Skip to content

Default Internet Filtering — The Road to Complacency

It seems we have bounced from one consultation on a threat to the internet to another. The UK government is now consulting on the idea to introduce an opt-out ‘internet filter’ for certain types of content.

I have absolutely no problem with empowering parents/guardians and internet subscribers in general to control their own internet connections. Providing inexpensive and free tools, combined with education on how to use them (and what they can and cannot do) is something I would wholeheartedly support.

However, performing filtering at the network level, using the tyranny of the default to effectively impose certain decisions on parents is not just a dangerous precedent to set. It is also extremely likely to be technically ineffective, and therefore will create a false sense of security for parents and guardians. A false sense of security does not protect children.

Postcards and Envelopes

Permit me to dive into a convenient metaphor for those who remain unconvinced at the technical ineffectiveness of network-level filtering:

Network-level filtering of content is akin to having a ‘content police officer’ watching all the post that comes to your house. However, the ‘content police officer’ can only read what is on the outside of an envelope — the address, and the content if that mail item happens to be a postcard. Anything that comes in an envelope cannot be read by this officer — it is impossible for them to open envelopes.

Say that most of the post you receive is postcards (you have a lot of friends on holiday). This content can be filtered automatically by the content police officer, but anything in an envelope that contained undesired content simply cannot be read. It has to be allowed to pass.

This works surprisingly well as a metaphor — most of the traffic passing across your internet connection at home is unencrypted (our ‘postcards’). This content can be examined by the content filtering black boxes, and filtered (as effectively as the capability of the filtering software, anyway).

Some traffic, however, is encrypted (in an envelope). This capability is vital. Without it we couldn’t log in securely to our email service, or our online bank, and communicate with them in privacy. The network is incapable of reading the content of these communications, because it does not have the key to open them. As I say, this capability of having private communications between your computer and a remote site on the internet is vital for any e-commerce or private business to happen online.

The tools and the services to ‘envelope’ all your internet communications with this encryption is already out there. There is no putting the genie back in the bottle, and even if we could do so, the modern world is completely dependent upon this strong encryption.

So, to evade the network-level filtering, all you need to do is use readily available tools, techniques and services to encrypt the traffic in question. Trivial, doesn’t require any special technical skill (the tools are already out there) and impossible to prevent. This filtering will be routinely and effortlessly evaded by those whom it is supposed to protect.

“What Else Can these Black Boxes Do?”


This network-level filtering requires internet service providers to install ‘black boxes’ to intercept and process all of your internet traffic, so they can use the software to decide what traffic is undesirable.

Once that type of deep-packet inspection technology is installed, it can be used for all sorts of other things. If ISPs are left to foot the bill of this opt-out filtering, then they will naturally desire to make it as cost effective as possible.

What other information in your internet traffic might be interesting or valuable if collected and processed by your ISP? What protections will there be to ensure that this ‘black box’ technology is not used, for example, for inappropriate commercial exploitation of customer data? How will we make sure that ISPs are not again tempted to interfere with internet traffic to remove site owner’s ads, depriving them of expected revenue, and replace them with ads that serve the ISP’s interests?

I strongly believe that we must resist routine collection and processing of internet data that would be enabled by installing network-level filtering. Installing this technology is planting a Pandora’s box of power in the ISP that could so easily and efficiently be abused.

“It’s OK, I Clicked ‘Yes’ to Filtering”

We have already discussed how easy it is to evade network-level censorship. The blanket application of this technology will, unfortunately, in some cases lead parents and guardians to believe that the dangers presented by some internet content is gone.

This complacency, far from protecting children, will actually put them in more danger. Instead of being aware of some of these new risks of the information age, and educating their children about them, the issue could be swept aside as if it has vanished.

Even if network-level filtering was completely effective, it:

  • Is not capable of detecting or addressing the risks posed by ‘user-generated’ sexual content (e.g. ‘sexting’)
  • Is likely to block genuinely educational sites which discuss issues that match the filter
  • Encourages ignoring sensitive and difficult issues instead of promoting their discussion

(You may even notice I have scrupulously avoided certain terms in this blog post, for fear that to use them will cause my site to be inappropriately categorised. The repurcussions of default filtering on free speech are chilling.)

A Better Approach

As I said at the beginning of this post, there is an approach to these challenging issues that I would be very happy to support.

  1. Educate parents and care-givers about the dangers of some of the content available on the internet.
  2. Offer free and/or inexpensive, device-level filtering software. Offer support for those who might struggle with installing or enabling it.
  3. Educate about what filtering software can do, but also what it cannot do.
  4. Encourage and enable the education of children and young people about the risks of the internet and some of the content that is available.

You can’t get rid of bad things on the internet. Pretending such a tactic is possible is, unfortunately, misguided. What we can do is educate, support and discuss.

Let us not make the mistake of trading the best things about an open internet for a little perceived safety from the worst.

Image is Filter, by RRZE. Licensed under CC-BY-SA. The author of the image was not contacted before publishing this post and my use of the image does not imply that the author agrees with or endorses my opinion.

Like this post?

If you would like to support the time and effort I have put into my tutorials and writing, please consider making a donation.

Post a Comment

On some sites, you must be logged in to post a comment. This is not the case on this site.
Your email address is not made public or shared. Required fields are marked with *.

Posting a comment signifies you accept the privacy policy.
Please note — usually your comment will appear straight away but sometimes it will be held for approval (this is due to the spam filter). If your comment is waiting to be approved, please don’t post it again! It will appear eventually.