[Infowarrior] - ISPs pressed to become child porn cops

Richard Forno rforno at infowarrior.org
Fri Oct 17 01:41:15 UTC 2008


http://www.msnbc.msn.com/id/27198621/

New law, new monitoring technology raise concerns about privacy
By Bill Dedman and Bob Sullivan
msnbc
updated 4:40 p.m. ET, Thurs., Oct. 16, 2008

ISPs pressed to become child porn cops

New technologies and changes in U.S. law are adding to pressures to  
turn Internet service providers into cops examining all Internet  
traffic for child pornography.

One new tool, being marketed in the U.S. by an Australian company,  
offers to check every file passing through an Internet provider's  
network — every image, every movie, every document attached to an e- 
mail or found in a Web search — to see if it matches a list of illegal  
images.

The company caught the attention of New York's attorney general, who  
has been pressing Internet companies to block child porn. He forwarded  
the proposal to one of those companies, AOL, for discussion by an  
industry task force that is looking for ways to fight child porn. A  
copy of the company's proposal was also obtained by msnbc.com.

Privacy advocates are raising objections to such tools, saying that  
monitoring all traffic would be an unconstitutional invasion. They say  
companies can't start watching every customer's activity, and blocking  
files thought to be illegal, even when the goal is as noble as  
protecting children.

But such monitoring just became easier with a law approved unanimously  
by the Congress and signed on Monday by President Bush. A section of  
that law written by Republican presidential candidate Sen. John McCain  
gives Internet service providers access to lists of child porn files,  
which previously had been closely held by law enforcement agencies and  
the National Center for Missing and Exploited Children. Although the  
law says it doesn't require any monitoring, it doesn't forbid it  
either. And the law ratchets up the pressure, making it a felony for  
ISPs to fail to report any "actual knowledge" of child pornography.

That actual knowledge could be handed to the Internet companies by  
technologies like the one proposed by the Australian company,  
Brilliant Digital Entertainment Ltd. Known as CopyRouter, the software  
would let ISPs compare computer files — movies, photographs and  
documents — against those lists. Banned files would be blocked, and  
the requestor would receive a substitute file provided by law  
enforcement, such as a warning message: "The material you have  
attempted to access has been identified as child pornography." The  
attempt to send or receive the file could then be reported to law  
enforcement, along with the Internet Protocol address of the requestor.

The CopyRouter relies on a controversial new technology called "deep  
packet inspection," which allows Internet companies to analyze in real  
time the river of data flowing through their networks. The pipeline  
would know what was passing through it. You can read more about this  
technology in Bob Sullivan's Red Tape Chronicles.

Child porn foes give proposal to AOL
A PowerPoint slide show from Brilliant Digital Entertainment  
describing the technology was passed on to AOL last month by two  
powerful forces in the fight against child porn: the office of New  
York Attorney General Andrew M. Cuomo, who has been calling out ISPs  
that won't agree to block sites with illegal images, and Ernest E.  
Allen, the president and CEO of the National Center for Missing and  
Exploited Children, a nonprofit given by Congress a central role in  
the fight.

When msnbc.com inquired about the proposal, both Cuomo's office and  
Allen said they were not promoting the technology, merely passing it  
along to a committee of Internet service providers and software  
companies as part of "brainstorming" on new technologies to detect  
illegal images.

One of the leading experts on electronic privacy in the U.S. says the  
proposal would clearly run afoul of the U.S. Constitution, essentially  
setting up a wiretap without obtaining permission from a judge.

"This would be plainly illegal in the United States, whether or not a  
governmental official imposed this on an ISP or the ISP did this  
voluntarily,"  John Morris of the Center for Democracy and Technology  
said after viewing Brilliant Digital's slide show. "If I were the  
general counsel of an ISP, I wouldn't touch this with a 10-foot pole."

A spokesman for Brilliant Digital Entertainment disputed that, saying  
the technology would be "non-invasive," would not compromise privacy,  
would be legal in the U.S. and elsewhere, and most important, would  
curtail the global proliferation of child pornography.

"I don't think it takes many voices before the Internet industry  
separates out those who are prepared to build a business on the  
trafficking of child sexual exploitation," said Michael Speck,  
Brilliant Digital's commercial manager in charge of law enforcement  
products. "If boxes started turning up with Pablo Escobar's special- 
delivery cocaine inside, they'd stop it, they'd do something about it."

How it would work
Here's how CopyRouter would work, according to the company's slide show:
# A law enforcement agency would make available a list of files known  
to contain child pornography. Such files are commonly discovered in  
law enforcement raids, in undercover operations and in Internet  
searches that start with certain keywords (such as "pre-teens hard  
core"). Police officers have looked at those files, making a judgment  
that the children are clearly under age and that the files are illegal  
in their jurisdiction, before adding them to the list. Each digital  
file has a unique digital signature, called a hash value, that can be  
recognized no matter what the file is named, and without having to  
open the file again. The company calls this list of hash values its  
Global File Registry.
# Whenever an Internet user searched the Web, attached a file to an e- 
mail or examined a menu of files using file-sharing software on a peer- 
to-peer network, the software would compare the hash values of those  
files against the file registry. It wouldn't be "reading" the content  
of the files — it couldn't tell a love note from a recipe — but it  
would determine whether a file is digitally identical to one on the  
child-porn list.
# If there were no match, the file would be provided to the user who  
requested it. But if there were a match, transmission of the file  
would be blocked. The users would instead receive another image or  
movie or document, containing only a warning screen. The makers of  
CopyRouter claim that it can even be used to defeat encryption and  
compression of files  in the Internet's Wild West: the peer-to-peer  
file-sharing tools such as Gnutella and BitTorrent. Many people use  
those file-sharing systems for legal traffic, such as independent  
artists distributing their music, or software developers sharing open- 
source code. But others use them for illegal traffic in copyrighted  
music and movies. They also are popular for distributing adult  
pornography, which is legal, and child pornography, which is not.

Can software fool encryption schemes?
Encrypted files on the peer-to-peer network could not be decrypted by  
CopyRouter, but the company claims it can fool the sender's computer  
into believing that the recipient was requesting an unencrypted and  
uncompressed file. The slide show calls this "special handling." This  
is done by changing the underlying protocol settings that establish  
how the sender and recipient exchange the file. This trickery, unknown  
to either the sender or recipient, would make it possible for  
CopyRouter to see the underlying files, calculate a hash value and  
compare the files to the list of illegal files, Brilliant Digital says.

A photo of the company's first test machine can be found online, in  
the online photos of the company's systems architect, Norberto "Beto"  
Meijome, author of the PowerPoint presentation.  Meijome's portfolio  
of online photos on Flickr includes photos of his Cisco SCE router on  
the day he unpacked and installed it, Sept. 11, 2007. He labels the  
SCE router "the new toy."

Brilliant Digital Entertainment has a complicated past. Its  
subsidiary, Altnet, made news in 2002, when its software shipped with  
the Kazaa file swapping software, then heir to Napster’s throne as the  
favored way for file swappers to illicitly trade music. Altnet's  
program was designed to use unused bandwidth and processing power of  
Kazaa users for such uses as paid advertising and promotions for  
commercial products. The company claimed that this activity only  
occurred if the customer allowed it, but some antivirus firms labeled  
the software as spyware. Later, Altnet was sued by the recording  
industry for its role in helping spread the popularity of Kazaa.

After settling a lawsuit with the music industry, Brilliant Digital  
decided to approach file sharing from a new direction, selling  
products designed to help copyright holders protect their intellectual  
property. It now describes itself as a "significant online provider of  
licensed film and music content."

Seeking allies to move the new product to market
Now the company wants to expand into a new product line: fighting  
child porn.

"We have been working on it for some time," Speck said in a telephone  
interview from Australia.

"We've been in negotiations with ISPs and law enforcement agencies and  
content owners." Speck said he previously led the anti-piracy  
organization of the Australian sound recording industry.

Now he's lining up meetings in the U.S. next month with Internet  
providers and the National Center for Missing and Exploited Children.

In advance of his trip to the U.S., Speck spoke with the staff of  
Andrew Cuomo, whose New York attorney general's office has been  
pressuring Internet service providers to fight child porn. In June,  
Cuomo announced he was investigating ISPs, using a modern version of  
the public stocks to encourage cooperation. He set up a Web site  
listing Internet providers around the nation that made the changes he  
demanded, as well as "ISPs that have failed to make the same  
commitment to stop child porn." Cuomo, who was recently cited by  
McCain as one Democrat he would like to appoint to federal office, has  
urged Internet service providers to block access to child porn news  
groups and "purge their servers of child porn Web sites."

Speck had a conference call in September with Cuomo's staff, which he  
said gave him a blunt description of the legal and privacy landscape  
in the U.S.

"We'd be grateful for any assistance in getting this to the relevant  
ISPs and law enforcement agencies, and making any adjustments  
necessary," Speck said, recounting the conversation with Cuomo's  
staff. "It was made very clear that, for this to be a viable law  
enforcement tool, this would have to operate within the legislative  
framework within the country."

After talking with Speck, Cuomo's office passed the proposal on to  
John D. Ryan, AOL's senior vice president, deputy general counsel and  
head of its public safety and criminal investigations unit. Ryan  
received the slide show on Sept. 18, the day before attorneys from  
Cuomo's office arrived at AOL's headquarters in Virginia to discuss  
new technologies to fight child porn. Both Cuomo's office and AOL said  
that the CopyRouter was not discussed explicitly during what was  
described as a brainstorming session.

‘We have nothing to do with this technology’
"We have not pressured anyone to use this technology," said a Cuomo  
spokesman, Matthew Glazer. "We have nothing to do with this technology."

At the same time, AOL's Ryan received a copy of the slide show from  
the National Center for Missing and Exploited Children. Known as  
NCMEC, this private nonprofit organization has an increasing role in  
the law enforcement effort against child porn, and receives more than  
$35 million in taxpayer funds each year. NCMEC and Cuomo's office have  
worked together this year on the child-porn fight, holding a joint  
press conference to announce Cuomo's Web site.

Ryan also has close ties to NCMEC, serving as a member of the board of  
directors and as leader of its industry Technology Coalition on child  
porn. Members of that group also include Yahoo, Microsoft, Google and  
others. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)

AOL officials said they did not feel pressured by Cuomo or NCMEC to  
adopt any particular technology, adding that the company has a long  
history of fighting child porn on its own initiative. "The  
relationship with the attorney general is positive and partnering,"  
Ryan said.

AOL's has a system of its own
AOL officials told msnbc.com that they already examine some files for  
child porn, block access to those files, and provide evidence to law  
enforcement. That system (called image detection filtering protocol)  
apparently is based on the same general principle as CopyRouter,  
comparing the hash values of files to a known list. But there are  
significant differences between the two approaches.

AOL checks files uploaded as attachments to e-mail against a list of  
files that AOL has identified as child porn. If the file matches one  
on its list, the sender is led to believe that the file has been sent,  
but it has not. AOL's methods have been shared with other Internet  
service providers.

But AOL officials said a device like the CopyRouter would be more  
extensive and more efficient for two reasons: AOL checks only e-mail  
attachments, not Web searches or other Internet traffic, and its home- 
grown list of banned files is much shorter than the lists compiled by  
law enforcement and NCMEC.

"The library of hash values that AOL has, has been derived over time,  
completely in house from reports from users and files we've stumbled  
upon," said Christopher G. Bubb, an AOL assistant general counsel in  
the public safety and criminal investigations unit. "So it's not a  
government list. Courts have likened it to citizen provided  
information."

Government role would be problematic
That distinction is important. Internet service providers could be  
considered agents of law enforcement if they began comparing files to  
a list provided by the police and intercepting traffic by substituting  
a legal file for an illegal one. The Fourth Amendment to the U.S.  
Constitution forbids unreasonable search and seizure by the  
government. Courts have held that Internet service providers are  
within their rights to examine the traffic that flows through their  
pipeline — as they must do, for example, to combat spam — because the  
scrutiny is being done by a company, not the government.

Although they said they could not pass judgment on software proposed  
by any vendor, the AOL officials suggested that Brilliant Digital's  
proposal might not work in the U.S., at least not without Congress  
providing ISPs more legal cover.

""Keep in mind that this is developed in a totally different cultural  
and legal regime. The Australian legal system is quite different from  
an American legal system," said Ryan, the AOL executive. "It would  
raise concerns. ... Would we be deemed an agent of the government?"

‘Not an intelligence-gathering tool’
Speck, the Brilliant Digital official, argued that CopyRouter would  
not put ISPs in a law enforcement role because the list of banned  
files would be managed by the law enforcement agency, not handed over  
to the private companies. CopyRouter would consult that list, but at  
arm's length from the companies.

"The responsibility is shifted to law enforcement," Speck said. "We've  
delivered to Internet service providers something they've called  
for. ... This is not an intelligence-gathering tool. This is not for  
developing a list of users. This is an extension of what routers  
already do."

But wouldn't the Internet service provider know which traffic  
CopyRouter had blocked, and which user had sent or attempted to  
download it? No, Speck said, because his company's product would be a  
neutral middleman, not sharing information with the ISP or law  
enforcement.

"All hashes are provided to Global File Registry, which manages a  
secure data base and communications channel between law enforcement  
agencies and the ISP such that the illicit file hashes targeted by law  
enforcement remain private and secure to the relevant law enforcement  
agency," he said in an e-mail after the interview. "There is no  
personal (sender/receiver) information identified, and privacy is  
maintained."

The company's slide show, however, does describe information on users  
being passed directly to law enforcement. Any files that matched the  
child porn list would be reported to a "law enforcement data  
collector," along with IP addresses identifying the user's computer.  
The slide show says, "Any hits here will generate a 'red' report,  
which will be routed to the police collector server ONLY. These  
reports contain full IP information."

Although Brilliant Digital says no law enforcement agency has signed  
on to the CopyRouter plan, that hasn't kept the company from including  
a familiar blue seal in its slide show. At each point when a law  
enforcement computer is depicted, it bears a mark that closely  
resembles the FBI logo. Only when the logo is magnified can one see  
that it says "Friendly Bus Investigator" rather than "Federal Bureau  
of Investigation." The FBI hasn't signed on to the plan, Speck said,  
and the logo was not meant to imply any endorsement.

The FBI met a hailstorm of criticism in 2000 when the existence of its  
Carnivore project was revealed. The packet-sniffing technology was  
used to monitor and log traffic when installed at an Internet service  
provider. The FBI by 2005 had stopped using the technology, in favor  
of commercial tools.

New law may take law enforcement out of the loop
Under the new U.S. law, a system like CopyRouter might not require  
involvement of law enforcement. The McCain portion of the new child- 
porn law allows such a system to be set up by the Internet service  
providers, because it gives them access to those lists of illegal files.

The key player in that transfer is the National Center for Missing and  
Exploited Children. Although it's a nonprofit organization, NCMEC has  
increasingly taken on law enforcement roles, with Congress requiring  
that complaints of child pornography be sent to its CyberTipline.  
Since 1998, NCMEC says, it has received more than 300,000 reports from  
ISPs. And it gives them a daily list of Internet addresses that appear  
to host child porn, so the companies can choose to block those Web  
pages.

The new law authorizes NCMEC to go further, handing to Internet  
service providers the list of files judged to be child porn. Law  
enforcement agencies give those hash values to NCMEC, which will be  
allowed (but not required) to give them to the ISPs. That cooperation  
would allow the ISPs to use CopyRouter or their own home-grown  
solutions, without including cops in the loop directly.

That provision was part of the SAFE Act, a bill introduced by Sen.  
McCain and Democratic Sen. Chuck Schumer of New York. A McCain aide  
called the bill a "NCMEC wish list." The SAFE Act also made it a  
felony for ISPs to fail to report child porn, if they discover it,  
with penalties up to $300,000 for each instance.

McCain's bill got caught in a tug-of-war with a broader bill written  
by another player in the presidential election, Sen. Joe Biden, the  
Democratic vice presidential candidate. Biden's solution leaned more  
toward law enforcement, giving more money to the Justice Department  
and state Internet Crimes Against Children task forces, which  
investigate child pornography.

With NCMEC lined up behind McCain's bill, and other child protection  
activists (and Oprah Winfrey) pushing for Biden's bill, Congress  
finally passed them both: McCain bill was folded into the Biden bill,  
which passed the House and Senate without objection. Republicans were  
able to cut the spending in the Biden bill, down to $300 million.

With the new law in place, NCMEC has a plan for ISPs to use their new  
access to the hash values.

"We believe that there needs to be more proactive, voluntary methods  
to identify illegal child pornography content that bring it to their  
attention," said Allen, the NCMEC president. "We are working with  
leading ISPs to do that."

He said NCMEC's Hash Sharing System would share with Internet service  
providers information on only the " worst of the worst" images of  
child pornography. An image must depict a pre-pubescent child who has  
been identified by law enforcement. And it must depict  one of the  
following: "oral, vaginal or anal penetration and/or sexual contact  
involving a child whether it be genital, digital, or a foreign object;  
an animal involved in some form of sexual behavior with a child; or  
lewd or lascivious exhibition of the genitalia or anus. "

"Through this project, NCMEC is also working with the members of the  
Technology Coalition to test existing software and develop new  
technologies that will enable ISPs to identify apparent child  
pornography images by hash value and block them," Allen wrote in an e- 
mail.

Some ISPs willing to police copyright law
The idea of turning Internet service providers into cops has been  
opposed and embraced by different ISPs in a different realm —  
copyright protection. The recording and movie industries have pressed  
ISPs to monitor their customers to detect traffic copyright  
violations. AT&T has said it hopes to monitor for pirated content, and  
has been in discussions with content companies, including NBC  
Universal (co-owner of msnbc.com), which has pushed for such  
filtering. Microsoft (the other co-owner of msnbc.com) has said it  
opposes filtering by ISPs.

ISPs also have run into public and government opposition just for  
slowing down, not blocking, some Internet traffic. The Federal  
Communications Commission ruled in August, on a 3-2 vote, that  
Comcast's limiting of BitTorrent traffic was illegal. Comcast said it  
was merely trying to keep the flood of peer-to-peer file sharing from  
slowing down the Internet for everyone else. As for CopyRouter, the  
company's manager said it would not slow down Internet traffic  
noticeably, because it's not inspecting the contents of files, merely  
comparing their hash values to a list, which can be done quickly.

Privacy advocates have already raised objections to deep-packet  
inspection. Earlier this year, a California company named NebuAd  
proposed a service that would observe Web surfers’ Internet habits  
through machines installed at ISPs, then inject context-sensitive  
advertising into the Web sites the consumers visited. It called the  
system "Behavioral Targeting." Public outcry and rumblings of an  
investigation from Congress led firms considering the technology to  
pull out.

Morris, of the Center for Democracy and Technology, said Brilliant  
Digital's plan constitutes an illegal wiretap, and would run afoul of  
the Electronic Communications Privacy Act. No firm can listen in on  
private communications unless it is instructed to do so by a law  
enforcement official with a proper court order, he said.

‘Enormous First Amendment problems’
Even then, no government agency — even a law enforcement agency or  
state attorney general's office — could impose a requirement to stop  
all files on a blacklist, or otherwise create a list of forbidden  
content, Morris said. Such a list would not pass constitutional muster.

"You can't declare speech, or images, illegal without judicial  
proceedings," Morris said. "... That creates enormous First Amendment  
problems. You can't have an agency or outside firm acting as judge and  
jury on these images."

Also, blocking images before they were delivered would constitute a  
prior restraint of communication, Morris said, violating the First  
Amendment right of free speech.

Other methods used to combat child porn — logging IP addresses of  
frequent senders and investigating them, by using a subpoena to force  
ISPs to reveal the name, and then knocking on the user's door — raise  
no such constitutional issues, Morris said. He compared that to a law  
enforcement official overhearing illegal speech in a public place and  
prosecuting a speaker. Brilliant Digital's scheme, he said, is more  
like picking up a telephone and listening in on private conversations.

"As horrible as child pornography is, and it is horrible, you still  
have to follow the Constitution," Morris said.

At NCMEC, Allen said the privacy interests are being heard. "We have  
been very sensitive to legitimate free speech and privacy-related  
concerns. That is one of the reasons we are focusing exclusively on  
pre-pubescent children and the most egregious images. That does not  
suggest that child pornography images involving 13-year-old children  
are acceptable or less serious, however, traditional law enforcement  
investigation and prosecution efforts are being used for those  
situations."

A different approach
Another child protection group has a different approach. The National  
Association to Protect Children, which advised Sen. Biden on his bill,  
said that blocking of files by Internet service providers could easily  
be seen by the public as "overreaching," making it harder to get  
public support for efforts of law enforcement. What's needed, said the  
group's executive director, Grier Weeks, is for cops to investigate  
the leads they already have.

"The Department of Justice and all 50 attorneys general are sitting on  
a mountain of evidence leading straight to the doors of child  
pornography traffickers," Weeks said. "We could rescue hundreds of  
thousands of child sexual assault victims tomorrow in America, without  
raising any constitutional issues whatsoever. But government simply  
won't spend the money to protect these children. Instead of arrests by  
the Federal Bureau of Investigation, the child exploitation industry  
now faces Internet pop-ups from the Friendly Bus Investigators. That  
was always the fundamental difference between the Biden bill and the  
McCain bill. Biden wanted to fund cops to rescue children. McCain  
wanted to outsource the job."

Sen. McCain's general counsel, Lee C. Dunn, said that he's happy that  
both the law enforcement and technology approaches became law, that  
his focus was on protecting children. She said the new law does not  
require any Internet provider to monitor traffic.

"They have the responsibility and their right to manage the network as  
they wish," Dunn said. "If AOL wants to monitor their network for  
child porn, some customers may go to them, because they'll keep them  
from getting this stuff showing up in their e-mail. Other companies  
may choose not to, and other people may prefer that. We're not  
dictating to them that they monitor their network."

Brilliant Digital Entertainment is betting that most internet  
companies will choose to monitor their customers. Michael Speck said  
his company's product pitches have been well received by law  
enforcement agencies, government officials and Internet service  
providers.

"I don't think there's anyone in the Internet space," Speck said, "who  
doesn't think fighting child sexual exploitation is good business."

© 2008 msnbc.com

URL: http://www.msnbc.msn.com/id/27198621/


More information about the Infowarrior mailing list