The internet filtering business is a lucrative one. In October, US company Websense reported third-quarter earnings of over US$90 million, putting the company on track to exceed its previous year’s revenue of a third of a billion dollars. There’s a lot of money to be made in providing personal filter software to concerned parents, schools, companies and libraries, and even more from selling ISP-level filtering systems and constantly-updated lists they’re based on.
And, of course, there’s a lot of money to be made from selling them to governments, particularly governments keen to ensure their populations don’t see problematic content.
As Jillian York and Helmi Noman showed in an important paper last year, the key filtering software used by Middle Eastern régimes to prevent citizens from accessing sensitive content and anonymisation tools online were Canada’s Netsweeper, US-owned Websense and McAfee’s SmartFilter. All three companies’ products are available in Australia, as are the products of US company Blue Coat, which enable the criminal Syrian régime to censor the internet in that country.
Netsweeper, which boasts on its website that one in three British schoolchildren are “protected” by its product, has no qualms about providing censorship tools to the worst régimes in the Middle East.
Websense’s products remain in use by Middle Eastern régimes to censor the internet, including the vile Yemeni government of Ali Abdullah Saleh, but has declared its opposition to the use of its software by governments.
Filtering companies tend to reflexively support censorship, because it means more sales for them. There was a lot of interest from filtering companies in Australia after Labor won in 2007, due to its ludicrous web filter policy, but the failure to implement mandatory filtering so far has been problematic for the industry. The local head of Netsweeper, Michael Grace, complained in 2010 that uncertainty about the government’s mandatory internet filter was hurting sales of his software. The year before, Grace had proposed to the Productivity Commission’s gambling inquiry a centralised, mandatory internet filtering system to monitor all Australian internet traffic to redirect it away from overseas gambling sites.
Last year, in discussing various aspects of the ongoing corporate and government war on the internet, I suggested we should distinguish between different types of attacks on the internet, given that some attacks, like those of nanny state types and cultural engineers, have much less impact than those by governments pursuing a national security agenda, or dictatorships battling for survival. But an important caveat to that attempt to differentiate types of attacks is that often the same tools are used right across the spectrum.
Filtering is the best example. What might look like a relatively benign ISP-level filtering system designed to enable the blocking of a verified blacklist of sites commonly agreed to be unacceptable, like child p-rn or malware sites, is the same system that can be used by governments to block access to political content of which they disapprove, or anonymising and censorship-evading tools that users might exploit to access that content.
As we saw with the materials released in WikiLeaks’ Spy Files on the cyber security industry, network monitoring systems create the same issue: cyber security firms like Endace pitch embedded systems that enable monitoring of traffic in order for companies to optimise traffic flows, making the most efficient use of their infrastructure and providing the best service to users — but such systems also enable routine monitoring of content for (the frequently misnamed) “lawful interception” and intelligence purposes.
That is, once systems exist that enable filtering and monitoring, no matter how benign their intent, they can and will be used to censor and spy on people. And the companies that manufacture those systems have an incentive, once they have developed such products, to sell them as widely as possible to maximise revenues on sunk costs.
This is a corollary of a larger issue brilliantly articulated by Cory Doctorow in a speech in December, now an article, on what he calls the coming war on general purpose computing. The speech has rightly received a lot of love on Twitter, but if you haven’t seen it it’s one of those rare must-reads about the future of regulation in this area. One of Doctorow’s points is that computers are increasingly pervasive across a wide range of activities far from the desktop, from well-established systems like internet radios to cutting-edge technologies like 3D printers and beyond.
And the logic of regulation to which the copyright industry’s relentless and so far unsuccessful war on file sharing has given birth is a determination to try to limit computers to specific, approved, regulated purposes that make them tools of governments and companies, rather than of users.
There’s already a growing market for mobile phone internet filters, because phones are no longer phones, they’re general purpose, internet-connected computers that happen to include a phone. But how about filters for radios with internet access? Or fridges, or TVs?
Knowing manufacturers of surveillance and censorship products operate in Australia isn’t particularly helpful in terms of adjusting consumer behaviour. You could avoid buying a ZTE-manufactured handset or installing Netsweeper. But in an environment of ubiquitous interconnected devices generating constant traffic about what citizens are doing, companies and governments will have a permanent incentive to use embedded systems to watch them and try to stop them from going anywhere they don’t want them to.
*Read part one of Bernard Keane’s investigation into IT surveillance here