The announcement this morning in the Times that New York State AG Andrew Cuomo had reached an agreement with three US network operators (Verizon, Sprint, and Time Warner) about blocking child pornography was both less and more important than it appeared.
It’s less important in that part of the agreement covers something ISPs already do, which is to react swiftly when they get information about child porn on the sites they actually host. Federal law requires hosts to report such material they learn about promptly to the federally-sponsored National Center for Missing and Exploited Children (NCMEC), or risk fines of $50,000 per image. ISPs also routinely (and promptly) take down this material from their servers once they know about it. (Here’s a code of conduct suggesting this.)
It’s more important in that it takes a practice that had been implicit, voluntary, and quiet – the sharing of information between law enforcement authorities and ISPs about child pornography, including the sharing of lists of sites that law enforcement authorities want blocked – and makes it into an enforceable, mandatory agreement. It looks as if the explicit agreement that is the subject of the Times story concerns only Usenet. But there is no particular limiting principle here, and the agreement could extend to anything else that law enforcement believes to be illegal.
Coupled with the story today that French ISPs have agreed to block a wide variety of distasteful content, including hate speech as well as child pornography, today is a day to reflect on possible negative consequences of such an approach. (I’ve written about this in the past, here.)
What’s on the list? Once AGs move beyond Usenet, and they will, what more will be added? Will innocent speech be mistakenly identified as unsavory, and blacklisted? How does a site get off the list? Movie houses can stop showing adult movies, and URLs can stop being the site of indecent material.
Who makes the list? The story about the French approach indicates that users can nominate sites to be blocked. In our country, NCMEC has enormous authority. What’s the clearance process for these techniques? Could they be abused?
What does it take to carry out the desires behind the list? If an ISP is handed a list of sites/communications to block, what do they have to do to implement the blockade? Four years ago blocking IP addresses (the then-common technique) was found to block too much innocent speech to be constitutional. (Opinion here.) If ISPs have figured out how to do more sensitive filtering, does that sensitivity require detailed information about what each user is up to (deep packet inspection)? Could that sensitivity be misused for the ISPs own commercial reasons (targeted advertising)? Also – could the blocking of categories (note the reference to all usenet postings) result in the blocking of innocent speech?
What does this mean for the free flow of information online? Governments around the world have an interest in shielding their citizens from illegal speech – in the case of child pornography, the animating idea is protecting children from being abused. We react immediately to child pornography, and its creation and dissemination is widely prosecuted. (We’re even going after the dissemination of virtual child porn these days — but see Justice Souter’s stirring dissent.)
Going beyond the prosecution of the people involved in the production of this unspeakable material to requiring network operators to affirmatively monitor for child pornography is a substantial step – and one U.S. federal law has avoided as far as I know. Will this interest in going after intermediaries, reported on today, always trump the social value of having an interconnected, un-inspected, fast-flowing internet?