Internet Blocking: When Well-intentioned Measures Go Too Far

3 September 2014 - A Workshop on Other in Istanbul, Turkey

Also available in:
Full Session Transcript

This is the output of the real‑time captioning taken during the IGF 2014 Istanbul, Turkey, meetings.  Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors.  It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.  

>> MODERATOR:  Hello.  Good morning.  It's the top of the hour, and I think we'll get started.  Thank you all for coming and thank you all for coming at the top of the hour.  Normally these things start a few minutes late.  My name is Paul Vixie, and I'll be your moderator today for workshop 107 and the topic of Internet blocking, when well intentioned measures go too far.  This is the latest in a series of SSAC, ICANN SSAC generated workshops within IGF.  So we've been to the last several IGF meetings and each year we explore a different set of issues that surrounds the idea of DNS blocking or Internet blocking in general, so I encourage you to read the reference materials associated with this workshop, which includes both a position paper we wrote for this workshop and some pointers to past workshops that address different aspects of similar problem space.
So today we're going to have a fairly traditional format.  We're going to briefly go over the topics that we raised in our position paper, then we will direct some questions to the panelists, we'll direct some questions to you, the audience, because I do not believe that I could possibly know all of the subject matter experts in this space.  Therefore, I think some of you are in the audience and you'll make yourself known to me today with your questions and your recommendations.
We also have a remote moderator, Robert Guerra, my co‑chair for the ICANN SSAC on this project, will be giving us some comments and questions from the field.  So that having been said, let me get started.  I come to you as the creator of the first Internet reputation system.  It was called the RBL, Maps RBL, which I started with probably more passion than brains in mid 1990s, maybe 1996 or so.  What happened was I got sued and I ended up selling the company in order to pay lawyers, so that's sort of my experience with Internet blocking is that I invented it and then got out as quick as I could.  So that may give me a different perspective than Pendar here or any of the other people who are coming into this field and saying yes, Internet reputation is well established.  It's well established because a lot of other people have tried a lot of things, some of which worked, many of which did not.  I'm an expert on the things that did not work.
Therefore, blocking occurs inevitably because the Internet protocol suite was developed in a high‑trust environment.  In the old ARPANET, which was the test bed for the protocols we use today, you had to have a contract of some kind with the U.S. Government in order to be connected, and so that meant that instead of a hardened network that is ready to have adversarial communication partners, it was a very soft and very vulnerable network where every system we developed made the assumption that only other trusted parties could possibly reach it.  So we didn't harden anything.  And we've spent now 25 years on the problem of commercializing and privatizing the Internet with the result that every week or two you read about another vulnerability in some widely deployed system, many of which date back to the era when this was a high‑trust environment.
We are now at a low‑trust environment, and the presumption of bilateral benefit is now incorrect.  When somebody tries to reach some service of yours, there's a better than even chance, that is to say higher than 50% statistical probability that the reason they want to do that will serve them more than you, so in that kind of environment, people are going to take steps.  They're going to say I don't want to be hacked all day long, I need other options.  So the fact that Internet access and identifier allocation like IP addresses and domain names are now open to everybody, including criminals and Spammers and the ISPs who enable them, means that we have to differentiate the types of communication coming toward our systems in a way that was never contemplated in the early days.
So there is almost no recourse or accountability for criminal and abusive Internet activities.  
(Internet interruption.) 
>> PAUL VIXIE:  If you go to any ICANN meeting in the last ten years, you'll find that they've been arguing about who is privacy and who is data quality and that was because we used to have accurate who is, so if somebody did something bad on the Internet, you could direct your lawsuit towards them.  That presumption is outdated.  And in fact most abusers are outside your own jurisdiction.  You can't go to your local police department and complain about an attack that came to you from overseas, and the people that you could go to overseas probably don't want to hear from you because you're not a citizen of their country, you're not a taxpayer, where the crime originated and this has created kind of a free‑for‑all.  The Internet has less feel for it at any given moment, you might get attacked at any time, so we focus energy on the far end as getting the attacker off the network, and defense like firewalls, an entire industry has been created to help with this new gigantic ‑‑ and it shows no sign of slowing down.  If you're looking for a business to get into, Internet security.
There's audio interference, they're taking care of it.
So let me discuss the inevitability.  Criminals are abusers.  The total investigation is very high, unreachably high, sky‑high.
As I said, there's an industry.  The number of companies or open data who want to do this type for money, then they sell away their results, and you cut your cost down to a practical number.  Because of the math, to offer this and take blocking.  
(Internet interruption.) 
So getting a court order with some of your issues.  Sometimes you will go to a certain domain, if you're hosting criminals, but it removes the domain name.  So there's a way to get through the civil court process which is ‑‑ because what would we call that?  There's no defense against that.
It means that sadly it's often because somebody's rules or their rules make no sense.  
(Internet interruption.) 
The guidelines motivated this work party.  So the danger of this type of intermediation of the Internet, you cannot know how distant parties are dependent upon it.  Parts of the Internet collapse, damage to people that you never intended, and all you wanted to do, instead you find out that taking something away is difficult, that makes a mess that is global in scope.  Now, these intermediaries usually have no communication path and no preexisting relationship to even the target of the takedown, you know, the holder of the resource, let alone all those third parties I was just talking about, which means it's difficult to prenotify and it's difficult if there's a case of overreach, maybe overblocking, it's difficult for the person who has been impacted by it to reach back to the intermediary who caused the blocking to get it to be modified.  I don't say this to point fault to anyone, I'm simply describing the facts as they are and letting you all contemplate sort of the global cost to the global economy of this type of industry growing with this lack of controls.
So false‑positives can lead to collateral damage of all kinds.  Barbara Tuchman is one of my favorite authors, and she's written any number of excellent books, one of them is called the March of Folly, and I heartily recommend all of her work, especially that, because the pursuit of the policy that is detrimental to manufacture your interests is really what guided a lot of my thinking in preparing this panel.  Where we picked three case studies, and I'll go through them briefly, and in each case we didn't say so much that this blocking was bad for the world or bad for third parties, bad for collateral damage, that sort of thing, what we said was this blocking was not in the best interests of the person who did the block and that to me has got to be our guiding principle because on the Internet you can't really force anybody to do anything, you have to offer them something that is in their best interest and then hope that they go along with you.
So we're trying to find the rational common interests among those who necessarily block.  I've explained why I believe blocking is inevitable and necessary to grow the economy, so I'm not saying that I want less blocking.  I'm saying I would like more coordination.  
So let me go through these three case studies very briefly.  SPAMHAUS was trying to get rid of some Spammers in Sweden and they made a mistake and they ended up blocking everything that belonged to a certain IP registry.  This is a company whose job is kind of like an RER, they hand out address blocks to other people but they do not hand out connectivity, so blocking an entire set of address base belonging to an address registry makes no sense because those people have no control whatsoever over the traffic that comes from the IP addresses that they have allocated.  In fact, SPAMHAUS's own rules say pretty much that.  They stay that you have to be in the traffic path in order to qualify for their list, so they made a mistake.  They did not really describe the full magnitude of that mistake nor did they fully apologize, in my opinion, but they did after a couple days allow the Swedish Government back onto the Internet because the Swedish Government had gotten, as you might expect, all of their address base from this particular Swedish IP registry.  One could argue that SPAMHAUS lost credibility that day and lost some of the community's trust.  That is not in their best interests.  But I will say in their defense that at least they were violating their own policy when they acted not in their own best interests.
Now let's talk about Microsoft.  They worked in cooperation with another company Nomino which I was a founder of and continue as a shareholder of, full disclosure here, to put an IP proxy in place and then they asked a judge to take control of a couple dozen domain names belonging to Know IP which is a dynamic INS provider, they're a really good guy, they know the secret handshake and are allowed into the rooms where takedowns occur, Microsoft allowed them into the room of some of the takedowns occur.  When we read that know IP was a business dedicated to crime, we wondered why Microsoft did you work so closely with them last year?  There's two, maybe three interesting things.  They did the same thing a year earlier with another dynamic DNS provider called 3322. org, that's a Chinese company, and in each case millions of victims, millions of people that were otherwise able to get work done on the Internet could not so because Microsoft had asked a judge to reassign the DNS servers for some domain names that were the parent domains of millions of people.  I call your attention on a device called a granny cam, this is a webcam that you put into your grandmother's apartment so you can watch and make sure that she has not fallen in the bathtub or something like that.  If this is on a local network belonging to some DSL provider usual not going to be able to reach it from the outside, unless like all webcams it speaks the common DNS registration protocol and has a domain name.  So we had a couple hundred thousand granny cams that were unreachable in each case and it's difficult to imagine that Microsoft intended this.  In fact, it's difficult to imagine that if they had known that this would be the impact of their action that they would have even contemplated that action.  But furthermore, since they were working with a well established DNS company called Nomino, they thought they were safe, they thought they could allow a install a proxy and allow the good traffic, I'm here to tell you that doesn't work, you can't actually do that.  So speaking as one of the founders of Nomino I apologize for the fact they're even offering to let people do something that cannot possibly work.  Nevertheless, Microsoft ended up with a black eye and that's two black eyes because the also ended in disgrace for them.  
Finally, some of you may have read about SOPA, it lasted a couple years, it went by several names.  The U.S. Congress was attempting to stop Intellectual Property theft that was enabled by the Internet and that's a reasonable thing to want to do, it's not the goal that I question but the method because they tried to get every DNS provider in the United States to subscribe to a certain blocking filtering list and to stop certain DNS lookups from working.  I can tell you every action on the Internet creates an at least equal opposite reaction, so when Microsoft did the thing they were trying to do, they were trying to create case law, they wanted it to be that if you're running a service on the Internet that is widely used for crime and abuse and so forth and you're not taking good care of it and you're not handling your abuse problems, that somebody else can go to a judge and take it away from you and filter your traffic for you.
So five or six people came up and said Microsoft, if you get that case law, I am going to go immediately to my local judge and take away from you because you clearly can't handle your abuse problems.  I'm not sure that Microsoft would have liked that result.  In the U.S. Congress' case I have to say that the mandatory DNS blocking would merely have moved a lot of DNS resolution overseas, it would have taken it away from Google DNS, it would have taken it away from any U.S. company subject to U.S. law, is that what we want?  Because once you get into somebody's DNS resolution path, you can override their connection to their bank and other trusted partners and steal their traffic and so forth so I really think that had the U.S. Congress prevailed, we would be this a far worse world not just by my standards but by theirs.
So let's get to the panel.  We put ingredients for a framework into our position paper.  I'm not going to take our time here to go through them.  These slides will be available and of course the paper I drew this list of framework ideas from is also available.  The point of us coming up with a framework is merely to offer a set of guidelines that if everyone in the takedown business and everyone in the blocking business were to follow these rules, they would end up acting not only in the best interests of the overall economy but in their own best interests, so we want more accuracy and precision and we've specified particular standards for how do you know if you're accurate enough, we wanted monitoring of the impacts that came about as a result of any blocking action, we wanted accountability and transparency so that when you were doing something, you are allowing the real world to see what it was and to follow their own rules about arguing about whether it was the right thing and we want to make sure you have technological capacity, that you're not trying to do something that just simply can't work or that you didn't buy enough equipment or something like that because otherwise you just look naive and all of a sudden you've got a fire hose of traffic coming toward you and you can't handle it.  We wanted the owners of widely abused services to know they cannot evade their costs, they cannot pay it upfront by having a good abuses handling system so that the abuse of their services is something they themselves take care of before the rest of world does it for them or they must recognize that having not paid upfront for those costs, they're going to pay in the rear when other parts of the network take them offline or reject their traffic.  You can pay upfront, you can pay in arrears, but you will pay.  There's no way to evade the cost or to shift your abuse burden onto the rest of the Internet because the rest of the Internet has certain rules that they will impose on you.  We want it to be effective.  Make sure that what you're blocking actually made the world better, don't just create some block that had the purpose of proving your strength or proving your point.  Measure the impact that your blocking has and publish that result.  And if you're not able to chrome the jurisdiction of all the parties that will be impacted, because communication always takes at least two people, so if you're only in jurisdiction with some of those people, then find the others and see if you can get them to voluntarily cooperate.  Don't impose unilateral terms from outside their own jurisdiction.
So for the panel I have some questions, but please study the questions yourselves, and those of you on the remote participation system, please study these questions for yourself because we really are trying to improve the state of this game.  We want it to be that when we write the final report that comes about from this workshop, we have created something that is seen as a beneficial artifact by everyone who is in this business and that we will have a framework or at least a means of creating some framework that will cause blocking to end up doing more good than harm, and we're not there yet.
So for my panelists, we're going to start with Yurie, I would like to know other cases besides the cases we've enumerated here where something got blocked and it turned out to be against the interests of the person who did the blocking.  I would like to know if there are noninternet regimes, right?  I live in a small sandbox called the Internet.  There's a whole big world out there and it may be that the issues at play here have already been settled in some part of international trade or international communications, and if there is an existing framework, some alternative framework that is different from the one we've enumerated here, we would like to hear about that.  And of course you've come here with your own ideas, so while I'm trying to keep this as focused as we can, I do invite you to briefly describe something which can be done in this area that will improve the sort of good versus harm ratio that we're seeing from Internet blocking today.  So we're going to start to my right with Yurie Ito.   
>> YURIE ITO:  Thank you, Paul.  Good afternoon.  I am from the emergency response team.  I think my immediate had your idea here, some suggestion is we probably need a mechanism to alert the overblocking or false‑positive blocking, and that's probably a different organisation or institution from, you know, different entities from what the blocking list and the security operations doing blocking, making the blocking list.  The different entities to monitoring the overblocking, that's probably, you know, the committee needs to think about to create some new mechanism, I think.
>> PAUL VIXIE:  All right.  Thank you for that.  Let's march on down the table.  I'll ask each of my panelists to introduce yourself examine give us a few minutes of your thoughts on these questions or related matters.
>> Thank you.  My name is Christine, I'm general manager of CPR, one of the things that's very keen for us when we talk about like blocking, it's because what we are seeing a lot of is a lot of overreaction, people are creating new block lists without thinking further on the consequences along the line.  They have pointed out this very short view here of I'm going to solve this problem here and they don't see that they're creating new ones and they're actually just driving the criminals to exploit more and more victim, and I think most of the these problems we are seeing with blocking is because the criminals are not using their infrastructure, they're using our infrastructure and I think the part of the abuse is very important.  So most of the time you see, oh, I'm creating this idea that I can protect myself, but actually you should be protecting the world from yourself and collaborating for the good actors to do that and then maybe the block list would start to be more meaningful because what we are seeing today is that most of the block lists are even preventing regular communication.  The challenge for us as a cert, it is very hard for us to send an e‑mail to alert someone they have a problem, all the block list, anti‑spam rules will block everything we try to communicate to them and we have new block lists being created that are exposing victims, for example, every phishing or whatever block list actually just have IP lists and domain names of victims that are compromised and we have already seen the criminals using those block lists to discover new victims that they didn't know before and they know that if that page is there and nobody alerted that Government site or that university that they're hosting a phishing, they will remain vulnerable forever.  We have seen that happening with hosting companies, we are seeing a lot of data in our projects of network monitoring and situational awareness, more and more we see the major cloud providers being used to host malicious DNS servers, to abuse open relays and open proxies to send Spam and to do other things so what are you going to do?  You're just going to block the whole Amazon cloud because they are having that kind of content in there?  So we need to think that we are all victims being abused and basically we are blocking each other and this is out of desperation, I think.  And there are a lot of ways that technically, especially with what it's becoming now like those sinkholing of domain, so even problems like in block lists that people are using for D dot services, what are we going to do, block all the services blocking reflective attacks?  So a whole mechanism on how you put data in and people to report, you know, this is actually a victim that didn't know about it.  And this is a complaint that people come to us all the day, I was blocked and nobody alerted me and I discovered too late that I was hosting.  If only someone had told me, and then you can go to your especially major ISP's and universities.  So I think what Yurie said to have this mechanism of reporting false‑positives and of working with the community out there to actually alert victims, you know, you should be behaving better on the Internet but probably it's because they don't know better, they are just coming in.  So I think all the measures are important but we really need to like in the anti‑abuse and to have guidelines to think what is the impact when someone is using your data, and if you are just blocklisting someone that they'll know better what to do.  This is some food for thought for someone maybe to have a solution to that.
>> PAUL VIXIE:  Thank you.  Moving right along? 
>> AUDIENCE:  Thank you very much.  I'm Anne Marie Lowinder, I'm the security manager for Swedish TLD, Top‑Level Domain, so as the Top‑Level Domain you from time to time get approached from people that say, hey, could you just block this domain because it is bothering me for some reason, it could be Intellectual Property rights, it could be malware, it could be anything, and so far we managed to keep them away because we have in our policy that we are not responsible for the content.  We are responsible to make sure that you find the right place on the Internet based on the domain name which points you and directs you to an IP address.
Saying that doesn't mean that it's not complicated to try to inform people on how ineffective restricting access to content through blocking domain names is because they think it's an easy way to go.  They have no idea on what the collateral damage could be if you're following that line.
I know about a couple of incidents.  We have in Sweden among the Telecos, the ISP's, we have a voluntary agreement with the Swedish police force that means that the ISP's are blocking child abuse material, abusive material, and they get a list from the police force where they put in the service and they redirect them to something else like saying hey, you are trying to reach material that is illegal and that is basically what they are doing.  No one could ever debate that child abusive material should be on the Internet, it is illegal by Swedish law but having this possibility means that sometimes the police are tempted to approach the Telcos and ask them, hey, we would like to block this too, is that an issue?  And so far the Swedish ISP's have said yes, it's not what we intended here, we are not going to do it.  But then again, that filter mechanism can be used for any purpose.  So we don't know yet where we will end.
There was something else I was going to add.  Yeah.  Other ideas.  I was missing in your draft paper something about geographical restrictions.  Last Christmas, Swedish vacation people, you know, a lot of Swedes they go to Thailand for Christmas because it's warmer than Sweden for some reason, and they are really, really many, I mean, we're talking about tens of thousands, almost hundreds of thousands Swedes, and for some reason one of the top ISP's, being mistake or deliberate, doesn't matter right now, but the outcome was that the entire traffic from Sweden to Thailand was blocked and then your family, parents, family, they want to see the Christmas calendar, they want to see Donald Duck on Christmas Eve, it should be a catastrophe, not to be able to see the daily news from Sweden or whatever.  It was an issue.  We have good friends with a very good network, NetNod who actually helped make the right context to solve the problem but then again you can see that it can take ways that you cannot even imagine.
So within the regional organisation for European TLD centre we have published a paper on the topic of blocking and redirection domain names just to make sure that policymakers can be informed enough to not consider this as the easy way to show decision power, we are doing something good, let's block DNS and then at least we do something, meaning that the perspective meaning that the perpetrators will get away, but at least they had been doing something even if it's the wrong thing.  Thank you.
>> PAUL VIXIE:  Thank you, Anne Marie.  Moving along.
>> MOEZ CHAKCHOUK:  Hi, good morning.  I'm Moez Chakchouk, I'm CEO of will ATI, it blocked a lot and was very famous on those issues and what is important to mention for this panel I think is not just the censorship that we have done during the regime but it's much more how we evolved after the revolution.  One of the most important things about that is just we know that we face all the decision made by the Court and to censor again and to use the same equipment to block websites and content on the Internet, but at the same time we try to build a new trust relation with the community and we try to be much more transparent as possible.
We face something that is really weird for me at first because some contents were blocked not by us, not by Tunisian agency, not by Tunisian ISP's, but by other's ISP's, by other Web posts or whatever.  I can raise the issue it was maybe very important to me because at that time we were really concerned because people are saying, okay, ATI is censoring again, they are lying on us, they are using the same equipment as the regime and they will start by censoring these websites and then they will censor others, so it was a very important issue and important to explain to people that it is not our equipment that is censoring that, it is other ISP's in other developed countries, and I can name, for example, we have Tunisian citizens cannot access (inaudible) Quebec, which are the media, which really we don't know the reasons why we are not able to access to these websites and to the content.  Tunisians thought at the time that because maybe this media, some content is related to the regime or something happening so it was blocked for that reason, or maybe the Government asked the ISP in Canada to block these websites, but it was really, really important to see that it's not because of that, it was maybe because our hacking community had tried to hack some of the websites hosted by the ISP and it was no reason because we know for political reasons some have family members who live in Canada, so this is why, now we knew why.  But the problem for us is how to mitigate, how to solve the issue.
>> PAUL VIXIE:  Excuse me, I'm going to speak for our transcribers when I ask you to please speak more slowly.
>> MOEZ CHAKCHOUK:  I will try, okay.  
>> PAUL VIXIE:  Also there's a question mark where I think you meant to say Pirate Bay?
>> MOEZ CHAKCHOUK:  I will mention about it.  Sure.  The second thing is about another media also in Egypt and also another, the Pirate Bay issue.  The Pirate Bay was hosted in Europe and of course the piracy and in developed country, I cannot mention it now, a lot are asking us why are we blocking Pirate Bay in Tunisia, this is not ours, our fault.  We explained that we are not blocking Pirate Bay, we are not blocking all those websites and this is for other reasons and what we have done, because we want to show to them that we are not against anymore against this content and we don't want them to understand that ATI is willing to censor again these contents.
First what we did is just we hosted a server in Tunisia, first proxy in the Middle East and Africa, and second we tried to contact our parent operators and find out what's wrong for the Tunisian to not access these websites.
So the reasons of these concerns from a perspective is also because we are of course, we want to build this trust with the Tunisian Internet and the community if they start doubting us, it's very, very controversial.
What is important also to mention, that in this low trust environment and building this trust means that we all need to be transparent.  It's not ATI, for example, Tunisia that shows to the community that we are not censoring and willing to help the community to be able to access any content in this world, but at the same time that we need to build this transparency between all the actors, and this example shows that when something is wrong in a country, this could be misunderstood by the Tunisian community for political reasons, for example, as I mentioned with (inaudible) Quebec and also with Egypt, during June 2013 there were people on the street protesting against the Egyptian Government and so on, and dot AU, dot IGI was blocked for Tunisians.  We didn't know why.  This is Egyptian content, and the political issue was very tough at that time because we have also parties linked to the regime in Egypt.  And this is very controversial and we found out that there's something wrong, not in Tunisia, but with appearing in Italy because we don't connect to each other.  Many developing countries don't have the connection, so they don't have access to the networks directly so other infrastructure for Egypt it was used the Italian infrastructure, so this was also another reason that we have been blocked access to the Egyptian, I don't know why, and nobody was able to explain why, I think we've covered some of the issues we have faced after 2011 but I think that there is much more cases that could be raised.
>> PAUL VIXIE:  Thank you.  Moving right along, and I'll remind you to please speak slowly for our transcribers. 
>> SHAZAD AHMAD:  Hello,  everyone, I'm Shazad Ahmad, I work for Rights for All, we are a Human Rights organisation based in Pakistan, and a few days ago when I was preparing this session with the team, the first stampout for us was well intentions, and the first thing they raised was what you mean, in this whole discussion, what is well intentions because it's very subjective, vague and a difficult concept when it comes to blocking because we have been a victim of well intentions for a long time in Pakistan.  So how censorship works in Pakistan is not by a third party, it's actually state imposing through their own authority and it is not usually ‑‑ while there is reported incidents of blocking by ISP's on a certain content as well, but mostly essentially almost always it is state directive, and that is how it is blocked.
So that is also a challenge in this whole discussion that how we can make a state authority accountable or what we were also talking about, transparency, different aspects of it.
Just to give you a few examples, when it comes to an intermediary, an illegal, I'm again emphasizing it, an illegal request is generated towards Facebook and then Facebook accepts that illegal request and then blocks certain pages of, for example, political expression, which is again, you know, I mean now I can give you one example where we know that, okay, the blocking, the action was initiated by the authority and then the intermediary was involved, and it's all illegal at several levels, not only as far as Pakistani laws but I'm sure it is also against the principles which Facebook stands for, at least on their website and how they would operate.  And almost certainly the pages get blocked, and then Facebook does it, they have their business interests and in the country we have a fairly large population using Internet and Facebook is a medium of masses and a lot of people connect through that medium, so they only want to make sure, and we have interacted with them, they're very accessible thanks to the team at Facebook who would at least respond to had questions, but their only concern is that they want to remain open and accessible in the country at all costs, and we know that what happened when they were blocked for about two months due to a page issue, but after that, the well intention of the State and then Facebook agreeing to block those pages is problematic, I don't know how it is fixed in this whole idea, but then another well‑intentioned action is blocked VPN's, so VPN's are blocked because there is threat that people would be using the content that they should not.  I mean, they were stating that the citizens should not have been accessing without realizing that how it will impact on several other services.  Key services, for example, financial services, banks, for example, and then safety of individuals.  That probably is not a concern in this whole discussion.
  I could quote several other examples as well, but I just want to keep it around the discussion, I mean, we were also talking about intermediaries, so another well intentioned blocking action that I would like to mention is YouTube.  That is blocked for two years now.  We'll have two years on 7 September, and when they blocked it there were a lot of protests going on and violence and we should block it.  But now all the reasons and why it was blocked have now been addressed and even the Court, Pakistani Court has given favorable orders to open it, but authorities despite the fact accepting that, I mean, it should be open and accessible to the people and it is important for the citizens in the country, are still not opening it up and in this case we probably won't blame ‑‑ okay, it's very complicated right now, but ‑‑
>> PAUL VIXIE:  Okay, I think you've made your point.  So when states become involved in our affairs, sometimes the terminology becomes difficult, so if you ask what is the definition of well intentioned and you're dealing with a state who is exerting control over its citizens instead of the other way around, then it's hard to know whether those intentions are indeed good or bad.  So let me clarify a couple of the terms that I used in my opening statement.
To be well intentioned here really is referential, it's in the frame of reference of the person doing the blocking.  So in order for a well intentioned blocking measure to go too far, it would have to have been seen by the person who did the blocking that it went too far, and in that case it would be your state Government itself.
The definition of intermediary, I'm sorry I didn't make this clear, in my opinion, if two otherwise cooperative parties cannot cooperate because of the actions of a third party, then that third party is an intermediary.  Even if they are not on the path themselves, they are affecting whether there is reach ability between two people who would otherwise be willing to cooperate with each other, and one of those people might be a subscriber to a black hole feed or something like that, but really by intermediary, I don't mean on path.  Sorry I didn't make that clear.
Now, accountability of a state is an interesting question, right?  If you ask why was YouTube blocked and why is it still blocked, that I think is not a question for the Internet.  That is a question for Pakistan.  So I would like to if possible rule that out in our discussion here today, not that I'm not personally interested, but it's just outside of our scope.  Robert, what do we have from our remote participants?
>> ROBERT GUERRA:  So I have three questions, so I'll just relay them to you and you can give your wisdom in terms of who you want to direct them to.  One at a time.  The first one is what are three recommendations that you might or the panelists may want to give to small and medium‑sized hosting providers that often get caught in the blocklist situation?  What can they do?  So that's question number 1. 
>> PAUL VIXIE:  Who would like to take that?  Let's start with Christine?
>> CHRISTINE HOEPERS:  One recommendation that we are giving not only for median or for all hosting providers, you need to be more proactive in a sense that probably you need to set up policies, different kinds of services, because most of the time we see the small hosting being affected by two major problems.  One is that they are hosting websites that have plug‑ins, have CMS systems that are being compromised, so the hosting company doesn't know that they have vulnerable systems or they have a client that put something vulnerable in there, and they are being abused majorly for phishing and for other kind of attacks.
And the other one is related to criminals just buying the cloud services and putting whatever online.  And most of the time we see that they are just using that one, two, three‑day span, and we are seeing something that's affecting us a lot, dozens and dozens of malicious DNS servers being used by compromised CP's, by modems, so we are trying to work with people to see okay, what is it that the medium users are doing?  Maybe if you want to have a DNS, you need to have some other confirmation or after the payment came through and it was not a fraud or maybe you were putting something else in there but not necessarily, you're not hindering other people in there, so it's not ‑‑
>> PAUL VIXIE:  Three recommendations.
>> CHRISTINE HOEPERS:  One is in two parts, I think really be more proactive into securing your infrastructure, into having updated systems, the other one is being proactive with policies, to be able to identify when someone is abusing your system, not to have a restriction on that you are censoring what they are doing and the third one is to pay attention when people are trying to report that they have a problem.  Have a channel, have a cert, have an abuse team, have someone subscribe to data feeds, try to see what the world has information that you are generating malicious content and then probably you'll not end up in the blocklist.
>> PAUL VIXIE:  Thank you.  Anne Marie?
>> ANNE-MARIE EKLUND LOWINDER:  I agree on the proactive part but also I think you should get to know your peers, make friends.  They are so very useful when the time comes when you get blocked and you don't know where to call.  And also one final part would be to also make sure that you are very accurate and that is mostly going to those that are offering the services like anti‑spam filtering, like Web blocking and filtering, you are responsible for what you are doing on the Internet, you are interfering with the most important infrastructure we have, that brings to you something like I would like to send, you have a trigger in your hand that grows by the day, so make sure that you have responsibility that you have the paths to make it right when it went wrong and do it quickly, as soon as you can.  Paul pal let's go to our next question.
>> ROBERT GUERRA:  So there's a second, then the third.  The second question is one related to Pakistan.  Pakistan ‑‑ the question was I believe in 2008 blocked YouTube in the country but because of some issue it got blocked all over the world as well.  What was the reaction in Pakistan to the Pakistani authorities blocking YouTube worldwide?
>> SHAZAD AHMAD:  Like the rest of the world, we were all laughing about it.  Nothing else.  They didn't know what ‑‑ they figured it out a lot later what actually happened but it was actually a block, a filter that they put at the Pakistani Internet exchange that caused worldwide outage of YouTube.  So I mean, it happened for some other websites as well later, so, you know, it's probably a capacity issue or how it has been done, but yeah.
>> PAUL VIXIE:  All right.  Before we take our third remote question, I have a couple of locals.  Do we have a microphone floating, or should I hand mine out?  Here in the front is our first questioner.  Please be brief.
>> AUDIENCE:  Thank you, Emmet.  The first question I just wanted to add a point, I find it very useful to e‑mail outages at when I see something is not properly working, I just want to bring that to attention for yours., seems to be monitored by a lot of people, or those who monitor know the right people to put you in touch with.
>> PAUL VIXIE:  All right.  Let's move back to Mccaylee.
>> AUDIENCE:  Thanks, Paul.  Mccaylee Naden, Black Nights, it's more I suppose of a comment rather than a question.  A lot of the blocking that we all do when we see that impacts us, I think it's kind of a domino effect.  I mean, a couple of the speakers have mentioned, it's a major issue with respect to responsiveness.  We've all seen issues arising where hosting providers, content hosts, be they small, large or otherwise, are completely unresponsive, so as a result of which instead of, say, us blocking one or two IP addresses, we end up being forced to block an entire AS, so those not too technical, that means instead of blocking one or two websites, one or two resources, I'm blocking thousands or millions potentially.  I mean, the thing is this.  Those of us in industry really need to take it seriously.  If you are a hosting provider, you need to have an abuse contact point, you need to be responsive.
>> PAUL VIXIE:  I consider that point well amplified.  Pleases pass the microphone behind you.  There you go.
>> AUDIENCE:  Walid Al‑Saqaf.  I happen to have been a victim of blocking as well as a circumvention tool developer myself.  The idea about that you can resist blocking through circumvention, I haven't seen that being raised here, but how legitimate do you see the idea of helping activists for example and people with a vision of open Internet such as the developers of Tour who I had the pleasure of hearing here on the panel, in supporting activists and users, when overblocking or blocking happens on what we can call subjectively speaking illegitimate grounds?  And beyond that there's also a privacy element.  All of us running circumvention tools that have servers are required to not keep track of who is using them, perhaps we are violating certain rules in certain countries, so where do you see it going in terms of legal as well as activist aspects? 
>> MOEZ CHAKCHOUK:  Good.  You know, for example had Tunisia we have been through tough censorship and blocking regime so the community knows very well how to get out of this filtering and use these proxies very well, we use it during the revolution and when something is wrong, the first thing they do is they use these servers, they know it by heart, you know so it is very familiar for them, they trust these proxies, because they provide access to the content.  Whenever there is a problem, the first thing they do is it use the proxies.  Second is that when we started to talk about having a third server in ATI, some people applaud it, but at the same time they say maybe the ATI access this information and to know who access this proxy and which content, and I think we can say that we never, never use that for those reasons and we think that it's very important to show that we are really pushing for the community to use any kind of service to bypass any filtering.
>> PAUL VIXIE:  Thank you.  I'm going to address the broader part of that question.  I am currently involved as a principal investigator for Darpa, which is the U.S. defense department's research arm where we are helping to secure Tour, because Tour is very good at keeping things anonymous so that you can't find out who your activist is, but is also fairly easy to block and you can detect Tour flows and stop them even if you can't necessarily find out where they are, so it may seem strange that the U.S. Government would be funding efforts in this area, but the U.S. Government has also funded quite a bit of Tour development and what I can tell you is that the history of technology in general and the internship specifically is one‑up‑manship so what you're going to see is one group of people who want to get something done, another group trying to stop them and then each one of them will make a small improvement to either the censorship or the work‑around says and it's like an arms race and it is an arms race with a million arms and I think that's inevitable, no matter what we say here today, no matter what we all wrote in the report and went into the community and recommended, that arms race is going to continue, so I think we should treat that as climate rather than weather, that's the world we live in and inevitably that is the current state of play, it will go back and forth, it will oscillate and any revolution in any given country could succeed or fail based on the current state of that oscillation.  In that sense I would say that Tunisia and Egypt were very lucky.
Question in the middle?
>> AUDIENCE:  Earlier with regard to YouTube in Pakistan, you said that's a question for Pakistan, not for the Internet.  I'm not sure I understand the distinction.  Let me give you three other types of cases.  First, Homeland Security telephoned Mozilla to ask them to kill an extension that a community member had developed to redirect the Firefox users to websites labeled rogue websites against no legal action had been taken.  Second, Visa and MasterCard are blocklisting entire industries such as VPN service providers saying we're not going to process payments for you because you are on an offensive list.  Third, crap group M denies advertising syndication to companies that have been placed on blocklists by entertainment companies.  All of these without any form of due process.  Now, is that an Internet issue?  Is that a U.S. issue?  Is that a visa issue?  It seems to me that all of these relate directly to the functioning and use of the Internet.
>> PAUL VIXIE:  Since I made the comment, I'll answer your question.  What I don't think is that there are people in the Pakistani Government waiting to hear what we think or that if we told them they're doing it wrong, they would stop doing what they're doing.  Now, there are people all over the world for whom what we do here today is relevant, and I am interested in solutions that we can find that all those people will see in their common interest and start building systems that will make the part of the world that wants to know what we think better.  But there's an undercurrent here, there's a huge number of people in the Civil Society community who believe that the Internet is somehow the beginning of globalized liberalism and that it can stamp out tyranny in all its forms and that every Government who opposes open communication will ultimately fail and fall before the onslaught of the Internet.
I am not one of these people.  I believe that old money powers got that way somehow and they have their current position for a reason, and I don't think that they are particularly worried about the Internet toppling them.  Maybe they should be, but that's not the business I'm in and that's not the business that our panel was in or that this workshop I think should be in.  There's a lot of very relevant work we can be doing without trying to tell nation states what their laws and accountability ought to be.  That's all I meant.  Pindar in the front.  While we wait for the microphone, let's get our next remote.
>> REMOTE MODERATOR:  SPAMHAUS or Maps are two.  What are maybe three to five other blocking services that you may know of that aren't usually mentioned when people talk about blocking?  So what are other companies or services in the industry that maybe you know of but the public may not?  Can you just shed light on others that do blocking.  The question was what are five will blocking services other t,han SPAMHAUS or Maps that exist?
>> PAUL VIXIE:  I think there are dozens and as the moderator I'm going to say that question is out of scope.  
Jacob, you're next.
>> AUDIENCE:  Hi.  I guess I have a lot of questions for you guys but I'll just stick to one, which is that I want to challenge the sacred cow that everybody agrees about certain kinds of censorship.  In western society it's child pornography, other places it might be terrorism or a particular religious minority or something like this.  I just had an interesting exchange on interpole on Twitter where they basically said there's never purposeful overblocking which I thought was an interesting point.  I wonder if there's actually any transparency or accountability with the censorship that you've seen because like we see things in Australia a dentist's website is on there.  How is that appropriate, where do you detect that, where is the built ability for that, where is for example the tracking that shows who added that, where is some sort of repercussion for adding a false listing like that?  And I wonder what you think about something like certificate transparency or a block chain structure where every time a URL is added to a censorship list, you have someone who added it as well as maybe a hash of the URL so there's transparency of the number of entries but you don't necessarily reveal what the entry is.  I wonder if anyone has built a system like that and otherwise I wonder what you think about just making these lists public. 
>> PAUL VIXIE:  My clicker does not work but part of the framework that's in the position paper mentions the need for transparency and it says, because this is what we believe upon convening this workshop, that if you're blocking something and no one knows what it is or who blocked or why, then you're probably doing a net harm to your world and to your own interests.  Now, as to the cryptography of a blocked chain and so forth, that is beyond the scope of this meeting.
>> Yurie would like to speak.
>> YURIE ITO:  Japan is doing the child pornography blocking, that's the only thing that Japanese ISP level of domain blocking and then the transparency is the most important part.  There's an association with the national police agency, lawyers and then ISP's and other private sector parties get together, and about the criterias and what they're going to block, so very transparent criterias of the blocking, how to make the blocking list, then the ISP's are also sharing what type of method they're blocking, is that a DNS blocking or a cache blocking or other ways of blocking so they carefully create the list in order to avoid overblocking and also they are very careful on undo function, it has to be really quick and needs to have the affected process of undoing if there is false‑positive.  Another thing is the monitoring part, that's their challenge, the ISP itself or community has transparent process of monitoring that overblocking and all of that.
>> PAUL VIXIE:  Thank you.  Christine?
>> CHRISTINE HOEPERS:  I would like to make a comment not necessarily about censorship but about this effect like you said about having public block lists and private, every time you have a blocklist especially if it is something that points to someone that's vulnerable, we always have a problem because we are seeing people abusing that.  It's very difficult to say that you can have like transparency and as Paul said, to guarantee transparency and censorship but we are seeing on a lot of block lists, they are not for censorship and also don't have transparency, they are becoming in some cases just pure extortion, you get there, you don't know how to get out, they just say pay me and I'm going stay here forever.  So we as a cert, we always try to advocate, be cautious before using blocklists, be cautious before submitting things to use blocklists, do not be too eager to use blocklists because you can be making your problem even worse, I think if we can start having a reputation of blocklists and at least separate a little bit, okay, if you really that you should be using it, here are some rules that you should look for in the blocklist.  It is transparent.  It is something, you know how to get in and how to get out.  Someone actually told you that you were there or tried to, and that could be copying a national cert, copying another group.  We have like not for profit organisation.  So one of the things that this panel wants is to have some ideas what would be acceptable into building a more transparent and maybe to build that people ‑‑ you know, if you want to block and there's a point that you think there's no other way for you, at least try to use like some more reportable and good ones because I think then they go for the desperation and overreaction, everyone is kind of desperate and taking measures that are really not helping, and every time that someone sees, oh, but there are blocklists and then I can abuse that and then I go to the point of Anne Marie that people don't think where they are going thinking about blocklists.  In Brazil we always say try to define a policy, otherwise you'll be between a rock and a hard place and people saying block this, block that, so be conscious before you do it, and be conscious what you submit for that.  So these are some of the messages we are trying to pass to people instead of just blocking everything.
>> PAUL VIXIE:  Anne Marie, next?
>> ANNE-MARIE EKLUND LOWINDER:  I appreciate your question with this, and one of the problems with police force and child porn filter, because the police force is the only one who can put records on that list and can remove them and nobody else has any power on what's on that list, which is from my perspective I think that is a problem.  We need a third party actually to judge that.  On the other hand, I am really pleased to be able to tell you that our largest TSP they published transparency report this year to be able to try to explain what they've been doing, why they are doing it and so forth, and I have a representative here in the room, maybe he wants to comment on that.  I don't know.  Anyway, I think that is a good way to move forward and as Christine says, the responsibility stays with those who have the trigger in the hand.  We have a Swedish cartoon, Bomster and he has super‑powers because his granny cooks honey for him which gives him the super‑power, and he's very wise this character because he claims if you are strong, you need to be nice.
>> PAUL VIXIE:  I like that.
>> SHAZAD AHMAD:  One thing which is very important, in developed countries things would have been different where systems are established, but in countries the companies, they don't stand up to do such issues and such actions.  I mean, again, giving an example from Pakistan, a lot of blocking, so why is Civil Society organisations, you know, running about about it and creating campaigns, they are also affected for their business, they're also affected for their operations, their systems and everything, but they will just take it from the authorities.  I mean, we do not have even a single example where any of the company, even a small ISP or a big Telco would have stood up and said, okay, what you are doing is wrong.  Even when massive kill switch operations are happening at several levels.  So I don't know, I mean, again, I'm raising other problems, but at several levels where decisions about Internet are made and about where governments are also involved, for example, ICANN or other forums, so probably it's important that, I mean, it is also raised with this whole point about transparency and openness.  So that should come in and it should be seen on the ground level.  And then in my opinion, Internet is not a country‑specific issue.  I mean, the example of YouTube a while ago.  So it affects ‑‑ a small thing in a country can affect the whole world.  Make it, break it.
>> AUDIENCE:  Thank you.
>> PAUL VIXIE:  Pendar.
>> AUDIENCE:  If you assume possession is the law and whoever possess says these lists has the power to put on and put off, I agree with Anne Marie in terms of the oversight in terms of the removal, but my question is I believe one of the stakeholders you need to outreach is actually the judiciary, so I would like to know how you can tailor your talk in Internet physics because this is really how it works, to be accessible to those through the judiciary who will make these kinds of calls.  So the suggestion here is a very specific targeted communication to a very specific sector.  This, however, assumes that there is a separation between the State and the judiciary, which may not always be as clear.  That's it.  Thanks.
>> PAUL VIXIE:  Thank you.
>> AUDIENCE:  Thank you, my name is Takius, approached by one of the panelists on transparency, there was a very vivid workshop 188 on transparency reporting, Talius published its report two weeks ago and we had good discussions together with the industry dialogue and GNI, of course it's available online and I'm here at the conference if you have questions.  Thank you.
>> PAUL VIXIE:  Thank you.  We have a question in the way back, close to the camera.
>> AUDIENCE:  Thank you.  My name is ‑‑
>> PAUL VIXIE:  Louder, please.
>> AUDIENCE:  Sorry?  Capania from the Spanish Government.  Blocking exists because the content provider is not in the jurisdiction who takes that measure.  It's because the content provider is overseas so governments and courts take those measures to fight against what they consider illegal content, so what could be need to do avoid blocking which I agree that it's a desirable measure is to force the international cooperation so that authorities both governmental authorities and courts can have channel in which measures can be taken swiftly because nowadays we rely on mutual assistance agreement which come from a pre‑Internet era, and there are various law mechanisms to fight against content, and we need swift and speedy reactions to block child terror or even IP abuse in Web pages.  Thank you.
>> PAUL VIXIE:  Thank you.  I saw a hand up.  Yes, you in the middle on the left side.
>> I am Nofa from Indonesia, I just wonder to all of the panelists, what is your idea about the linkage between the Internet right with the sexual orientation and gender exploitation because in Indonesia some of the Web, transgender Web have a problem with this blocking, with appropriate transparency from the Government and from the hosting service.  Thank you.
>> PAUL VIXIE:  So you've asked a question about sexual orientation, which I'm likely to rule out of scope unless someone on the panel wants to speak to it, because I really feel that the Internet should not be seen as relevant at that level, at least the people in this room should not be telling governments like the Indonesian Government whether they should or should not allow communication and what the Internet rights are for sexual orientation.  I'm sorry, that's just out of scope.
I saw a question in the way back.  No?  The hand is not back up.
All right.
>> AUDIENCE:  First of all I disagree with you and I'll tell you why.  There are technical problems with overblocking, for example, this doesn't happen too often, but with parental control filters sometimes breast cancer sites will be blocked because they saw the word breast, so this is a technical issue.  I don't know the case in Indonesia but it's quite possible for example in the United States some gay and lesbian sites have been blocked not because they're gay and lesbian, but because the word sex may appear somewhere in the site.  In fact, I operate safe which is a website dedicated to keeping children safe on the Internet.... 
(Internet interruption).
>> PAUL VIXIE:  New methods of communication, new pathways, new tools.  The Internet is not a hammer.  You can't use it to destroy something you don't like or force change on someone, but you can sometimes build roads on the Internet that make a new way of life possible, and we can't enforce due process.  What we can do is to follow up from this meeting with more work on a framework which could be seen as in the best interests of everyone who wants to block something for either commercial or noncommercial reasons so that we can begin to have some responsible standards in this area.
I heard a lot of people say transparency, so that is one of the bullet points in the framework we've offered in the position paper.  To the extent that anybody is blocking without notice and without recourse, I would recommend not waiting for our final report but, rather, reviewing that policy now because that on the face of it is going to do more harm than good no matter what good you may also do.
Robert, you've been taking notes.  Do you have something to add for a summary?
>> ROBERT GUERRA:  I just want to add maybe a couple of quick logistical points.  We've had up and down Internet outages during the whole session, and I'm just going to check with the Secretariat to make sure at least the audio is preserved and the transcript we don't know.  For people who want to give comments on the SSAC paper that's available, the way you can access it, I've treated extensively about it using workshop 107, it's also available on the workshop description it's downloadable and you can e‑mail me or Paul for comments and we would appreciate your comments.  And I think I just want to echo I think what you mentioned, this really was a session to try to get feedback on a nuance of a topic that's not usually as discussed, and I really appreciate all the feedback and look forward and appreciate all the questions, but also the ongoing conversation that this will have.  We hope that it's not just you all came to the IGF, packed the room, and we really are thankful for that, but also stay engaged on this topic.  It is a topic that affects a lot of people but getting into the nuance and finding the policies, the transparency and elsewhere, we want to keep the conversation going.
>> PAUL VIXIE:  Thank you, Robert.  And he's right, you should send him e‑mail if you have further comments.  If you can't find him, send it to me and I'll forward it to him.  Let me just say we're out of time.  I have huge, huge appreciation for my panel.  You guys came a long way and did a lot of quick thinking and quick speaking without a lot of preparation by us, and I really appreciate all of your contributions, and again, I thank all of you for coming.  We care deeply enough about this issue to put ourselves on airplanes to come talk to you about this, and that means we really resonate to you who are willing to sit here and talk to us about it.  So thank you.
(Session ended at 12:30)