ASIC reveals depth of ignorance over website blocking debacle

ASIC teams asking telcos to implement online blocks under Section 313 of the Telco Act "were not aware that a single IP address can host multiple websites"

Teams at the Australian Securities and Investments Commission that employed section 313(3) of the Telecommunications Act 1997 to force Internet service providers to block access to websites "were not aware that a single IP address can host multiple websites," the financial watchdog has revealed.

ASIC's attempt to block access to websites engaging in online fraud backfired in 2013. The organisation issued a request to "a number of telecommunications carriers" to block access to three IP addresses used by websites involved in investment scams.

As a result, access to thousands of unrelated websites was cut off for Australians who were customers of the ISPs that implemented ASIC's request.

"Once we became aware of the risk that our s313 blocking requests could result in the inadvertent blocking of websites we reviewed our procedures to identify how this was able to occur," states a submission by ASIC to an inquiry examining the use of the section of the Telco Act.

A number of submissions to the inquiry, including ASIC's, were made public today.

"We also undertook a review of other s313 requests to ascertain whether other non-fraudulent websites had been blocked," ASIC's submission states.

"This review alerted us to an IP address that hosted in excess of 250,000 websites. A further review indicated that in excess of 99.6% of these sites contained no substantive content. This blocking request was removed."

After the debacle became public ASIC implemented internal changes to prevent a repeat, the submission states.

The changes meant an ASIC team would first have to liaise with ASIC's forensic team to make sure only a relevant website would be blocked and "work closely with the relevant telecommunications carriers to ensure that blocks are actioned effectively and responsibly, including that only the targeted website is blocked".

ASIC has not issued a request for ISPs to block access to websites since April 2013, but the submission makes clear the organisation hasn't ruled out future use of s313.

A list of s313 blocks requested by the agency included in the submission reveals requests issued to telcos that date back to June 2012.

The ASIC submission states that it supports increased transparency and accountability over the use of s313. However, ASIC argues that organisations should be able to continue authorising their own section 313 notices.

"Alternative approaches, such as requiring requests to go through a ‘central agency’, can have a negative impact on agencies’ ability to block offending websites in a timely manner, without necessarily providing significant improvements in either transparency or accountability," the submission states.

When it comes to which organisations should be able to issue s313 notices, ASIC said the committee conducting the inquiry may want to consider a similar regime to that in the Telecommunications Interception and Access Act 1979 in relation to stored communications warrants.

"The definition of 'enforcement agency' [in the act] includes any body whose functions include administering a law imposing a pecuniary penalty or a law relating to the protection of the public revenue," the submission states.

The federal government in July announced the inquiry, which is being conducted by the House of Representative's Standing Committee on Infrastructure and Communications.

The inquiry's terms of reference state: "How law enforcement agencies use section 313 to request the disruption of such services is an important public policy question. Section 313 is also used for other purposes, but the Committee will inquire solely into and report on government agency use of section 313 for the purpose of disrupting illegal online services."

The inquiry is examining which agencies should be permitted to make use of section 313, how much authority should be required for the use of section 313, what "illegal or potentially illegal online services" should be subject to action under section 313, and the "transparency and accountability measures that should accompany such requests".

The use of section 313 has previously been condemned as risking the stealth implementation of a de facto Internet filtering regime in Australia and drawn the ire of civil libertarians.

The former communications minister, Labor Senator Stephen Conroy, said last year he was in favour of increased transparency over the use of section 313.

The inquiry is due to report to parliament by 1 July 2015.

Follow Rohan on Twitter: @rohan_p

Read more: Brandis mum on data retention cost

Join the Computerworld newsletter!

Error: Please check your email address.

Tags censorshipcivil libertiessection 313telecommunications actinternet filter

More about

CIO
ARN
Techworld
CMO