The Internet Watch Foundation (IWF), hacked websites and URL blocklists
Now, I should warn that I do not like the IWF. It is a charity, and I do not believe that a charity should wield power over what is available on the internet. If the IWF were a department in a law enforcement agency and fully accountable then I would have no problem. But what the IWF does is decide whether something is illegal and get it taken down – this is a charity, not a law enforcement agency nor a court, making and enforcing a legal decision outside of the courts. That just doesn’t feel right to me. More than this, if the IWF cannot get the page taken down (perhaps it’s hosted abroad in a foreign jurisdiction) it adds the URL to a list that is used by blocking companies and ISPs to block that page.
Back to the IWF’s news announcement. What puzzles me is the motive. The announcement claims that the IWF is receiving an increasing number of reports of hacked websites hosting illegal material; and gives one example of a furniture store. It’s what is missing from the announcement that is striking:
- no indication of how sites are hacked
- no indication of what site owners should be looking for to prevent the hack
- no indication of how site owners might check for hidden folders
- no indication of how site owners might eradicate these folders
- no indication of what position the IWF would take against companies that have unwittingly broken the law by unwittingly hosting illegal material
- no indication of what position the IWF would take against individuals who have unwittingly stored (by viewing) illegal material by unwittingly stumbling across or being redirected to the hidden folders containing illegal material.
In short, the IWF announcement says little of any value. So why did it say it? I honestly don’t know, but…
First off, the timing is interesting. It comes hard on the heels of David Cameron’s announcement of an internet porn filter that will allow – no, force – ISPs to block certain websites. Notice that the publicity is all about blocking sites, not pages within sites. Each ISP will, I believe, be able to choose and operate its own filter list – but the first one we really know about will be compiled by the Chinese firm Huawei. Not, notice, the IWF. A competitor.
Noticeably, however, the situation described by the IWF will evade Cameron’s porn filters. Since they are hidden folders hosted on genuine and legitimate web sites, they will not appear on the opt-out ISP lists (which anyway, are opt-out). They are, however, being caught by the IWF’s existing infrastructure and put on a list that is not opt-out.
Do we have, British-style genteel squabbling on our hands? Surely not.