations but lack of support/legal risk drove me to quit and stop research. ]

Posted by Seth Finkelstein at 01:51 AM | Followups
August 22, 2004

SmartFilter Blacklists Gay City-Sponsored Event From City's Own Library

[Remember, censorware marketing flacks can say anything, without opposition ]

Capital mix-up over Mardi Gras

Capital mix-up over Mardi Gras
Aug 21 2004 Aled Blake, The Western Mail

A Welsh council was accused of hypocrisy yesterday after barring its computers access to a national gay and lesbian event which it supports.

Cardiff County Council stopped its computers from accessing the city's Mardi Gras website - despite an endorsement from its new leader.

Computers at libraries in Cardiff could not get into the website, which promotes the city's gay and lesbian festival in September, because software it uses automatically stopped users getting into the site.

The council lifted the ban yesterday afternoon after complaints from people trying to log on to the Cardiff Mardi Gras homepage. ...

A spokeswoman for Cardiff Council said, "The council operates a policy to monitor and control the content of sites accessible to council employees and members of the public.

"In order to do this we use a product called 'Smartfilter' provided by an external company which gives us a database containing millions of categorised websites updated daily.


SmartFilter blacklists Cardiff site as Pornography

Posted by Seth Finkelstein at 11:32 PM | Followups
August 11, 2004

Censorware items round-up

Many censorware stories have crossed my screen in the last few days, so a little aggregation and commentary might not be bad.

Bob Turner writes of his censorware company's open list of porn domains. Yes, I am vastly amused by this. Though I don't think it changes what I say concerning secret censorware blacklists, as the actual usage of open lists is very small. In a different world, I'd do more on this specific topic. But these days, sadly, I just don't want the hassle.

A decryption temptation which I must forego, sigh: Daily News: Cleaning up Justice (via Wonkette, of all places).

First, Attorney General John Ashcroft demanded that his department's bare-breasted statue of Justice put some clothes on. Now the DOJ bluenoses are checking staffers' E-mails for naughty words.

Some at Justice are griping about software, called MailMarshal, that blocks messages when it spots "unacceptable language, or inappropriate material." ...

Stu Smith, president of AFSCME Local 2830, which represents employees in the department's Office of Justice Programs, has asked for a list of the "bad" words and an explanation.

DOJ spokesman Charles Miller tells us the program was installed for virus protection, but that it also rejected E-mails it deemed too vulgar. Miller says the program has been uninstalled since staffers complained. ...

Gary Price told me about: "Panel says expand use of library Web filters" (my emphasis below):

By Ames Boykin Daily Herald Staff Writer Posted Tuesday, August 10, 2004

Every computer in the Des Plaines Public Library would be equipped with an Internet filter to block sexual images, under a plan approved Monday. ...

"If there is information being blocked, it should be reported to the library so the system may be evaluated over six months, officials said. But the filters won't be disabled even if a patron asks during the trial period."

But I have a blog ...

Posted by Seth Finkelstein at 12:29 AM | Comments (1) | Followups
July 21, 2004

Censorware'd Hotel WiFi and Georgia libraries - blogs blacklisted

Matt Haughey describes his experiences with a censorware'd Hotel connection. This was using SmartFilter, and it seems it has the same quality as always. Given the blacklist categories in place and how sites were blacklisted, the net result was that many, many blogging sites were blocked (including his own famous site, MetaFilter)

I've been told this system is in place in every public library in Georgia (internet filters are currently required on a federal level or they lose their funding if I remember correctly). I know libraries have a longstanding problem with random folks viewing porn at free kiosks, but I think blocking a major blog service like Blogger is taking this too far. We've already seen examples of voices only heard through blogging, like the Homeless Guy and Salam Pax. They use their blogs as their secret channel to communicate to the world, and it's not hard to imagine someone with an unique perspective on life that was limited to free internet use at a library.

And I checked, that's correct. In fact, even the blacklist categories which include almost all the examples he found, are widely used in the Georgia public libraries (http://www.georgiafamily.com/schools_and_community/libraries_filter_porn.shtml).

The Middle Georgia Regional Library is blocking five of SmartFilter's thirty web site categories, while Houston County is blocking three. Both libraries are blocking the categories of Sex (includes soft- and hard-core pornography and sex discussions), Chat (Web-based chat groups, including chat rooms, instant messaging, and message boards), and Extreme/Obscene/Violence (includes violent, gory, or horrific material related to sex, bodily functions, obscenity, and perverse activities). The Middle Georgia Regional Library is also blocking the Criminal Skills category (sites that give methods for or promote illegal, criminal activities such as bomb-making, computer hacking, murder, burglary, and rape) and the Drugs category (sites that provide information on the purchase, manufacturing, and use of illegal or recreational drugs like marijuana, cocaine, and LSD).

He concludes:

I'm often jokingly comparing bloggers to pamphleteers of yore, but within blogging there are definitely some significant cases where people have a message to get out that can change the world. To find out that an institution of democracy like a library might be barring someone from sharing their perspective with the world saddens me. The irony that I had to go to significant means to even post this entry (my blog software has a *.metafilter.com address) isn't lost on me.

I got a link at the end of the article - thanks!

And remember, I had a SmartFilter analysis tool, but could not publish it. Sigh ...

[Update: Grammar/typo fix (my own), BoingBoing technorati-bait]

Posted by Seth Finkelstein at 11:25 PM | Followups
July 20, 2004

"Cleanfeed" (government censorware for UK ISP) now in effect

The "Cleanfeed" program went into effect in the UK, the system where :

... the largest internet service provider in the country [BT], with some 1m broadband subscribers, is setting up complex filtering software in its system that will refuse access to a list of web sites that are suspected of containing child pornography.

According to the BCC: (thanks, Andreas Bovens)

BT said in its first three weeks its new system, which bars access to particular sites, registered nearly 250,000 attempts to view web pages containing images of child pornography.

That represents an average of about 10,000 requests each day.

Now compare reactions where:

Pierre Danon, chief executive of BT retail, said the company was blocking access to hundreds of sites which had been identified by the Internet Watch Foundation.

But he said BT did not track those trying to log onto the sites or pass their details on to police.

And he said the company had no way of telling how many users were navigating to such sites by accident.

"We don't know their motives or who does it and honestly we don't want to know," he told BBC Radio 4's Today programme.

A BT spokesman added: "It could be that one dedicated pervert is making hundreds of attempts to get on websites each day."


The BBC's Neil Bennett said even allowing for some people making repeated attempts, it is clear thousands of people are trying to see such material daily.

This is one of the biggest problems with censorware debates. Inflammatory numbers are bandied around with NO INDEPENDENT REVIEW. It's arguably even illegal for anyone not working with law enforcement to even attempt to check the assertions. The flashy statistic is thrown into the public discussion, and will be used, but anyone who attempts serious analysis of it is in severe legal peril.

Oh well. I've quit.

[Update: Some skepticism: ISPA seeks analysis of BT's 'Cleanfeed' stats ]

[Update 2: More skepticism: BT on child porn stats ( "pure speculation") ]

[Update 3: Still more skepticism: Porn filters ineffective against Tribbles]

Posted by Seth Finkelstein at 11:59 PM | Comments (3) | Followups
July 16, 2004

Fair Use, Copyright, and a Mike Godwin story

I'm going to endeavor to make a point concerning the recent "use it or lose it" discussions regarding making copyright and fair use determinations. I'll try to do it in a somewhat non-traditional way. Let me tell a story from my experience. Warning: this is not a pretty story. But then, neither is the prospect of being sued.

In late 1995, when I first decrypted censorware blacklists, I had the misfortune to ask one of the most then-famous net lawyers, Mike Godwin, for advice about legal issues (this was a big mistake, because of the politics of censorware-is-our-saviour, but that's another story).

The relevant point to the current discussion is that Mike Godwin had, at that time, the idea that censorware blacklists were not subject to copyright. His reasoning was, briefly, that the blacklist items were "facts", and the blacklist information itself had no copyright. I'm not breaking any confidences or revealing much of a secret here. He expressed that view repeatedly and, err, forcefully, some years later in a long mailing-list discussion. This was related to the lawsuit in 2000 against the programmers who reverse-engineered CyberPatrol (a censorware/"filtering" program), AND PUBLISHED IT (I had similarly reverse-engineered it earlier, but not published anything except a few results, and those laundered through journalists - another story/mistake, sigh). I didn't argue with him in 1995. He wouldn't have listened. Privately, however, I thought his advice was wrong. One sad implication of his views though, was that since he knew, with supreme confidence, that censorware blacklists were not copyright-able, and knew this with all the arrogance that an egotistical lawyer can muster, my disagreement with him must've been simply a reflection of my cowardly nature, or worse. How could it be otherwise?

But in 2000, the subject was a big public discussion. And, Mike Godwin was sooo confident of the rightness of his views on lack of copyright of censorware blacklists. Bear with me, I'd like to give the flavor of the absolute certainty with which this was proclaimed:

I'd happily go to court on that issue. And I'd win. Facts are facts, and are not copyrightable.


But the fact of what is blocked is not copyrightable. It's just a list, and no deeper a list than the list of names in Feist.


If I were to post that entire list of sites in a different order from that used by CyberPatrol, for example, I would not be a copyright infringer. It is only the particular expression of that list of URLs that is protected by the Copyright Act -- not any and all instantiations of the same information.


I don't believe that my own [hypothetical] publication of what CyberPatrol blocks is infringing, even if I include all the sites they block, so long as I don't duplicate their precise expression of their list.


I should add that I understand why censorware's defenders may be arguing for the more expansive view of copyright, in order to protect CyberPatrol's right to sue in copyright.

But I'm certain I'm right to argue that CyberPatrol is wrong to assert a copyright interest in the mere fact of whom they don't like.

You friends of CyberPatrol, have at me!


When James S. Tyre gave him some factual corrections, e.g.

"the list itself includes the blocking categories"


Mike Godwin responded in typical abusive fashion, even accusing James Tyre of unethical behavior (this was highly ironic, the coal-bin calling the bone-china black).

Are you making the pro-CyberPatrol argument that the blocking categories are creative expression, James?

Do your clients know you're doing this?


I should note he was flamed hard for this, by law professor Peter Junger

I am afraid that Mike Godwin is us reverting to his old tendency of making nonsensical arguments. ... [later] And anyway, if the lawyers for our side go into court convinced that there is no merit in the other side's arguments, then we are going to be the ducks in that barrel.


And me, for which I make absolutely no apologies:

In terms of treatment of clients, Mike, you are a disgrace to your bar certificate. I seriously considering bringing an action against you for breach of attorney-client privilege, for your various misuses of confidential information. And it was in fact *Jim Tyre* who convinced me not to do it.


Anyway, this "discussion" went on for quite a while, good and bad. And finally, after several distinguished lawyers who specialized in intellectual property law, and prominent authors in that legal field, all told Mike Godwin he was wrong, he conceded.

After speaking with my friend Pam Samuelson at Computers, Freedom, and Privacy here in Toronto, I've come to the conclusion that Bruce Hayden and others were right, and that I was wrong, with regard to whether Feist should be read as protecting compilations of facts based on selection alone (apart from arrangement).


There was pointedly no apology to several people most abused, though. Especially the programmer (me) who would have been very badly off to have relied on his wrong copyright advice earlier, in 1995. In fact, as usual, I lost reputation-points myself (yet another story). The eventual court findings were horribly against fair use and in favor of copyright claims.

Why do I go through all this? Well, the speaker here was not (just) some flamer. It was net.legend Internet lawyer Mike Godwin. And many people who said he was wrong were showered with accusation and vituperation.

I'll put the moral of the story as this:

No matter how many times a theory is repeated, that doesn't make it correct. And the people on the risk end if it's wrong have a right to doubt it. Because it'll be them being sued.

There's a lawyer joke: After being convicted at trial, a criminal defendant turns to his lawyer and asks "Where do we go from here?" The lawyer replies, "We? I go back to my office. You go to jail."

Posted by Seth Finkelstein at 09:44 AM | Followups
July 06, 2004

Update on "Fabricated" SmartFilter / Secure Computing Web Porn Study

Latest development in the story where SmartFilter / Secure Computing Web Porn Study is "Fabricated", from ZDNet Australia:

While the company's original statement claimed that no pornographic pages had ever existed in the .nu space, Semich conceded that sites featuring adult content using .nu domain names did still exist. "I admit some pornographic Web pages using the .nu domain name probably do occur, just not in the extremely inflated number given by Secure Computing," he said. Sites which hosted adult content would be deregistered when their current term expired, he added.

The approach taken by the Secure study has also been criticised by other market observers. "It's not helpful to characterise the size of the problem by the number of pages," said Chris Disspain, chief executive officer of .au Domain Administration. "They are not a valuable, sensible or helpful measure of what's going on." Like Semich, Disspain is concerned that confusion will arise between the registration of a domain name and where the site is actually hosted.

Secure Computing told ZDNet Australia it stood by the methodology used in the study.

Now, here's my question: WHAT METHODOLOGY?

Where is the data to be examined? Where is any ability to review their assertions? To do an independent examination?

"Studies" done on secret data are inherently suspect.

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
July 05, 2004

Censorware usable for blog Denial-Of-Service Attack?

Michael Froomkin relates a censorware experience with some interesting implications:

Since the supreme court cares about the quality of blocking and filtering software, it may be appropriate to report that SiteCoach, the blocking software used on the internet kiosks in the lobby of the Amsterdam hotel I am staying in blocks Atrios for using the f-word, and the Volokh Conspiracy for "Forbidden Keyword free sox". Actually, the "o" in that last should be an "e" -- I'd post it more clearely, but that would just ensure I couldnt access my own blog any more.

Hmm ... "couldnt access my own blog any more". Now, his blog has the style where excerpts from recent comments are displayed on the front page, using the first few words of the comment. Suppose, as a comment, on seeing this, a malicious person had posted "FREE SEX!!!". Then that phrase would appear on the front page of the blog. And perhaps trip the censorware. Moreover, if he tried to delete the comment, the editing screen would of course have displayed it, and hence also triggered the censorware (there might be way to generate a delete command without display, but most people would probably stop at the point where they were locked-out of the comment editing screen).

I didn't test this, err, directly. But likely there will be plenty of chances to see if it happens to someone ...

Posted by Seth Finkelstein at 11:59 PM | Comments (3) | Followups
July 01, 2004

Free Expression Policy Project on COPA (net censorship) and Censorware

There's excellect and uncommon commentary on the "COPA" net censorship decision from the Free Expression Policy Project :

The Right Decision; The Wrong Reason

Equally important, this victory has dug us ever deeper into the Internet filtering trap - the embrace of a technological "fix" that, with its mechanistic, heavy-handed use of key words and phrases in place of context, nuance, and human judgment, censors far more speech, and far more irrationally, than even a vague criminal law. Magna cum laude graduates, fans of "Marsexploration," and lovers of "pussy willows" beware.

In fact, I had a censorware report in preparation concerning exactly that topic, nailing down examples from key words. It's some of the lesser research which was derailed and destroyed due to all the attacks and legal risk. All I can do now is put that on the record now, as an empty gesture to history.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
June 30, 2004

SmartFilter / Secure Computing Web Porn Study is "Fabricated", claims target

[You heard it here first! And I know a great deal about David Burt (censorware PR Rep) and SmartFilter's propensity for fabrication - more later]


Numbers in Secure Computing Study on Web Porn Were Fabricated and Defame the Tiny Nation of Niue

June 30, 2004 07:13 PM US Eastern Timezone

.NU Domain to Take Legal Action Against Secure Computing In Connection with Its Study on Web Porn

"This study," [said J. William Semich, President of .NU Domain Ltd.], "along with all its claims about Niue and the .nu domain name, is false and defamatory."

Full Press Release below (I have no connection with these people, except for wishing them well against censorware company phony studies)

June 30, 2004 07:13 PM US Eastern Timezone

.NU Domain to Take Legal Action Against Secure Computing In Connection with Its Study on Web Porn

MEDFIELD, Mass.--(BUSINESS WIRE)--June 30, 2004--

Numbers in Secure Computing Study on Web Porn Were Fabricated and Defame the Tiny Nation of Niue

.NU Domain Ltd, the US-based operator of the .nu top level domain name registry, today announced that it will take legal action against Secure Computing Corporation (NASDAQ:SCUR) for making false claims that .NU Domain is hosting millions of pages of pornographic material. The company also stated that it will take legal action against anyone who republishes this inaccurate and defamatory study.

Secure Computing Corporation released a report on June 24, 2004 which it says shows the global distribution of millions of pornographic Web pages by the top 100 individual country domains. The report falsely states that "The domain of the Island nation of Niue hosts an astonishing 3 million pages of pornography on its .NU domain."

"There are no such pornographic Web pages being hosted in Niue or by the .nu top level domain, nor were there ever any such Web pages," said J. William Semich, President of .NU Domain Ltd.

"This study," he added, "along with all its claims about Niue and the .nu domain name, is false and defamatory." There are approximately 100,000 .nu domain names currently active on the Internet Worldwide. Since first launching registration services for .nu domain names on the Internet in 1997, .NU Domain Ltd has developed one of the most stringent sets of policies and terms of use of any domain name in the world. "Since then," Semich said, "we have deactivitated, revoked or removed about 6,000 names for violating our policies or US laws, including aggressive policies against pornography."

Rather than being a geographic study of Internet pornography, the Secure Computing report is merely a summation of the total number of Web page URLs the company has listed in its Web site access control filter. The more Web pages it can list in its filter the more protection it can claim to be providing, so in an apparent attempt boost the count, Secure Computing has included thousands of inactive and expired domain names, and the millions of Web pages associated with them, in its SmartFilter(R) v4 Control List. "The number of pornographic Web pages it has listed as being associated with the .nu domain name is wildly inflated as a result," said Semich.

.NU Domain has intentionally structured its use and pricing policies to discourage pornographers from using .nu domain names in their businesses. "Pornography Web site operators prefer to use the lowest cost domain names for their Web pages," said Semich. "Since they register many domain names - often thousands - for the same pornographic Web site. .NU Domain Ltd requires a two-year registration period to register a .nu domain name, for a total cost of $60 US or 60 Euro. Registrars for .com domain names charge as little as $8 US and only require a one-year registration."

About .NU Domain Ltd

.NU Domain Ltd, is a US-based private corporation located in Medfield, MA. .NU Domain is the leading commercial Top Level Domain Name Registry serving Northern Europe. It is also the only Top Level Domain in the world that can support the complete UNICODE international character set in live Web addresses without requiring the use of browser plug-ins or other changes to customer systems, using its unique patent-pending technology.

Besides its free blogging service for customers at http://www.blogga.nu, .NU Domain Ltd also offers free domain name parking services for customers who need to lock in a domain name but have no immediate plans to use it, and, for a small annual fee, the .NU InstantWeb Service which provides a quick, five-page mini Web site with blog pages, or URL forwarding for your .NU domain name to a Yahoo, AOL or other personal Web site without a unique domain name, and .NU InstantMail Forwarding so AOL, Hotmail and other mail service users can have a unique .NU mail address. You can visit .NU Domain Ltd on the World Wide Web at http://www.nunames.nu.


.NU Domain Ltd: J. William Semich, 508-359-5600, bill[at-sign]nic.nu
Laura MacSweeney, 781-395-6420, lmacsweeney[at-sign]comcast.net

Posted by Seth Finkelstein at 09:58 PM | Followups
June 29, 2004

Internet Censorship Law and Censorware Politics

[This is a REPOST of a message I wrote a few months ago. I'm putting it here again since I'm busy today with paid work, and besides, it says just about what I'd say anyway in reaction to the recent "COPA" net censorship decision.]

I probably shouldn't waste my time writing these posts, but the recent net censorship Supreme Court argument struck a deep chord with me:

Ms. Beeson argued that there were less restrictive alternatives to the pornography law: parents could now take matters into their own hands by using Internet filtering software and configuring it to reflect their own values. Congress already requires that schools and libraries use filters.

Chief Justice William H. Rehnquist and Justice Antonin Scalia seemed skeptical of that argument, however, and both noted that the civil liberties union had opposed the library filtering bill. Mr. Olson also noted that a number of Web sites gave step-by-step instructions on defeating the technology.

Here - not ancient history, not years ago, but this week's Supreme Court Internet censorship law arguments [update 6/29 - and now Supreme Court decision] - is an illustration of the problem I faced for so many years. Because the part of the civil-liberties strategy was, and remains, arguing favorably about censorware in this legal context. See Peter Junger's "least restrictive means" message for the best legal analysis (in my view).

I never opposed this as a legal argument. But for too long, for too many prominent people, that legal argument turned into a social argument for touting censorware. And so ...

If you said censorware didn't work, you were going against the strategy.

And that was bad. And thus the censorware critics had to be discredited. And here my trouble began.

In 1995, when I first decrypted censorware. I called my then-friend Mike Godwin, famous net.legend Internet civil-liberties lawyer, for help. Well, at that time, he was making policy advocacy statements such as:

This is why I believe that the right role for Congress to play is to encourage the development of software filters that prevent my child and others from being harmed in the first place.

Recall that the basic technology we're talking about here is the computer -- the most flexible, programmable, "intelligent" technology we build and market.

-- Mike Godwin, 1995 Congressional testimony

Thus he was not pleased to be informed about censorware's lack of "intelligent" technology. And I got an earful of all the (my description) dirty deals that were trying to be cut behind the scenes. I suppose now it's no secret that the ACLU blew me off when I tried to get their help (I still have the messages). But they didn't go on a personal attack-campaign about it.

Anyway, much has happened since then. However, some of the fundamental paradoxes are still in evidence - this week, in the Supreme Court.

I note this in an attempt at a "teachable moment". When I try to explain the background of censorware politics, the factors which caused things to evolve as they did, I often get trivialization and dismissiveness ("Petty bickering! Size measuring! Pissing contest!"). It's so easy to scream "EGO!", which means you don't have to think about anything.

There were, and are, reasons which drove it all, and still matter right now. But looking back on how it affected me, over nearly a decade: If I had to do it all over again, I wouldn't. Personally, it wasn't worth it.

Posted by Seth Finkelstein at 05:13 PM | Comments (3) | Followups
June 07, 2004

Cleanfeed, "Internet Watch Foundation" statement

Continuing my hopes of providing original or uncommon material, I went looking for further information on the proposed "Cleanfeed" British Telecom ISP blacklisting of illegal sites. I found some interesting news on the Internet Watch Foundation pages for: Internet Watch Latest News

BT intends to install the database within their internet services, to protect their retail customers.

This initiative is launched at a time when existing and emerging internet services & technologies are often believed to pose potential risks to internet users, because of the availability of certain types of content online.

Peter Robbins, CEO, IWF:
"We believe that everyone is entitled to an abuse free online environment. Our child abuse image database contains details of websites, which if knowingly accessed by UK consumers could lead to them committing criminal offences under UK law. By preventing access to that content, BT are protecting their services and their customers."

Nobody can be in favor of child pornography. Not in any way, shape, or form. But that being said, the above statement is an "interesting" way of framing the censorship efforts.

Update: Clive Feather has written (to a mailing list), about technical implementation:

As explained to me, the system takes a daily feed of URLs and generates a list of IP/port pairs from it; this list is fed to various routers in BT's network. Traffic to those targets is diverted to a special web proxy which behaves normally except that it fakes 404s for URLs on the list.

This will address the "one page at Geocities" bit, but not the "ten minutes later" bit.

Um, I don't know where in the process the DNS lookups are done, so possibly a change of IP address ten minutes later would be caught; a change of actual URL, though, wouldn't.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
June 06, 2004

"Cleanfeed" - British Telecom to ban child porn site connections


(my emphasis below)

BT puts block on child porn sites

Martin Bright, home affairs editor
Sunday June 6, 2004

The Observer

British Telecom has taken the unprecedented step of blocking all illegal child pornography websites in a crackdown on abuse online. The decision by Britain's largest high-speed internet provider will lead to the first mass censorship of the web attempted in a Western democracy.

[Note it's not clear to me that this effort, called "cleanfeed", is the same as http://www.cleanfeed.co.uk/ - I've inquired.]
[Update: This "cleanfeed" is NOT the same as that website, Clive Feather says "A coincidence"]
[Update - slightly more info: http://www.pcpro.co.uk/news/news_story.php?id=58650]

The key question, which I hope someone in journalistic power will ask:



Abstract: This report examines a secret category in , a product often sold under the name BESS, The Internet Retriever This category turns out to be for sites which must be uniformly prohibited, because they constitute a LOOPHOLE in the necessary control of censorware. The category contains sites which provide services of anonymity, privacy, language translation, humorous text transformations, even web page feature testing, and more.

[N.b., it's not a secret anymore, I'd like to think because of my expose]

Posted by Seth Finkelstein at 10:47 PM | Comments (4) | Followups
June 03, 2004

"The Memory Hole" site censorware'd by SmartFilter

The Memory Hole website, devoted to "material that exposes things that we're not supposed to know (or that we're supposed to forget)." reports that it's censorware'd on US Army computers:

Trying to get to the site results in the following message:

Access Denied (content_filter_denied)

Your request was denied because of its content categorization: "Extreme;Politics/Religion"

For assistance, contact your network support team.

Nart Villeneuve wrote up a nice investigation:

The facts indicate that http://www.thememoryhole.org/memoryblog/ is blocked, most likely by a BlueCoat appliance configured with SmartFilter 3.0. But the site is not classified as "Extreme;Politics/Religion" but simply "Politics/Religion"? The most likely explanation is that the military is filtering the "Extreme" category and not using to the most recent version of the SmartFilter database. At some point the Memory Hole was probably doubly classified as Extreme and Politics/Religion and, if the military has not updated their blocking lists, is blocked by the military as a result.

(note the link :-))

Purely as a guess, the Abu Ghraib torture photographs of Iraqi prisoners may have been a cause of the blacklisting as "Extreme". Those images are exactly the type of material which gets blacklisted, since after all, they are sexualized abuse and brutal degradation. They just get a pass in terms of people's perceptions, because conceptually it's news.

I should note here that I'd developed a tool which would have made historical/archival investigation much easier in this case. Remember, i couldn't publish it, because of the lack of support for me. The potential benefits (going to others in general, from increasing knowledge) weren't worth risking a lawsuit (falling on me in specific, from the various costs). Thus I had to write off that work. It matters.

Posted by Seth Finkelstein at 11:59 PM | Followups
May 31, 2004

More on censorware ("Internet Content Filtering") in India

The folks at OpenNet Initiative kindly wrote back to me, and updated the censorware bulletin "Internet Content Filtering in India: Variations in Compliance and Accuracy" with the new collateral-damage blacklisted domains I had sent them, nicely credited to me.

Since this seemed worthwhile, I replied with some more collateral-damage domains, listed below in the extended entry if interested (I didn't send everything at the start since it wasn't clear that the domains I found, were in fact blocked - I don't have the corresponding testing facilities). I'm not sure if I should write-up some more formal supplement to their bulletin.

http://www.ascentofsafed.com - "Ascent of Safed"

http://www.hinduunity.net - varients of HinduUnity.org

http://www.galleryrobinson.com - Robinson Gallery

http://www.israenterprise.com - "ISRAEMPLOY.net"
(which notably doesn't appear on www.israemploy.net)


http://www.michaeldavlin.com - parked "new web site for MichaelDavlin.com"

http://www.singertech.net - variant of http://www.lawgreenberg.com

And a bunch of similar domains leading to the same parked site, cheap(city)hotel.com and the like [exact list omitted here for space].

Posted by Seth Finkelstein at 07:12 PM | Followups
May 29, 2004

Censorware ("Internet Content Filtering") in India

OpenNet Initiative recently issued a bulletin "Internet Content Filtering in India: Variations in Compliance and Accuracy", concerning a report that "the Mumbai Police Commissioner's Office had ordered ISPs in India to block the website HinduUnity.org because of inflammatory anti-Islamic material contained on the website.". I did a little investigation using tools I'd developed earlier for censorware research (which, remember, I've been forced to quit from lack of support, note the following involved no decryption and hence no risk of being sued).

I sent the following mail - if anyone reading this is in India, can they confirm or deny the results?

Folks, can I ask a question about this part of the report?

> Indeed, our testing shows that at least two other domains,
> http://www.kahane.org/ and http://www.gwsystems.co.il/ are being
> filtered by the Indian ISPs because they share the same IP address
> as HinduUnity.org.

Am I missing something? I did a quick search, and saw there are several more sites at the same IP as HinduUnity.org ( Notably:

http://www.ipractical.com - Welcome to iPractical Computing

http://www.jewishwriting.com - The Jewish Writing Institute

http://www.lawgreenberg.com - Law Offices of Alan M. Greenberg, P.C.
http://www.positivespace.com - Welcome To PositiveSpace

http://www.tziporahheller.com - Welcome To Tziporah Heller's Home Page

Posted by Seth Finkelstein at 11:55 PM | Comments (2) | Followups
May 19, 2004

DMCRA hearing and points of view

Matt Rolls a Hoover has a follow-up assessment of the DMCRA hearings (remember, the confusingly-named "DMCRA", the "Digital Media Consumers' Rights Act", is the anti-DMCA). Matt collects a set of reactions, In particular, my DMCRA hearing impressions, where he summarizes:

Seth Finkelstein has his notes about the hearing at Infothought. He refers to the discussion of the DMCA rulemaking process, saying "I definitely thought I had something to say!" I thought his point of view was well represented by various panelists, including Miriam Nisbet of the American Library Association and Gigi Sohn of Public Knowledge.

Will all due respect to the fine efforts noted above, I'd like to assert it's not the same. My point of view, of how hard it was, of spending hundreds of dollars of my own money while unemployed since I couldn't get any funding support, of having to basically potentially admit liability under standard copyright, trade secret, and reverse-engineering in violation of shrink-wrap license, of making oneself a personal target - these aspects did not seem to be well-represented. And my victory turned out to ultimately be somewhat pyrrhic in its cost.

Moreover, tool-making and distribution is important in this context, so other people can reproduce and do validation, which is the essence of research. The censorware companies will just lie, and for me, there sure won't be any Slashdot story defense of "a lie about the results" (heck, I'd be lucky if there wasn't Slashdot support for attacks on me!). Perhaps that's put a bit raw, but the idea that those interests facing embarrassing exposes will lie and use legal grounds to suppress embarrassing material, should be thoroughly understood (Diebold!)

Maybe all of that is irrelevant to the focus of the hearings. But I think the fair use and technology discussions missed some important nuances.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
May 13, 2004

iLaw and Me

I've been attending iLaw, the "Internet Law Program Produced by the Berkman Center for Internet and Society". I've been a having a tumultuous day.

Thanks go to John Palfrey for my being able to attend. See his iLaw week at HLS post for a listing of people who have done real-time notes and transcriptions.

The big event for me (which I'm still thinking about): Being praised for my censorware work in front of the whole audience in the day's first session. (if I had known my website was going to be on display, I'd have made some edits :-)).

But ... wow.

Donna Wentworth has the best transcript I've seen:

Larry: That's like a list of banned books...can I see the list?

JZ: As Seth Finkelstein -- who is here -- can tell you, no. He tried to find out.

Larry: He spends his life on the phone asking questions?

JZ: No, they don't take his calls anymore. [Laugh.]

[Demos how you can't see Seth's site w/censorware on; Seth has been censored.]

(and more)


Posted by Seth Finkelstein at 10:57 PM | Followups
May 04, 2004

Open Net Initiative : The IBB's Anonymizer Service in Iran

Interesting reading, which I suppose I should comment on:

Unintended Risks and Consequences of Circumvention Technologies: The IBB's Anonymizer Service in Iran

(thanks to Boing Boing, emailed via Evelyn Rodriguez / Crossroads Dispatches)

[Note, remember, all people giving me advice, don't tell me about the World Censorship Research project. I know of them, they know of me, a lack of awareness of existence is not crying out to be remedied.]

The report discusses that the circumvention service for Iran promoted by the International Broadcasting Bureau (IBB) is quite flawed. In specific, the service has its own, typically poor, blacklist for sex sites, and doesn't anonymize very well.

I basically can't write what I'd like to say about it all, because I have too much inside information about how it came to be developed, and it's way too political for me to detail it (I'd be writing about people who didn't hire me, just to start :-))

As a general observation, this can be viewed as an faltering attempt at Office Of Left Hand And Right Hand Coordination. The usual knock runs "How can the US be helping to fight censorship abroad while censoring at home!". Well, it can in fact be made very consistent: It's potentially helping to fight censorship of material that the other country wants censorsed, but the US wants available, while maintaining censorship of material the US does not want available. It does make sense.

Original content to this blog, which you will NOT find elsewhere in any echoing, due to my expertise:

Part of what's in the report, about keywords and site whitelist used in the anonymizer, has actually been known for a long long time (from Bennett Haselton / Peacefire.org) But it wasn't much reported then (not even Peacefire gets PR every time!), so there's no reason they should know that (i.e., this is not pulling a Declan).

Do note that now with the Harvard name and resources behind it, this time around, that information will get out ... (there's a lesson in there ...)

Posted by Seth Finkelstein at 01:22 AM | Comments (1) | Followups
April 27, 2004

World Censorship Research

[As with the EFF technical director position, I'll make this a blog entry. because I suspect people will suggest it to me. Please don't tell me about it. I know. Anything that happens, or inversely, doesn't happen, will not be because I never heard of them, or they never heard of me. OK?]

"Researchers Join Forces to Expose Net Censorship"

April 26, 2004 -- For Immediate Release

An international team of academics from the Berkman Center for Internet and Society at Harvard Law School, the University of Cambridge, and the University of Toronto has begun monitoring worldwide Internet censorship and surveillance.

"The Open Net Initiative represents a new approach to university-based research," says Cambridge University's Rafal Rohozinski. "We fuse cutting-edge intelligence-derived techniques with a networked model of analysis that includes some of the brightest minds in this field - we are striving to become the eyes and ears on digital censorship worldwide."

The Open Net Initiative (ONI) was formed in 2004 with support from the Soros Foundation's Open Society Institute and represents a partnership among groups at three leading global universities: Cambridge, Harvard, and Toronto. As Harvard's Jonathan Zittrain explains, "The aim of the ONI is to excavate, analyze, and report censorship and surveillance practices in a rigorous, ongoing fashion. In order to fully understand the Internet's evolution, we must be able to map it empirically."

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
April 09, 2004

Lawfully Surfing the Net - Mary Minow Library Censorware Paper

Major censorware / CIPA buzz today:

Lawfully Surfing the Net: Disabling Public Library Internet Filters to Avoid More Lawsuits in the United States

(thanks Gary Price / Resourceshelf):

Great summaries of various points in the decision, nice charts, excellent coverage. Highly recommended in general for background. I love the quote from Lori Ayre about censorware: "To say filters "overblock" makes it sound like filters simply make mistakes here and there, when in fact it is a design issue."

Personal note: I was disappointed to see none of my ideas about privacy, anonymity or Google, image searching, and censorware circumvention, rated a mention. Not that it's expected. But I was still disappointed. Tell me again how far my voice reaches.

As to the conclusions of the paper, well, I'm not a lawyer, I've quit, so weigh that in what follows. The key element I see is in this passage:

The language "or other lawful purpose" gives libraries that choose liberal disabling policies latitude even without the Court’s reliance on the Solicitor General’s representation that CIPA requires rather than allows libraries to disable filters upon request, without explaining why.

The statement "I feel like lawfully surfing the Net" expresses a lawful purpose. Even as written, the statute permits a library to disable a filter for the patron who states a lawful purpose.

I just don't get it. Years ago, during the ill-advised campaign of touting censorware, I kept saying the reasoning made no logical sense (and got thoroughly smeared by Mike Godwin over it all, sigh). It's not quite history repeating itself nowadays - then I felt possibility, whereas now I just feel futility. Anyway, I cannot grasp that justices such as Rehnquist and Scalia and Thomas meant something which so readily reduces the law to meaninglessness for adults. IT DOESN'T MAKE SENSE.

Right after the above, Minow goes on to explain that "Viewing ... Child Pornography is an Unlawful Purpose". Despite the temptation to take that as belaboring the obvious, there's a very good reason to note it, as "research" is no defense to child pornography possession. But the problem seems so evident. Who is ever going to say "I feel like unlawfully surfing the Net. I'm looking for child pornography, the younger the better."?

*Shrug*. Not My Problem ...

Posted by Seth Finkelstein at 09:57 PM | Comments (2) | Followups
March 29, 2004

Google, image searching, and censorware circumvention

[I wrote this letter about news article regarding students using Google image search as a means of circumventing censorware]

Dear Annalee Newitz

I read with great interest your story on Google, censorware, and image searching, as a school censorware problem, at:

I've published much work about the issue of Google image searching and similar sites being a "loophole" for censorware. It even was referenced in the expert reports in the District Court decision on library censorware (unfortunately, it has been extremely poorly publicized and otherwise unreported). See, for example:

District Court CIPA decision

BESS's Secret LOOPHOLE: (censorware vs. privacy and anonymity)

BESS vs The Google Search Engine (Cache, Groups, Images)

BESS vs Image Search Engines

The Pre-Slipped Slope - censorware vs the Wayback Machine web archive

But I noted one major error in your article, in this part:

> The second problem, which is strictly laughable, is that regular
> Google also has caching. When I recently did a Google search (not an
> image search) on "hot naked babes," I was able to retrieve images of
> naked people from the cache.

I don't think this is what happened. It just seemed that way. What really happened is that when you retrieved the text page from the Google cache, it had within it, image links to the naked people pictures at the non-Google sites. Since your computer was not censorware'd, you were able to retrieve those images. But again, that wouldn't have worked in the case where censorware prevented you from viewing anything on the non-Google image sites.

Note, however, the retrieval would work the way you described, with the Wayback Machine web archive:

Perhaps that will be the next site to become popular with students, and then prohibited.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
March 04, 2004

Internet Censorship Law and Censorware Politics

I probably shouldn't waste my time writting these posts, but the recent net censorship Supreme Court argument struck a deep chord with me:

Ms. Beeson argued that there were less restrictive alternatives to the pornography law: parents could now take matters into their own hands by using Internet filtering software and configuring it to reflect their own values. Congress already requires that schools and libraries use filters.

Chief Justice William H. Rehnquist and Justice Antonin Scalia seemed skeptical of that argument, however, and both noted that the civil liberties union had opposed the library filtering bill. Mr. Olson also noted that a number of Web sites gave step-by-step instructions on defeating the technology.

Here - not ancient history, not years ago, but this week's Supreme Court Internet censorship law arguments - is an illustration of the problem I faced for so many years. Because the part of the civil-liberties strategy was, and remains, arguing favorably about censorware in this legal context. See Peter Junger's "least restrictive means" message for the best legal analysis (in my view).

I never opposed this as a legal argument. But for too long, for too many prominent people, that legal argument turned into a social argument for touting censorware. And so ...

If you said censorware didn't work, you were going against the strategy.

And that was bad. And thus the censorware critics had to be discredited. And here my trouble began.

In 1995, when I first decrypted censorware. I called my then-friend Mike Godwin, famous net.legend Internet civil-liberties lawyer, for help. Well, at that time, he was making policy advocacy statements such as:

This is why I believe that the right role for Congress to play is to encourage the development of software filters that prevent my child and others from being harmed in the first place.

Recall that the basic technology we're talking about here is the computer -- the most flexible, programmable, "intelligent" technology we build and market.

-- Mike Godwin, 1995 Congressional testimony

Thus he was not pleased to be informed about censorware's lack of "intelligent" technology. And I got an earful of all the (my description) dirty deals that were trying to be cut behind the scenes. I suppose now it's no secret that the ACLU blew me off when I tried to get their help (I still have the messages). But they didn't go on a personal attack-campaign about it.

Anyway, much has happened since then. However, some of the fundamental paradoxes are still in evidence - this week, in the Supreme Court.

I note this in an attempt at a "teachable moment". When I try to explain the background of censorware politics, the factors which caused things to evolve as they did, I often get trivialization and dismissiveness ("Petty bickering! Size measuring! Pissing contest!"). It's so easy to scream "EGO!", which means you don't have to think about anything.

There were, and are, reasons which drove it all, and still matter right now. But looking back on how it affected me, over nearly a decade: If I had to do it all over again, I wouldn't. Personally, it wasn't worth it.

Posted by Seth Finkelstein at 11:59 PM | Comments (5) | Followups
February 21, 2004

"Cites & Insights" March 2004, on hijacking of censorware.org domain

Walt Crawford's library 'zine (not blog) "Cites & Insights" in the March 2004 issue, has follow-up coverage regarding the hijacking of the Censorware Project domain renewed by Michael Sims. It's on page 15, "The Censorware Project Hijacking".

He recounts the various protests against Slashdot "editor" Michael Sims' hijack of censorware.org, and then writes:

You may know how I feel about slashdot: It's not the first place I'd go for sensible discussion and thoughtful disagreement. But the editors there have a louder voice (as much as 1,000 times louder) in the online community than people like Seth Finkelstein. He says he cannot continue to do unpaid Censorware and DMCA work that might get him sued, when that's combined with existing and potential damage from well-publicized attacks by a slashdot editor. That's a shame.

Thank you, Walt.

I've made a page annotating and collecting the statements, in case people are searching for the full text:


Posted by Seth Finkelstein at 05:11 PM | Followups
January 26, 2004

Cites & Insights - February 2004

Walt Crawford's library 'zine (not blog) "Cites & Insights" has come out with the February 2004 issue, just a short time after the extensive Midwinter 2004 edition (which I mentioned earlier). It's an amazing amount of writing, covering a wide range of material: Early vs. late adopter psychology, equipment reviews and PC benchmarks, articles about Google and portals, copyright and compulsory licensing, and more. Part of the "more" is reactions to the previous issue, and I figure in there (links mine, and my emphasis added to the last statement below):

Seth Finkelstein, January 7

Finkelstein also makes me nervous by calling the Glossary Special a "handbook/reference/scorecard for the players and controversies in these topics." His direct note covered more ground:

COPA isn't really a predecessor to CIPA; it has a very different history and is a criminal law rather than a funding-based mandate. COPA is a direct successor to CDA, the Communications Decency Act. He's right, of course: I was thinking of it as a predecessor in Congress' ongoing attempts to censor the Internet.

"Harmful to children" in one definition was simply wrong--"harmful to minors" is the right phrase, and as I've noted at some length, 16-year-olds are not "children" in any meaningful sense. As Finkelstein notes, "Under CIPA, a 16-year-old might be prevented from researching sexual material to the sex he's already having!"

Finkelstein is dubious about my assertion that the Supreme Court "gutted [CIPA] for adults." "Whatever the justices expect in theory tends to be a world away from practice." That's true, and an important nuance.

Finkelstein would have liked a stronger statement about the problems in censorware research. I failed to say that the Censorware Project website was hijacked by another participant, but I don't doubt Finkelstein's historical record (readily available at his website). He's right: "Hijacking the Censorware Project website is wrong. It's utterly reprehensible." To the extent that I trivialized that, my apologies. Sometimes I'm too nonconfrontational for my own good, or for the good of those who do important work.

Thank you.

Posted by Seth Finkelstein at 11:48 PM | Comments (1) | Followups
January 13, 2004

CDT's Library Censorware Wish List ("Principles")

The Center For Democracy And Technology has released proposed library censorware principles related to the CIPA library censorware law:

CDT Releases Proposed Guidelines for Libraries Installing Filtering under Federal Law

At the American Library Association's Midwinter meeting, CDT released Version 1.0 of its "Principles for CIPA-Mandated Filtering in Public Libraries." The principles are intended to help libraries that are required to install Internet filtering software under the Children's Internet Protection Act do so in a manner that promotes free speech and robust access to information. CDT invites public comment on the principles.

I don't want to be too hard on it, since as far as I know the people doing it mean well. But it's mostly a long series of wishful thinking and unrealistic assertions.

For example, first proposed principle:

Blocking should be limited to the categories of adult content specifically set out in the CIPA statute.

Well, I should be granted a million dollars, an A-list blog, and a professorship. IT'S NOT GOING TO HAPPEN. The categories set out in the CIPA law are legal categories such as e.g. obscenity. No censorware company creates such a minimal blacklist, because these are complex legal determinations.

Another gem:

Information about the ongoing blocking of content by filters required by CIPA should be made available to library users and communities. Users and communities should have access to information about categories of blocked content, lists of blocked sites, the extent to which filters can be adjusted and fine-tuned and the manner in which filters block content. ...

I see this one a lot. It's what I call the "marketing brochure" principle. That is, the one which is answered by the censorware company saying "Let us give you our marketing brochure, which describes how our blacklists are lovingly crafted by little elves at the North Pole, the same ones who work for Santa Claus in making up lists of "naughty" and "nice", which are exactly the categories we use. That's our story, and we're sticking to it."

Oh hell, why bother, my audience of dozens has heard it before, and CDT sure doesn't care what I think.

Posted by Seth Finkelstein at 11:09 PM | Comments (3) | Followups
January 07, 2004

Cites & Insights Midwinter 2004

Walt Crawford's library 'zine (not blog) "Cites & Insights" has a very special issue in the Midwinter 2004 edition. It's a veritable guide for the perplexed, defining frequent references which appear in the publication. Well worth saving, as a handbook/reference/scorecard for the players and controversies in these topics. I even have an entry to myself:

Finkelstein, Seth
A consulting programmer and censorware activist and researcher; you'll find lots more at sethf.com, including Finkelstein's own weblog. Cites & Insights uses "censorware" rather than "filters" after reading and considering Finkelstein's arguments. He has provided valuable research results on how censorware actually works. He's also gotten into trouble in various ways, including interpersonal issues with other people in the censorware-research field (I wasn't there, I don't know the whole story) and various threats of legal action from censorware companies. Finkelstein was primarily responsible for the renewed DMCA exemption for decrypting censorware banned-site lists--but, given a lack of institutional backing and the constant threat of legal action, he's apparently dropping out of active research in that field. (Also one of the most active Cites & Insights correspondents, whose acute analysis frequently exposes my sloppy thinking and writing.)

Posted by Seth Finkelstein at 07:09 AM | Comments (1) | Followups
December 12, 2003

ALA releases updated "Libraries & the Internet Toolkit"

Worth skimming if you're interested in the topic:

ALA releases updated "Libraries & the Internet Toolkit"

The American Library Association (ALA) today released a revised and updated version of the popular "Libraries and the Internet Toolkit." The toolkit is the most recent addition to the resources available to assist libraries making decisions about Internet filtering in response to the requirements of the Children's Internet Protection Act (CIPA). The new toolkit can be found online at www.ala.org/oif/iftoolkits/internet or from the CIPA home page, www.ala.org/cipa .

A nice collection of information, very librarian-like. My website isn't mentioned in it anywhere. But they do point people to Peacefire and some other censorware investigations. It's OK.

Posted by Seth Finkelstein at 11:59 PM | Followups
December 11, 2003

Why not to get into the censorware evaluation game

Every so often, someone suggests that the American Library Association, or even myself, issue some sort of "lesser of all evils" evaluation of censorware. I have always thought that was a bad idea, for many reasons, including purely pragmatic grounds. Any such thing is going to quickly be promoted as an endorsement. Today an article Teacher resigns; allegedly looked at porn web sites demonstrates why:

Walker Schools Science and Technology Coordinator Wayne Robinson said a computer system, Bess, monitors all computers in the schools with Internet access. N2H2, headquartered in Seattle, Wash., produces the monitoring system.

"We use a filtering solution, which was deemed to be the best Internet filtering solution in the world by the U.S. Department of Justice," Robinson said. ...

The U.S. Department of Justice said no such thing. There was a study done for the U.S. Department of Justice, which also said no such thing. But that's the power of the press release.

Other (unintentional) good stuff :

"Our No. 1 priority is not about providing Internet access to the schools; it's about safeguarding the use of the Internet," he said.

Robinson said the software not only filters objectionable web sites, but monitors Internet usage, as well.

"Every time a machine has Internet access, a complete log is generated for the use of the Internet from that machine," he said. "It's a very extensive log. Every time there is a click of a button, that click is logged." ...

Although the schools are very well protected, some objectionable web sites will always slip through the virtual cracks, Robinson said.

"No software solution is completely fail-proof. I don't know if it's realistic to think that all objectionable sites can ever be completely blocked through any solution," he said.

Posted by Seth Finkelstein at 11:59 PM | Followups
December 10, 2003

CNN, "web porn", and censorware PR Managers

Greplaw has an item
CNN article on growth of web porn, about "CNN.com - Sex sells, especially to Web surfers":

posted by scubacuda on Wednesday December 10, @02:07PM
from the What-would-Seth-say? dept.

David Burt writes "This is from the study I released when there was still an N2H2, and it offers the most detailed look at the growth of Internet porn I am aware of. Since then, we've been acquired by Secure Computing, and I've been named PR Manager. Porn growth: 1998 14 m. pages, 71k sites; 1999: 25 m. pages,129 k sites; 2000: 48 m. pages, 242 k sites; 2001 62 m. pages, 311 k sites; 2002 177 m. pages, 887 k sites; 2003 260 m. pages, 1.3 m. sites.

Kathee Brewer, technology editor of porn industry news site AVN Online, makes a good point in the CNN article that David links to:

"[C]ritics of porn sites are attempting to blur the lines between law-abiding adult content and banned obscene material. "People can be easily led, and the mere twist of a phrase -- like substituting 'obscenity' for 'pornography' -- can have a profound effect on basically good folk who want to do the right thing but don't know exactly how to go about it."

What would Seth say? Well, that ...

I have more to say, but I've said enough for now.

Posted by Seth Finkelstein at 11:38 PM | Followups
December 07, 2003

Censorware vs. privacy - newspaper article

The issue that censorware requires control of people, not "filtering" of content, seems to at last be edging into awareness. Note the following interesting newspaper article:

Workers fight back with software that blocks Big Brother's view:

While the boss is watching for illicit e-mail and naughty Web surfing on the job, some workers may now be fighting back. ...

But employees intent on skirting company rules have a growing arsenal of weapons at their disposal to help them avoid getting caught with their digital pants down, including privacy-enhancing services that code messages, fake identities and "anonymize" online communications.

"Yes, there are different privacy technologies that can be used by people to prevent this from happening to them in the workplace," said Dov Smith, spokesman for Zero-Knowledge Systems Inc., a Montreal software company testing a new product, Freedom, that lets users communicate online using encryption and pseudonyms.

Psst ... BESS's Secret LOOPHOLE (censorware vs. privacy & anonymity)

I published that years ago now. (Almost) nobody heard. It did get used in the District Court CIPA (censorware) decision. So I suppose it wasn't a total waste.

Posted by Seth Finkelstein at 11:59 PM | Followups
November 21, 2003

Slashdot / Symantec

As a follow-up to my post "Slashdot Respect" from two weeks ago, it does seem to have been "merely a special favor which won't be repeated" as opposed to "a harbinger of things to come". That is, since my inquiry as to whether things had changed was ignored, it means things haven't changed :-(. Well, I appreciate the favor, I really do. But I'm also disappointed it apparently didn't portend some healing in the wake of my DMCA victory.

Adding to stir the pot, the rumor that Michael Sims had been fired as a Slashdot "editor", was indeed untrue. Which is consistent with the "special favor" case rather than the "change and healing" case.

It's easy, and comforting, to dismiss this all as "personal". But the implications are meaningful. No change means there's no reason which invalidates my having quit for lack of support. And where that mattered, for example, was where the thought crossed my mind of further investigating the Symantec Says No To Pro-Gun Sites story. I had thought it "old news", but it seems to have value. I've already decrypted that censorware blacklist, in the past. But is talking about the sites enough for coverage? I wish I could be supported here. And if not, I'll just be told my report wasn't worthwhile, it's hard to argue with that.

This is exactly the type of situation that I felt I needed to avoid. That is, being subject to temptation to push the legal boundary just a little further, just a little further, to go that much closer to the edge so as not to have the report languish in marginalized ostracized obscurity. And thus risk having it blow-up in my face in a devastating lawsuit.

The more things don't change, the more they stay the same ...

Posted by Seth Finkelstein at 11:59 PM | Followups
November 19, 2003

UK Legalise Cannabis site censorware'd from UK libraries

This deserves wider distribution, especially with US libraries having to deal with the CIPA censorware law:


From: Phil Stovell (phil[at]stovell.org.uk)
Subject: UKCIA Press Release - Essex County Council censorship
View: Complete Thread (19 articles)
Original Format
Newsgroups: uk.politics.drugs, uk.politics.censorship, talk.politics.drugs, uk.politics.misc , uk.local.east-anglia
Date: 2003-11-16 04:15:23 PST

The GreenHouse
Bethel Street

Tel 01603 766854 (home) 01603 773044 (office)

Press release from the UK Cannabis Internet Activists http://www.ukcia.org

During the week of 11th November it was drawn to our attention that UKCIA along with other drugs campaigning websites was being censored on computers in libraries run by Essex County Council.

This was happening because the council has taken the decision to ban access to websites which carry information about the use and sale of illegal drugs, even though such sites are not illegal in this country. Indeed, any site which supports harm reduction will carry that sort of information. This decision was taken by a sub committee of the strangely named "Peoples network project board" and seemingly never challenged nor checked.

It should be noted that this ban only applies to libraries in Essex and not schools, so whilst Essex children are permitted to see drugs information sites, adults aren't.

The site was being blocked because the council had decided to use a filter provided by the Smartfilter censorware, provided by the American company Secure Computing which can ban sites which "provide information on the purchase, manufacturing, and use of illegal or recreational drugs", cannabis sites are mentioned specifically.

Fortunately, following an e-mail from UKCIA Smartfilter have realised their mistake and will move UKCIA from the "Drugs, politics/religion" category to "'politics/religion/opinion" and so UKCIA will again be available in Essex when the change takes effect. However, this doesn't address the cause of the problem, which is Essex CC's policy of blanket information censorship.

UKCIA isn't the only site being censored by Essex CC. At the time of writing the LCA (http://www.lca-uk.org) is blocked as is the Dutch language version of Drugtext (http://www.drugtext.nl), although not the English version (http://www.drugtext.org/) for example. Most of the smaller drugs sites aren't blocked however because they're not listed on Smartfilter's database.

UKCIA will try to establish on what grounds Essex decided to censor access to sites such as UKCIA and what parameters they have set for doing so. We'll also try to find which sites are censored, although owing to the way censorware works. Essex CC has no way of knowing which sites are in fact blocked, it's a blind blanket censorship which has no place in British libraries.

UKCIA will be available in Essex libraries again from November 18th

Derek Williams
Webteam UKCIA


Smartfilter censorware website
http://www.securecomp uting.com/index.cfm?skey=85
Check to see if Smart filter is blocking your website
(http://ww w.securecomputing.com/cgi-bin/filter_whereV301.cgi)
Confirmation of change of category from SmartFilter
(http://www.ukci a.org/library/censored/censoreware.htm)

UKCIA is the website of the British Legalise Cannabis campaigns and contains a wide range of information relating to cannabis, its uses and the culture it supports. We do not seek to encourage the use of cannabis but we do seek to provide accurate information from referenced sources.

Phil Stovell
South Hampshire, UK

Posted by Seth Finkelstein at 08:41 PM | Followups
November 18, 2003

N2H2, PR, and lying with statistics, CNN example

I recently discovered that censorware company N2H2's press release about hyped web sex site statistics, which I dissected in a series of posts a while back, was even in a CNN show:

Reliable stats are hard to come by. The number of commercial porn Web pages soared 18-fold over four years, according to the Internet filtering firm, N2H2, 260 million pages of porn. Another filter company estimates that 12 percent of all Web sites are porn sites.

Now, remember, this is CNN. It's Old Media. How does one counteract it?

Ah, but I have a BLOG! Feel my mighty blogging press-reach. Thrill to the vast audience which hangs on my every word, as I masterfully point out that the Web itself has grown by a huge amount over the years, so the proportion of "commercial porn Web pages" may not have changed at all. Experience the disintermediated media-power of emergent user pundocracy.

Or are those crickets I hear?

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
November 17, 2003

Open Censorware vs. Child Pornography Sites

As part of the discussion touching on "better censorware", I've updated with the info below, my page regarding Open Censorware issues

Many people believe there is a kind of legal paradox for censorware companies to compile blacklists of child pornography sites. The argument runs that to compile a list, they must have viewed the child pornography sites, so they have confessed to a crime (and if they didn't view the sites, then they admit they are making a claim with no evidence)

I'm not a lawyer, but my legal research is below. It turns out that there is no legal paradox. Note the following section of the US code:

d) Affirmative Defense. -

It shall be an affirmative defense to a charge of violating subsection (a)(5) that the defendant -

(1) possessed less than three images of child pornography; and

(2) promptly and in good faith, and without retaining or allowing any person, other than a law enforcement agency, to access any image or copy thereof -

(A) took reasonable steps to destroy each such image; or

(B) reported the matter to a law enforcement agency and afforded that agency access to each such image

In effect, this allows for law enforcement to approve any censorware blacklist creators. If they like the blacklister, they'll say they are convinced that the affirmative defense above applies, and no violation of the law is in process. If they want to go after any Open Censorware effort, they can say they have suspicions about the participants, who are then welcome to plead the affirmative defense in court. Good luck facing charges as a possessor of child pornography.

I'm convinced this is the killer of any effective Open Censorware project (unless that project has powerful sponsors).

Posted by Seth Finkelstein at 11:59 PM | Followups
November 16, 2003

David Burt (N2H2/SmartFilter) Is A Sore Loser

[Note 11/23/2006 - Welcome, readers from The Register. Note the following is a much better and more detailed essay:

"DMCA Exemptions Diary, a.k.a. more Why I Quit Censorware Research" http://sethf.com/infothought/blog/archives/000456.html


David Burt, censorware PR flack, err, I mean "a spokesman for Secure Computing, which purchased N2H2, a [censorware] company" (and publicly dubbed by one lawyer the censorware "Iraqi Information Minister"), is also a very sore loser.

Recall, David Burt was the point-person for censorware companies in opposing the censorware DMCA exemption, against me as the prime advocate for the exemption, and I won (note other people were involved in both sides - e.g. James Tyre testified for the censorware exemption, Steve Metalitz against it, but the bulk of the work was me vs. David Burt). And he was paid to do it, as his job, while I paid out of my own pocket (hundreds of dollars in travel expenses) to do it!

Now some, err, anonymous person, has been posting taunting comments to various obscure DMCA exemption stories. Such as, from GrepLaw, the gem

I'll take Fries with that Big Mac, Seth (Score:0)
by Anonymous Coward on Wednesday October 29, @10:36PM (#1346)

Yes Seth, but what are you going to do for a job? You've been unemployed now for about a year, and isn't your unemployement running out? Will you be taking a job at McDonalds? I notice on Monster.com that there are over 50 job openings for web programmers. Why can't you even get one of these jobs in the now-booming tech sector? Is it because any prospective employer who googles sees what a psycho you are?

Or LISnews, the nugget

The clock's ticking, Seth... (Score:-1, Troll)
by Anonymous Patron on Friday November 14, @11:01PM (#1405)

...on that unemployment check. Bet those COBRA health insurance payments are eating into what you have left. How much time before you have to take a fast food job, eh, Seth?

Now, these are anonymous, right? But the style reminded me of, let's say, someone I knew. Well, it turns out, a little cross-correlating and tracking ... it might not hold up in court (just using that as a figure of speech), but, "HI DAVID!".

I'm not really complaining. These comments themselves don't bother me. And after all, I do take guilty pleasure in David Burt acquiring the nickname of "Iraqi Information Minister". In one sense, I'm doing this blog piece out of fun. It shows typical censorware company statistics :-). There are "over 50 job openings for web programmers" listed in the entire Boston area, covering nearly two months - the tech sector is not booming!

But more seriously, it does point up a key problem - no money in this volunteer free-speech work (still). I'm surviving now, with a little consulting, but the bubble-days aren't coming back any time soon. And that's much on my mind, as I've said, regarding censorware work being completely unsustainable. It's not my job, and no organization is funding me.

Remember, even given the big DMCA victory, I am no richer than I was previously. I still have to buy food and pay rent and get medical insurance, exactly as much!

Posted by Seth Finkelstein at 11:32 PM | Comments (2)
November 13, 2003

Censorware articles round-up

There's quite a few censorware articles which have crossed my screen today:

Opposition research:
Web Filtering Packages Protect and Serve
http://www.technews world.com/perl/story/32100.html

What do pornography, shopping, watching sports, gambling and trading stocks online have in common? They're all activities available through Web sites that most businesses don't want employees indulging in. To enforce those rules, corporations are increasingly turning to Web-filtering packages that block access to forbidden sites.

[All about the booming corporate censorware market. That isn't an ideological issue for me. But it does remind me where the money is ... Sigh, years ago, some people used to "advise" me to try to make "better" censorware. But noooo, I had to volunteer tremendous effort to try to keep the Internet free]

In contrast, censorware expert librarian Karen Schneider has a great blog post "Filtering: The Low-Down Truth" James Tyre mentioned it to me)

Since CIPA was upheld, I've been asked to write and present about filtering, to help libraries make choices. Finally, after a lot of thought, I've turned down all these requests, and it's because I have to be true to myself, and continue speaking the truth as I know it. My best advice hasn't changed in seven years. Filters are bad news.

And, via LISnews, a Boston Globe editorial, Limits at the library

Although the Supreme Court says the law is constitutional, it is petty, distracting to library staff, and demeaning to force adults to ask for full Web access. ...
The law is part of a troubling trend that pushes people to surrender rights to ward off danger.

If only, if only, I could get some organizational support :-(. There is no point in my shouting to the wind and risking lawsuits, with no backing.

Posted by Seth Finkelstein at 10:56 PM | Comments (12) | Followups
November 12, 2003

firstamendmentcenter.org (Sobel): "Internet Filters and Public Libraries"

"First Report" released:

"Internet Filters and Public Libraries" by David L. Sobel is a new First Report now available from the First Amendment Center.

Sobel , general counsel of the Electronic Privacy Information Center, examines the effects of the U.S. Supreme Court's June 2003 ruling in U.S. v. American Library Association, which declared the Children's Internet Protection Act constitutional. CIPA mandates that libraries accepting federal funds install [censorware] to block access to [visual] material that is "obscene," "child pornography" or "harmful to minors."

It's an excellent report, recommended.

One little part did leap out at me:

A series of studies conducted by the Censorware Project documented the over-inclusive nature of commercially available filtering systems. One such study found that the SmartFilter product, which was installed by the Utah public school system, denied access to more than 500,000 Web sites.


One of these days, I should write up the complete behind-the-scenes circus about that study. Including the full story of why I'm not a co-author, despite the fact it wouldn't have existed without me (and no idle boast there).

Posted by Seth Finkelstein at 11:59 PM | Followups
November 11, 2003

Followup message from Melvyn Hiscock (censorware'd name)

[A while ago, I posted a netnews message from Melvyn Hiscock, a person who has had e-mail troubles due to censorware. He recently sent me a follow-up. Posted with permission (and note he clarified he's making a joke in the reference to suing below)]

Date: Sun, 9 Nov 2003 21:59:44 +0000
To: Seth Finkelstein
From: Melvyn Hiscock

Hi there,

I thought I would drop you a line to say I found my posting to uk.music.guitar on your site.

I have no problem with that but thought you might like to know a little more.

A few people tried posting to me at melvynh@gxn.co.uk, the straight ISP address and via melvyn@melvynhiscock.com. Most got through OK but a few only came to the @gxn address (the one without my cock to put it another way!)

I am pretty sure I am losing mails this way but have not got the time to investigate although I will be changing ISP soon as mine us not too good for certain things.

My nephew tried to get timhiscock@hotmail.co.uk and that was blocked and my partner has trouble from her company.

I have wondered if a good US attorney would be able to get me one of those multi-million dollar settlements for slander, after all my name is my name. It was good enough for my dad, good enough for his and so on back hundreds of years, and it is not obscene.

it sort of reminds me of the old Monty Python joke (Monty Python's Big Red Book) "Arthur Penis would like to announce that he is to change his name through deed poll to Art Penis."

Best wishes,

Melvyn Hiscock

Posted by Seth Finkelstein at 11:59 PM | Followups
November 04, 2003

More DMCA censorware exemption press recognition round-up

I've been tracking further press of my censorware DMCA victory

I was mentioned in the EFF press release on the DMCA exemptions, which was also later echoed in the EFFector newsletter:

"EFF Pioneer Award recipient Seth Finkelstein was instrumental in lobbying for censorware exemptions to the DMCA for each U.S. Copyright Office rulemaking period."

Dave Farber accepted a posting about my DMCA victory for an Interesting-People list message

The usual suspects wrote blog entries, just for example, bIPlog and The Importance Of

I particularly enjoyed the item on the blog Penguinal Ebullience

Huge, massive, gigantic props to Seth Finkelstein, who flew out to testify at the spring hearing with his own scratch, and whose testimony utterly conflagrated the arguments of censorware maker N2H2's David Burt. I believe it would be hard to overstate Seth's influence in winning the censorware exemption.

And Lenz Blog - Seth Finkelstein's Success

Seth Finkelstein has won one of the DMCA exemptions recently granted by the Copyright Office by contributing important comments under difficult circumstances. Good news.

The obvious question, however: Why does he have to pay for his own plane ticket? Considering the impact he has made, I sure hope that won't be necessary the next time around.

James Tyre did a censorware.net piece "Censorware Exemption to DMCA Anti-circumvention Provisions In Effect For Another Three Years"

This is all pleasant. This is nice. Especially the EFFector newsletter and Interesting-People appearances, those are level 4 circulation (order-of-magnitude 10,000 readership).

At the risk of sounding like an ingrate, it still all feels a little light for the effort it took, and win. It's better to have publicity at level 4, than none at all. But my benchmark here was level 5, e.g. The New York Times, as again was given in the 2000 rulemaking to someone else (once more, I'm the "anonymous informant[s]" of that article). After all, there were many articles, including a full front-page Slashdot story on Static Control's inaccurate claim to have won - based solely on their press release (I need a press agent).

I know, the common thinking says one is not supposed to measure and analyze such things, it's not classy. But I long ago gave up any pretensions to joining high society, especially where it means denying the realities of mathematics.

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
November 02, 2003

Symantec Says No To Pro-Gun Sites

Slashdot ran an article Symantec Says No To Pro-Gun Sites, describing how Symantec's censorware is blacklisting pro-gun sites. Without getting into specifics, this issue is in fact very well-known, though it's resurfaced from time to time. It's been going on for at least three years, and has been covered in various places. I have a lot of information on the topic, and considered writing about it a few months ago, when it went around a few mailing-lists again. But I thought it'd be "old news".

Take a look at GunCite 's page on the topic, which started around three years ago:

Censoring the Gun Control Debate

Posted by Seth Finkelstein at 11:08 PM | Followups
November 01, 2003

Censorware companies unhappy about DMCA exemption ruling?

I can't prove it, and shouldn't say too much in specific, but certain indications have been that in the halls of the now-combined censorware company N2H2/Secure Computing, they were not pleased with my censorware DMCA victory

My speculation is that paragraphs such as the following, are anathema to them:

Opponents argued that circumvention is not necessary because other alternative sources for the information sought to be obtained are available, but the proponents of the exemption successfully discredited this assertion. While it is true that limited "querying" of the databases is available on some of the filtering software companies' sites, the circumscribed nature of this querying foreclosed comprehensive or meaningful results. Opponents produced evidence that many reviews of filtering software platforms reached conclusions based on these querying capabilities or by utilizing various sampling techniques, yet this evidence only proved that some parties were willing to settle for the results produced by such superficial tests. In light of the millions (or more) of potential URLs, it is indisputable that actually viewing the entire list of blocked Internet locations will produce data much more comprehensive than querying about one hundred URLs.


The ability to engage in legitimate research, criticism and comment about filtering software is even more compelling as a result of the recent Supreme Court decision upholding the constitutionality of the Children's Internet Protection Act (CIPA). 52 Since CIPA requires libraries to install "filtering software" in order to block access to objectionable material as a condition of receiving federal funds, it becomes all the more important for the public to understand potential problems in particular filtering programs that may be installed in public facilities. Since the Court found that an important safety valve within CIPA was the ability of a library patron to request the disabling of such software, it appears all the more important that the public be able to obtain objective information about the performance or potential limitations of such software in order to make the determination whether to request such disabling.

I wonder if I'll be more successful with my attempts to get press notice in certain circles if I phrase it along the lines of: "Don't promote me because you like me. I know you don't. Rather, promote me because it annoys the Iraqi Information Minister, err, David Burt."

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
October 30, 2003

DMCA censorware exemption and my press recognition

I've gotten a few more favorable articles (though, as Donna Wentworth at Copyfight.org accurately quoted me "Wow. Static Control is doing better in terms of press with their loss than I'm doing with my win!")

The Register, DMCA exemptions boost archivists, disabled:

The Library of Congress has the job of looking at rulemaking, or how the Act is interpreted, and it has identified four areas where copyright circumvention has legitimate, non-infringing applications. The DMCA criminalises circumvention of protected copyright digital material. But thanks in part to campaigner Seth Finkelstein, the oversight body has decided that for the next three years, bypassing access control in these areas won't result in a breach of the DMCA.

And I get to be one of the heroes on the Lessig blog:

"thanks, Seth"

The Copyright Office just released its report (pdf) on exemptions from DMCA restrictions. There’s good news and bad news. Let’s start with the good. The Office granted four exemptions. One of the four was an exemption for censorware. This exemption was argued for strongly by a number of people, but none argued it more effectively than Seth Finkelstein. Based largely on his testimony, “compilations consisting of lists of Internet locations blocked by commercially marketed filtering software applications that are intended to prevent access to domains, websites or portions of websites, but not including lists of Internet locations blocked by software applications that operate exclusively to protect against damage to a computer or computer network or lists of Internet locations blocked by software applications that operate exclusively to prevent receipt of email” are exempt from the DMCA.

I’ve been an admirer of Seth’s work for a long time, and as this shows, with good reason. Thanks, Seth.

Plus a Greplaw item DMCA Exemptions announced.

Also a Slashdot "leftover" on Librarian of Congress Posts DMCA Exemptions:

Update: 10/29 15:19 GMT by T: Take a look at Seth Finkelstein's site for an idea of how being pushy can sometimes be helpful; Finkelstein has loudly pushed for the importance of DMCA exemptions, including in Congressional testimony.

I shouldn't complain about that, it's nice and better than nothing, take what you get. etc.

I still want a New York Times quote though, as was given to someone else in the old 2000 rulemaking. I'm the "anonymous informant[s]" of that article - it was very painful to be confined behind the scenes, in fact being personally attacked, while seeing other people getting all the credit. The scars (and against me, the grudges) are still there.

Posted by Seth Finkelstein at 04:33 PM | Followups
October 29, 2003

DMCA exemption and decryption-based censorware research

I'm in Wired News today: New Ways to Skirt DMCA - Legally!. They quote me:

"How sweet it is," said Seth Finkelstein, a programmer and anticensorship activist. "Without the exemption, the DMCA would make it a violation to decrypt the blacklist to find out what (filtering companies) are actually censoring. The actual contents of these blacklists are an important censorship issue.

"The Copyright Office has recognized the importance of fair use in this area affected by the DMCA," Finkelstein said. "It's not a blanket declaration of being legal, but it's an ability to argue fair use."

This is good.

The opponent to the censorware exemption, the Iraqi Information Minister, err, David Burt, is quoted as saying:

Filtering advocates had hoped the exemption would be dropped.

"I'm disappointed because I thought we had made it clear that the exemption is unnecessary to conduct meaningful evaluations of filters," said David Burt, a spokesman for Secure Computing, which purchased N2H2, a filtering company.

He cited extensive studies from the Henry J. Kaiser Family Foundation, Consumer Reports and the Department of Justice, among others, in his testimony and said that "these methods are adequate for evaluating filters."

Ah, but what did the Copyright Office already say about his objection to progress against the Iraq army decryption of censorware for research?

Opponents argued that circumvention is not necessary because other alternative sources for the information sought to be obtained are available, but the proponents of the exemption successfully discredited this assertion. While it is true that limited "querying" of the databases is available on some of the filtering software companies' sites, the circumscribed nature of this querying foreclosed comprehensive or meaningful results. Opponents produced evidence that many reviews of filtering software platforms reached conclusions based on these querying capabilities or by utilizing various sampling techniques, yet this evidence only proved that some parties were willing to settle for the results produced by such superficial tests. In light of the millions (or more) of potential URLs, it is indisputable that actually viewing the entire list of blocked Internet locations will produce data much more comprehensive than querying about one hundred URLs.

But then, last I heard, the real Iraqi Information Minister was doing OK too ...

Posted by Seth Finkelstein at 09:15 AM | Followups
October 28, 2003

DMCA censorware exemption win!

[How sweet it is ...!]


The Register's recommendation in favor of this exemption is based primarily on the evidence introduced in the comments and testimony by one person, Seth Finkelstein, a non-lawyer participating on his own behalf. In addition to identifying a class of works that related to the specific facts presented, he identified the qualitative nature of the noninfringing uses for which circumvention was necessary and generally identified the technological measure which controlled access to this class. There was no dispute that the lists of Internet locations blocked by filtering software are generally encrypted or otherwise protected by an access control measure. The remedy sought was causally related to the noninfringing uses that are necessary to conduct research, comment and criticism on the filtering software at issue. Mr. Finkelstein also anticipated objections to the exemption and proved that available alternatives to the exemption were insufficient to remedy the adverse effect caused by the prohibition. The insufficiency of alternatives was supported by testimony and demonstrative evidence at the hearing in California by James Tyre. Finally, Mr. Finkelstein's succinct initial comment addressed the statutory requirements and thoughtfully analyzed each of the statutory factors required to be considered in this rulemaking.

The case made by Mr. Finkelstein for this exemption is also instructive for the manner in which it met the requisite showing. The evidence produced did not prove that a substantial number of people have utilized or were likely to utilize an exemption. On the contrary, the evidence tended to prove that very few people have had the motivation or technological ability to circumvent this technological measure, to investigate the lists of blocked sites in filtering software or to report on, comment on or criticize such lists. Although there was little need for an exemption in quantitative terms (i.e., in terms of the number of persons likely to take advantage of it directly), it was the qualitative need for an exemption that was controlling in this case; absent the ability of a few to carry out their noninfringing efforts notwithstanding the prohibition set forth in section 1201, the many would not reap the fruits of such efforts the information, analysis, criticism and comment enabled by the quantitatively small number of acts of circumvention. The fact that the act of circumvention was unlikely to be widespread rebutted copyright owners' concerns of abuse and further supported the conclusion that the potential adverse effects to copyright owners would be minimal. The showing that the particular noninfringing use prevented was a result of the prohibition on circumvention and that these uses were necessary to criticism, comment, news reporting, teaching, scholarship, or research, further strengthened the argument.

Posted by Seth Finkelstein at 04:30 PM | Comments (5)

DMCA Exemptions Diary, a.k.a. more Why I Quit Censorware Research

Or, as a subtitle, "I tried it that way, and it didn't work"

[A friend suggested I add this clarification:
I post the following in the same spirit as I imagine one has when donating one's body to medical science: to help others who might be inclined to take a similar path. There are harsh realities in activism, especially if done without organizational backing and support. Let's hope that what happened to me won't happen to you.

I also checked with James Tyre regarding the mentions of him below, so I'm not breaking any confidences]

People say to me, "Seth, ignore the snipers and smearers. Don't let them get you down. Just work on building up your own reputation, and you'll succeed" (with sometimes, an unvoiced - or even voiced - addendum, that if I don't succeed, it's all my fault for not working hard enough or not doing things right). The problem with this advice, is that I've never known a proponent to ever be convinced they were wrong.

The Digital Millennium Copyright Act (DMCA) law has a provision where one can petition for certain exemptions to the "1201(a)(1)" anticircumvention provision. This is a process done every three years, starting in 2000. Then, there were only two exemptions granted, 1) malfunctioning software 2) censorware:

The [Copyright] office received 235 comments in 2000 during the first review of the DMCA, says Rob Kasunic, a senior attorney in the Copyright Office. Congress mandated a review process every three years upon approving the law in 1998. However, only two of those hundreds of comments in 2000 resulted in new exemptions, Kasunic says.

Previous Success

Seth Finkelstein, a computer programmer from Cambridge, Massachusetts, wrote one of those successful proposals.

Over the past several months, I've been carrying almost all of the burden of advocating for the censorware exemption to be renewed. This should have gotten me enormous reputation-building. Yet it's been next to nothing.

To start, I write a long renewal proposal. Then the nightmare begins. I'm offered an opportunity to testify in Washington DC in further support. I accept hastily, then privately begin to have severe doubts. I'm a programmer, not a lawyer or policy person. I'm setting myself up as a big target. James Tyre, a lawyer and long-time anti-censorware advocate, argues to me that it's important to do this. If the censorware exemption isn't renewed, that would be like an admission of error by the Copyright Office, that it shouldn't have been made in the first place. And as a carrot, there would be (reputation-building) press coverage, since this was one of only two granted exemptions and the first DMCA testimony session.

With great trepidation and wavering, I go through with it, though fearing I'm going to be demolished. I have a long hassle getting identification documents so I can fly. At this point, I've been unemployed for a long time due to the economic tech-wreck. But nobody will pony up the hundreds of dollars in travel expenses (yes, I asked various sources, nothing, I'm not representing any organization, the money isn't there). I have to pay everything out of my own pocket, and I am extremely unhappy about that, given my having been out of work for so long. I'm getting up at 4:30am in the morning to be on a 6:30am plane to DC, thinking all along how very little I want to do this. As I start to make my way through the Washington Metro, someone snarls the entire system by jumping in front of a train. Which would be an irrelevant detail except that it strongly adds to my sense of being in a tragic movie via portentous omens.

But fate smiles on my testimony. My opponent from the censorware companies, David Burt of N2H2, self-destructs. He ends up compared to the "Iraqi Information Minister" (not by me, by a lawyer, Jonathan Band, also testifying in favor of the censorware exemption). It's a great victory, for the exemption, and me.

But there's practically no PR coverage or credit at all. Oh, it's mentioned here and there, on a few specialty sites and blogs. But I don't get e.g. covered by the New York Times. That's disheartening.

When the transcript of my session is released, James Tyre mentions that it would be great to do an excerpt for a Censorware Project article, but for various good reasons irrelevant here, he can't do it himself, so could I? Likely we can get it publicized in Slashdot. But it has to go under his name, because of all the grudges against me. Since Slashdot is supporting Michael Sims as an "editor", if my name appears as the author, he'll abuse his editorial powers to trash it immediately as a submission, and nobody will go against him. We really do have to work around that problem.

I agree to write it this way, though I'm not happy about it. Note in what follows, I'm partly to blame. Right afterwards, though, I go through a two-hour long legal consultation, briefing a lawyer on all my censorware and DMCA issues, which I find emotionally exhausting (my joke about this is that sometimes I don't believe all that happened to me myself, and I lived through it!). Then in the next two days, I get bad job-hunting news twice in quick succession. While this is going on, I try to structure the article, but have trouble organizing it, and ask James Tyre more about how long it should be. It turns out we don't have the same understanding, just one of those failures of communication between two people about an editorial perspective. He wants not just some cut-and-paste excerpts, but to cover background, history of the exemption, on and on. I try, but I just can't do it. Every word seems to be rubbing my nose in my marginalization. Remember, I have to write all this, to be published under someone else's name, with Censorware Project getting the PR, all because the pettiness cannot be put aside in the slightest. I am not imagining this.

Why the hell can't it be under my name? Goddamn it, I think I do deserve Slashdot coverage Why do we have to play these stupid grudge-games?

But the upshot is that he's "miffed" at me, and I will get - no - credit - at - all here. Again, partly my fault, and I accept that. We don't hate each other. He's not wrong, I'm not wrong, But still a disheartening outcome all around.

Then I help James Tyre prepare his own DMCA testimony, which goes very well. Afterwards, he says to me, that when the transcript is posted, I'll find myself mentioned favorably in many places. However, in the context of my quest for coverage, I misconceive that remark as more metaphorical, that this time around the PR circuit, I'll get some reputation-credit. It turns out, no, he merely meant I'll be mentioned favorably many times in his testimony. Well, that's nice, I appreciate it. But in practice, nobody hears it. Not compared to the way I'm being attacked every single day.

Then I basically write all of our third-round joint reply. Everything has to be researched, referenced, footnoted with page and line numbers, on and on. Remember, I'm not being paid for any of this. David Burt, writing the censorware companies' reply, is being paid for it, it's his job. He takes the opportunity to use Michael Sims' domain-hijacking and smears, against me, to try to discredit my research via personal attack. All implicitly backed-up with famous net lawyer Mike Godwin's support of those attacks. The end of that little story is that privately, I end up being brutally flamed. But this piece is long enough so I'm going to skip over an account of that.

After all was said and done, I felt somewhere between suckered and deluded. As I thought of it, it's another case where for a project, I'd had credit dangled in front of me. But when it came time to pay off, well, nobody home. Yes, I willingly took upon myself the burden of advocating the censorware exemption. At the same time, all the talk about how it was important, how there would be coverage, i.e. I'd be building-up my reputation - in the end, it came down to a very familiar refrain: So sorry, you really did deserve better, wish it were some other way, tsk-tsk what a shame ...

The bottom line, of course, being that I don't gain in terms of myself, and insult to injury, if I write of my displeasure at such an outcome, that's accounted even worse (WHINER!, want some cheese with that whine, opening a whinery, etc. etc.).

This all was, to me, the ultimate proof that the build-up-yourself advice just does not work (at least for me). I'm putting in effort way above and beyond here, spending money out of my own pocket while unemployed, drafting DMCA reply after reply. And I can't even get favorably mentioned for it! In contrast, while I'm making myself a target, there's no downside whatsoever to any of the snipers shooting at me. Well, it's not as if, perhaps, I was doing important things, like annoying an airline captain on a plane via a "political statement" (or troll-pattern behavior) about being a suspected terrorist.

There is no organizational backing for me. There is no PR support for me. No, it is not enough for a few people to say they think it's wonderful that I do all this. After a certain point, from sheer practicality, it has to be appreciated in a manner that provides me with the means to buy food and pay rent. When potential lawsuits enter the picture, my censorware work is completely unsustainable. It's not worth it.

The next time around, as far as I'm concerned, the DMCA exemptions can go censorware'd themselves.

Posted by Seth Finkelstein at 02:19 PM
October 26, 2003

October 22, 2003

N2H2 acquisition by SmartFilter (Secure Computing) censorware is done

It's the end of an era (in many ways). N2H2, the censorware company about which I've written much, has finally been acquired. It's been bought by another company Secure Computing, which makes the SmartFilter censorware. I discussed this earlier. What's new is that the acquisition process has been completed.

Thursday, October 16, 2003
Secure Computing seals takeover of N2H2

Secure Computing Corp. has completed its acquisition of N2H2, a Seattle company that provides Internet filters to libraries, schools and businesses.

San Jose, Calif.-based Secure Computing -- a publicly traded software company with second quarter revenue of $18.2 million -- paid $19.9 million to acquire N2H2's outstanding shares. N2H2's Seattle office will remain open with 27 employees.

Twenty-one employees have been laid off, whereas 23 others will remain at the company in transitional jobs for one to six months, a company spokeswoman said.

Pretty good outcome for a censorware company which had negative book value for so long, up to and including the time of being bought. Though no word on how David Burt, N2H2 PR person and long-time censorware advocate, has fared. Still, even if he's part of the layoffs from the buy-out, he won't have done any worse than many good people who lose their jobs in a downsizing or merger. And I'm sure that the Religious Right will always have a place for him.

For me, this acquisition means that even if N2H2's censorware survives in any form, there's even more money and resources available for a lawsuit againt me. It's another nail in the coffin, that I've been driven to quit censorware research, and have to write-off much material I can't publish.

Posted by Seth Finkelstein at 11:59 PM | Followups
October 15, 2003

Slashdot Disaffect

So, yesterday I received yet another traffic-burst of "Slashdot Reflect". This is where my website gets traffic because Michael Sims is doing something abusive on Slashdot (new readers: the Slashdot "editor" who maliciously domain-hijacked the original website of Censorware Project, but Slashdot de facto supports him). The particulars of yesterday's Slashdot rant aren't very interesting to me. It had something to do with Michael Sims using the front page of Slashdot to flame a CNN article ("grossly misleading, almost propagandistic", etc). Heck, he might even be right. But hundreds of thousands of people heard him, and enough wanted to check on this sort of behavior so that I saw that "reflect".

Anyway, that's just background, to the following: The DMCA exemption proceeding rulings will be released soon (by October 28). These are where the public can petition for an exemption to the DMCA 1201(a)(1) circumvention prohibition (for circumvention as an action only, not "trafficing"). I testified some months ago, bearing the brunt of the effort for the censorware exemption.

Now, If the DMCA exemption for censorware is renewed, I believe that's a great journalistic opportunity for civil-libertarians to win a PR round over censorware companies. I had a passing thought, related to some other credit issues, of trying to get Slashdot to run an article by me, discussing that DMCA exemption process in retrospect. Not a rehash, so much as what victory here means for technical types (versus what it doesn't!), and how we could build on it. Note I don't want to talk to lawyers, I want to talk to programmers. And to be heard, not be in a corner shouting to the wind.

Then I gave myself a sanity-check. Forget it. I'm not even going to try. I quit. I don't want to devote the effort, and likely get personally attacked as my reward. It's not worth it. If there's a victory, I'm going to have enough trouble just getting recognized with some credit. (I joked to someone that the Copyright Office could write "We are renewing this censorware exemption because we [heart] Seth Finkelstein", and I'd still be helpless against either press maliciousness or stupidity).

Posted by Seth Finkelstein at 08:32 PM | Followups
October 02, 2003

Code == Speech, or The DMCA As Technical Obscenity

Switching gears a bit (at last), another paper I can't do, censored censorware reports, is one I call:

Code == Speech, or The DMCA As Technical Obscenity

The title is a pun, a multilayered meaning between "technical obscenity" in the sense of being an abomination in the eyes of tech-types, and "technical obscenity" as a (somewhat metaphorical!) type of obscenity law applied to technological speech. This idea was impressive (if that's the word) in the recent Bunner decision in the DVD trade-secret case where the ruling stated "Thus, these trade secrets, ... address matters of purely private concern and not matters of public importance.". Note that's trade-secret law. But I'm trying to express the concept that the determination seems very much like a kind of obscenity test, with the values in that test being applied to technical communications rather than sexual ones.

And make no mistake, it is a speech issue. As I've discussed before:

The ROT13 algorithm explained ("Caesar Cipher"):

1) The decryption algorithm for ROT13 is to take the range of letters from a-z, and for those twenty-six letters, replace the first thirteen of them with the range of letters from n-z and the second thirteen of them with the range of letters from a-m

2) To un-ROT13, do a tr/a-z/n-za-m/ over each character in the file

3) perl -pe 'tr/a-z/n-za-m/;' < infile > outfile

Where did I step over the line, from "speech" to "code"?

Now, the difficulty with this paper is the "shouting to the wind"/"tell it to the judge" problem. As one entry in the vast amounts of pontification on the topic of code, speech, and the DMCA, it won't get read. If I put in a real, relevant example, which might get noticed - such as an unpublished censorware decryption - well, be careful what you wish for, because you might get it (here, getting noticed by the censorware company taking action from the decryption program).

Note a similar thought was done in the "Programmers' & Academics' Amici Brief in NY MPAA DeCSS Case" (which I had something to do with):

While an example of the Perl programming language might look like this:

  my ($xor_len) = $key_length{$request} ;
  my ($file_key) = substr($cipher_key, 0, $xor_len);
  while (read(FILE, $xor_block, $xor_len)) {
    $plain_text = $file_key ^ $xor_block;
    $plain_text =~ s/+$//;
    $plain_text =~ tr/A-Z/a-z/;
    print $plain_text,"";

     We chose this snippet of Perl for two reasons. Fi rst, when compared to the Visual BASIC, it is apparent that more symbolic characters and fewer natural-looking words are used, illustrating the variety of programming languages. Though it looks less like a natural text language, its meaning is as clear to those who read Perl as is this sentence to those who read English. ...

     The second reason is the more thematic. The snippet is from a program which decrypts the encrypted list of URLs blocked by the filtering software application known as X-Stop, the use of which in a public library was found to be unconstitutional in Mainstream Loudoun v. Board of Trustees, 24 F.Supp.2d 552 (E.D.Va 1998). In part by showing that X-Stop blocked valuable Internet speech, Plaintiffs prevailed, but on the face of 17 U.S.C. SS 1201(a)(1), such a decoder might be unlawful as a circumvention measure. In October 2000, the Librarian of Congress completed the first rulemaking mandated by §1201(a)(1). One exemption was for "[c]ompilations consisting of lists of websites blocked by filtering software applications." 37 CFR Part 201. If the LOC rulemaking now legitimizes the use of a program such as the X-stop decoder to compile such lists, it makes no sense under any theory of copyright law that §1201(a)(2) proscribes the distribution of such a program, but that is the effect of §1201(a)(2), the section at issue in this action.

Note "such a decoder might be unlawful as a circumvention measure". I don't want to play Russian-Roulette-plus-snipers these days to find out :-(

Posted by Seth Finkelstein at 11:57 PM | Followups
October 01, 2003

N2H2 "State Secrets" - censored censorware report and why - part 3

I never described why I called this recent series "State Secrets". That's a reference to an old joke about dictatorships:

Another joke is about a student marching down the Avenue of Eternal Peace with a banner saying "Li Peng is a pig"
The student is arrested, tried and sentenced to 20 years.
He complains that illegal protests carry a maximum sentence of five years.
"Yes," replies the judge. "Five years for an illegal protest and 15 for revealing state secrets."


That joke really sums it up - for revealing N2H2's censorware blacklist is a pig, I might get a minor penalty for one issue, but 15 years (of litigation) over revealing their state, err, trade secrets.

When I first circumvented the encryption of N2H2's blacklist, I was amazed at how much of it was junk and duplications and obvious errors. Just full of garbage. Logically, what do they care? Who is looking?! They have an incentive to add as much as possible, for PR puffery (a blacklist zillions long). It was very evident that there were silly keywords being used to blacklist sites.

I wanted to publish these results to coincide with the District Court CIPA trial. But during the expert-witness testimony of the trial, N2H2 went into court with extraordinary legal aggressiveness, to attempt to prevent the court experts from testifying in public about its blacklist (on "trade secret" grounds):

"They say that certain things we talk about them having blocked will show the nature of their software, ..."

(note small world, that quote is from Declan McCullagh's (sigh ...) coverage of the trial)

At roughly the same time (actually a little before, but adding to the legal risk), Michael Sims, the Slashdot "editor" who had domain-hijacked Censorware Project's website, broke trust that had, in earlier times, been placed in him by Censorware Project's main lawyer (James Tyre). As part of the process of obtaining nominations for me for the EFF Pioneer Award, James Tyre had written (with my full consent) a detailed message to Censorware Project members cataloging every censorware decryption I'd done up to that time - names, dates, methods used. This was sensitive legal information, more so for coming from such an unimpeachable source.

Michael Sims publicized this confidential message to the world, including every censorware company which might want to sue me, just when N2H2 was doing its attempts to suppress public testimony (privately, it's a great message, later I put it on my site with others - but there's a time and a place for everything!). If N2H2 was willing to take such legal action involving court experts serving as witnesses in a Federal trial, the risk for a mere programmer in publishing more detailed and revealing work (even a civil-liberties award-winning programmer) was terrifying. The betrayal of confidence was an incredibility vicious and vile action.

The import of this trust-breach is often lost in various smoke-blowing. (for example, Michael Sims was particularly upset that James Tyre hadn't trusted him with the sensitive information from the start, ironically showing by his dishonorable actions why that lack of trust was thoroughly justified). People tend to get focused on the name-calling. But it was putting legally sensitive information in censorware company hands, while aggressive legal action was underway, which was most destructive.

I made a decision then: I'm not going to publish this work. The legal risk is too high. I don't have the support I need. At best I'll get smeared, at worst I'll get sued.

Remember, Slashdot continues to _de facto_ support Michael Sims, in terms of pay, reputation, and press-power. It matters. This is why I have to quit.

Posted by Seth Finkelstein at 11:58 PM | Followups
September 29, 2003

N2H2 "State Secrets" - part 2 - PR and "that was a lie"

There's a reason I don't do statistical studies on censorware. I hope the following historical account shows what's necessary to fight something like censorware company N2H2's "1,800 Percent Increase [in porn]" press release.

Years ago, in March 1999, Censorware Project released a report dealing with statistical analysis of SmartFilter. There's a long story about how this report came to be, including the fact that it would have died if I hadn't encouraged Michael Sims to continue when he despaired, and donated much system administration and programming in keeping my promise of support. He then rewarded me by initially cutting me off from all credit when, much later, the report was eventually finished and released. But I digress.

At that time, David Burt ran a pro-censorware website "Filtering Facts" (filteringfacts.org - it's no longer active on the web, rumored because he's embarrassed these days by the harsh material, including the obvious links to the Religious Right - but I have an archive). In April 1999, he issued a press release of his own about the report, claiming "Study of Utah School Filtering Finds "About 1 in a Million" Websites wrongly blocked". David Burt is currently a PR person for N2H2. N2H2 is now being bought by the company which owns SmartFilter. It all connects.

Reading that April 1999 David Burt press release, it's clear why he doesn't want this material floating around the net nowadays:

It is difficult to understand how the primary author of the report, Michael Sims, could feel that these sites are appropriate for children in a school setting. An examination of the author's e-mail postings offers some insights into the values that he applies to such judgements. Mr. Sims has often said he does not believe that pornography harms children. In one recent post to the librarian's discussion list PUBLIB, Mr. Sims compared children viewing pornography to children reading the Bible:

Note I feel for Michael Sims here. I know what it's like to be smeared ...

SmartFilter picked up the statistical mendacity (leaving the personal attack), of David Burt's release, and later issued a company press release taking the tactic of claiming "CENSORWARE PROJECT UNEQUIVOCALLY CONFIRMS ACCURACY OF SmartFilter™ IN STATE OF UTAH EDUCATION NETWORK"

Now, in reaction to this, Censorware Project did not say that anyone who matters would read the report and know that the SmartFilter press release was untrue. Or that nobody believes a censorware company, so it doesn't matter.

Instead, Censorware Project did a follow-up report (http://censorware.net/reports/utah/followup/) and to defend the study (and incidentally, Michael Sims), right on the website, the front page proclaimed:

This was a lie. Secure Computing then issued a misleading press release with that same lie, which prompted us to take action.

Later on, there was a front-page Slashdot article about "Censorware and Memetic Warfare":

Here's a look at one of the more annoying memes the opposition is using: a lie about the results of my very own organization. Click for more.

It's all reminiscent of Al Franken's book in the news, "Lies and the Lying Liars Who Tell Them". Except here we have a fair and balanced look at censorware advocates' tactics (note truth is not in the middle).

By the way, I didn't have the slightest involvement with any of this liar-liar-pants-on-fire type response. But I did ruffle feathers when I'd point out that it obviously wasn't considered something which couldn't be done, as immature, undignified, unbecoming, don't get down to their level, etc. I have a saying : "It's always different when it's you".

And that brings me to the moral of the story - if you can't get heard, you'll be shouted down. I don't have the press-reach to fight back against mudslinging press-releases like those above. And I shudder to think what sort of Slashdot coverage I'd receive in a similar situation.

It matters.

Posted by Seth Finkelstein at 11:59 PM | Followups
September 28, 2003

N2H2 "State Secrets" - PR and lying with statistics - press note

[I'll get to part 2, really, it's just turning out to be far more difficult to write-up than I thought, because of my misery regarding the whole topic]

I've just noticed, part of the extensive reach of the N2H2 "1,800 Percent Increase [in porn]" press release is because it was portrayed as a "news story" ("Story from AFP") by a syndicate Agence France-Presse. This made it even ABC Sci-Tech News.

The power of the press :-( ...

Posted by Seth Finkelstein at 11:58 PM | Followups
September 26, 2003

N2H2 "State Secrets" - PR and lying with statistics [part 1 addendum]

I've been searching over the web today to see if anyone, anywhere, has pointed out that the N2H2 story about porn having "1,800 Percent Increase from 14 Million Pages in 1998" is pure hype, since the web itself has grown so much in that time. The only place I've been able to find such intelligence is in a reaction news quote with ... drumroll ... Irene Graham, who is the Executive Director of Electronic Frontiers Australia (and notably one of the earliest civil-libertarians to have listened to me about censorware years ago):

IRENE GRAHAM: Of course, about five years ago there were fast less people on the Internet around the world.

Everything else I've seen has been utterly uncritical. This matters in ways both obvious (e.g. pushing censorware) and profound (what it says about my ability to fight a smear).

Posted by Seth Finkelstein at 10:15 PM | Followups
September 25, 2003

N2H2 "State Secrets" - PR and lying with statistics [part 1]

Censorware company N2H2 recently issued a press release which coincidentally illuminates why I have to quit and can't publish certain research. They proclaim: "N2H2 Reports Number of Pornographic Web Pages Now Tops 260 Million and Growing at an Unprecedented Rate". It's a concoction jam-packed with juicy PR nuggets:

"1,800 Percent Increase from 14 Million Pages in 1998"
"N2H2's database contained 14 million identified pages of pornography in 1998, so the growth to 260 million represents an almost 20-fold increase in just five years"
"There have been recent filtering software studies by eTesting Labs for the Department of Justice and a peer-reviewed study conducted by the Kaiser Family Foundation and published in the Journal of the American Medical Association (JAMA). Both found N2H2 superior to competitors at blocking pornographic Internet content without unduly blocking appropriate content, even in related areas such as breast cancer or sexually transmitted diseases."

This censorware PR is going around the world, from Australia to Japan .

There is absolutely no support for me to rebut it, in terms of 1) pay, 2) press-power, 3) protection (from lawsuits). I can start shouting to the wind and risking a lawsuit ... or not.

First, just on the face of it, how much has the web itself grown since 1998? Certainly much ("1,800 percent"?) If the number of "porn"-pages simply remained a constant fraction overall, it would increase in absolute numbers as the web itself grows. What methodology was used to derive that number of "identified pages of pornography" anyway?

And here's where things get interesting. I know N2H2 has to be playing fast and loose (if anyone doubted just based on general principles), because I know their blacklist does not have 260 million entries, and could not have had 14 million entries in 1998. But I can't publish that in any way that is objectively provable in terms of peer-review, because that would require conveying decryption information. And no organization is backing me as a researcher to give my mere words weight in terms of that "name" reputation-capital.

Moreover, I could point out many, many, flaws in that slippery phrase "classified as pornography". In practice, nobody outside of a few hundred hard-core readers (pun unintended) would hear. So, the upside is zero for me, little in general, and the downside is years of litigation. It's not worth it.

[To be continued in further posts. Next planned: Background historical material regarding censorware companies, lying with statistics, attack and defense]

Posted by Seth Finkelstein at 10:05 AM
September 23, 2003

Time For Me To Quit Censorware Investigations, aka BACKER NEEDED

If at first you don't succeed, try, try again. Then quit. There's no point in being a damn fool about it. - W. C. Fields

Everyone has a breaking point, and it's been evident for a while that I've essentially reached mine. "Banned Books Week" is a good place to drive a stake into it. To differentiate this message, I'm having "Banned Research Week" where I'll outline specific research I can't complete and publish.

I quit. I'm giving up. I tried and tried, and I don't succeed. That is, after all I've done, over years and years, I still have no pay, no press-platform, no protection from lawsuits. I can't continue to fight against censorware as an unpaid, mostly marginalized, activist lacking any organizational backing. It's not sustainable.

The dismal mathematics seems unarguable. I cannot win, in terms of myself. It's not my job, I don't advance in a career, and frankly, I get precious little respect (not 0.00%, but very close to it). However, I can lose, BIG. At best, I might have to endure long draining litigation, stressful and destructive even if, on the off-chance, I were to prevail. And if I don't prevail, the consequences would be even worse. It's not worth it.

In retrospect, after I won an EFF Pioneer Award, I made what turned out to be an enormous error. I then did a large amount of decryption-based censorware research, as opposed to intensively seeking a policy-based affiliation. I thought I was on track to be a towering DMCA hero. I believed I had a pledge of (Slashdot-based!) press support, as well as legal backing. And that I could afford to volunteer. Well, it's a long story, but things didn't work out that way. The tech economy crashed, and many other legal cases superseded me. Moreover, either I was mistaken about the pledge of Slashdot support, or the person making it later decided to renege (without the courtesy of informing me).

The final result is I have to write-off a large amount of that research (some of which has already rotted away). Between "shouting to the wind" (nobody reading my work) and "telling it to the judge" (the inevitable result of publish work that absolutely will be read), I've been silenced.

Formally, this might be considered a call for backing and support. If manna from heaven came to me, if an organization said they'd give me press support and legal protection (not to mention some pay), then it might be possible for me to continue censorware work. But honestly, I have no illusions of success.

Note, please don't tell me, e.g., "Don't let the bastards grind you down". They did grind me down, by leveraging the power of the legal system to grind me up. Any advice must consider: How does this change the problems of 1) pay 2) press-platform 3) protection from lawsuits? If that isn't answered, it's not helpful.

Sadly, I've been "taken down", and to a great extent, by my own "side".

Posted by Seth Finkelstein at 08:05 AM | Comments (6) | Followups
September 15, 2003

"Open Censorware" and recent legal advice to libraries

A recent article from the American Library Association, ALA: Lawyers Sift through CIPA Regulations discusses: "At the request of the American Library Association, the law firm of Ropes and Gray issued an advisory letter August 28 to libraries regarding their legal obligations under CIPA" (CIPA is the Federal library censorware law) [link credit lisnews. com]

Looking through that advisory letter, I don't think it's very favorable to "Open Censorware":

Public libraries that routinely submit untimely certifications, do not submit certifications, certify compliance with CIPA with the knowledge that they are not in compliance, install an Internet filter known to be nonworking, or fail to enforce their Internet safety policy or operate their Internet filter will likely to be found to be acting in bad faith and not in compliance with CIPA. These libraries will be subject to a loss of their federal E-rate or LSTA funding and may have to reimburse the federal government for E-rate funds utilized during noncompliance. Libraries that fail to remain diligent regarding upgrades in Internet filtering technology may also be determined to be acting in bad faith.4 ...

4The Restatement (Second) of Contracts states, "A complete catalogue of types of bad faith is impossible, but the following types are among those which have been recognized in judicial decisions: evasion of the spirit of the bargain, lack of diligence and slacking off, willful rendering of imperfect performance, abuse of a power to specify terms, and interference with or failure to cooperate in the other party's performance."Restatement (Second) of Contracts S 205 cmt. d (1981).

And later:

CIPA does not provide for any penalties for noncompliance beyond the withholding and reimbursement of federal funding; there are no criminal penalties provided for under CIPA. However, there are federal criminal laws that apply to the submission of fraudulent information or false certifications to the government. See 18 U.S.C. S 1001 (2003).

If I were putting myself on the line, as a library director, I wouldn't be inclined to do anything which looked like playing games with such a requirement. Requiring a judicial specification of a blacklist just might work, as a straightforward and direct position. But not pretending the blacklist problem doesn't exist.

Posted by Seth Finkelstein at 11:57 PM | Followups
September 14, 2003

"Just Give It To Me Straight" - a case against censorware

This is a week or so old, but I solidly recommend the paper:


Just Give It To Me Straight:

A Case Against Filtering the Internet

T. A. Callister, Jr. Whitman College

Nicholas C. Burbules University of Illinois

Well worth reading for the evidence and arguments.

Paradoxically, on a personal note, it's another reason I think I should stop doing anti-censorware work. The paper makes many arguments similar to those I make myself. But the difference is that it was quite well-publicized, whereas I'm extremely marginalized. While the constant references to Peacefire and Censorware Project were good, it was saddening to see the authors had apparently never heard of me. I don't have the name-recognition and press-connections, so what's the point of doing work almost nobody will hear? (especially if it can get me sued!)

Posted by Seth Finkelstein at 11:59 PM | Followups
September 10, 2003

Anti-spam versus censorware, once again

Matthew Skala, one of the programmers of CyberPatrol lawsuit (in?:-))fame, had a recent blog entry playing off the just-granted Websense patent, but using that to discuss censorware versus anti-spam programs. This issue, of using computers against spam or for censorware, comes up often. I've been replying to it for many years.

If I thought anyone much would care, I'd write up a FAQ on the topic. But that entry got thousands of readers as part of a Slashdot article, and, sigh, I hate to sound whiny, but I don't expect Slashdot coverage. Anyway, I wrote Matthew, and he kindly noted my point in a follow-up blog entry.

When putting together something now, I found I'd written long entries on this be fore:

" porn, spam, "filtering", and magic"

" More on censorware, spam-killing, and "magic""

No point in rewriting them. There's also an extensive discussion of the differences in the Reply to Copyright Office DMCA 1201 Censorware Exemption Question, and some in my DMCA testimony.

In a sentence, fighting spam concerns something you don't want to read, the sender wants to force on you. Censorware is about something you want to read, and an authority wants to prohibit you. These are thus very different situations.

Posted by Seth Finkelstein at 11:59 PM | Followups
September 06, 2003

Carlisle Barracks censorware's militarycorruption.com

Censorware ... it's not just for libraries anymore (in the US) ...

According to the article Carlisle Barracks blocks Web site:

Saturday, September 06, 2003 BY MATT MILLER Of The Patriot-News

CARLISLE - A freedom of speech battle is brewing over a decision by Carlisle Barracks leaders to block access to an Internet site that purports to uncover military corruption.

The move to bar Army post workers from logging onto militarycorruption.com was taken to "preserve morale, good order and discipline," barracks spokeswoman Lt. Col. Merideth Bucher said.

"The command blocked access to the Web site from government work stations because of complaints by Carlisle Barracks employees that this site consists of rumors, unsubstantiated allegations, innuendo and personal name-calling," Bucher said.

(more at link)

Note this doesn't look like a censorware company blacklist issue, but rather a specific directive that a local installation ban a political site (to "preserve morale, good order and discipline").

My own point is that censorware is not just for parents who want to "protect children". It's intrinsically for control of what people are allowed to read.

Posted by Seth Finkelstein at 11:53 PM | Followups
September 05, 2003

"Obscenity Link Filter"?

I noticed the following interesting news from the censor-world:
"Feds Target Typo-Driven Porn Operation". Most notably:

Computer pornography is a major problem. It is especially offensive when it is sent to your computer by unsolicited e-mail -- or "spam." To counter this aspect of the problem, Focus on the Family, in connection with David Burt, of filtering company N2H2, have created the "Obscenity Link Filter" -- a way for you to forward unsolicited pornographic e-mail ("porn spam") to authorities, without having to download or view pornographic images.

Hmm, interesting Religious-Right connections here ...

Anyway, I couldn't resist, what is this thing? It seems to be some sort of link-extractor which operates on spam email. I hate to imagine an average person trying to use it though, since the instructions brought to mind all the jokes about bad instructions manuals.

But I suppose it's considered good PR all around, even if it's almost useless.

Posted by Seth Finkelstein at 11:57 PM | Followups
September 01, 2003

"Concerned Women for America" Censorware Advocacy Legal Memo

"Concerned Women for America" has a memo on CIPA, the Federal library censorware law. It's useful for understanding censor's strategy. I was looking around to see where it was being flacked. Notable, a "Traditional Values Coalition" article is urging censors to:

TAKE ACTION: Download a copy of LaRue's memorandum and send a copy to your local library and/or to members of the library board in your city. Urge them to implement the suggestions in this paper.

This made for a sad contrast to a recent lament by Karen Schneider to librarians that
"We as a profession haven't done diddly squat beyond talk and process and talk and process some more."

Sadly, talk and process is easy, while action is hard.

And censors work together, while civil-libertarian, as a rule, do not. Again, I've basically been "taken out" by my own (nominal) side.

Posted by Seth Finkelstein at 11:59 PM | Followups
August 29, 2003

More reactions to American Library Association CIPA statement

More discussion worth noting, in reaction to the American Library Association's statement on CIPA:

A posting by Michael Gorman:

Dear Colleagues

One of the depredations (and consolations) of age is that the world becomes increasingly unrecognizable. Filterers are conmen and conwomen. Censorship is anathema to our profession. What in the name of Jumping Jehosaphat are we doing even contemplating trying to evaluate which brand of filtering snake oil is "better" than other brands? A pox on them all and a pox on censorship.

Peace, Michael

And another comment of Melora Ranney Norman:

Were we unprepared for the CIPA trial?

If the basis of our case was in whether the technology *works* or not, then perhaps.

If the basis of our case rested upon the foundation that censorship (and by extension, censorware) in libraries is unconstitutional and wrong, then perhaps not.

Where it seemed useful to discuss how badly the technology works, we relied upon independent studies, which might be seen as a reasonable attempt at objectivity, so I am not entirely convinced that we've been derelict in this regard. There appeared to be a general consensus that censorware significantly overblocks and underblocks. We all agree that we don't have access to the blacklists, and we don't know what's being de-selected. As far as I can tell, the prevailing argument seems to be that none of this matters--that something is better than nothing--so what more can we hope to prove? I'm not 100% opposed to studies, I just don't see exactly where folks hope to go with that. ...

So where do we put our limited resources and energy now? Do libraries have to censor, and must we now study how to censor best? Is that a priority now? These are difficult questions.

Posted by Seth Finkelstein at 11:59 PM | Followups
August 28, 2003

American Library Association CIPA statement and reactions

The American Library Association recently issued a statement on CIPA (Federal library censorware law). I've greatly enjoyed reading some of the librarian discussion about it, such as the postings of Karen Schneider:

QUESTION: I would like to know what resources we are committing to these needs.I am concerned that we will attempt to resolve these issues with inadequate resources. We need to do more than "gather and share" information about filters, ... We lack mechanisms for responding to wild statements from vendors or press releases about brilliant new technologies that nearly always turn out (as I discovered in my own investigation lo these years ago) to be yet more silicon snake oil. We have allowed the filtering proponents to overwhelm us in one area you would think librarians would excel in -- providing information.


Yes, I am talking about spending money. Somehow, somewhere, we need to break a few eggs to do this right. My guess is this activity will never, ever come from ALA proper, and if we attempted to source it within the bowels of 50 East Huron it would slowly die of colic. However, it would behoove us to ensure it is happening and to help underwrite it if necessary. We have library schools, research institutes, and other agencies that could provide us with what we need if we make our needs clear and help pay for them.

And the comments of Melora Ranney Norman:

In order to study the selection of blocking software along with the selection of print and audio-visual materials, we would probably need to establish a core course called something like censorship 101, since that is the only thing that blocking software is used for.

Until now, selection criteria has been proactive, not reactive. We have claimed that we tried to ascertain what our patrons wanted and provided it to them; if we were judging and suppressing material it was not part of our coursework. Until now, we have not considered it a matter of scholarly inquiry to examine what parts of magazines, encyclopedias, or books we should slice up and burn. Does this profession think it's time to change that?

Posted by Seth Finkelstein at 11:23 PM | Followups
August 23, 2003

Center for Democracy and Technology on NTIA censorware report

I was looking at other coverage of the National Telecommunications and Information Administration (NTIA) censorware report, and found the following item on CDT's speech headlines page:

Commerce Dept. Report Backs Capabilities of Child Protection Measures - The NTIA has released a report evaluating Internet filters and other protections for schools seeking to safeguard children online. The report argues that filters and other technologies are able to meet "most, if not all" of the needs of educators. It also cautions that "software has not been able to overcome problems of overblocking" and emphasizes the importance of protections besides filters. CDT believes the report underscores why online protections controlled by users are preferable to broad Net content regulations like the COPA statute, which is under fire in the courts. August 19, 2003

That last sentence ("online protections controlled by users") is classic CDT. That is, it artfully weaves around the law and the evidence in order to come out with the policy position favored by CDT, even if the whole process makes no logical sense. For example, the part CDT cites just before, about cautions about overblocking, the NTIA report has it as a lead-in for broader government usage:

Yet, other technology tools can or have the potential to address better the needs of educational institutions. Thus, NTIA recommends that Congress change the current legislation to clarify that the term "technology protection measure" encompasses not only filtering and blocking software, but also other current and future technology tools.

Now, it's not that CDT is "wrong" here, as it's what CDT "believes" is "underscored" by the report. But it can be very amusing, in a lawyerly way, to see how they derive such beliefs from a report which, per above, wants more types of censorware to be explicitly acceptable to government.

Sigh. On a more personal note, I look at this material, and think again that I simply don't have the resources to get-into-it regarding rebutting the NTIA report. There's far too few people who care about a factual rebuttal. The cheap and easy political expedient is simply to say it means whatever you want it to mean. Thus, there's little protection for me personally in countering the report, while the censorware companies have a direct incentive to attack me personally as much as possible. Maybe I shouldn't note that. But I still feel very unhappy about how I've been essentially marginalized, and by my own "side" too.

Posted by Seth Finkelstein at 11:59 PM | Followups
August 21, 2003

Marjorie Heins on NTIA CIPA (censorware law) report

Marjorie Heins at the Free Expression Policy Project has excellent commentary concerning the National Telecommunications and Information Administration (NTIA) CIPA censorware report


On August 15, the National Telecommunications and Information Administration, a division of the U.S. Department of Commerce, released a report that reads like a sales pitch for Internet filters.

I agree completely. I've thought of writing an NTIA report piece myself. But this where my poor power level and the lying endemic to politics, has baleful effects.

Now, rebutting this report isn't a legal risk problem (I think ...). But I simply don't want the stress of going through getting trashed because I can't fight back. It's just not worth it for me.

Posted by Seth Finkelstein at 09:46 PM | Followups
August 17, 2003

NTIA CIPA censorware report released

[A scoop! A scoop! :-)]

NTIA CIPA censorware report:


Children's Internet Protection Act: Report on the Effectiveness of Internet Protection Measures and Safety Policies

On August 15, 2003, [National Telecommunications and Information Administration] released a report pursuant to section 1703 of the Children's Internet Protection Act (CIPA) ... evaluating the effectiveness of technology protection measures and safety policies used by educational institutions. The Act requested NTIA to evaluate whether the currently available Internet blocking or filtering technology protection measures and Internet safety policies adequately address the needs of educational institutions. CIPA also invited NTIA's recommendations to Congress on how to foster the development of technology protection measures that meet these needs. NTIA's report concludes that the currently available technology measures have the capacity to meet most of the needs and concerns of educational institutions and makes the following recommendations: 1) technology vendors should offer training services to educational institutions on specific features of their products; and 2) expand CIPA's definition of "technology protection measures" to include additional technologies in order to encompass a wider array of technological measures to protect children from inappropriate content.

Posted by Seth Finkelstein at 12:21 AM | Followups
August 16, 2003

ACLU CIPA censorware memo

The ACLU released a legal memo for libraries on coping with CIPA, the Federal library censorware law. It came out two weeks ago, but it seems to have been little publicized.

Library filtering after US v. ALA: What does it all mean and what should we do

It prominently mentions the "visual depictions" aspect of CIPA, and makes interesting recommendations.

There's a notable paragraph, which is think is extremely important for any idea of Open Censorware :

"Some libraries have suggested creating their own software. Libraries can certainly do that. The statute does not require any particular product. But, any product used has to represent a "good faith" attempt to comply. It seems unlikely that any individual library could create a blocked sites list and keep it up to date."

I must say I got a big laugh out of the recommendation of:

"3. Join with ALA in pressuring the software companies to make their lists of blocked sites public"

Hmm, censorware companies should make their blacklist public. They ought to. They should. Blacklists should be public from the censorware companies. I say so. That's the way to do it. Right on. Have I mentioned the blacklists should be public?

That is, no matter how may times any civil-liberties group says it, the censorware companies don't care (see, for example DMCA testimony). But then, the ACLU certainly knows this.

Sigh. I'm about ready to quit, because I just can't publish more censorware research due to the legal risk involved. For all the talk of pressuring censorware companies above, there's just no support for my work.

Posted by Seth Finkelstein at 07:37 PM | Followups
July 31, 2003

N2H2 (censorware co) finally stops losing money

Given the coverage I've devoted to censorware company N2H2's finances, e.g. "dead company walking", "another step" "bankruptcy-watch", it seems only fair that I note today they have finally, at last, stopped losing money.

See, the difference between them and me, is that I'll admit a fact in their favor (even if grudgingly), while they pretend to the Copyright Office that I haven't circumvented their censorware's encryption.

Anyway, N2H2 announced:

Revenue was $3.098 million for the [quarter] ...
Operating expenses were $3.064 million ...
The company achieved a quarterly net profit for the first quarter in its history at $48,000.

48/3098 = margin of 1.55% of revenue. But it must be granted that it's positive, even if tiny.

Note this profit came from cutting expenses ("29%"), NOT from any significant increase in revenue ("4%"). I had thought they'd front-load that revenue figure somehow.

They still have a company deficit of nearly two million dollars ($1,836,000). I have no idea what makes a negative-value company worth acquisition via "an all-stock transaction valued at approximately $19.9 million". I suspect there's an Other People's Money aspect at work here.

Posted by Seth Finkelstein at 11:14 PM | Comments (2) | Followups
July 29, 2003

N2H2 bought by Secure Computing ("SmartFilter") - censorware merger

N2H2, a censorware company famailiar to readers of this blog, is now being acquired by Secure Computing, a security/censorware company (they make "SmartFilter"). See the stories e.g. in BusinessJournal or The Register. I posted this question about the acquistion. to the Secure Computing Yahoo message board:

How to make sense of N2H2 acquisition?

Folks, I don't get this.

Full disclosure - I'm a pioneering (http://sethf.com/pioneer/) critic of censorware (http://sethf.com/anticensorware/), so I'm not disinterested. But I try to understand the industry objectively.

Now, you may not know this, but Secure Computing and N2H2's systems are very incompatible. They can't be buying N2H2 for the "technology".Is it the customer and marketing network? It seems like Secure Computing is paying a huge amount for a company, N2H2, which has NEGATIVE book-value.

Is it because they're paying in stock, so it's not their money?

To respond to another poster, it's clear to me that N2H2 would accept even wildly overvalued stock, because they can sell that stock for something, anything. N2H2 stock is so thinly-traded that the insiders have major problems dumping it (check the insider selling).

So this is a mystery to me. The only way I can make sense of it is that Secure Computing is buying some marketing at a super-inflated prices, but since they're playing in super-inflated stock anyway, it all works out in the end.

Posted by Seth Finkelstein at 11:59 AM | Followups
July 27, 2003

Library censorware, open blacklists, *1997*

Everything old is new again.

As part of a discussion of "Open Censorware" issues, I dug out the following item about an open blacklist library censorware proposal, dating back to 1997. This is by the same censorware company which is now being pushed at http://libraryfilter.blogspot.com/

People might consider how old (and moldy) is this idea, and how it's been a practical failure for years.

Subject: "The USA National Library Filtering Plan"
Date: Sun, 26 Oct 1997 23:43:55 -0800
To: [now-deceased fight-censorship mailing-list]
From: "James S. Tyre"

Well, our old friend Turner (Bob, not Ted) has hatched a new plan:


-put forward by Jeff Koftinoff and Bob Turner October 26 1997

USA Version


Premise 1

The National Library Filtering Plan is to filter out PORNOGRAPHY ONLY. All other subjects are too diverse and intangible for a National/international plan. Pornography is readily identifiable and there is a huge cross cultural demand for filtering this subject..

Premise 2

1. Let all communities that opt for NO FILTERING opt OUT of this plan and work it out in their own communities

2. For communities that opt POSITIVELY FOR FILTERING the following plan is suggested for immediate development and implementation.

Premise 3

1. The URL vocabulary (banned sites) is public. Encryption for the purpose of hiding the list is not a consideration. The National Library Banned Site List is Publicly and Freely available on the web.

Premise 4

1. The National Library Filter would Lease a Filter Engine from any filter producing software company capable of delivering such an engine and this engine would have the National Library filters own front end which would do exactly what was required to filter porn and would do nothing else. This would conserve library resources by allowing very inexpensive licensing and placing control in the libraries hands and out of third party ratings and software companies.

Premise 5

1. Such a large number of people on line at a large number of libraries across the many regions of the USA provides a unique opportunity for research on the Internet - its usage's and applications. Software has been donated for National Library Research that will upload all actions (in blocks of 500 workstations) to a data base at an outside server. This can be done anonymously to preserve privacy issues. Such research of this size would provide new information for the constant update required to augment the Banned Site List. Results of such research would be made public.



1. Identify the group capable of implementing/coordinating the USA National Library Plan
2. Identify the group capable of implementing the corresponding research component
3. Identify the Filter Engine to be leased.
4. Identify the front end that is desired
5. The donated research software is IF-RESEARCHER
6. The vocabulary is The Great-Global-Banned-Site-List currently about 16,000 Domains

for more information:

and/or contact Bob Turner turner@turnercom.com


Please do note that their blocklist is freely downloadable, in plaintext no less! I'll let y'all explore it yourself, but:

They don't like kink: http://www.kinkos.com/

And they won't take any shit: http://www.kinoshita.com/

And if you don't like it, you can't lick it: http://www.lillick.com - a very old line, white shoe law firm, Lillick & Charles.

No sex, of course - http://www.morrisexport.com/ And don't even think about a trip to the http://www.nakedcity.com/ let alone seeking the http://www.nakedtruth.com/

Perhaps we need to http://www.restoreamerica.com/ But, alas, they won't let us.



Oh. Almost forgot http://www.smutfree.com/ - Arizona's first smutfree ISP!

Subject: "The USA National Library Filtering Plan"
Date: Sun, 26 Oct 1997 23:43:55 -0800
To: [now-deceased fight-censorship mailing-list]
From: "James S. Tyre"

At 07:43 AM 10/27/97 +0000, I wrote:
>Well, our old friend Turner (Bob, not Ted) has hatched a new plan:
> -put forward by Jeff Koftinoff and Bob Turner October 26 1997
> USA Version

Hmmm, look what I just got (in response to another list post)

----------Forwarded Message---------- Date: Mon, 27 Oct 97 07:50:45 +0000
From: Bob Turner <bturner@direct.ca>
Reply-To: bturner@direct.ca To: "James S. Tyre"
cc: filt4lib@listserv.ci.escondido.ca.us

Hi Mr. Tyre

Thanks for responding to my request.
> Yes, I believe I may see the total picture, and its not pretty. Thanks to
> the downloadable list, in plaintext, I saw that one of the very first list
> entries was http://www.1-900-internet.com/ If anyone can explain to me how
> that site is pornographic, I would be most interested. Ditto
> http://www.1900autofax.com/

It is very interesting that the very first line/URL is not pornographic.

I agree. Thanks to your sharp eyes this imperfection on the very first URL can be deleted from the list in the very next update (within seven days). If only there were many more of you with the capability of adding and subtracting to our list.
> Wonder what I'd find if I spent more than 5 minutes looking at the list?

What you would find is a very large unencrypted list of pornographic domains...possibly the largest one in the world encrypted or not. This list can be added to subtracted from.... and is public. As suh it is very unique. As stated by yourself you have possession of the list in plain text. You may do with it what you will...it is now our list. It is my hope your care for this issue will contribute to an effective solution to this obvious problem. Subtracting from the list is an important element.

I wonder what would happen if you could find 5 minutes to add to it.

The fruits of your 5 minutes labours subtracting from it will be valuable and is appreciated. I look forward to recieving them and will act accordingly by verifying and deleting.

Best Regards

Bob Turner

Posted by Seth Finkelstein at 11:56 PM | Followups
July 26, 2003

Axis-Of-Copyright lawyer's definition of censorware

The "Axis-Of-Copyright" (MPAA/RIAA/etc) lawyer has an almost amusing reply in the Post-Hearing QA for the DMCA censorware exemption follow-up question, roughly about defining censorware. He gives it as:

"Compilations, not otherwise accessible, consisting of lists of websites that are employed in connection with commercially marketed filtering software applications to prevent access to Internet sites containing content deemed to be obscene, child pornography, harmful to minors, or otherwise inappropriate for display in a defined public setting."

This borders on funny in terms of how the language is loaded. It might just as well have been:

Compilations, ... of websites that are EVIL, EVIL, EVIL, and no right-thinking respectable person would ever want to see!

(in contrast, the DMCA Joint Reply Of Seth Finkelstein and James S. Tyre gives a definition of "Programs designed and optimized for use by an authority to prevent another person from sending or receiving information.")

Posted by Seth Finkelstein at 09:51 PM | Followups
July 25, 2003

CIPA-compliance, N2H2, and free market

In response to the FCC's recent decision, mentioned yesterday, to again not set any standards for the CIPA Federal library censorware law, censorware company N2H2 has been claiming another victory. David Burt, their PR flack, posted:

N2H2 filed ex parte comments with the FCC two weeks ago asking that the FCC not set any standards for filtering software to comply with CIPA, such as the ability to be unblocked or a level of effectiveness. We feel these are decisions best left to the free market and the libraries themselves to decide. So we are pleased by the ruling.

Law professor Peter Junger made the following illuminating remark about N2H2's FCC comments:

"It does seem perverse to argue that a decision is best left to the free market when the subject matter of the decision is kept secret."

That sentence finally led me to understand the reasoning behind N2H2's arguments. It's not that N2H2 is a Libertarian believer in free-markets, even to the detriment of its own business interests. Rather, if there were a government standard, N2H2 fears that standard could be a lever with which to get access to censorware blacklists - in order to test compliance with the standard! The government compliance procedure would provide a focal point for pressure with Freedom-Of-Information Act requests and similar.

By arguing "free market", in fact, they are able to keep the subject matter secret. They can take the position of: "You can use our censorware, or not, but we don't have to tell you how it works, what's on the secret blacklist. If you don't like it, use something else."

It's another example of what I term "privatIZED censorship". Government imposes a censorship system, but which would normally be accountable through the judicial process, but the implementation is done by private businesses, and hence unaccountable.

Posted by Seth Finkelstein at 09:58 PM | Comments (2) | Followups
July 24, 2003

FCC CIPA (library censorware) order

The FCC issues regulations on CIPA today - good links at "Blue Highways".

I've skimmed through the document, and as far as I can parse it out (keeping in mind I'm not a lawyer). it basically says "School and library censorware is now going into effect". But it doesn't say anything new as to what's valid censorware for the purposes of the law. I assume this means the old compliance ruling is still in place:

25. Some commenters have requested that we require entities to certify to the effectiveness of their Internet safety policy and technology protection measures. However, such a certification of effectiveness is not required by the statute. Moreover, adding an effectiveness standard does not comport with our goal of minimizing the burden we place on schools and libraries. Therefore, we will not adopt an effectiveness certification requirement.

26. A large majority of commenters express concern that there is no technology protection measure currently available that can successfully block all visual depictions covered by CIPA. Such commenters seek language in the certification or elsewhere "designed to protect those who certify from liability for, or charges of, having made a false statement in the certification" because available technology may not successfully filter or block all such depictions. Commenters are also concerned that technology protection measures may also filter or block visual depictions that are not prohibited under CIPA.

27. We presume Congress did not intend to penalize recipients that act in good faith and in a reasonable manner to implement available technology protection measures. Moreover, this proceeding is not the forum to determine whether such measures are fully effective.

Note that part regarding act in good faith and in a reasonable manner. I think it's the key element for any ideas of "Open Censorware"

Posted by Seth Finkelstein at 11:05 PM | Followups
July 22, 2003

DMCA Post-Hearing Questions - Replies Posted Now

The Copyright Office has now put up all the replies to the Post-Hearing Questions of Anticircumvention Rulemaking:

This page contains post-hearing questions and answers submitted as a part of a rulemaking on exemptions from prohibition on circumvention of technological measures that control access to copyrighted works (read more details). Following hearings held in April and May 2003, the U.S. Copyright Office asked follow-up questions of some of the witnesses who had testified at the hearings. The questions and responses appear below.

I mentioned this earlier, in a DMCA censorware exemption follow-up reply to the DMCA censorware exemption follow-up question, regarding the:

Joint Reply Of Seth Finkelstein and James S. Tyre

Frankly, this is an exhausting process. I spent hours writing the censorware reply, and nobody paid me to do it. The censorware company reply is 21 pages long, and it's David Burt's job. This is not sustainable for me.

Posted by Seth Finkelstein at 05:27 PM | Comments (0) | Followups
July 20, 2003

No point in another "censorware summit"

[Written for a discussion about the ALA's canceled meeting with censorware companies]

Folks, the basic practical reason for not having a "censorware summit" is as follows:


It is understandable that some people have a deep-seated wish to believe that we can all get along, that everything can be worked out in the end, some accommodation can be reached, etc.

But the censorware companies are not walking around thinking "Gee, if librarians would only have a meeting with us, we'd be able to serve them so-o-o-o much better ... Oh, librarians, speak to us, please, please, pretty please with chocolate sprinkles on top ..."

They are not going to open their blacklists. They've sued over that topic. They've HEARD the arguments. They don't care.

The only thing that could come out of such a meeting would be PR spin by the censorware companies, about how they are now working with the ALA. That's it. That's all that could happen.

And that is the very practical (not ideological) reason NOT to have such a meeting.

Posted by Seth Finkelstein at 11:59 PM | Followups
July 19, 2003

Melvyn HisCOCK

I am not making this up.

Melvyn Hiscock posted:

From: melvyn[at-sign]melvynhiscock.com (Melvyn Hiscock)
Newsgroups: uk.music.guitar
Subject: A little research needed
Date: 19 Jul 2003 00:33:26 -0700
Message-ID: <9adaef99.0307182333.15702278@posting.google.com>

Hello chaps,

'er indoors has had some problems sending me e-mails from her freeserve account as they are getting blocked. This is due to my surname being considered pornographic! We realised this when my nephew was refused a hotmail account when he typed in his name.

The worrying thing is that I may well be losing e-mails from my web site. Having realised the above, I suppose using "readerswives@melvynhiscock.com" as an address to send photos of your guitars to be put on my site was perhaps a little short sighted!


Posted by Seth Finkelstein at 10:17 PM | Comments (1) | Followups
July 16, 2003

More on American Library Association "Censorware Invitation"

In response to the ALA's "censorware invitation", regarding meeting with censorware companies in the aftermath of CIPA (Federal library censorware law) Keith Michael Fiels, Executive Director of the American Library Association has written a message on "Responding to the CIPA decision". It states in part:

While we know many libraries will choose not to receive federal funds, we also must accept that many libraries, particularly those serving poorer and urban communities will be forced to accept federal funds and be faced with a significant challenge of complying with the CIPA requirements. Our job must be to help them in every way to insure that patron First Amendment rights are protected to the maximum extent possible under the law.

As a result, we do see the planned meeting with filtering companies as important within our overall strategy, but only as part of a much broader plan. ALA has expressed no intention of 'developing a filter', as the press has incorrectly indicated. Nor do we expect that ALA will certify or otherwise endorse any specific products. The primary purpose of this meeting and subsequent discussions will be to emphasize to the filtering companies that the Supreme Court decision requires that filters be easily disabled upon the request of any adult user. We also need to be extremely aggressive in pushing for better disclosure and a reduction in the number of inappropriately blocked sites, as children have no access to the disabling provisions in the law.

Good theory. I'm not sure how well it will work in practice

Posted by Seth Finkelstein at 03:06 PM | Followups
July 15, 2003

American Library Assocation "Censorware Invitation"

Reposted from an ALA list - read it and weep

Invitation: ALA Technology Briefing
Supreme Court Decision on the Children's Internet Protection Act
Learn What It Means for Blocking and Filtering In the Library Market
August 14, 2003
Time: 10:00 AM - 2:00 PM Eastern Time
Location: Washington, DC
Cost: $150 (includes lunch)
Given the recent Supreme Court decision in United States v. American Library Association, many libraries will be seeking software, hardware or system solutions to comply with the Children's Internet Protection Act.  The Court's decision, while supporting the government's right to place restrictions on federal funding, also implies parameters for such restrictions that have complex legal and technical ramifications for those attempting to serve the library community.  If you're interested in learning more about how CIPA will affect the library market, we welcome you to participate in ALA's Office for Information Technology Policy's Industry Briefing.  The briefing will cover specific legal implications of CIPA and the Supreme Court decision, and we will share library concerns about meeting the information needs of patrons as well as the specific management and technical requirements for the wide spectrum of libraries impacted by the law.  There will be opportunity for discussion on future cooperation.
For further information, contact:
Fred W. Weingarten, Director, Office for Information Technology Policy
Phone: 800-941-8478 or 202-628-8421
Email: rweingarten@alawash.org
To participate in ALA's Post Supreme Court CIPA Requirements for Libraries Briefing, contact:
Kathy Mitchell, Office for Information Technology Policy
Phone: 800-941-8478 ext. 214 or 202-628-8421 ext. 214
Email: kmitchell@alawash.org
The American Library Association's Office for Information Technology Policy is charged with conducting research and analysis aimed at understanding the implications of information technology and policies for libraries and library users.  OITP works to ensure a library voice in information policy debates and to promote full and equitable intellectual participation by the public.
Posted by Seth Finkelstein at 04:19 PM | Followups
July 11, 2003

"Cites & Insights" - Coping with CIPA: A Censorware Special

Walt Crawford has a special edition of his his "Cites & Insights" publication for Midsummer 2003, described as

This 20-page issue consists of one essay: Coping with CIPA: A Censorware Special

If you don't care about CIPA, censorware (filters), and all that, you can skip the issue. A "normal" issue will be out around the beginning of August.

Well, I care, and it's extremely worth reading. There's much examination of CIPA reactions, and a review of Open Censorware issues (mentioning the discussions of the past days, including my comments and Edward Felten's comments).

Posted by Seth Finkelstein at 12:09 AM | Followups
July 10, 2003

A CIPA ancestor

Stephen Denney reposted an interesting article: The new censorship, by Sara Paretsky (New Statesman, 1st June 2003)

Though mostly concerned with the Patriot Act and market censorship, it contains a striking CIPA precursor regarding library censorship:

... Dashiell Hammett went to prison for two crimes: he gave money to a bail fund for labour figures whom Congress thought were communists, and he refused to name other people who contributed to the fund. The State Department saw that Hammett's books were removed from every library supported by federal money. Knopf, his long-time publisher, suspended publication of The Maltese Falcon in deference to the House Un-American Activities Committee blacklist.

The more things change, the more they remain the same.

Posted by Seth Finkelstein at 11:53 AM | Followups
July 09, 2003

TopPENISh update

There's a fun Seattle press article about the censorware troubles of the town of Toppenish (my emphasis below)

CENSORSTUPIDSHIP: Don't bother trying to find "Toppenish" on the Internet using filtered computers in the Yakima Valley Regional Library System -- even at the library in Toppenish. "Bess," a widely used anti-pornography filter installed on some of the regional library's terminals, blocks the town's name as a search term as it zeros in on the fourth through eighth letters, according to an Associated Press story.


"It is supposed to block strings of letters like that," said spokesman David Burt.

He added that the library was using a function called "Safe Search" that is meant to be "overprotective."

But as of late last week, the company's database operators were working on a system to block the word penis and allow Toppenish.

Wow, "database operators were working ...". C'mon, it's one pattern item in the blacklist. Such mystification.

Posted by Seth Finkelstein at 12:47 PM | Comments (1) | Followups
July 08, 2003

Melora Ranney Norman (librarian) on Open Censorware

[Updated 5/1/2005 - Replaced old version with rewritten new version, at author's request]

When CIPA passed and someone suggested that ALA should create its own blocking software, my initial reaction was concern. There seemed to be no real benefit inherent in the prospect of a library association spending valuable resources on something that is created specifically for the purpose of censoring resources. Since we'd all agreed that blocking software is inherently and necessarily flawed, I saw no purpose in our contributing another such product to the software market.

Since then, libraries and their users have consistently reported all of the difficulties we expected: underblocking and overblocking; filters creating demand for sexual content where none previously existed, since a fair number of people like to try to beat the software; libraries and users embarrassed or unable to have incorrectly blocked materials unblocked; adults not informed of their rights; librarians not trained or inclined to grant people their rights; too many categories unnecessarily turned on; libraries and users unable to see blacklists; and so forth.

Might open-source blocking software that we attempted to set to minimum CIPA standards cause fewer problems for people using libraries? I've come to think that some kind of SquidGard/Dansguardian version might indeed be the lesser of two evils, since people could at least see what's being blocked.

Would that ameliorate any of the basic problems inherent in the whole censorware scheme of things? Doesn't seem likely. Human nature remaining what it is, and computers still being whatever we tell them to be, as long as we begin by thinking of what we should be blocking instead of what we should be making available, the whole premise is bound to create limits on thought, speech, and access.

I read an article recently that told of a study of human nature that showed why fundamentalists and liberals are so basically at odds with one another. This piece asserted that fundamentalists value obedience and conformity: they view good parents (and, by association, good government) as strict. Liberals, on the other hand, value the development of independent thinkers: they view good parents as nurturing.

Will These are the rules you must abide by ever be consistent with You must learn to think for yourself? Can people who value controlling information ("strict parents") ever live in harmony with those who want to offer as much information as possible ("nurturing parents")? Or will the former remain convinced that the latter is without morals, while the latter is convinced that the former is unreasonably narrow and intolerant?

No software program will ever respond adequately to the needs of such opposing viewpoints. However, one software program can be made to block many of the ideas and information that one group finds offensive--and another, and another. Perhaps the real question is whether or not, in the end, anything of interest or meaning will be left.

Posted by Seth Finkelstein at 08:39 AM | Comments (2) | Followups
July 07, 2003

DMCA censorware exemption follow-up reply

In response the DMCA censorware exemption follow-up question, we submitted the

Joint Reply Of Seth Finkelstein and James S. Tyre

For the question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

The key definition is:

"Programs designed and optimized for use by an authority to prevent another person from sending or receiving information."

The reply is many pages long, going into great detail about the differences between censorware, spam-killing, viruses, etc.

One of the best anti-spam software packages, SpamAssassin, http://spamassassin.org/ is completely open-source. All websites, data, patterns, and so on, are open for inspection and evaluation. And it's become a better system for it. It's actually possible to see why a false positive occurred. Moreover, because of this "transparency", theit's-not-on-the-list game is not possible. So the creators have an incentive to fix problems rather than possibly deny their existence. Any idea that examining spam lists will lead to increased problem with spam, is refuted by SpamAssassin's success. Examining some spam lists is likely to be far more a scourge to companies selling poor products ("snake oil") than to anti-spam efforts.

Also some humor:

To clarify what Mr. Tyre meant, N2H2 allowed Mr. Finkelstein to have an ordinary, encrypted-blacklist, 30-day-limited, evaluation version of their software on a few occasions, typically when they did not check his background. One time their automated registration process approved him, but N2H2 later checked his background and threatened to revoke his evaluation credentials ("Letting you evaluate the product would be the same as working with the opposition. I have yet to read an article that you wrote that had anything good to say about filtering."). Currently, they will not let him have even their standard evaluation software (and are extremely nasty about their refusals too!) ...

Posted by Seth Finkelstein at 05:02 AM | Followups
July 06, 2003

DMCA censorware exemption follow-up question

[After I testified on censorware in the Copyright Office's hearings on DMCA exemptions, they recently sent a follow-up question about the topic. Here's part of the letter they sent to me, posted with permission. They also asked everyone else who testified about censorware (Jonathan Band, James Tyre, and the censorware advocates) a similar question. This isn't a public round of reply, but rather clarification of issues]

Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies

Dear Mr. Finkelstein

Thank you for appearing as a witness at our hearings on possible exemptions to the prohibition on circumvention of technological measures that control access to copyrighted works.

As we stated at the hearings, we intended to submit additional questions in writing to many of the witnesses. Based on our review of the record, we would like you to respond to the following question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

Please provide any documentation and/or citations that will support any of the factual assertions you make in answering these questions.



David O. Carson
General Counsel

Posted by Seth Finkelstein at 11:59 PM | Comments (0) | Followups
July 03, 2003

Open Censorware ("filtering") issues page

[Just sent this to the Interesting People list, in response to Libraries, Commercial Censorware & CIPA

From: Seth Finkelstein
Subject: Re: [IP] Libraries, Commercial Censorware & CIPA

Dave, this has come up so frequently in the past few days, that I've started a page of resources/argument/rebuttals about it:

Open Censorware issues

In brief, it's a solved technical problem, for example there's:

http://www.squidguard.org/ http://www.squidguard.org/blacklist/
GUILT - the GnU Internet Lust Terminator

So that wheel has already been invented. The issue is more a social and legal issue.

Regarding the issue of the perils of the possibility of open sex site lists, see my rebuttal in testimony during the recent Digital Millennium Copyright Act hearings, where exactly this topic was discussed (search for the discussion of "pornography sites"). It's at

In general, commercial censorware companies are not going to open their blacklists, no matter how many times libraries say they should. They sue over this issue, see


Seth Finkelstein Consulting Programmer

Posted by Seth Finkelstein at 05:01 PM | Followups

Libraries and opening censorware blacklists

The New York Times has an article Libraries Planning a Meeting on Filters, which briefly touches on issues about "open-source" censorware:

he group will also demand that the companies reveal their database of blocked sites to libraries so they can determine which programs best suit the libraries' needs, or they may work with third parties to develop new filtering software.

"If we can't get what we want from the filtering companies, I say let's make our own," [Ms]. Krug said.

A representative of one of the leading filtering companies said the industry was ready to cooperate with the librarians. David Burt, a spokesman for N2H2, said his company's product made disabling the software easy. But he said there might be more disagreement about releasing the list of blocked sites, which would be valuable to the company's competitors.

Besides, he noted, "we would be making available the world's largest and best collection of porn sites, and that's not the business we want to be in."

1) I've said this before, but censorware companies aren't going to open their blacklists to anyone. And even if they did, you don't have the time to pour through it all. I've looked through censorware blacklists, and it's an incredibly boring task.

2) And I noted in my DMCA testimony (http://sethf.com/anticensorware/hearing_dc.php):

MR. FINKELSTEIN: ... I would also like to say that, for all this talk of the pornography sites, since they were blacklists, they are really bad collections of pornography sites. (Laughter.)

I want to go into this because I get this -- no, let me go into this. People are always asking me this question: "Oh, boy, have you gotten any good porn sites?" And I tell them, "It's really, if you want to get some good sites, don't look in this censored blacklist."

In fact, I can demonstrate that -- (laughter) -- because when the CyberPatrol blacklist went out, nobody ever said that it was such a great collection. The reason why - this is important -- I know this is funny, but the reason why that they're such bad lists is because there's so much junk in them.

If you wanted a list of sex sites, would you want to go through somebody else's tastes, sites which didn't work, sites which had changed ownership, or so forth? No, you would want a good collection from somebody who had actually made a collection which would appeal to you, and there are people who sell them. There are people who make them for free. They have absolutely no impact on the research that I am doing.

It is something of a red herring. I know it's a, quote/unquote, "sexy" topic to say that they have these huge lists of pornography sites, but nobody has ever tried, except in a sort of snickering fashion, to use these lists as actual lists of pornography sites because they don't work well that way.

Posted by Seth Finkelstein at 02:12 AM | Followups
July 01, 2003


According to http://www.usatoday.com/tech/news/2003-06-30-toppenish-porn_x.htm: (note that interesting URL!):

Library filtering software rejects Toppenish as porn

YAKIMA, Wash. (AP) - Don't bother trying to find Toppenish on the Internet using filtered computers in Yakima Valley Regional Library System - even at the library in Toppenish.

"Bess," a widely used anti-pornography filter installed on some of the regional library's terminals, zeros in on the fourth through eighth letters and blocks any site mentioning the lower Yakima Valley town as inappropriate for children.

I think the problem is more an issue of "Toppenish" being a term which can't be searched, rather than a URL-based ban. I verified it as a search-ban, But N2H2 doesn't let me have demos anymore, so I can't really test the claim as extensively as I'd like. So it may be that article is garbled, confusing search-bans with URL-bans. But there's some truth in it.

Credit to lisnews.com for further publicizing the story.

Posted by Seth Finkelstein at 11:58 PM | Followups
June 29, 2003

Walt Crawford "Cites & Insights" on DMCA, censorware

Walt Crawford has some nice commentary regarding various material, especially RIAA lawsuits and DMCA censorware testimony, in his "Cites & Insights" publication for July 2003. Particularly the following section [I'm biased :-)]

N2H2, DMCA, Seth Finkelstein and all

When Finkelstein is asked whether he can provide details of how he decrypted N2H2's database, he points out that the threat of lawsuit--a very real threat based on previous occurrences--discourages him from doing so without immunity. David Burt says he's not in a position to provide such immunity, and neither is the government--thus allowing Burt to continue to say that nobody's done such decryption. He didn't say "And if you try to prove I'm wrong, we'll sue your butt." But he also didn't provide an offer to hold harmless. ...

[David Burt] makes some questionable statements, as in saying that if Finkelstein can decrypt the list, "We have ceded all control over our copyrighted material, over our database, to somebody else..." simply because Finkelstein can see it. Band points out that almost all copyright-protected material is distributed to the public--and is protected from abuse by copyright. Somehow, Burt manages to say that peer-to-peer networks illustrate the "dangers of allowing these copyright protections to be disabled." He continues to try to conflate Dialog with N2H2's censorware list, and the others aren't buying it. At one point, Band suggests that Burt's testimony reminds him of the Iraqi Information Minister...

...[James] Tyre discusses some actual examples showing the need for decryption--and also real-world examples showing the need for ongoing investigation, since censorware companies keep adding and reclassifying sites. ... As Tyre concludes, "Not because they're malicious, but because they do most of this by computer robots, not by human review, and the computer robots are stupid. Computers are not smart for this kind of work. They never have been. Some day they may well be, but they surely are not today." I'm less optimistic about "some day." There is, as always, lots more in the transcripts. You can find the HTML versions at sethf.com/anticensorware/ and the PDF versions are also readily available. What will come out of all this? Since the Supremes upheld CIPA, it's even more important that we be able to understand just what those mandatory programs are doing.

[I'll have an entry posted soon with regard to Metalitz]

Posted by Seth Finkelstein at 11:57 PM
June 28, 2003

CIPA - DavidBurt triumphant

I suppose I should note David Burt's triumph, in this part of the CIPA decision:

Congress learned that adults "us[e] library computers to access pornography that is then exposed to staff, passersby, and children," and that "minors acces[s] child and adult pornography in libraries."1

And what's footnote 1? None other than David Burt's masterwork: (emphasis added)

1The Children's Internet Protection Act: Hearing on S. 97 before the Senate Committee on Commerce, Science, and Transportation, 106th Cong., 1st Sess., 49 (1999) (prepared statement of Bruce Taylor, President and Chief Counsel, National Law Center for Children and Families). See also Obscene Material Available Via The Internet: Hearing before the Subcommittee on Telecommunications, Trade, and Consumer Protection of the House Committee on Commerce, 106th Cong., 2d Sess. 1, 27 (2000) (citing D. Burt, Dangerous Access, 2000 Edition: Uncovering Internet Pornography in America's Libraries (2000)) (noting more than 2,000 incidents of patrons, both adults and minors, using library computers to view online pornography, including obscenity and child pornography).

Sigh ... it must've been so nice to have gotten support, even while being a mega-flamer.

Posted by Seth Finkelstein at 11:59 PM | Followups
June 27, 2003

CIPA - filtering, filtering, porn, pornography ...

I've said this before, but after this week, it deserves saying again:

The best public-relations censorware companies ever did, was to get their products named "filters".

As I mentioned I've spent a great deal of time saying "Censorware is about control". That the issue at stake with censorship of libraries is about the right to read, not disfavored content ("PORNOGRAPHY!"). That in order to control what people are allowed to read, there must be prohibitions on privacy, language-translation, image-searching, etc

I don't know if I'm being heard. It's as if I'm trying try speak over someone yodeling ...

P-O-R-N-N-N-N-N-N-N-N! P-O-R-N-N-N-N-N-N-N-N! P-O-R-N-N-N-N-N-N-N-N!

Posted by Seth Finkelstein at 05:59 PM | Followups
June 26, 2003

"CIPA-compliant" library censorware, again

What bothers me so much about this idea, is that it's the classic "Big Picture" Talker. Proposals, conferences, pilot projects - it's tailor-made for blathering, yet never doing anything, but talk, talk, talking about it. Action is a detail. Over and over, the proposers can say, "This is what I think that someone else should do. Will work! Is too! Sez me!". They get Visionary-points for that, and raining on the parade is not popular.

Remember, the requirements of CIPA are not generic "pornography". Not even "hard-core pornography". But rather, specific legal categories, relating to child pornography, obscenity, and harmful-to-minors.

Quick question: Who is going to take responsibility for evaluating the child pornography portion of the open-source censorware blacklist? I sure don't want that job! Remember, mere possession in this instance is a serious crime.

So I've been trying to cut down on the recycling of discussion, with my challenge. Find me libraries who want to take an absolute minimalist approach, and are willing to fight for that in terms of Federal compliance with CIPA (as opposed to simply foregoing all the hassle with funding).

It's a bit like the corporate adage "Nobody ever got fired for buying IBM" (or Microsoft, etc.). The library has to take on the burden of certifying Federal compliance. The library's lawyer has to put his or her professional reputation behind the idea that this is OK. That's a huge barrier.

In a start at meeting my challenge, Walt Crawford writes in with a reference to one library actually adopting this approach. That's interesting, and it's the first piece of ground-level evidence which I've seen. It would be good to know more about their reasoning regarding meeting Federal compliance standards.

[Disclaimer - Again, if there's demand, leading to funding for this idea, I reserve the right to take it :-)]

Posted by Seth Finkelstein at 03:16 PM | Comments (3) | Followups
June 25, 2003

"CIPA-compliant" library censorware

The idea of minimal, "open-source", library-specific censorware is being widely discussed (see, e.g. Edward Felten's comments - thanks Donna)

Here's the problem:

1) If any library wanted to play challenge-the-law, all they would need to do is sit back and say "Give us the specific, judicially-decided, URLs to be banned, and we'll ban them -- but not one URL more." And then wait for the compliance lawsuit to be brought. Very simple.

2) If they don't want to be challenging the law, why would they undertake what will certainly be a major PR hassle? That is, anyone can come up with harsh-but-not-illegal sites and say "Library X allows these PORNOGRAPHY sites to be viewed!". So do they get added to the blacklist or not? You mean the library is going to stand up to a constant barrage of bad PR like this? If they were willing to do that, we'd be in case #1.

Two words: Robert Mapplethorpe.
Blacklisted or not? Think through your answer in either case.

What happens when the "North American Man-Boy Love Association" asks to be whitelisted?

The idea of Open-Source Censorware (more accurately, an Open-Source Censorware Blacklist) is one which is very appealing from 10,000 feet. But it falls apart on any close examination.

OpenCensorware is far more work than may be apparent.

Here's the most well-known people who are trying it:


Heard of them? No? Consider there's reasons why.

By the way, the Australians tried this idea too:


"Announcing the GnU Internet Lust Terminator, an open-source censorware proxy that only filters ABA-supplied banned URLs.

The software is being developed by Zem for 2600 Australia and will be eventually submitted to the IIA for inclusion as an approved filter"

The Australian government didn't approve it.

[Update 6/26 - I've also suggested privoxy (http://www.privoxy.org/) ]

Before people write back, here's my challenge:

Don't tell me this is such a great idea. Find libraries who will use it who agree it's such a great idea!

[Disclaimer - I said to one proponent of this idea that I'd help make it happen, if he could find libraries which wanted it, and funding for it, as part of a challenge above]

Posted by Seth Finkelstein at 11:25 AM | Comments (7) | Followups
June 24, 2003

CIPA - "censorware" the liberal's term, says columnist

Today I've been searching Google news for the keyword censorware. So far I've found one (1) article. From a conservative publication The Weekly Standard:

... -the ACLU and the American Library Association call the filters "censorware," ...

I wish! I wish! I love the world this writer is constructing. It reminds me of the old Jewish joke:

A Jewish man was riding on the subway reading a copy of Arab World News. A friend of his, who happened to be riding in the same subway car, noticed this strange phenomenon. Very upset, he approached the newspaper reader:

"Moshe, have you lost your mind? Why are you reading that garbage newspaper?" Moshe replied: "I used to read the Jewish newspaper, but what did I find? Jews being persecuted, Israel being attacked, Jews disappearing through assimilation and intermarriage, Jews living in poverty.

So I switched to Arab World News. Now what do I find? Jews own all the banks, Jews control the media, Jews are all rich and powerful, Jews rule the world. The news is so much better."

(thanks to Rhino's blog for the text)

Posted by Seth Finkelstein at 07:23 PM | Followups

CIPA - "but the censorware can be turned-off"

I keep hearing "but the censorware can be turned-off for adults". Justice Souter put it best, in his dissent:

First, the statute says only that a library "may" unblock, not that it must. ... In addition, it allows unblocking only for a "bona fide research or other lawful purposes," ... and if the "lawful purposes" criterion means anything that would not subsume and render the "bona fide research" criterion superfluous, it must impose some limit on eligibility for unblocking, ... ("[C]ourts should disfavor interpretations of statutes that render language superfluous"). There is therefore necessarily some restriction, which is surely made more onerous by the uncertainty of its terms and the generosity of its discretion to library staffs in deciding who gets complete Internet access and who does not. ...

Bluntly, if the censorware could be turned-off on request, what would be the point of the law in the first place?

Posted by Seth Finkelstein at 01:55 PM | Followups
June 23, 2003

CIPA - "electronic book burning"

I'm quoted - accurately - in the following article:

Questions and answers on Internet filtering

Critics say they have found sites on art, human rights, sexual education and sexual orientation similarly blocked by filters. Seth Finkelstein, a leading filtering expert, terms it ''electronic book burning.''

Posted by Seth Finkelstein at 04:57 PM | Followups

CIPA - "the piranhas are already attacking"

From a library discussion list (Web4Lib):

And the piranhas are already attacking... my techies have gotten two vendor phone calls already (before 11 am CA time) INSISTING that we HAVE to buy filter s/w, which is not the case unless we've received federal funds for technology.... methinks I see a conspiracy.... (yes, yes, only kidding, but often it feels that way). I, too, am interested in exactly what constitutes filtering and how it has to be utilized and so, will wait for more information from???? someone????

Oh course I could rant on about just how it's not "burdensome" to turn off filtering, but let's not go there.

I promise to serve some cheese with my next whine.

Good luck to us all Jean Willis

Posted by Seth Finkelstein at 03:31 PM | Followups

CIPA - the absurdity about censorware companies opening blacklists

From "Center for Democracy & Technology:

The Children's Internet Protection Act requires public libraries that receive federal funding to install and use Internet filtering software. CDT, along with other civil liberties, public interest, educational, corporate and conservative organizations, publicly opposed filtering mandates as a violation of the First Amendment. While CDT believes that when used by families filters can serve as a useful tool in guiding children's online experience, CDT maintains that their mandated implementation by government is an unconstitutional restriction of free speech. In June 2003, the Supreme Court upheld CIPA, suggesting that adults had a right to insist that librarians unblock legal sites that were blocked. Going forward, it will be important that public libraries use filters wisely and press to make sure that filters foster First Amendment rights.


Jerry Berman called upon the library community to use filters wisely and to insist that they foster free speech values. "Librarians," he said, "should seize this unwelcome opportunity to demand that filters be more First Amendment-friendly by disclosing what they block and how they can be customized to suit the needs of local communities."

My comments: This is ludicrous. Censorware companies aren't going to open their blacklists to anyone. They've said that time and again. They sue over people trying to expose those blacklists, remember?! And even if they did by some miracle allow someone to look, nobody has the time to investigate every day, the changing blacklist. Think of how much effort that would require. The above is pure PR balderdash.

Posted by Seth Finkelstein at 03:16 PM | Followups

CIPA Upheld! :-(


Later reports say 6-3 decision

For good links to the decision, see http://www.goldsteinhowe.com/blog/archive/2003_06_22_SCOTUSblog.cfm#105637997083608116

Posted by Seth Finkelstein at 10:42 AM | Followups
June 21, 2003

CIPA FAQ simplified

Here are some things I believe I will be saying over and over next week:

1) Even though CIPA is called the "Children's Internet Protection Act", the name is Orwellian. The censorship law applies to every one, all ages, adult as well as children.

2) Censorware is not a "pornography filter". That focuses thinking supposedly undesirable material to be "filtered". Censorware is about control. Here, it is about what government will permit citizens to read.

3) Moreover. there is the issue of banning not just "bad" material, but sites which provide escape from the control, "LOOPHOLE" sites. Do you really favor banning the Google cache?

Then again, maybe I won't be saying these things, because nobody will be listening to me ...

Posted by Seth Finkelstein at 11:59 PM | Followups
June 20, 2003

New York Times on wait for library censorware court decision

The New York Times recently had an article on upcoming Supreme Court decisions. Mandatory library censorware (CIPA) was mentioned.

The portion below is being posted in some places:

Of the 11 cases argued in February, only one is undecided and only Chief Justice Rehnquist has not written a majority opinion. The case, United States v. American Library Association, raises the First Amendment question of whether the government can require public libraries to install antipornography filters restricting Internet access.
If Chief Justice Rehnquist is in fact writing the majority opinion, there is little doubt that the court will uphold the law, the Children's Internet Protection Act.

With the following portion omitted:

On the other hand, he is one of the court's fastest writers, raising the question of why the decision in what is now the term's oldest undecided case is taking so long. One possibility is that there are many separate opinions, both concurring and dissenting. Perhaps he started out writing a majority opinion but lost the majority along the way.

Amusingly, when I posted that second part, someone responded, "Dream on, loser."

Posted by Seth Finkelstein at 11:58 PM | Followups
June 08, 2003

"Focus On The Family" censorware propaganda

There's a fascinating specimen of censorware advocacy from "Focus on the Family":

Internet Porn Tied to the Mob

I found it absurdly funny in terms of wild claims, almost burst out laughing at:

"The porn industry has lots of money to throw at bypassing filtering software. It hires the best technical experts to go to work on circumventing the newest filters."

BWA-HA-HA! I'm either insulted, or not "connected". Nobody, but nobody, has ever offered me a cent to circumvent censorware. I find this bit of propaganda the most hilarious part of Religious-Right censorware advocacy.

Now, to be absolutely accurate, Bennett Haselton did recently have a few bucks thrown at him. But it was the US Government (Voice Of America) which did the throwing.

In fact, "the porn industry" is one of the biggest promoters of censorware. That's for the simple reason that it just wants to be left in peace to sell its wares, and certain deals with censors can make business sense - even good business sense, because then the censors take out the amateur, non-profit, competition.

I'm so tempted to write and ask where I can find someone to throw "lots of money" - not just money, but "lots of money" - at me, to go to work circumventing censorware.

Posted by Seth Finkelstein at 11:58 PM | Followups
June 01, 2003

N2H2 - "Edelman v N2H2 is now officially closed"

N2H2's (censorware company) Public Relations, David Burt, is currently posting around many places that the Edelman v. N2H2 case, a declaratory action to reverse-engineer censorware, is now closed:

Edelman v. N2H2, a case filed by the ACLU that sought to remove N2H2's legal protections preventing the publication of N2H2's copyright-protected database code, was dismissed in April.

The appeal deadline passed on Monday, 5/19. N2H2 was not served with any notice of appeal, and the court docket shows no notice has been filed.

So Edelman v. N2H2 is now officially closed.

I find his phrasing "remove N2H2's legal protections" to be interesting. Anyway, I've been responding:

As the saying goes: "Remember, no matter how hard you work, no matter how right you are - sometimes the dragon wins."


Given the various places he's posted it, and the fact that I have circumvented N2H2's secrecy about its blacklist (note MY phrasing), I wonder if he's gloating. Or maybe it's a warning.

Sigh. I used to tell David Burt, years ago, that he owed Mike Godwin a HUGE "Thank You". But I'd never tell him exactly why. Maybe he's figured it out

I don't mind saying that I didn't consider the case outcome to be good news for me.

Posted by Seth Finkelstein at 10:08 PM | Followups
May 31, 2003

Censorware circumvention and the Iraqi Information Minister

[Wrote this for a mailing-list, some time back. David Burt's worst moment.]

microlenz(at)earthlink.net wrote
> As for some of the claims made in DC that Seth F. hadn't decrypted
> the database...duhhh

That part was just hilarious. David Burt, censorware company representative, ended up being compared (not by me!) to the infamous Iraqi Information Minister:


MR. BURT: Well, again, as I said earlier, it didn't have any harm because nobody has used the exemption that we know of.

MR. BAND: But Mr. Finkelstein has --

MR. BURT: Excuse me. I'm being censored here. I've got to talk. (Laughter.)

I'm a librarian; I can say that.

As far as I know, no one has used this exemption to do this kind of research. That's why there hasn't been any harm that I'm aware of. But, again, as I said, the harm could be quite bad. If the exemption were heavily used and people were trafficking these lists quite widely, the harm could be quite widespread.

MR. FINKELSTEIN: David, will you authorize me to send to the members of the Panel the complete N2H2 blacklist to prove that I have, indeed, circumvented the encryption?

MR. BURT: Again, as I said earlier, I can't make legal decisions like that for my company. I'm not empowered to do that.

MR. FINKELSTEIN: Well, then, will you reserve your characterization because of the fact that I have offered to prove it?

MR. BAND: I also, not to belabor the point, but this is a little bit like the Iraqi Information Minister saying, "No, there are no American troops in Baghdad," when, you know, the American troops were right there. You keep on saying, "No, no circumvention has occurred," when right next to you there's a guy who has said a dozen times, "I circumvented it and this is what I did." I am a little surprised. That's all I can say. (Laughter.)

MR. BURT: Well, I think it's certainly illustrative that you have compared the filtering industry to the Baath Party, what you think of it. (Laughter.) I think Mr. Finkelstein would probably agree with you. (Laughter.)

MR. FINKELSTEIN: I think more like China.

Posted by Seth Finkelstein at 05:01 PM | Followups
May 27, 2003

Censorware DMCA 1201 exemption CALIFORNIA hearing transcript

More censorware DMCA testimony!

Just in today. I've also put up a similarly HTML-enhanced version of the May 14, California, testimony to renew the censorware 1201 DMCA exemption


This features James Tyre (civil-libertarian lawyer and a coFounder of Censorware Project) verus Steve Metalitz (lawyer for many "Axis-Of-Evil" copyright associations)

This is also good reading, if I do say so myself.

Posted by Seth Finkelstein at 03:18 PM | Followups
May 26, 2003

Censorware DMCA 1201 exemption DC hearing transcript

I've put up an HTML-enhanced version of the April 11 testimony to renew the censorware 1201 DMCA exemption.


This features me (unpaid award-winning anticensorware activist), David Burt (censorware company N2H2), and Jonathan Band (lawyer for many library associations).

It's good reading, if I do say so myself.

Posted by Seth Finkelstein at 11:58 PM | Followups
May 21, 2003

Oregon library censorware bill (HB 3101) update

HB 3101, the Oregon library censorware bill I discussed earlier, "has stalled in committee after legislative counsel said it is unconstitutional.". LISnews.com noted an AP story, but the original source seems to be an Oregonian story. Note the following:

Librarians contend that a [censorware] requirement would pose significant costs of installing and maintaining software. The Baker County Library District reported it paid $3,000, along with a $1,000 annual maintenance charge, for [censorware] on each of its Internet terminals.

"It's an unfunded mandate," said Connie Bennett, president of the Oregon Library Association and director of the Eugene Public Library. In testimony in late April, Bennett estimated installing [censorware] on Eugene's 89 public computers would carry an initial cost of $267,000 and an annual maintenance cost of $89,000.

[Grumble ... 267k + 89k = 356k ... when do I get paid!]

These sort of costs should thoroughly refute the idea that censorware is in any way like selection. Imagine a line-item in a library budget for special censor employees to look over every reader's shoulder, and stop them from reading any forbidden material. Yet the moment this is done using machines instead of humans, and called "filtering", it acquires a patina of respectability.

Posted by Seth Finkelstein at 11:53 PM | Followups
May 18, 2003

N2H2 (censorware co) on "Edelman v. N2H2" case

The N2H2 (censorware company) recent financial filing makes this interesting statement about the Edelman v. N2H2 declaratory action to reverse-engineer censorware. I like how N2H2 talks about him as being "purportedly a computer researcher". I'm probably "purportedly" chopped liver.

We have been named as a defendant in an action by the American Civil Liberties Union that could weaken our intellectual property rights and result in substantial costs to the company.

In July 2002, an individual represented by the American Civil Liberties Union filed a lawsuit against us in federal court. The plaintiff is purportedly a computer researcher who allegedly seeks to conduct a quantitative analysis of the accuracy and comprehensiveness of our Internet filtering solutions for purposes of determining whether these solutions exclude some speech on the Internet that is constitutionally protected. He alleges that his activities in conducting this analysis, if he ever does so, would violate our standard license agreement and our intellectual property rights. The plaintiff alleges that the threat that we will enforce our license agreement and our other rights has deterred him from this activity, which he alleges is protected under the "fair use" doctrine of copyright law and other legal doctrines. He seeks a declaration to prohibit us from enforcing the license agreement against him based on his use of our software in his research activities. Our Motion to Dismiss this action has been granted, and judgment was entered in our favor on April 17, 2003. If the plaintiff decides to appeal, he has until no later than May 17, 2003 to do so. If Mr. Edelman does appeal, the litigation could result in substantial costs to the company and divert management's time and attention away from business operations. If the appeal and the claim are ultimately resolved in the plaintiff's favor, it could materially affect our ability to enforce our license agreements and other intellectual property rights against certain users of our software filtering products. In addition, it could contribute to an increase in the number of people who seek to use our software in ways that we believe violate our proprietary rights.

Posted by Seth Finkelstein at 06:00 PM | Followups
May 17, 2003

N2H2 (censorware co) on library censorware

N2H2 (censorware company) has this little gem in their recent financial filing, concerning CIPA:

Free speech and privacy concerns could adversely affect the demand for our Internet filtering solutions.

There has been a public-policy debate regarding Internet filtering in schools and libraries within the U.S. Congress. This debate has resulted in the CIPA, a law mandating Internet filtering in schools and libraries receiving certain federal funds, among other requirements. A United States District Court, however, has declared this act as it applies to public libraries unconstitutional. This decision has been appealed to the United States Supreme Court, which has accepted the case and is expected to rule by June 2003. If CIPA is ultimately held unconstitutional, some of our current customers may decide to no longer provide filtering in their organizations. This in turn would lead them to not renew contracts with us and would thereby harm an important source of our revenues. If the Supreme Court determines that filtering by public libraries is unconstitutional, plaintiffs and advocacy groups may rely on this decision to challenge the constitutionality on First Amendment grounds of mandatory filtering in public schools. Because public school customers still represent the majority of our revenue, an ultimate finding by the Supreme Court that mandatory filtering in public schools is unconstitutional could have a serious adverse effect on our future revenues.

Posted by Seth Finkelstein at 10:21 PM | Followups
May 14, 2003

California DMCA 1201 censorware circumvention hearing - James Tyre today

James Tyre is testifying today in favor of the DMCA censorware exemption in the Copyright Office circumvention hearing.

Good luck!

Posted by Seth Finkelstein at 02:59 PM | Followups
April 26, 2003

N2H2 (censorware co.) bankruptcy-watch, april update

It's been a few months since my last look at the finances of the censorware-maker N2H2, and how much they're "dead company walking". They've just reported "Second Quarter Financial Results". The graveyard-walk continues, though granted, they seem to have only taken a baby-step this time around. Key item:

Net loss for the quarter was the lowest in company history at $187,000, or $0.01 per share, a 90 percent reduction from the net loss during last year's second quarter of $1.9 million.

So they have income roughly balanced with expenses, due to all the past layoffs. But they still have a deficit of 1.885 million. Their revenue is roughly 2.6 - 3.1 million per quarter. Expenses can't go much lower - they can only fire somebody once. So I'm having a hard time seeing a reasonable way that they can overcome that deficit. I suspect the death-march will go on.

Posted by Seth Finkelstein at 11:59 PM | Followups
April 25, 2003

Oregon library censorware bill

More censorware laws for libraries - this one is HB 3101 in Oregon: http://www.leg.state.or.us/03reg/measures/hb3100.dir/hb3101.intro.html

(2) A public library shall install filtering software that blocks, to the extent technically possible, access to offensive material on all library computer terminals that provide Internet access to the public.

Note, not, only-only-only for little kids and only-only-only for really-really-really bad stuff. Rather "all .. access to the public" and "offensive material".

1) As used in this section, 'offensive material' includes but is not limited to adult oriented, sexually explicit Internet sites.

That is, a blank check for censors.

Posted by Seth Finkelstein at 05:06 PM | Followups
April 24, 2003

Florida and Ottawa library censorware

Gary Price at The ResourceShelf blog called my attention to two articles. One is about mandating library censorware in Florida. (for $250,000 ...)

I tracked down the bill's original text which says

Section 1. Each county or municipal public library that makes available for public use computer on-line service, Internet service, or local bulletin board service shall install and maintain computer software or equivalent technology on any computer that is made available to persons under 18 years of age which prohibits access to materials that contain obscene descriptions, photographs, or depictions. Such computer software or equivalent technology may also prohibit access to materials that incite violence against persons based on their race, gender, or religion. If the library has only one computer available for public use, the installation of such software or technology shall be within the discretion of the library.

Sigh. Note the immediate slipping slope, from "obscene", to "incite violence against persons based on their race, gender, or religion" And "children" is "persons under 18 years of age". I suppose the kicker is if "any computer that is made available" is, in effect, any non-staff computer (i.e., for public use).

And then there's Ottawa library censorware, where

The motion rejected by the library board proposed putting library-wide filters that adults could turn off after entering their library-card number.

The majority of board members argued that such filters give parents a false sense of security, because filters aren't perfect. Filters can cut out legitimate Web sites, and still let in some pornographic ones.

Some people also worry that a card-swipe system would violate privacy. They say the card information would remain stored on a server, along with a record of the sites the user visited.

Note a similar theme, that by default, public information should be restricted to what is deemed fit for children, unless proven otherwise.

Same stories, repeated over and over ... :-(

Posted by Seth Finkelstein at 10:32 PM | Followups
April 23, 2003

USA v. ALA (CIPA) Transcript updated

Skip Auld sent me an updated, modified, version he made of the transcript of the CIPA (Federal law about censorware in libraries) oral argument in the Supreme Court. The official version is at:


And I've put it into HTML, for ease of reading and cut-and-paste, at:


But he had previously made a partial version with the names of the Justices. So he transfered that information, regarding which Justice asked what question, to the latest transcript. The merged version of everything, incorporating his naming information, is now available in place of the old partial version, at:


Posted by Seth Finkelstein at 03:02 PM | Followups
April 22, 2003

Starting to go back over censorware hearing testimony

Ah memories ... More about this later:

MR. FINKELSTEIN: I'm sorry. This is just such a wonderful reply.

You say, you criticized me for not publishing details of decryption? Well, the last people who published details of their decryption for the world to see got a $75,000 lawsuit for their trouble, and that $75,000 lawsuit took place right downtown from me. So there were no fancy Internet jurisdiction issues even, when you consider that case.

Therefore, could you consider perhaps why I might be a little hesitant to publish details, given that the last people who did it got a lawsuit for it? In fact, the only reason I came out and said that I had decrypted the database was in order to try to preserve this exemption.

I keep trying to convey, this isn't my job. Nobody is paying me to come here. I took the money out of my own pocket to actually pay the plane fare back here.

David Burt is paid by the company to do this. Win or lose, he goes home after this and he gets paid and he gets a salary. If I am looking at a massive lawsuit, $75,000 -- I looked at the amount -- for publishing something versus keeping my mouth shut about how I acquired it, I think the incentive there is to keep my mouth shut about it.

Posted by Seth Finkelstein at 11:58 PM | Followups
April 21, 2003

Trend SMEX Content Filter has detected ...

Dave Farber's IP list had a message ("Voicemail Hackers Phone It In") which ran afoul of someone's "sensitive content" detector.

I had fun (and got a message accepted) explaining Trend SMEX:

From: Seth Finkelstein
[For IP, with glee]
On Thu, Apr 17, 2003 at 11:15:37AM -0400, Dave Farber wrote:
> For amusement , look at the posting and find the "Dirty Words" . Damn spam
> filters dave[at=sign]farber.net

Oh, this one isn't even hard (err ... pun unintended). Quote:

"One is just to mind fuck with someone just because they can," said Sweeney.

Computers are dumb. Computers have no understanding of context.

See my report about how the UK Parliament got ... screwed:

UK Parliament Mail - The Ministry Of Silly Messages

Posted by Seth Finkelstein at 11:32 PM | Followups
April 14, 2003

Another piece concerning the DMCA 1201 circumvention hearings

Washington Internet Daily had an article on what happened at the Copyright Office circumvention hearing. It's not easily on-line, so I can't link to it. And it's a bit garbled in places. One reasonable part:

The questions of the 5 panelists suggested several areas the CO was examining: (1) Whether circumvention was the only way to obtain useful data on the blocking of nonpornographic sites by filtering software. (2) Whether the exemption was harming the filtering industry. Burt acknowledged that when the 2000 proceeding was conducted "we were not aware of this process." He also said he knew of no actual harm to a filtering company because he wasn't aware of any actual circumvention (that became a point of contention at the hearing because Finkelstein kept insisting he had circumvented N2H2's software, but Burt said he had no evidence of that).

Though this doesn't describe the fun part of the hearing where David Burt, N2H2 PR flack, got compared (not by me!) to the Iraqi Information Minister.

Posted by Seth Finkelstein at 11:59 PM | Followups
April 13, 2003

First-hand report of DMCA 1201 circumvention hearings

Penguinal Ebullience has a nice first-hand report of the Friday Copyright Office circumvention hearing, both sessions.

DMCA Sec.1201 Exemption Hearing #1

It matches very well with my own memory and perceptions of the hearing (though the quotes are admittedly a little paraphrased). An excellent job, well worth reading.

Seth and [Jonathan] Band operated largely as a single coherent unit during the proceedings. Seth did most of the talking, with Mr. Band occasionally translating Seth's insightful, sometimes gleefully blunt arguments into legalese. Seth did a good thing by trouncing early on the semantics game of 'filtering' versus 'censoring' : "Filtering is when you block something you don't want to see. Censorship is when someone blocks something they don't want you to see." This helped immensely, and the panel seemed very receptive of what he had to say : that the public has an inherent right to know what is being blocked from public schools and libraries, that censorware manufacturers are not receptive to complaints of malfunctioning software, and that a decryption of any given program's list of censored sites does not constitute a compromise of the ability of that program to function.

Posted by Seth Finkelstein at 11:58 PM | Followups
April 12, 2003

National Journal: Copyright Office Hears Filtering Arguments

From http://nationaljournal.com/pubs/techdaily/pmedition/tp030411.htm#2

Intellectual Property
Copyright Office Weighs Permitting Decryption of Web Filters
by Drew Clark


A panel of five Copyright Office officials questioned the three witnesses from many perspectives at the first hearing in a tri-annual review to consider potential DMCA exemptions. The law permits exemptions if the Copyright Office believes lawful public access to works that do not violate copyrights have been blocked.

Finkelstein said decryption of software like N2H2's Bess is necessary for examining categories of Web sites that the software blocks. Decryption has found, for example, that N2H2's database of blocked sites includes various types of "loophole" sites, including those that provide language translation, use technology to mask users' identities and cache copies of other Web sites.

"Without this exemption, [researchers] are constrained to do this investigation blindfolded," said Finkelstein, who said he is one of about a half-dozen researchers in the field. He has published his work on his Web site. "They have to go back through a minefield, probing individually" to see if a given is blocked by what Finkelstein called "censorware."


Posted by Seth Finkelstein at 11:58 PM | Followups
April 09, 2003

Edelman v. N2H2 - N2H2 gets case dismissed

Flash: N2H2 has gotten the Edelman v. N2H2 case dismissed for lack of "standing". See my earlier write-up on the case:

Edelman v. N2H2 dismissal hearing report

From the docket

4/7/03 27 Judge Richard G. Stearns . Memorandum and Order entered. granting [9-1] motion to dismiss the complaint [EOD Date 4/8/03] cc: all counsel of record. (eaf) [Entry date 04/08/03]

Update: Decision now available: http://sethf.com/censorware/legal/edelman_n2h2_order.pdf

Posted by Seth Finkelstein at 10:46 AM | Followups
April 07, 2003

Censorware DMCA exemption testimony death-match

Good vs. Evil. Right vs. Might (or at least, vs. Money). Seth Finkelstein vs. David Burt

I'm hoping for a little surprise for N2H2, but may not be able to pull it off.

More later.

Update 4/8: It's on the Copyright Office circumvention page now ( http://www.loc.gov/copyright/1201/):

At 9:30 a.m. the panel will be on the proposed class of:

Compiliations of lists of websites blocked by censorware ("filtering software") applications.

Persons testifying:
  • Seth Finkelstein supporting the exemption, and
  • David Burt, N2H2, Inc., opposing the exemption.
Posted by Seth Finkelstein at 08:15 PM | Followups
April 02, 2003

Confused Alex Beam column pro library censorware

Gary Price at The ResourceShelf blog pointed me to a pro-library-censorware column by Boston Globe columnist Alex Beam:
"Web filters at libraries are overdue"

It's a somewhat confused piece, perhaps notably so in conclusion:

I know where I stand on this. I'm behind the government and I'm tired of First Amendment shilly-shallying that fills my children's Hotmail screens with dozens of porn come-ons every day.

That's spam. Library censorware won't have the slightest affect on it. This is also another small instance of why I think the word "filter" is very misleading in discussion. Spam is something you don't want to see, but censorware is where an authority doesn't want you to see something. That's an important structural difference.

But, sigh, almost no-one cares what I say. Alex Beam is a columnist. I am barely more than a shouter to the wind.

See what I posted earlier, what I guess I should call the ARE NOT PORNOGRAPHY list.

Posted by Seth Finkelstein at 11:48 PM | Followups
April 01, 2003

Edelman v. N2H2 dismissal hearing. court report

Edelman v. N2H2 dismissal hearing report

This is my full report, with introduction and commentary.

Sigh ...

At times, Stearns seemed almost palpably hostile to the ACLU side. At one point, he intoned "What he [Edelman] really wants to do is destroy the efficacy of their [N2H2's] product".

Posted by Seth Finkelstein at 09:28 PM | Followups
March 31, 2003

Preview note on court report on Edelman v. N2H2 dismissal hearing

Today, I attended the court hearing on N2H2's motion to dismiss the Edelman v. N2H2 case. That is, N2H2 was claiming that, roughly there is no "there" there - no reason for a court to rule. Because no actual censorware decryption work had been done in the case, and hence nobody had been sued. Of course, in a way, that situation is the rationale for the case in the first place. It's a "declaratory judgment" case, concerning whether some action is permissible, before it's in fact done. These sorts of cases seem to be caught in a tension between being Catch-22's and being speculations.

The judge started off the hearing by stating that he found the case "extremely dubious", and asked the ACLU to convince him otherwise. And it didn't get much better from there. Full report to follow.

Posted by Seth Finkelstein at 11:43 PM | Followups
March 30, 2003

Electronic Frontiers Australia on Australian censorware campaign

Electronic Frontiers Australia (not the same at all as the US Electronic Frontier Foundation) recently released a great comment on censorware campaign concerning "all Internet access by Australian [ISPs]":

Comments on Mandatory Filtering and Blocking by ISPs

Well worth reading. And my work is cited there.

Posted by Seth Finkelstein at 11:55 PM | Followups
March 19, 2003

CIPA Supreme Court Oral Argument official transcript on-line

The official transcript of the CIPA (Federal law about censorware in libraries) oral argument in the Supreme Court, is now available on-line. It's at:


I've put it into HTML, for ease of reading and cut-and-paste, at


Posted by Seth Finkelstein at 03:01 PM | Followups
March 17, 2003

My Google report makes the front page of Slashdot!


Amazing ... for so many reasons ... Thanks, Timothy!

Posted by Seth Finkelstein at 11:57 PM | Followups
March 16, 2003

Richard Stallman's blog mention one of my censorware reports

I just noticed that Richard Stallman has linked to my censorware report on BESS vs Image Search Engines from the "Political notes" section of his blog (one of the March 10, 2003 entries).

Thanks! It's good to be read!

Posted by Seth Finkelstein at 11:55 PM | Followups
March 15, 2003

The Register publishes my Google report letter

Letter: Molesting Google

Many hits.

Thank you.

Posted by Seth Finkelstein at 11:58 PM | Followups
March 13, 2003

Walt Crawford "Cites & Insights" on CIPA legal briefs

Walt Crawford's Cites & Insights for April 2003: Vol. 3 No. 4 has an excellent, extensive, section reviewing the various CIPA legal briefs. It's many pages long, going into detail on the briefs both pro- and con-, with great analysis of their arguments. Highly recommended.

I may of course be biased, because one of those briefs mentioned is the one for the Online Policy Group and Seth Finkelstein

P.S.: The comments about weblogs are good reading too.

Posted by Seth Finkelstein at 02:40 PM | Followups
March 11, 2003

Geoffrey Nunberg on censorware in libraries

Geoffrey Nunberg has a great New York Times column, also available from Google Groups, regarding library censorware.

"Computers in Libraries Make Moral Judgments, Selectively"

Excellent points throughout, for example:

Software will never be able to wholly reproduce human linguistic and perceptual capacities, much less distinguish between a Playboy calendar and an Edward Weston nude, or between "Tropic of Cancer" and "Trailer Park Swappers."

Then, too, the architecture of the Internet itself requires filters to block hundreds of thousands of sites that they haven't identified as porn - Google cache sites, for example, and any site that is unlucky enough to be hosted by the same computer that's hosting a porn site.

By the way, as a note of personal credit, that "Google cache sites" aspect was exposed by me:

BESS vs The Google Search Engine (Cache, Groups, Images)
BESS bans cached web pages, passes porn in groups, and considers all image searching to be pornography.

Posted by Seth Finkelstein at 05:19 PM | Followups
March 08, 2003

CIPA Transcript - USA v. ALA

I've made this available in HTML at http://sethf.com/censorware/legal/cipa_auld.php

From: Skip Auld <auldh[at-sign]co.chesterfield.va.us>
Subject: CIPA Transcript - USA v. ALA
Date: Sat, 08 Mar 2003 16:27:09 -0500

To ALA Member-Forum, Publib, VLA, VEMA, and other lists (Please forgive

On Wednesday, March 5, I attended the Supreme Court oral arguments on the CIPA case (Children's Internet Protection Act), United States of America, et al. v. American Library Association, et al. This case was the government's appeal of the unanimous decision on May 31, 2002 of a 3-judge panel of the U.S. District Court for the Eastern District of Pennsylvania. That court decided in favor of ALA's position that requiring filters on all public Internet access computers, in order to receive federal funding, was unconstitutional.

For those of you who are interested, I have attached my transcription of the arguments. It is from handwritten notes I made during the oral arguments and therefore is not complete and may contain inaccuracies, despite my best efforts to write exactly what was said and all that was said. (This was, admittedly, an impossible task given the speed, substance, and variety of the one-hour debate). If you have any questions, please call me at 804-748-1767 or send an email message.

Posted by Seth Finkelstein at 07:21 PM | Followups
March 07, 2003

Censorware and less/least restrictive means

The Free Expression Policy Project has some interesting material in their CIPA argument analysis. I remember the following well:

Seven years ago, many advocates were arguing that Internet filters were a "less restrictive alternative" to criminal laws banning "indecent" speech on the Internet. But some prescient ones opined that filters would actually be even worse. Despite the chilling tenor of the Supreme Court argument in US v. ALA, one hopes that at least five of the justices will come to the same conclusion.

At the time, law professor Peter Junger wrote the best the best legal analysis on the above topic I've ever seen.

Posted by Seth Finkelstein at 03:25 PM | Followups
March 06, 2003

Should Libraries Be Compelled To Secret Censorship?

Yes, I know the title is loaded language (I originally had "Library Censorware - Threat or Menace", but that was too much of a cliche). But the phrasing of so many articles has a similar reverse built-in assumption.

Take, for example the title of an article:
Should libraries filter out Internet porn?

C'mon - isn't that as much an assumption as my own title?

Look at this report from Slate:

"Chief Justice William Rehnquist and Justice Antonin Scalia have no interest in hearing that libraries are public forums; in fact Scalia is of the opinion that libraries can and do censor what he calls "garbage" all the time."

I keep saying that language-translation sites and the Google cache and web archives and privacy/anonymity sites, etc, are not "garbage". But today I feel like I've just been shouting into the wind, for all I'm heard.

Posted by Seth Finkelstein at 11:58 PM | Followups
March 05, 2003

"CIPA" Federal censorware law in Supreme Court

[ http://sethf.com/pipermail/infothought/2003-March/000025.html ]

From: Seth Finkelstein
To: Seth Finkelstein's InfoThought list
Subject: IT: Federal censorware law "CIPA", in Supreme Court
Date: Wed, 5 Mar 2003 16:45:15 -0500

Today, the Supreme Court heard arguments regarding the Federal censorware law "CIPA", concerning censorware in libraries (this law applies to everyone, adults and minors). For more information, see:


I'm involved in this case as an amicus curiae, part of a friend-of-the-court brief, see:

"Online Policy Group, Seth Finkelstein Submit CIPA Court Brief"
http://www.sethf.com/infothought/blog/archives/000184.html http://onlinepolicy.org/media/cipasupreme030210.shtml

I'd like to remind everyone that although the issue is continually reported and debated as "filtering" "porn" or "smut", that description is in fact technically inaccurate. Instead, architecturally, censorware is about control over what people are permitted to read. This is a profoundly different problem. It means no archive or service can be allowed if it can be an escape from control.

That is, using the N2H2 censorware as an example, image searching cannot be allowed. See for yourself, by clicking on the following link:

This should return:

The Site: http://images.google.com/ is categorized by N2H2 as:

Now, an image search engine is not pornography. It's a tool. But it's banned here, just in case anyone could use it to see forbidden material.

Another example is the Wayback Machine, a huge archive of sites:

This is considered one of N2H2's "Loop Hole Sites", a no-longer-secret (due to my work :-) ) blacklist category of "loophole" sites which are banned by default everywhere, since they represent routes outside the blinder-box.

Language translation is prohibited also, because translating a website written in English from, e.g. Chinese to English, works very well.

The Google cache is considered a "loophole" too:

And of course, privacy and anonymity (to prevent one's reading from being monitored, by either the government or censorware) is right out:

In sum:

Image searching is not pornography.
Large web archives (e.g. The Wayback Machine) are not pornography.
Language translation is not pornography.
The Google cache is not pornography.
Privacy or anonymity is not pornography.

This won't be fixed in the next release. And my work on this issue seems to have been one factor in the lower court decision which earlier struck down this law. See:

Federal censorware law down! (and Seth Finkelstein's reports!)

BESS's Secret LOOPHOLE: (censorware vs. privacy & anonymity) - a secret category of BESS (N2H2), and more about why censorware must blacklist privacy, anonymity, and translators

BESS vs The Google Search Engine (Cache, Groups, Images) - BESS bans cached web pages, passes porn in groups, and considers all image searching to be pornography.

SmartFilter's Greatest Evils - why censorware must blacklist privacy, anonymity, and language translators

The Pre-Slipped Slope - censorware vs the Wayback Machine web archive - The logic of censorware programs suppressing an enormous digital library.

Remember this all, against the argument onslaught of "POORRRNNNN!"...

-- Seth Finkelstein Consulting Programmer sethf[at-sign]sethf.com http://sethf.com
Anticensorware Investigations - http://sethf.com/anticensorware/
Seth Finkelstein's Infothought blog - http://sethf.com/infothought/blog/

Infothought mailing list

Posted by Seth Finkelstein at 07:46 PM | Followups
March 04, 2003

MichaelSims, Domain Hijacking and Moral Equivalency

I should have mentioned this earlier, but with the Federal censorware law CIPA being argued tomorrow, it's important now.

Attorney Jonathan Wallace has a new account of the domain-hijacking of the former Censorware Project domain by the former webmaster, Michael Sims (yes, this is the same Michael Sims who works at Slashdot).

Some choice quotes, from Jonathan Wallace (i.e., he wrote this, I didn't!):

... hundreds or thousands of links which were put up elsewhere to Censorware Project content during our hey-day now, when followed, lead to Michael's denunciation of the group.

In short, this is a colossal and continuing act of malice by our former webmaster, Michael Sims. ...

Astonishingly, there were no consequences to Michael, as far as I know, for taking down the Censorware Project content and redirecting its substantial web traffic, first to a page which said the group no longer existed, and now to his rant against its members. We had some internal discussions about suing him to get the domain back.

If the ACLU's webmaster had trashed the organization's site, I think everyone would pretty well recognize he was a Bad Character and Not To Be Trusted.

See also the initial statement of Censorware Project (search the page for "flipping out").

And if people think this is trivial, note Michael Sims in his "colossal and continuing act of malice" has already derailed a great deal of my censorware work, and may lead in part to losing the DMCA censorware exemption. He's that destructive.

Posted by Seth Finkelstein at 11:58 PM | Followups
March 03, 2003

The Censorware Companies Strike Back

I'm undecided whether or not I should write blog entries ripping apart the DMCA reply of censorware companies opposing the censorware DMCA exemption. The argument for, is that it would be good practice and useful writing. The argument against, is that it would show my hand - after all, David Burt (who wrote it) sure didn't send me a pre-release review copy to analyze!

But to give a sense of how honest is that reply comment, note Matthew Skala, one of the programmers who got sued for publishing reverse-engineering of Cyberpatrol, has the following reaction in his blog:

N2H2 has its say

This is one of the DMCA exemption reply comments, from David Burt of N2H2, which makes the Bess censorware package. He appears to be speaking on behalf of several other censorware vendors too. It turns out that xpdf will read the file even though my konqueror Web browser won't. The comment argues that it's not necessary to reverse engineer censorware to test it, and has an entire section about what an evil person I am, calling Eddy Jansson and myself "two teen age hackers". Conveniently neglecting to mention that at the time of the Cyber Patrol break three years ago, we were both in our twenties, and I was already a university graduate; also denying, in the face of many counterexamples, that anyone who was anyone thought our work was valuable to the debate. Well, I (unfortunately) have much worse things to worry about at the moment than that kind of insult.

Posted by Seth Finkelstein at 08:56 PM | Followups
February 28, 2003

The Register covers my Google removal report

Be careful what you wish for, you might get it ... or not quite what you want ...

Google in paedo censorship debacle

It could've been worse, but there were some severe errors here. I've made some updates to:

Chester's Guide to Molesting Google

Posted by Seth Finkelstein at 12:56 AM | Followups
February 26, 2003

Banned and unbanned by BESS / N2H2

Yesterday, my censorware report BESS's Secret LOOPHOLE ( http://sethf.com/anticensorware/bess/loophole.php) was in fact banned by BESS (a brand name of the censorware made by N2H2). Ironically, it was banned as LOOPHOLE, which means it would be prohibited by default in every installation, everywhere (doesn't the idea of that frighten you? - it sure frightens me).

Other people saw this. I saw this. There's no question it happened.

Today, as I went to write it up, I seem to be unbanned by BESS.

I wonder why they can't make up their minds? Or did they want to avoid giving me the ability to say I've been banned-by-BESS? Did David Burt, their PR flack, say it would be embarrassing?

Life's little mysteries ...

Posted by Seth Finkelstein at 06:05 PM | Followups
February 25, 2003

Google removal - Chester's Guide to Molesting Google

From: Seth Finkelstein
To: Seth Finkelstein's InfoThought list
Subject: IT: Google removal - Chester's Guide to Molesting Google
Date: Tue, 25 Feb 2003 11:27:35 -0500

New report:

Chester's Guide to Molesting Google

Abstract: This report examines a newspaper-led campaign to have a site removed from both its host and the Google search index. The uproar turned out to originate from a single page of text of "sick humor".

I've investigated the background behind a campaign of a UK newspaper, the "Chester Chronicle", to have material removed from the web (not successfully - so far) and from Google's index (successfully!). The campaign appears to be a "moral panic" arising from confusing an archived text column of "sick humor", written under a pen-name of "Chester the Molester", for a paedophile site.

URL of Chester Chronicle article describing success against Google index:

"Sick website taken down"

Seth Finkelstein Consulting Programmer sethf[at-sign]sethf.com http://sethf.com
Anticensorware Investigations - http://sethf.com/anticensorware/
Seth Finkelstein's Infothought blog - http://sethf.com/infothought/blog/

Infothought mailing list

Posted by Seth Finkelstein at 11:36 AM | Followups
February 20, 2003

Son of DMCA censorware exemption comment

Now my follow-up DMCA exemption comment (for censorware blacklists) has been submitted:


I didn't put in what I was thinking about the process. I've been pretty tired and that's a bad time to write. Maybe if there's another reply-round.

I can't wait to see what the censorware companies write about me :-(.

I may have a bet with Bennett Haselton of Peacefire over it ...

Posted by Seth Finkelstein at 05:11 PM | Followups
February 15, 2003

More on considering "How Appealing" pornography

So I've spend a good portion of yesterday evening and today investigating "How Appealing" is pornography, where the NetSpective censorware. had (that? the?) blogspot.com site as pornography. I've suggested some tests and we'll see what happens.

Note the How Appealing blog has a nice item on me, "Seth Finkelstein to the rescue".

I should note my concurrence with the the earlier statement:

My thoughts exactly: A former Pennsylvania state court appellate judge emails to observe, "The classification of your blog as 'pornography' by screening software is further evidence supporting the findings in Chief Judge Becker's opinion in [ the District Court Decision striking down CIPA ]"

If you want some irony, compare what NetSpective is saying in contrast, that "... NetSpective WebFilter Meets Federal CIPA Standards ....", that "... NetSpective WebFilter(TM) URL filtering solution fulfills all CIPA filtering requirements. ...."

Notably, accuracy seems NOT to be one of those requirements (and I'm serious here, that's one reason the law was, and is likely to be, struck down).

Posted by Seth Finkelstein at 11:58 PM | Followups
February 14, 2003

"How Appealing" is Pornography

There's times when I wish censorware investigation could be my job. I've been busy all day job-hunting, so I haven't yet had a chance to investigate the blacklisting as pornography of the How Appealing blog by the NetSpective censorware.

This along with

... other sites which are blocked, including Arts & Letters Daily (http://www.aldaily.com), Technorati ((http://www.technorati.com) and Blo.gs ((http://www.blo.gs).

Quoth the How Appealing blog:

Look on the bright side, though: If my Web log is classified as "pornography," perhaps some actual pornography has been classified as a Web log devoted to appellate litigation.

(indeed, that probably has happened somewhere!).

I suspect this is a similar situation to my censorware report:

CyberPatrol - 247 bans for the price of 1

That described 247 sites blacklisted as "Partial Nudity, Nudity, Sex Acts/Text", and we never even found what site they wanted to target! Interestingly enough, it also began with the blacklisting of a law site, in that case http://www.archerlaw.com/.

If any lawyers or journalists are reading this, and want to back me up in these investigations, let me know! Deep censorware work is NOT risk-free. (and if anyone has a way to make this my job, even better!)

Thanks to Math class for poets: law and life and email for the information.

Posted by Seth Finkelstein at 05:34 PM | Followups


Censorware is about control. I say that repeatedly. The biggest public-relations victory the censorware-makers ever achieved, was to get censorware called a "filter", and to have that control described as "filtering". It's not mere partisanship. Rather, the terms "filter" and "filtering" channel the discussion into a thought-pattern of extracting the assumed, bad, even toxic, material, leaving a purified result. As opposed to censorware, which concerns what's required to control a person, to prevent them reading prohibited content. I have a sinking feeling I'm going to be saying this over and over again in the run-up to the Supreme Court CIPA arguments.

Posted by Seth Finkelstein at 01:01 AM | Followups
February 10, 2003

Online Policy Group, SethFinkelstein, CIPA brief now on-line

The Supreme Court friend-of-the-court brief representing the Online Policy Group and Seth Finkelstein in the CIPA case (Federal mandatory censorware law) is now available.



and automatically converted to HTML:

Seth Finkelstein is a computer programmer and civil liberties advocate. Since 1995, he has dedicated thousands of hours to studying commercially developed Internet blocking software. These efforts have revealed many of the mechanisms employed by blocking software, which Mr. Finkelstein has described in articles and reports. For his efforts "in the fight against government mandated use" of such software, Mr. Finkelstein received the Electronic Frontier Foundation's Pioneer Award. Mr. Finkelstein is interested in ensuring that the Court understands how commercially developed blocking software operates and the dangers that it poses to free speech.

Posted by Seth Finkelstein at 07:51 PM | Followups

Online Policy Group, Seth Finkelstein Submit CIPA Court Brief


San Francisco - The Online Policy Group (OPG) and software expert Seth Finkelstein today submitted a brief to the U.S. Supreme Court supporting a lower court decision that the Children's Internet Protection Act (CIPA) places unconstitutional limitations on free speech of library patrons by requiring the use of technology protection measures in libraries receiving certain federal funding or discounts.

Media Release: U.S. Supreme Court Considers Internet Blocking in Libraries

For Immediate Release: Monday, February 10, 2003


Will Doherty
Executive Director
Online Policy Group

Seth Finkelstein
EFF 2001 Pioneer Award Winner

Daniel Bromberg
Jones Day

U.S. Supreme Court Considers Internet Blocking in Libraries

Online Policy Group, Seth Finkelstein Submit Court Brief

San Francisco - The Online Policy Group (OPG) and software expert Seth Finkelstein today submitted a brief to the U.S. Supreme Court supporting a lower court decision that the Children's Internet Protection Act (CIPA) places unconstitutional limitations on free speech of library patrons by requiring the use of technology protection measures in libraries receiving certain federal funding or discounts.

OPG and Finkelstein's brief, prepared by attorneys Daniel H. Bromberg, Charles Morse, and Josh Fairfield of the law firm Jones Day, argues that CIPA's technology protection requirement forces libraries to use commercial blocking software. Because blocking software censors speech that receives full First Amendment protection and may discriminate against certain viewpoints, OPG and Finkelstein argue that CIPA should be subject to strict scrutiny.

"Using commercial Internet blocking software to comply with CIPA, libraries force the political, social, and cultural biases of software manufacturers with differing community standards onto library patrons in their own communities," said OPG Executive Director Will Doherty. "Especially for 'controversial' topics -- such as politics, medical health, child abuse, abortion, sexual orientation, and gender identity -- the biases inherent in Internet blocking software are unacceptable."

"Censorware is not filtering, it is electronic book-burning," commented Seth Finkelstein. "It's a pre-slipped slope denying any privacy, since all reading must be monitored."

"Technology is no panacea for those who wish to regulate speech on the Internet," observed Daniel Bromberg. "As CIPA shows, attempts to regulate speech on the Internet through purely technological means can pose special dangers to free speech."

The amicus brief from OPG and Finkelstein accompanies the main legal argument from the American Civil Liberties Union (ACLU) and other plaintiffs in the U.S. government's appeal from a decision of a special three-judge panel striking down the library portion of CIPA on May 31, 2002.

For this media release:

OPG/Finkelstein brief to the U.S. Supreme Court:

ACLU brief to the U.S. Supreme Court:

More on Children's Internet Protection Act:

Seth Finkelstein's website:

About OPG:

The Online Policy Group (OPG) is a nonprofit organization dedicated to online policy research, outreach, and action on issues such as access, privacy, and digital defamation. The organization fulfills its motto of "one Internet with equal access to all" through projects such as donation-based email list hosting, web hosting, domain registrations, and now colocation services. OPG focuses on Internet participants' civil liberties and human rights, like access, privacy, safety, and serving schools, libraries, disabled, elderly, youth, women, and sexual, gender, and ethnic minorities. Find out more at http://www.onlinepolicy.org/

- end -

Infothought mailing list

Posted by Seth Finkelstein at 03:22 AM | Followups
February 08, 2003

More on the "Ministry Of Silly Messages"

My report on UK Parliament Mail - The Ministry Of Silly Messages ( http://sethf.com/anticensorware/general/uk.php ) has been getting some coverage.

It's in The Inquirer, in an article Man solves un-parliamentary language conundrum

One critical insight I advocate in the spam-wars, is that the problem is going to be dealt with one way or another. Spam is not an "intellectual" problem, like sex-talk, hate-speech, etc. Spam is a "physical" problem, of cost-shifting and denial-of-service.

I suspect Parliament's trouble arise from conflating the "physical", the flood of solicitations, with the "intellectual", messages using words which were deemed an impropriety.

Posted by Seth Finkelstein at 11:23 PM | Followups
February 07, 2003

UK Parliament Mail - The Ministry Of Silly Messages

From: Seth Finkelstein
To: Seth Finkelstein's InfoThought list
Subject: IT: UK Parliament Mail - The Ministry Of Silly Messages
Date: Fri, 7 Feb 2003 13:45:06 -0500

New report:

UK Parliament Mail - The Ministry Of Silly Messages

Abstract: This report examines messages being rejected by a mail system in use by the UK parliament.

I've reverse-engineered why the system used by the UK parliament to scan mail for "inappropriate content" was bouncing messages ranging from Welsh newsletters to a Shakespeare quote. Censorware is not fond of pussy-cats and tit-willows.


E-mail vetting blocks MPs' sex debate

Software blocks MPs' Welsh e-mail

Plaid up in arms as Commons spam filter bans Welsh

UK Parliament Mail - The Ministry Of Silly Messages

NTK (Need-To-Know) coverage

Cyber-Rights & Cyber-Liberties (UK)

Seth Finkelstein
Anticensorware Investigations - http://sethf.com/anticensorware/
Seth Finkelstein's Infothought blog - http://sethf.com/infothought/blog/
List sub/unsub: http://sethf.com/mailman/listinfo.cgi/infothought

Posted by Seth Finkelstein at 01:54 PM | Followups
January 26, 2003

Peacefire seeks volunteers to help work on anti-censorship technology

Date: Mon, 20 Jan 2003 03:26:03 -0800
From: Bennett Haselton <bennett[at-sign]peacefire.org>
Subject: volunteers to help work on anti-censorship technology

Happy New Year to everybody -- sorry it's been an unusually long time since the last Peacefire newsletter, but the good news is that there are big things coming in 2003. Peacefire has joined forces with Voice of America <http://www.ibb.gov/>, a federal agency that used to do pro-democracy radio broadcasts into communist Eastern Europe and Asia, and is currently still broadcasting into China while branching out into finding ways to defeat Internet censorship. They've contracted with us to help defeat the "Great Firewall of China", the firewalls put in place by the Chinese censors to block people in China from reading foreign Web sites that criticize the Chinese government. The technology could be extended to help people in other regions such as the Middle East where the Internet is heavily censored.

This is the kind of project that I hope many tech-savvy members will be able to help with, one way or another. Personally I think this may be one of the most important things I ever get to work on, if not the most important. To a lifelong puzzle-hobbyist, it's like a dream: working on a problem that's like a giant, open-ended puzzle that's never been completely solved, where the answer could help millions of people around the world. As for working on the problem itself, it requires some technical knowledge, but not a lot; I coach a high school math team and I've worked on some of these problems with the students in the math club. I could do that since there's nothing classified about the solutions to the problem that VOA has asked us to find, because our strategy is to assume the Chinese censors will be able to "take apart" the software and figure out how it works anyway, so we should publish all the details of how it will work, and encourage people to try and find ways to defeat the system. Only if the complete design is published and nobody can find any flaws that would enable the censors to attack it, then we go ahead with building it according to that design.

One of the first papers I put out as part of the project, was about the common pitfalls and problems with many existing "anti-censorship" systems: http://www.peacefire.org/circumventor/list-of-possible-weaknesses.html If you can follow most of the discussion on that page, you'd probably be able to help. It's less about technical knowledge, and more about looking at a given problem through new angles, so it's an ideal technical project for young people to contribute.

There are several existing anti-censorship projects out there, made by companies including SafeWeb, DynaWeb, and a self-described hacker coalition called Hacktivismo, all of which have contributed some valuable insights, but many of their designs fall prey to the attacks listed at the URL above. Also, none of the other groups working on this problem have published the details of how their proposed solutions work, so there may be other problems that haven't come to light yet. (If any of their programs ever came to represent a serious threat to the Chinese censors, the Chinese government would almost certainly "take it apart" to find out how it works and find any exploitable weaknesses, so keeping the design secret is really just delaying the inevitable. This is why our strategy is to publish the design in advance, and only proceed with it if no one is able to find a weakness in the design, even knowing all the details of how it works.)

One good question that nobody has asked me, but some people probably will, is why I would be asking people to contribute ideas for free, if VOA is paying me. I would say that even if you subtract all the hours per week that VOA has paid for at a normal programmer's salary, that still leaves a lot of hours every week that I'm working on the project, which could be considered "donated" time (not to mention all those years with Peacefire, which is how VOA heard about us in the first place :) ). In any case, it's up to each individual person whether they want to help. Besides, the most important part of the process is to have many reviewers look at the software design and try to find flaws that the censors could exploit, and that doesn't take any minimum time commitment.

As part of this project, Peacefire is probably going to move towards fewer consumer-reports-style pages about what blocking software really blocks, and more towards work on anti-censorship technology. We will still help to publicize the problems with blocking software, especially when the Supreme Court decides this year whether the "Children's Internet Protection Act" is constitutional, which requires blocking software to be installed on all computers used by children or adults, in any library that receives federal funding. But for the most part, most people who are paying any attention at all, have gotten the message that blocking software is sloppy and often politically motivated. Plus, many other research groups are now also doing studies on the problems with blocking software. On the other hand, developing secure anti-censorship technology is still something that no group has ever pulled off completely, and I think we're in a position to do it.

If you'd be interested in working on the design for an anti-censorship program, you might want to check out the URL above. Some other recommended reading on how the design has evolved so far, most of which is about pitfalls in existing systems, pitfalls that our design should avoid:

Problems with using a "distributed cloud" of circumvention points to defeat Internet censorship: http://www.peacefire.org/techpapers/distributed-cloud.html An attack that can be used to map out a peer-to-peer network of machines being used as circumventors: http://www.peacefire.org/circumventor/peer-to-peer-map-out-attack.html An attack that can be used against Anonymizer-type Web sites even if they encrypt page contents using HTTPS: http://www.peacefire.org/circumventor/fingerprinting-sites-downloaded-over-https.html

As you'll notice if you read those, all the stuff so far has my name on it. Let's do something about that :) If you'd be interested in contributing in any way, email me at bennett[at-sign]peacefire.org with some information about your background if you want (even though no background is necessary). We'll be setting up a separate mailing list to discuss the strategies for anti-censorship software, and anybody can contribute ideas for possible attacks against the anti-censorship that the censors might use -- so that we can be sure to take those into account when designing the system.

It's eerie, thinking about the political implications of something like this, the number of people it could possibly affect. This is the biggest project Peacefire has undertaken, but no individual person's contribution is too small. So contact me and check out the URLs if you're interested.


bennett[at-sign]peacefire.org 425 649 9024 http://www.peacefire.org

Posted by Seth Finkelstein at 11:56 PM
January 25, 2003

N2H2 (censorware co.) "dead company walking", another step

Continuing my effort to make sense of the finances of the censorware-maker N2H2, ( "dead company walking"), here's my thoughts on their just-issued quarterly report

The key element seems to be that they lost money yet again, though I'll be fair and say it's now not really being hemorrhaged (more like oozing out at this point). They're down to losing another $429,000, or $0.02 for each share of stock. Granted, losing less money is definitely better than losing more money. But loss is still loss.

They apparently managed to be "cash flow positive" again this quarter, from booking revenue from a deal with an Australian ISP. What's interesting is that their revenues haven't increased much: "an increase of 5 percent over 2001's first quarter results". The stemming of the money hemorrhage has been achieved by laying-off people (admittedly, there's a lot of that going around). But as the saying goes, you can only fire people once. Still, the drama continues ...

Posted by Seth Finkelstein at 11:49 PM
January 24, 2003

CFP 2003

It's official. I'm presenting a tutorial at the 13th Annual Conference on Computers, Freedom & Privacy (aka CFP 2003)

My tutorial is: "How to Analyze Censorware"

Posted by Seth Finkelstein at 05:44 PM
January 22, 2003

N2H2 (censorware co.) bankruptcy-watch update

As I mentioned last month, I've been trying to make sense of the finances of the censorware-maker N2H2, as it seems to be "dead company walking". Their Yahoo profile shows it now to have negative "Book Value". So tomorrow we'll find out if they've hemorrhaged even more money in the last few months:

Webcast Alert: N2H2 Inc. Announces First Quarter 2003 Results Webcast

SEATTLE, Jan. 9 /PRNewswire-FirstCall/ -- N2H2 Inc. N2H2 Inc. (OTC: NTWO - News) announces the following Webcast:

What: N2H2 Inc. Announces First Quarter 2003 Results Webcast

When: 01/23/03 @ 5:00 p.m. Eastern

Where: http://www.firstcallevents.com/service/ajwz371807857gf12.html

How: Live over the Internet -- Simply log on to the web at the address above.

Contact: David Burt, Public Relations Manager, +1-206-892-1130, or dburt@n2h2.com

Posted by Seth Finkelstein at 08:16 AM | Followups
January 19, 2003

Libraries and another reason for conflict of privacy vs. censorware

There was an interesting article in Wired news : (I saw it from LISnews):

Librarians Split on Sharing Info

" The survey (PDF) of 906 libraries by the Library Research Center at the University of Illinois Urbana-Champaign found that in the year following the Sept. 11 attacks, federal and local law enforcement agents visited at least 545 libraries to inquire after patrons' records."

"When asked to voluntarily forfeit patrons' records, roughly half the librarians cooperated with investigators without demanding a subpoena or court order, the study found."

Now, suppose someone wanted to use a privacy-protecting website so as not to be monitored? Well, think about this in terms of:
BESS's Secret LOOPHOLE: (censorware vs. privacy & anonymity) - a secret category of BESS (N2H2), and more about why censorware must blacklist privacy, anonymity, and translators

Posted by Seth Finkelstein at 11:57 PM | Followups
January 12, 2003

No more free sex sites from Websense

Some months ago, I publicized that the censorware company Websense was distributing daily lists of free sex sites which weren't on the blacklist of other censorware companies.

I am not making this up! I was quoted in an MSNBC story covering it.

Well, it looks like this party is over. As of December 23 2002, they changed the free sex sites page to read:

We no longer provide a daily list of adult content sites on our Web site because our competitors were adding these sites to their database immediately. If you would like to request a list of 20 adult content sites that are in the Websense database, but not in SurfControl's or SmartFilter's, please complete the form below and we will have a salesperson send you the latest list.

Note their reason is allegedly that "competitors were adding these sites", NOT that Websense was undermining the protection of children!

Posted by Seth Finkelstein at 11:53 PM | Followups
January 11, 2003

Walt Crawford "Cites & Insights" on Kaiser censorware study

Walt Crawford has some insightful censorware comments in his excellent "Cites & Insights" publication for January 2003: Vol. 3 No. 1, regarding the Kaiser Family Foundation censorware study "See No Evil" (and a nice mention of me too :-))

While some media accounts - and the rapid claims from David Burt and the filtering fraternity - touted Kaiser's study as proof that filters are fine, just fine, some journalists took the time to read the study itself. Ellen Edwards' December 10 story in the Washington Post is headlined "Filtering software may block access to health information, study finds." She quotes David Burt, "This shows us that filters do work," and ALA's Emily Sheketoff, "We're gratified once more that there's a study finding that filtering doesn't work." Paul Eng of ABC News posted a December 11 story, "Filtered finds: New study shows how net porn filters block online health info." Unfortunately, he stuck with the "1.4%" figure, not digging deeper into the study - but then, this is network TV news.

Seth Finkelstein took the opportunity to excerpt some cases from SmartFilter, because he'd been studying SmartFilter for a previous censorware project. He cites some examples of health sites that SmartFilter bans as "sex": Alliance of the American Dental Association, ActiveHealthcare.com, Eyeshealth.com, Professionals for women's health, and the site for the adult primary care nurse practitioner. See sethf.com/anticensorware/smartfilter/damage6.php , and note that sites may have been unblocked after he posted the list.
[Ed note - SmartFilter finally caught up with them all, a few days ago]

Posted by Seth Finkelstein at 06:24 PM | Followups
December 29, 2002

N2H2 (censorware co) - financially "dead company walking"

I've finally finished ploughing through N2H2's recent financial report and attempting to figure out just how near they are to death's door (approaching? threshold? already through?). I think it's a matter of "dead company walking".

I've finally made sense of their announced "cash flow positive" quarter. Remember, N2H2 loses around $1.7million each quarter

Now, look at the N2H2 Balance Sheet

Note how "Cash and Cash Equivalents" takes a big jump up on Sep 30, 2002.

But projecting, the estimated numbers would be (in thousands)

"Net Tangible Assets":
+2,152(down 1,400 to) +752(down 1,017 to) -265(down 1,507 to) -1,772
"Cash and Cash Equivalents":
+6,000(down 1,740 to) +4,260(down 1,485 to) +2,775(now project) 728? (est?)
calculate "Cash and Cash Equivalents" - "Net Tangible Assets":
+3,848  +3,.508  +3,040(now project) +2,5? (est?)

That is, the next number in the series for "Cash and Cash Equivalents" should be down "1,something" , giving less than 1,000 remaining, around 728 from projecting from the drop in "Cash and Cash Equivalents" - "Net Tangible Assets"

Instead, they record a total "Cash and Cash Equivalents" UP to +4,684. That's an overage of (4,684 - 728? = 3956?). Where are they getting that extra 3956 or so ?

Note nothing dramatic has changed in terms of income and expenses for all of N2H2 fiscal year 2002 . So their recent layoffs can't be the cause of this dramatic change.

Look at the "Other Current Liabilities" line. They have a big change in going from 4,475 to 8,179 = 3704. That seems to be the jump.

The "Cash Flow Statement" agrees

Income hasn't changed much. The cash jump is from "Changes In Liabilities".

What's this 8,179 liability?

Searching the annual report, under
They have "Deferred revenue" of 8,179

What's this "Deferred revenue"? The only reference I can find is (my emphasis)

"Subscription agreements and most maintenance services are evidenced by signed contracts, which are generally 12, 24 or 36 months in duration. Subscription and maintenance revenues are recognized on a straight-line basis over the life of the contract. Contracts billed in advance of services provided are recorded as deferred revenue.

Hmm? What's going on here?

It appears they counted much of *expected Financial Year 2003* revenue, as "deferred revenue" for the last quarter of Financial Year 2002. And listed what they billed as part of "Cash and Cash Equivalents".

That is, the only reason they're "cash flow positive" is that they have gotten substantial billed money in advance of the services.

There's another obscure line where they list current "Working capital" as being -2,193 , with a footnote of "(3) Includes current portion of deferred revenue."

In brief, it's if someone were in debt, and took out a loan, and trumpeted having a "cash-flow-positive" event because the loan was money received now (that it'd have to be paid back later was irrelevant).

It's like the old saying about losing a little money on every sale, but making up in volume.

Posted by Seth Finkelstein at 04:27 PM | Followups
December 26, 2002

N2H2 (censorware co.) and bankruptcy

I'm still trying to get a good handle on the current financial status of N2H2 (a censorware company). It's given me a new respect for what sort of shenanigans can be pulled with the likes of WorldCom and Enron.

Posted by Seth Finkelstein at 11:58 PM | Followups
December 24, 2002

N2H2's (censorware co) views on censorware blacklist litigation

N2H2's (a censorware company) recently-issued current Financial Annual Report has another gem:

An individual represented by the American Civil Liberties Union has recently filed a lawsuit against us in federal court. The plaintiff is purportedly a computer researcher who allegedly seeks to conduct a quantitative analysis of the accuracy and comprehensiveness of our Internet filtering solutions for purposes of determining whether these solutions exclude some speech on the Internet that is constitutionally protected. He alleges that his activities in conducting this analysis, if he ever does so, would violate our standard license agreement and our intellectual property rights. The plaintiff alleges that the threat that we will enforce our license agreement and our other rights has deterred him from this activity, which he alleges is protected under the "fair use" doctrine of copyright law and other legal doctrines. He seeks a declaration to prohibit us from enforcing the license agreement against him based on his use of our software in his research activities. To the extent that this claim is resolved in the plaintiff's favor, it could materially affect our ability to enforce our license agreements and other intellectual property rights against certain users of our software filtering products. In addition, it could contribute to an increase in the number of people who seek to use our software in ways that we believe violate our proprietary rights. ...

Hmm, what an interesting idea .

Posted by Seth Finkelstein at 12:23 AM | Followups
December 23, 2002

N2H2 (censorware co) deathwatch spiral continues

N2H2, a now-infamous censorware company, recently issued its current Financial Annual Report. I'll just quote this paragraph:

We have incurred net losses in each quarter since we incorporated in 1995. We incurred net losses of $881,000 for 1997, $2.6 million for 1998, $7.7 million for 1999, $39.3 million for 2000, $35.5 million for 2001 and $6.6 million for 2002. If we fail to achieve and maintain profitability, our stock price will decline, our future capital raising efforts will be impaired and we may be forced to reduce or cease operations.

Posted by Seth Finkelstein at 11:47 PM | Followups
December 13, 2002

Censorware, "filtering", and the imperatives of control

[I've sent this message around a few places in discussion about the Kaiser Family Foundation censorware study]

One censorware aspect the Kaiser report does not discuss, is that in order for control to be effective, sites such as language-translators, privacy sites, anonymity protections, the GOOGLE CACHE, the Wayback Internet archives, etc tend to be banned. Otherwise, such sites act as a "LOOPHOLE" (to use N2H2's terminology) for the control of censorware. This is a structural, architectural, issue. Whether or not you consider this bad, good, or not a horribly high cost, it's factually a deep problem of censorware which is not going to go away from configuration. Take a look at my (sadly under-publicized) work, e.g.

BESS's Secret LOOPHOLE: (censorware vs. privacy & anonymity) - a secret category of BESS (N2H2), and more about why censorware must blacklist privacy, anonymity, and translators

BESS vs The Google Search Engine (Cache, Groups, Images) - N2H2/BESS bans cached web pages, passes porn in groups, and considers all image searching to be pornography.

The Pre-Slipped Slope - censorware vs the Wayback Machine web archive - The logic of censorware programs suppressing an enormous digital library.

Very broadly, the Kaiser study found that the more blacklists that are used, the more inaccurate bans there are. Viewed basically in terms of what censorware is - a bunch of blacklists - this should be clear.

That is, fundamentally, a censorware program is a collection of blacklists. Each blacklist has some accurate entries, and some wildly inaccurate ridiculous entries. If you use several blacklists, you get the accurate entries, and then all the wildly inaccurate ridiculous entries contained in all those several blacklists. Simple.

From this point of view, it's not a surprise that several blacklists, have in combination, a much higher number of wildly inaccurate ridiculous entries, than a few blacklists. Roughly, having more blacklists means more silliness, and fewer blacklists means fewer silliness. No special magic to "configuration" there. The less of the censorware you use, the less of the baleful effects you have.

And Kaiser didn't find that censorware bans all the porn sites either! At heart, it's not difficult to get a big list of porn sites. It's really not. But what "benefit", other than the political, is there in just making the outright porn-searchers work a little harder, while randomly denying some people the information they need, and denying everyone such tools as language-translators, google caches, etc?

I don't think this is a simplistic opposition to "filtering". But it is saying there is no magic - there's not going to be any configuration that makes all the naughty stuff go away, while having only nice remaining. Or even most of the way there. The best PR the censorware companies ever did, was to have the word "filtering" attached to their blacklists. Because that channels all the discussion into a focus on the supposedly worthless material, and far away from all the imperatives involved in controlling what people are forbidden to read.

Posted by Seth Finkelstein at 11:53 PM | Followups
December 12, 2002

Kaiser censorware study and health sites

Here, very roughly, is what is going on with the Kaiser Family Foundation censorware study and health sites.

It's not complicated. One just has to realized that censorware is not a "filter", but basically a collection of blacklists.

Suppose one has several censorware blacklists:

Blacklist Accurate items Inaccurate items
Sex X1 % accurate Y1 % inaccurate (including Z1 % health sites)
Drugs X2 % accurate Y2 % inaccurate (including Z2 % health sites)
Rock and Roll X3 % accurate Y3 % inaccurate (including Z3 % health sites)

If you blacklist all of Sex and Drugs and Rock and Roll sites, then the blacklist has the combined accurate items, plus combined also ALL of the inaccurate items, that is
(Y1 % + Y2 % + Y3 %) inaccurate including (Z1 % + Z2 % + Z3 %) health sites (neglecting any overlap).

The more blacklists that are used, the more wildly inaccurate bans are seen. The fewer blacklists that are used, the fewer wildly inaccurate bans are seen.

It's that simple.

Note the report does not address structural, architectural issues of censorware, such as the across-the-board banning of "loophole" sites (caches, anonymizers, and translation sites, etc.)

Posted by Seth Finkelstein at 04:31 PM | Followups
December 11, 2002

SmartFilter stupidity - health sites as SEX


The Kaiser Family Foundation just released a study concerning censorware and health sites. In honor of this study, I give some different health-related websites likely to be banned in some libraries and schools as pornography, as these sites are all blacklisted as "Sex". This is offered here as a simple, right-now, hot-off-the-presses, see-for-yourself, demonstration of what can be banned by censorware as porn.

Posted by Seth Finkelstein at 05:02 AM
December 05, 2002


With the passage into law of the ".kids.us" subdomain, ( Dot Kids Implementation and Efficiency Act of 2002) which I refer to as "dot-kidding", I'm collecting in one post my earlier comments on why it's such a ill-fated idea. While the concept is certainly very pleasant, that political appeal seems to have completely overridden any thought about what is in fact being proposed. This is not a "children's room". It's a government whitelist. Below are some of my explanations as to where a government whitelist has all sorts of implementation problems. Blather, blather:

To facilitate the creation of a new, second-level Internet domain within the United States country code domain that will be a haven for material that promotes positive experiences for children and families using the Internet, provides a safe online environment for children, and helps to prevent children from being exposed to harmful material on the Internet, and for other purposes.

The Basic Problem:

The .kids.us concept can be condensed down to one basic idea, that the US government will certify sites as OK-for-minors. There is no need to have this certification as a domain name. It could be done just as well with a simple list of US government certified OK-for-minors sites, and that would be vastly simpler to administer.

The dirty little secret of this boondoggle is as follows:


Almost nobody wants "whitelists". Whitelists have been around for years and years and years. I could write pages on this history of the idea. Just think about the basics. It's not like the concept just now occurred to people.

Is It OK To Be Happy and Gay?:

Here's why it's not a panacea. Consider the standard:

(5) SUITABLE FOR MINORS- The term `suitable for minors' means, with respect to material, that it--

`(A) is not psychologically or intellectually inappropriate for minors; and
`(B) serves--
`(i) the educational, informational, intellectual, or cognitive needs of minors; or
`(ii) the social, emotional, or entertainment needs of minors.'.

Now, the question: Does the book Heather Has Two Mommies meet this standard? Think about the implications.

Linking Lunacy:

Consider the requirement of no outside links:

"(11) Written agreements with registrars, which shall require registrars to enter into written agreements with registrants, to prohibit hyperlinks in the new domain that take new domain users outside of the new domain."

Besides being redundant (if one is already restricted to the sandbox, why prohibit hyperlinks?), there is a very deep problem here. Are they really saying that there is a profound difference between

"See the material at peacefire.org"


"See the material at peacefire.org (which is located at http://peacefire.org , as you have probably figured out, but http://peacefire.org is not a hyperlink, because if we made a hyperlink to http://peacefire.org we'd be violating our contract, so we can't make a hyperlink to http://peacefire.org)"

Either they end up meaning "no URLs", which is even sillier, or we have a profound problem of not understanding that hyperlinks are nothing more than convenient references. That is, if the exact same reference is acceptable as long as it is not a "hyperlink", that seems to defeat the purpose.

I suppose none of the sites will be able to run common mailing-list or groups/bboard software which tends to turn URLs into hyperlinks.

Maybe it'll be like curse words, e.g. "s*cks" (umm, how many asterisks are going to be needed to be OK?). We can have http://p**f*r*.*rg

Posted by Seth Finkelstein at 02:45 PM | Followups
December 03, 2002

Searching Through The Great Firewall Of China

From: Seth Finkelstein
To: Seth Finkelstein's InfoThought list
Subject: IT: Searching Through The Great Firewall Of China
Date: Tue, 3 Dec 2002 11:59:29 -0500

[China censorware is much in the news these days. This is my contribution to the party - hopefully, the more the merrier.]

Searching Through The Great Firewall Of China
by Seth Finkelstein
Available at: http://sethf.com/anticensorware/general/china.php

Abstract: This report describes a simple technique which can be used with some search engines to bypass censorware bans on searching for forbidden words. Particular emphasis is placed on the situation of the Great Firewall Of China.

Seth Finkelstein Consulting Programmer sethf[at-sign]sethf.com http://sethf.com
Anticensorware Investigations - http://sethf.com/anticensorware/
Seth Finkelstein's Infothought blog - http://sethf.com/infothought/blog/

Infothought mailing list

Posted by Seth Finkelstein at 01:17 PM
December 02, 2002

Apache's mod_gzip module and anti-censorship encoding

I've come across many anti-censorship discussions which concern themselves with encoding web pages in transit, so that the packets cannot be inspected for prohibited content. For the record, in practice, this is a solved problem. The solution is an Apache server module which is called mod_gzip

mod_gzip is an Internet Content Acceleration module for the popular Apache Web Server. It compresses the contents delivered to the client. There is no need to install any additional software on the client!

So, it's integrated into a leading web-server, requires NO client effort - what more could one ask? To be sure, the stream could be decompressed by an eavesdropper. But in terms of random packet-scanning for keywords, the individual packets are simply incomprehensible binary data. And the module actually works and is useful, too! It's hard to do better than that.

Posted by Seth Finkelstein at 02:29 PM | Followups
November 25, 2002

How To Win (DMCA) Exemptions And Influence Policy

Date: Mon, 25 Nov 2002 08:07:11 -0800
From: Lee Tien
Subject: guide to DMCA "exemption" process -- 3 weeks left
To: Law & Policy of Computer Communications

EFF is pleased to present a guide to the DMCA "exemption" process.


Under this process, the Copyright Office of the Library of Congress must make a triennial inquiry regarding adverse effects of the DMCA's prohibition on circumvention on "certain classes of works."

If adverse effects are shown, the office can "exempt certain classes of works from the prohibition against circumvention of technological measures that control access to copyrighted works." The exemptions only last 3 years.

The author, Seth Finkelstein, is one of the very few people who succeeded in arguing for an exemption (for the act of circumventing access/copy controls on censorware blacklists) in the last round (2000). [The Copyright Office received many comments and rejected the overwhelming majority of them; I think in the end only 2 or 3 exemptions were created.]

The upcoming round is the next one, for 2003. "Written comments are due by December 18, 2002."

This is about the only part of the DMCA that can mitigate its fell sway, so if you have any interest in the topic at all, it's well worth reading.

Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation

Posted by Seth Finkelstein at 11:41 AM | Comments (0) | Followups
November 18, 2002

.kids.us - linking lunacy

One more item on dot-kidding: Consider the requirement of no outside links:

`(11) Written agreements with registrars, which shall require registrars to enter into written agreements with registrants, to prohibit hyperlinks in the new domain that take new domain users outside of the new domain.

( Dot Kids Implementation and Efficiency Act of 2002)

Besides being redundant (if one is already restricted to the sandbox, why prohibit hyperlinks?), there is a very deep problem here. Are they really saying that there is a profound difference between

"See the material at peacefire.org"


"See the material at peacefire.org (which is located at http://peacefire.org , as you have probably figured out, but http://peacefire.org is not a hyperlink, because if we made a hyperlink to http://peacefire.org we'd be violating our contract, so we can't make a hyperlink to http://peacefire.org)"

Either they end up meaning "no URLs", which is even sillier, or we have a profound problem of not understanding that hyperlinks are nothing more than convenient references. That is, if the exact same reference is acceptable as long as it is not a "hyperlink", that seems to defeat the purpose.

I suppose none of the sites will be able to run common mailing-list or groups/bboard software which tends to turn URLs into hyperlinks.

Maybe it'll be like curse words, e.g. "s*cks" (umm, how many asterisks are going to be needed to be OK?). We can have http://p**f*r*.*rg

Posted by Seth Finkelstein at 11:42 PM
November 17, 2002

.kids.us - a simple demonstration of the problem

Here's a simple way to demonstrate why the ".kids.us" domain is not a panacea. Consider the standard given in the Dot Kids Implementation and Efficiency Act of 2002.

(5) SUITABLE FOR MINORS- The term `suitable for minors' means, with respect to material, that it--

`(A) is not psychologically or intellectually inappropriate for minors; and
`(B) serves--
`(i) the educational, informational, intellectual, or cognitive needs of minors; or
`(ii) the social, emotional, or entertainment needs of minors.'.

Now, the question: Does the book Heather Has Two Mommies meet this standard? Think about the implications.

Posted by Seth Finkelstein at 11:51 PM
November 16, 2002


I've watched some of the hoopla over a supposed .kids.us domain, the Dot Kids Implementation and Efficiency Act of 2002.

Blather, blather:

To facilitate the creation of a new, second-level Internet domain within the United States country code domain that will be a haven for material that promotes positive experiences for children and families using the Internet, provides a safe online environment for children, and helps to prevent children from being exposed to harmful material on the Internet, and for other purposes.

The .kids.us concept can be condensed down to one basic idea, that the US government will certify sites as OK-for-minors. There is no need to have this certification as a domain name. It could be done just as well with a simple list of US government certified OK-for-minors sites, and that would be vastly simpler to administer.

The dirty little secret of this boondoggle is as follows:


Almost nobody wants "whitelists". Whitelists have been around for years and years and years. I could write pages on this history of the idea. Just think about the basics. It's not like the concept just now occurred to people.

Posted by Seth Finkelstein at 11:53 PM
November 15, 2002

Updated Censorware Report - BESS's Secret LOOPHOLE

From: Seth Finkelstein
To: Seth Finkelstein's InfoThought list
Subject: IT: Updated Censorware Report - BESS's Secret LOOPHOLE
Date: Fri, 15 Nov 2002 06:21:18 -0500

It's been in the news recently that the Supreme Court has decided to review the decision where the Federal censorware law "CIPA" was struck down for libraries. See the information at

So I've revised and updated an anticensorware report of mine: BESS's Secret LOOPHOLE: (censorware vs. privacy and anonymity):

This report described a then-secret category, which could never be unbanned, in the censorware program BESS (BESS is made and marketed by the company N2H2). A LOOPHOLE turned out to be anything which let a reader view material prohibited by censorware - such as anonymizer/privacy sites, language translation sites, even sites which helped people check the design of their web pages. All of these sites were banned, at all times, even though they had no pornography or sometimes any content objectionable at all. They were forbidden themselves simply because the services the sites provided could be used to read forbidden material.

In this update, I've added new examples, such as a site which gives the general service of allowing people to edit any image file (since that service can be used to retrieve image files, it's banned).

The report has also been revised with more discussion of the legal implications of this banning, including mentions of my report in expert-witness testimony in the CIPA case, and discussion in the lower-court decision which struck down the law.

Almost all news reports describe censorware in terms of filtering out pornography. But that is not accurate, as it focuses only on presumably objectionable material. Censorware is about controlling what people are allowed to read. That's a profoundly different problem. And so far the courts have grasped the implications, that such control requires vast banning to even attempt to be effective. I hope the courts will continue to maintain that banning anonymity, privacy, language translation, and so on, in order to make sure no-one can read prohibited material, is thoroughly against the Constitution.

Infothought mailing list

Posted by Seth Finkelstein at 06:36 AM | Followups
November 14, 2002

N2H2 (censorware company) not quite yet bankrupt

A few people have been speculating over the prospects of censorware company N2H2, wondering over the exact time they will run out of money. Their "Book Value", as I write this, is negative, and their stock price isn't worth a cup of coffee per share. It isn't even worth a can of soda per share. It's just about the penny-gumball range.

Well, today they released their most recent financial results:

N2H2 Reports Fourth Quarter and Full Year 2002 Financial Results; Generates $1.9 Million in Positive Cash Flow.

But ...

Net loss for the quarter was $1.8 million, a 74 percent reduction from the net loss for the fourth quarter of 2001. Net loss for the year was $6.6 million, an 81 percent reduction from the previous year's net loss of $35.5 million.

The deathwatch continues ...

Posted by Seth Finkelstein at 11:56 PM
November 13, 2002

Supreme Court to review CIPA (censorware law)

[This is a well-reported item, but I believe I have something valuable to say, per below]

As reported in many standard places. the Supreme Court has decided to review the CIPA case, concerning the Federal law which links library funding to mandatory censorware.

By the way, it's important to keep in mind that while almost all news coverage will tout this as filtering pornography, censorware also usually bans anonymizers, language translations sites, google caches , even the archive WayBack Machine. This is because sites such represent a threat, a LOOPHOLE in censorware's control. This overbroadness has been a factor in the CIPA decision.

Update Nov 15: I've revised and updated the report

It now has revised and updated examples of LOOPHOLE sites, as well as containing the various mentions of the topic in the CIPA case.

Posted by Seth Finkelstein at 03:49 AM
October 31, 2002

ACLU reply to N2H2 in censorware case

Today brings the ACLU reply in the legal case of Edelman v. N2H2. This is a legal action about being able conduct research concerning censorware, free from the chilling effect of being sued. I'm following the case, for obvious reasons

My (nonlawyer) guess, is that the core of the issue in the reply is this:

N2H2 has also made public statements regarding its intention to assert all legal rights against Edelman if he engages in his proposed research. In N2H2's latest 10-Q quarterly filing with the Securities and Exchange Commission, N2H2 stated:

We intend to defend the validity of our license agreement and to enforce the provisions of this agreement to protect our proprietary rights. We also intend to assert all of our legal rights against Edelman if he engages in future activity that violates the agreement or our proprietary rights.

N2H2 Form 10-Q (filed Aug. 13, 2002), at 22 (emphasis added).4 Further, in the Wall Street Journal, N2H2 spokesman David Burt said the company would defend its license and intellectual property rights:

We think that our rights to protect our intellectual property and our software licensing agreements are valid. And we do intend to defend them.

Suit Seeks Exemption to Digital Copyrights, WALL ST. J., July 26, 2002, attached at Exhibit 2.

Posted by Seth Finkelstein at 09:49 AM
October 29, 2002

Censorware Cartoon

Read the comic strip User Friendly's Censorware Cartoon today.

My anticensorware investigations could hardly say it better


Posted by Seth Finkelstein at 10:28 AM | Followups
October 27, 2002

BESS's Secret LOOPHOLE and court decision

Someone needed to know today where my N2H2 censorware report BESS's Secret LOOPHOLE (censorware vs. privacy & anonymity) and similar material had been a factor in the CIPA (Federal censorware law) court decision.

So I dug out exact quotes from the expert witness reports.

Expert Report of Benjamin Edelman

In addition, a variety of services on the Internet provide proxy servers, translation servers, and other methods by which a user might retrieve Internet content via a third party rather than directly from the content provider. The use of such devices may stem from an interest in privacy, since proxy servers can prevent web server operators from gathering a variety of facts about a web user. Proxy servers may also provide other helpful services, such as translation of web content into other languages, addition of links to sources of related content elsewhere on the web, removal of unwanted or potentially- hazardous software code otherwise present in some web pages, or removal of advertisements. However, such servers also provide a possible means of circumventing the restrictions of popular blocking programs. Thus, it has been documented that blocking programs seek to prevent access to these proxy servers even when such blocking is not requested by the administrator of a blocking program and even when such sites are not within the specific descriptions of categories requested for blocking. 27 My testing found multiple examples of blocking of these sites, including translation service tranexp.com and privacy service idzap.com.

27 "BESS's Secret LOOPHOLE." <http://sethf.com/anticensorware/bess/loophole.php>

Expert Rebuttal Report of Benjamin Edelman

Similarly at least one of the programs tested blocked each of privacy service anonymizer.com, the web-based translation service tranexp.com, and online dictionary voycabulary.com. These sites (and the other web-based services referenced in Appendices A and B to my first report) all offer a large amount of valuable content, and research of others indicates that many other similar web-based services are also restricted by blocking software. 10

10 "BESS's Secret LOOPHOLE." <http://www.sethf.com/anticensorware/bess/loophole.php>

Posted by Seth Finkelstein at 06:55 PM
October 26, 2002

Country Googles

Google itself has a handy list of country Googles I didn't find any of them banning stormfront.org besides the already-noted France and Germany, and newly-noted Sweden.

If anyone wants to play too, here's the Googlely list, in text form:


Posted by Seth Finkelstein at 08:34 PM | Followups
October 25, 2002

Where searching isn't problematic (as far as I can tell)

Following up on yesterday's Googlemania, I ran tests for bans of similar Nazi/racist sites on Google Italy (http://www.google.it). I didn't find any sites excluded there. I also tried searching "stormfront" and "hitler" on German Altavista (http://de.altavista.com), and didn't see a difference.

Posted by Seth Finkelstein at 08:36 AM | Followups
October 24, 2002

Search strategy for "Localized Google search result exclusions"

In a fascinating report:
"Localized Google search result exclusions Statement of issues and call for data"
authors Jonathan Zittrain and Benjamin Edelman examine sites excluded by Google from localized country-specific searching. Regarding search strategy, they suggest:

Since the filtering documented above may be but a part of such practices, we hope to augment our public database of such examples by seeding new searches with sites already known to be restricted, perhaps because someone simply searched on a known site and was surprised to find no results.

I found doing cross-correlation between, for example, US and German results from sites related to the banned sites, turns out to be extremely productive.

See http://www.google.com/help/operators.html#related

With just a little programming, I found banned in Germany:


(these are in addition to what had already been found)

Update - and for Google France, other sites, and directories such as:



Cross-correlation of results from sites which link to the banned sites also turns out to be fruitful. Though it requires some care to weed-out many old and repeated results.

See http://www.google.com/help/operators.html#link

For example, such cross-correlation found, for Google France:



Posted by Seth Finkelstein at 04:58 PM | Followups

Improving searching for "Localized Google search result exclusions"

In a fascinating report:
"Localized Google search result exclusions Statement of issues and call for data"
authors Jonathan Zittrain and Benjamin Edelman examine sites excluded by Google from localized country-specific searching. For methodology, they use:

A note on search criteria: The authors' searches use standard Google search syntax to request 1) pages on the specified web site (using the site:stormfront.org restriction), and 2) pages that lack a phrase of gibberish (using the exclusion syntax -asdfasdf), since some search term must be specified. Similar searches for other sites confirm that these search criteria provide a reliable estimate of the number of pages indexed by Google on a given web site.

This methodology has a notable flaw - it cannot find any blacklisted item which is less than domain-level. For example, one item blacklisted from Germany is the home page of the Holocaust denier Arthur R. Butz, at URL:

This can be seen by comparing the German search using "allinurl" syntax http://www.google.de/search?q=allinurl%3Apubweb.acns.nwu.edu%2F%7Eabutz%2F

Versus a similar US search using "allinurl" syntax

The German search will return nothing, while the US search finds the relevant pages.

However, this item cannot be found with the "site:" syntax. A "site:" search argument is treated by Google as a domain name, and "pubweb.acns.nwu.edu/~abutz/" is not a domain. Thus, "site:pubweb.acns.nwu.edu/~abutz/" will never match anything.

Moreover, comparing site:pubweb.acns.nwu.edu search results between Germany and the US will NOT display any numerical difference in results. This is because as noted previously, the Google database seems to be identical for all countries. It is only the search display results which are affected.

Around 6,000 pages are indexed for pubweb.acns.nwu.edu. Since the maximum number of search results which can be displayed at a time is 100, there will be far more than 100 results which can be displayed even when the Holocaust-denier pages are removed.

Of course, if someone tried to retrieve all 6,000 pages, at some point, a difference due to banned pages would be visible. But that's an impractical, or at least very involved, task.

Thus, "allinurl" searches, when used with care as to what they mean, are a much better methodology for searching for banned items.

Again, it's important to note the separate components can appear anywhere in the URL, so "allinurl:stormfront.org" is "stormfront" and "org" in the URL, not just the string "stormfront.org" as might be naively thought).
See http://www.google.com/help/operators.html#allinurl

Update Oct 26:
The "info:" Google search operator is a good way to ask yes/no questions, which works for domains, directories, and pages.
See http://www.google.com/help/operators.html#info

Compare the German search using "info:" operator http://www.google.de/search?hl=en&q=info%3Apubweb.acns.nwu.edu%2F%7Eabutz%2F

Versus a similar US search using "info:" operator

Again, the German search will return nothing, while the US search finds the specific page. However, keep in mind it's possible for both "info:" searches to return nothing, depending on the vagaries of the database. That is, a not-found result in another country search, combined with a found result in the US search, is definitive evidence. But a not-found result in another country search and the US search may simply indicate the particular URL is not indexed.

Note searches for the German page caches ("cache:") DO work, even with banned sites (yet another proof that the database is identical, the results ban is a post-processing step)


Posted by Seth Finkelstein at 04:07 PM | Followups

How-it-works note for "Localized Google search result exclusions" report

In a fascinating report:
"Localized Google search result exclusions Statement of issues and call for data"
authors Jonathan Zittrain and Benjamin Edelman examine sites excluded by Google from localized country-specific searching. In discussing results, they conjecture:

The implication of these results -- confirmed in our subsequent searches on google.com versus google.fr and .de for the terms at issue -- is that the French and German versions of Google simply omit search results from the sites excluded from their respective versions of Google.

This implication can be refined and clearly demonstrated by observation of more sophisticated searching. The following example uses the "allinurl" syntax of Google, which searches for URLs which have the given components (note the separate components can appear anywhere in the URL, so "allinurl:stormfront.org" is "stormfront" and "org" in the URL, not just the string "stormfront.org" as might be naively thought).
See http://www.google.com/help/operators.html#allinurl

Consider the following US search:
This returned: Results 1 - 25 of about 1,670.

Now compare with the German counterpart:
This returned: Results 1 - 9 of about 1,670.

Immediate observation: The rightmost (total) number is identical. So identical results are in the Google database. It's simply not displaying them. How is it determining which domain results to display?

Note which "stormfront.org" site URLs are visible on the German page:


What do these all have in common?
They all have a port number after the host name.
The exclusion pattern obviously isn't matching the :number part of the URL.
It's matching a pattern of "*.stormfront.org/", as in the following which are displayed the US search, but not the German search.


Thus, the restrictions appear to be implemented as a post-processing step using very simple patterns of prohibited results.

Update: See also my explanation "Google Censorship - How It Works"

Posted by Seth Finkelstein at 10:28 AM | Followups

Reason note for "Localized Google search result exclusions" report

In a fascinating report:
"Localized Google search result exclusions - Statement of issues and call for data"
authors Jonathan Zittrain and Benjamin Edelman examine sites excluded by Google from localized country-specific searching. In discussing the data, they state:

Many such sites seem to offer Neo-Nazi, white supremacy, or other content objectionable or illegal in France and Germany, though other affected sites are more difficult to cleanly categorize.

The purpose of this note is to point out that one reason for certain sites being affected, is that they were formerly in such an objectionable category. Even though the domain has changed owners since then, they apparently remained blacklisted. For example, from http://cyber.law.harvard.edu/filtering/google/results1.html
consider the site:

1488.com - "Chinese Legal Consultation Network"

However, years ago, this domain was apparently a Neo-Nazi site:

Look at the upper-left-hand corner, "The Swastika Homepage"

Then the domain went up for sale:
"This Domain - for sale"

Then it became the current Chinese site:

Similarly www.14words.com was once a White-supremacist site:

But it is now just an empty domain. That's why it comes up with nothing but a homepage for a hosting company.

The implications here are that the blacklist is not re-examined or updated with any particular care, if at all.

Update: See also my explanation "Google Censorship - How It Works".

Posted by Seth Finkelstein at 07:51 AM | Followups
October 19, 2002

Who-gets-paid, and an N2H2 (censorware company) potkettleblack

I've been through N2H2's (a censorware company) motion to dismiss the case Edelman v. N2H2 (regarding the right to examine censorware blacklists). Let me write just one note today.

On page 3 of the motion, N2H2 starts off a section by writing:

"Edelman, who has in the past been paid to examine N2H2's system opposed to Internet filtering, ...."

Now, now, N2H2, you're not a charity. Moreover, it's not as if employees of N2H2 haven't been paid by parties seeking to impose mandatory censorware laws, such as: (emphasis added)

Courts: Library Filtering Of Internet Sites Found Unconstitutional

Filtering companies reacted defensively. "I think they are just holding filters up to too high a standard," said David Burt, director of public relations for N2H2. Although Burt's company is officially neutral on CIPA, he was a paid consultant to the Justice Department on defense strategy.

National Journal's Technology Daily, 05-31-2002

Note: Myself, I've never gotten paid for any of my anticensorware investigations, but I wish I had!

Posted by Seth Finkelstein at 11:56 PM
October 03, 2002

The Empire Strikes Back

I read through the entire N2H2 response (the motion to dismiss) in the Edelman v. N2H2 case. I'm not sure what to write, what I can write. It's times like these that I think about what's at stake, and the costs involved. I often tell people "This is not a game". There's nothing like reading legal briefs full of lawyer-flaming to bring that home.

Posted by Seth Finkelstein at 11:52 PM
October 02, 2002

The Wit And Wisdom of N2H2

Today's Chronicle of Higher Education reports, about the case Edelman v. N2H2 :

The Internet filtering company N2H2 Inc. is asking a judge to dismiss a lawsuit that a Harvard University law school student brought against the firm.

But ...

In a filing in August with the Securities and Exchange Commission, N2H2 stated that it will take legal action against those who threaten its trade secrets.

I believe it is helpful to read all The Wit And Wisdom of N2H2 as encompassed in that filing (my emphasis below):

On July 25, 2002, Benjamin Edelman filed suit against us in the U.S. District Court for the District of Massachusetts. Mr. Edelman is purportedly a computer researcher who seeks to conduct a quantitative analysis of the accuracy and comprehensiveness of our "Bess" and "Sentian" Internet content filtering products. If Mr. Edelman downloads our filtering software to conduct his analysis, he will be required to enter into our standard license agreement. The license agreement prohibits users from copying or decrypting our software and from using or disclosing confidential information that belongs to us and cannot be obtained through normal use of the software. Mr. Edelman's proposed activities would violate these provisions of the license agreement or applicable law, or both. He seeks a declaratory judgment that he cannot be held liable for breach of certain provisions of the license agreement as a result of his proposed activities. In addition, Mr. Edelman seeks a declaration that he will not be prosecuted for violations of the Copyright Act of 1976, the Digital Millennium Copyright Act, or laws protecting trade secrets if he conducts his proposed analysis. Finally, Mr. Edelman seeks to enjoin us from initiating litigation against him on the basis of his proposed activities. We intend to defend the validity of our license agreement and to enforce the provisions of this agreement to protect our proprietary rights. We also intend to assert all of our legal rights against Mr. Edelman if he engages in future activity that violates the agreement or our proprietary rights. To the extent that this matter is resolved in Mr. Edelman's favor, however, it could have a material adverse affect on our business, future results of operations, financial position and cash flows. Even if Mr. Edelman's claims are not successful, the litigation could result in substantial costs to the company and divert management's time and attention away from business operations.

I've mentioned the following before, but this portion, right from the horse's, err, mouth, deserves repeating (my emphasis):

Our filtering services have been accused of overbreadth by free speech groups.

In a recent federal court case, a federal appeals court held that certain provisions of the Children's Internet Protection Act resulted in an unconstitutional restriction of freedom of speech. These provisions required public libraries receiving federal funds to install Internet filtering programs like N2H2's on all of their computer terminals. The basis for this ruling is, in part, that such programs are overbroad in the types of speech that they filter out. This ruling is currently on appeal to the United States Supreme Court. To the extent that this decision is upheld, it will negatively impact our ability to market our products to libraries without modification, which could be time-consuming and costly.

Again, they said it, not me ....

Posted by Seth Finkelstein at 10:15 PM
September 29, 2002

This week's "journalism pyramid" height

Time to measure my height on the journalistic pyramid this week. My last anti-censorware material "SmartFilter stupidity - books sites as SEX" , meant to tie into "Banned Book Week", garnered around 500 hits. The majority of them seemed to come from library mailing-lists, since a notice was send around to those lists due to that tie-in to banned-books week. Perhaps I'm being unreasonable, but under the circumstances it was very disappointing.

Interestingly, there was a drop-off in interest on GrepLaw between this material and the earlier "SmartFilter stupidity - school sites as SEX". The school material received around 136 hits from there, but the book material only about 78 hits. Lisnews, however, showed less of a drop, at 52 vs 44.

Sigh. I'm not of the opinion that if I get just one reader, it's worth it.

Posted by Seth Finkelstein at 11:56 PM
September 27, 2002

Reverse-engineering vs. fair-use, and censorware examples

Findlaw has an interesting article "Should Software Companies Be Able, Through Contracts, To Prevent Competitors From "Reverse Engineering" Their Products", by Chris Sprigman. It's a very good discussion of the subject. But there's a few places which could use some commentary:

Minor point:

Now, however, some companies whose software has been reverse engineered have started to fight back. They have added anti-reverse engineering provisions to the "shrinkwrap" licenses that accompany their products.

"Now"? This isn't new. I can't recall ever seeing a commercial shrinkwrap license without prohibitions against reverse-engineering. I just found a censorware example from 1997, with a reply indicating this issue goes back decades (n.b., this is in part why I did my pioneer work against censorware , in virtual anonymity for so long).

Major point:

Reverse engineering itself, then, has been held to be fair use.

There's a difference between the idea that "Reverse engineering itself, then, has been held to be fair use", per se, intrinsically, and that certain instances of reverse engineering have been held to be fair-use, but others have been denied as fair-use. That is, between is fair-use, versus could be, but also might not be, fair-use. A reader of that article can easily get the impression that the courts have said reverse-engineering itself is always permitted as fair-use, whereas they've also said in other cases that it's not fair-use.

In particular, of special interest to me, the Cyberpatrol lawsuit, regarding programmers who reverse-engineered that censorware, has the following nasty things to say about that reverse-engineering of censorware:

43. Jansson and Skala admitted that they reverse engineered and decompiled Cyber Patrol Cyber Patrol, which violates the Cyber Patrol license agreement and creates an intermediate copy of Cyber patrol. ... In either case, by creating an intermediate copy of the Cyber Patrol software the defendants committed a prima facie copyright violation. ...

No Fair Use Defense

44. Fair use is a statutory affirmative defense to conduct otherwise actionable under the copyright law. ...

45. In general, any claimed "fair use" must be "consistent with the ultimate aim [of the Copyright Act] to stimulate artistic creativity for the general public good" ...

46. It is the defendants' burden to demonstrate such "fair use." ...

47. The individual defendants have no "fair use" defense here because they have neither asserted it nor submitted evidence supporting any fair use defense. ...

48. In addition, the purpose of the copying here is inconsistent with the general public good. The individual defendants' avowed purpose for decompiling CyberPatrol was to allow "youth access" to inappropriate content on the World-Wide-Web. That purpose contradicts the public interest as specifically found by Congress ...

49. Finally, to negate fair use one need only show that if the challenged use should become widespread, it would adversely affect the potential market for the copyrighted work ...

50. By their own admission, Jansson and Skala created the Bypass Code to "break" CyberPatrol ... Software explicitly designed to make CyberPatrol ineffective for its intended use can do nothing other than "adversely affect the potential market for the copyrighted work" ...

So whether reverse-engineering is fair-use also has to do with whether the court finds the specifics to be in "the general public good".

Disclaimer: I'm not a lawyer. But as the saying goes, the hound was only running for his dinner, but the hare was running for his life.

Posted by Seth Finkelstein at 10:30 AM
September 23, 2002

"Banned Websites Week" - book sites as SEX (SmartFilter)

The American Library Association (ALA) has designated September 21-28, 2002 as "Banned Book Week". This is an event to "Celebrate Your Freedom to Read".

So, as a small contribution in celebration of the freedom to read, here are some book-related websites likely to be banned in some libraries and schools, as they are all blacklisted as "Sex":
"Banned Websites Week" - book sites as SEX (SmartFilter)

Nowadays, book-banning has moved into the modern age. With a Federal censorware law (CIPA) affecting schools and libraries, the freedom to read, if using a computer screen rather than paper, is arguably being extensively threatened.

Posted by Seth Finkelstein at 11:38 AM
September 21, 2002

My height on the "Journalistic Pyramid"

A while ago, I wrote an essay: "The Internet and the Journalistic Pyramid".

The point is that the Internet arguably shifted slots on the "Journalistic Pyramid", but it's still a pyramid

The number of hits on my recent anti-censorware material, "SmartFilter stupidity - school sites as SEX" is around 300. There's more reading than that. But it sure isn't much of an audience overall, sigh.

Posted by Seth Finkelstein at 06:25 PM
September 20, 2002

Banned Websites Week?

[I wrote this for a library list]

Next week is "Banned Books Week". One idea I've had, was that it seemed a very natural fit to include censorware issues here, to have "Banned Websites" too. I've thought this would be a good way to talk about censorware in a civil-libertarian framework.

Last year, I was planning to send out brand-new lists of sites banned by censorware, on every day of the week. But then came the September 11 events, so there was no interest in such lists. This year, there still doesn't seem to be much interest, or maybe I'm ill-situated to do that PR.

For all my technical expertise, I don't think I'm skilled in pulling off any sort of "Banned Websites Week" campaign. So I'll just toss this concept out to the list to see if anyone would like to refine or somehow implement the idea.

Posted by Seth Finkelstein at 05:54 PM
September 19, 2002

More de-press-ed conference, coverage by Andy Oram

Andy Oram had some coverage of the Boston event for yesterday's censorware press conference (again, I spoke here). His article is:

Internet filtering hurts those who are least able to protest it

Great write-up. And I'm happy to be mentioned:

One of the best spokesmen concerning censorware is the one who knows the code: Seth Finkelstein, who won the 2001 EFF Pioneer Award for deciphering several filtering programs. Seth is a crackerjack programmer who ought to be earning six figures somewhere. But the modest publicity he got for the EFF Award did not translate into job prospects, and he can't publish much of his research because he'll be sued by censorware companies angry at having their operations revealed.

Posted by Seth Finkelstein at 04:49 AM
September 17, 2002

SmartFilter stupidity - school sites as SEX

On September 18 2002, several civil-liberties groups are sponsoring an event focusing on the impact of a Federal censorware law (CIPA) as applied to schools:

School Communities Give Internet Filtering Law Failing Grade
Research Reports Thousands of Sites Incorrectly Blocked

I'm speaking at the Boston-area press conference. So for talking-points, I decided to bring a few more egregious examples to the party. The twist here is that these aren't websites useful in school, but are schools or school-related themselves. And they are all blacklisted as "Sex".

For more, read

SmartFilter stupidity - school sites as SEX

Posted by Seth Finkelstein at 11:56 PM
September 16, 2002

OPG: School Communities Fail Censorware Law

The Online Policy Group has just issued a press release announcing latest results of a censorware investigation which shows ... drumroll ... "Research Reports Thousands of Sites Incorrectly Blocked"

School administrators, along with students, teachers, parents, and school librarians, in San Francisco, New York, and Boston will speak out on September 18 against federal mandates for Internet blocking or filtering software in public schools.

Disclaimer: I'm a speaker, and not disinterested, due to my own anticensorware investigations

Posted by Seth Finkelstein at 07:17 AM
September 12, 2002

CNET interview of Geoffrey Nunberg

Geoffrey Nunberg, linguistics expert, is the subject of an interesting interview on CNET. Well worth reading for all the insights, though I note it here for the following comment about censorware:

That's very different from software that just says, "You can see this, you can't see this," and doesn't involve human review of the process. Although these (filtering) companies claim they use human review for all sites, that's just not true. And it couldn't be done, given the size of the Internet.

Posted by Seth Finkelstein at 11:47 PM
September 10, 2002

N2H2 (censorware company) fires 18, COO, VP marketing

Speaking of N2H2 (a censorware company) finances, its business doesn't seem to be good:

N2H2 lays off 18; two executives among them

Seattle-based N2H2 Inc., a developer of Internet filtering software, has laid off 18 members of its staff, including the chief operating officer and the vice president of marketing. ...

The moves, expected to reduce operating expenses by 11 percent or $1.5 million annually, are designed to help the company achieve profitability in late fiscal 2003, N2H2 said.

Posted by Seth Finkelstein at 11:07 PM
September 09, 2002

Censorware company financial document

There are great gems in financial documents. I found this in N2H2's Form 10-Q for August 2002.

Our filtering services have been accused of overbreadth by free speech groups.

In a recent federal court case, a federal appeals court held that certain provisions of the Children's Internet Protection Act resulted in an unconstitutional restriction of freedom of speech. These provisions required public libraries receiving federal funds to install Internet filtering programs like N2H2's on all of their computer terminals. The basis for this ruling is, in part, that such programs are overbroad in the types of speech that they filter out. This ruling is currently on appeal to the United States Supreme Court. To the extent that this decision is upheld, it will negatively impact our ability to market our products to libraries without modification, which could be time-consuming and costly.

They said it, not me ....

Posted by Seth Finkelstein at 11:51 PM
September 07, 2002

More on terrorism and NY school censorware

The banning of sites concerned with terrorism, as "crime", in New York schools, highlights another frequent problem with censorware:

You don't know what's in a "category"!

In the censorware here, the I-Gear categories state:


Sites providing instructions on performing criminal activities or acquiring illegal items including defeating security, disabling, or otherwise interfering with computer systems (hacking or cracking); unauthorized use of telephone or communications equipment to place free calls or charge another's account for calls (phreaking); deactivating copy protection or registration schemes of software or hardware systems (pirating and wares); construction and/or usage of munitions such as pipe bombs, letter bombs, and land mines; and lock picking, spying, or general subterfuge and defeating of security measures.

Well, that's what they say ... but there's no little asterisk for "and anything that has the word terrorist or terrorism or anarchist etc, too many times ..."

Posted by Seth Finkelstein at 11:34 PM
September 06, 2002

Censorware bans student research on "terrorism"

[This was sent to a reporter regarding a story about high-school students being prevented by censorware from searching for sites concerning "terrorism"]

I noted in your article "Filters, Schools Like Oil, Water", that "Calls to the New York City Board of Education about filtering were not returned.". I think the information you want is partially on the NYCENET.EDU website, in particular the page about Internet policy:


Note the blacklist categories of "crime", "intolerance", and "violence". Even though the policy talks of modification for grades 9 through 12, just on inspection, it's a good bet that one of those blacklists was the problem.

I'm an expert regarding censorware, having been honored by the Electronic Frontier Foundation with an EFF Pioneer Award for my work (see http://www.eff.org/awards/20010305_pioneer_pr.html ) . The program in this case is I-Gear, which I've analyzed. Without getting into the technical details, from the last time I analyzed I-Gear, I can confirm that the word "terrorism" (and also "terrorist") is blacklisted by I-Gear in the "crime" category. So searching for sites about "terrorism" will likely be banned.

It's often easy to find out what blacklists are in use by I-Gear. Just try "http://www.anonymizer.com". That's an anonymity site. Those kinds of sites - privacy, anonymity, language translation, etc. - are banned in all blacklists, because the sites represent a "loophole" in the control of censorware (see my report on this topic, BESS's Secret LOOPHOLE http://sethf.com/anticensorware/bess/loophole.php . Unless the display has been changed, I-Gear gives the various blacklists which cause a site to banned. So "http://www.anonymizer.com" should return all blacklists in use, since it's in every blacklist.

Feel free to contact me if you'd like further information.

[Entry update: The I-Gear censorware has the word "anarchist" in the crime category too, and even worse than the word "terrorist"]

Posted by Seth Finkelstein at 03:56 PM

China, Google - Censorware Is About Control

In the context of China banning the Google search engine, Edward W. Felten's Freedom To Tinker blog kindly mentions my anticensorware work exposing how censorware is impelled to ban caches, anonymizers, translation sites , etc. No matter how many times I say this, it's still relevant: Censorware is about control. It is not a "filter". It is about controlling what people are permitted to read. The best public-relations move the censorware companies ever achieved, was to get their product called a "filter". Because that focuses attention on a mental model of bad, harmful, dangerous material, and a claim to be "filtering" it out. That is a very different view, in contrast, to focusing on a need to control people, and how the blinder-box must be constructed so that the subject can never escape from the control.

Posted by Seth Finkelstein at 12:26 AM