Unless you’ve been living under a rock, you’ll surely have heard something about Senator Stephen Conroy’s plan for Cyber Safety. 

There are many parts to the Senator’s plan – but the part  that is causing the most debate is the proposed ‘Clean Feed’ system.  That is: All ISPs in Australia would be required to filter all internet access of certain types of content.

The argument put forth by the Senator and his supporters is that because certain content is illegal, Australians should therefore not be able to access it, and it should be completely filtered out, with no option to opt-out.

While the the original concept of protecting children from potentially harmful material has some merit, the actual plan under consideration has significant issues – not the least of which is how the actual plan would be implemented.

Senator Conroy (AAP: Alan Porritt)

Put simply, what is being asked for can NOT be delivered. Any system which was put in place would need to either completely cut off almost all access to the internet, or would be trivially bypassed with little or no effort on the part of internet-users.

The Senator’s plan calls for ISPs to provide a Clean Feed for all Web traffic. What most people don’t realise The Web is simply one small portion of the type of traffic flowing over the internet.  The plan that is being asked for would only be able to filter Web Traffic.  Other systems such as the type of private networking used in many businesses, and Peer to Peer networks would completely bypass the filter.

Even if we completely cut off all other non-Web traffic (which as I mention below, would cost businesses massive amounts of money), that still would not ensure we have a Clean Feed.  Why? Because of this little thing called Encryption.

Without getting into the technical details of how encryption works, when you enter (say) a shopping site it will ask you to provide certain private information like a credit card number or a password. That information you enter will be encrypted by your computer, and sent to the site. Many would ask “Who cares about encryption?” Well, just stick with me for a minute. 

Encryption is a good thing – it ensures that when you view your online banking site and pay some bills that you don’t have someone slip in a command to transfer some money to someone else. 

Because of the nature of this type of two-party Encryption (also known as Public Key Encryption or PKE), it is not possible for a filtering system to check to see if what you’re accessing is illegal. All details of what you’re accessing is secured against all others viewing it. 

“Ah-hah!” some might say “Just make it so that the government can also decrypt any traffic. You can trust us!”.  Let’s assume for a moment that the Government was completely trustworthy and that every employee responsible for the filtering plan at every ISP was also trustworthy. The very act of adding this sort of back-door has been proven time and time again to be exploitable by not just the Government and authorised users but also any determined hacker.

If you don’t believe me you can go ask the US Government and Pentagon. It was not too many years ago they were starting down a similar path to require all cryptography products to have a back-door that could be used by the Government to view the encrypted content. It failed because the systems could not be made secure and now the US Government mandates the use of PKE for all critical systems that need to access confidential information.  The situation for ‘back door’ encryption systems has only gotten worse since then. Computing power has increased hundreds or thousands of times and now a cheap laptop computer is able to apply astounding amounts of computing power towards breaking encryption.

“So, why does it matter that there’s this encryption stuff?”  you may ask. Well because there is no way for any ISP-level filter to determine just what is being requested when communications are encrypted.

An encrypted connection could be simply someone shopping on eBay for something perfectly innocent like a birthday present.
It could be someone accessing their work’s network from home and preparing a report for a client.
It could be someone making a video call to a see the kids while they’re away on business.
It could also just as easily be someone accessing something illegal. There is no way for a filter at an ISP

Image supplied by enimal

To begin to effectively filter the internet you would need to ban encryption.
If you ban encryption you immediately kill any online commerce, as the ability to transfer information in private like credit card numbers, would be banned.  
Try telling eBay and the hundreds of online shopping sites that they need to shut up shop.
Try telling the major banks that they need to get rid of their online banking sites, and have customers visit a branch or call in for service.
Try telling businesses that while they’re welcome to have multiple offices – any communication between them needs to be unencrypted over public networks.

Banning encryption would mean that any kid with a laptop and a spare minute or two can see all confidential files and information as it is accessed.

Once you make the obvious decision to allow encryption to remain, all ability to effectively filter the internet goes out the window. The only  thing you can do is slow down the speed at which people access the internet, and for what reason?

So, Senator Conroy and all other members of Parliament – please abandon this ineffective and ultimately useless Clean Feed proposal.

Instead, focus on supporting Mums and Dads to educate their children about appropriate and inappropriate use of the internet. Providing support to parents on how to install and use filters on their own computers* would also be a good thing. 

In fact, this home filtering thing is such a good idea that it’s already being done. The Federal government’s NetAlert program is already offering commercial filtering software at no-cost to all Australians.  Never heard of it? Not surprising.  The next logical step from NetAlert is to promote the education of parents on how to install and use these filters we’ve been provided.

* Home filtering, for the record, is the only place a filter can see what content is being accessed, regardless of encryption.  That’s because it gets to see the content before encryption, and after decryption.

Please visit nocleanfeed.com to see how you can voice your opposition to the Clean Feed proposal to those in government.

Image Sources:

#1: http://www.watchingcw.com/cats-and-kittens/ via Google Image Search
#2: http://www.abc.net.au/news/stories/2007/12/31/2129471.htm AAP: Alan Porritt
#3: http://www.sxc.hu/photo/913770 by forwardcom
#4: http://www.sxc.hu/photo/902697 by enimal
#5: http://www.sxc.hu/photo/97150 by wagg66