Pennsylvania Refuses to Disclose Banned Website List
koehn writes "In an interesting turn of events, the Attorney General of Pennsylvania has ordered all PA ISPs to block sites that have child porn. If that's not bad enough, they won't tell you which sites those are because - so the excuse goes - that could be construed as 'disseminating pornography.' So much for public review, huh?" See the previous story.
It seems likely to me that they simply don't have a list, and they want to make it the ISP's problems. The best law enforcement agencies in the country can't stop kiddy-porn rings, so let's see if overworked sysadmins can! If it fails, at least we'll be able to pass the blame...
I think ISPs should simply declare that, to the best of their knowledge, there is no kiddy porn on the web, and only block things if they get complaints (then report the complainant as having viewed kiddy-porn.)
Sig:Why copyright isn't a fundamental human right
If all of these sites actually contain child porn why not focus all efforts on getting them shut down completely .. having a few ISP's block these websites accomplishes nothing ..
Several things that bother me about it:
1. It's a slippery slope. Once the goverment decides that its job is to censor web sites, where does it stop? All pornography? Terrorist sites? Legitimate news sites from "terrorist countries"? Legitimate news sites period? Bad precedent, in my opinion.
2. This is a job that should be done at the end-user location. Want to surf safely? Don't surf on machines that don't have content filtering programs on them. Want your child to surf safely? Don't let him/her surf on machines that don't have content filtering programs on them.
3. Lastly, what are we protecting people from? It's an evil world, and evil stuff exists out there. We can't ignore it. And hiding it doesn't make it go away. I'm not sure what this fundamentally accomplishes.
...if you don't get to look at the list, how do you know it's not being abused? How do you know that they are all child porn sites, and not, for example, pro-choice advocate sites, or whatever the reviewer decides is against his personal beliefs?
If I was in charge of the list, and I knew that it would never be seen by anyone but me and my cronies, then I've got a really big stick to wave around the heads of those people I don't agree with. Child porn is bad, but the potential to lose some bit of freedom is worse. Eventually those kids grow up and either adjust or they don't, but lost freedoms are usually gone forever and they affect everybody in the country. There is no bigger superpower than us that can come and bail us out if our govt becomes a totolitarian regime, so we have to defend our liberty at all cost while we have the chance.
Why do laws like this, which are completely impossible to force and redundant (possession of child porn is ALREADY illegal, why force ISPs to filter it?) manage to get passed?
Because who the hell expects to get any votes after voting against a child-porn law?
They only get away with stupid laws like this because most people don't look past the title, so we get things like "The Patriot Act"...
If the AG knows of child porn sites he should shut them down directly, by law. If they aren't in PA he can send the URLs to the federal government. But nothing in the Constitution can be construed to permit prior restraint of expression that has not been deemed illegal.
The thing someone has to learn is that when government does anything that is a bit unusual or secretive, no matter how small, it's usually a test. Parents with kids understand it. Kids test you to see how much shit you're willing to take. Similarly, government likes to see how much shit you're willing to take. Once they see most people are cool with keeping something secret as long as they attach child porn to it, they'll start doing other things.
Yeah, sure, you'll say again, no slippery slope. And of course, to make that position, you'll ignore all of U.S. History from the late 1700's to today.
Only in slashdot are posts of solidarity modded at -1 Redundant, while posts of antagonism are modded as -1 Flamebait.
Even if the program were honest and verifiable, it would still be a bad idea. This essentially closes off sites that alow user posts, such as Slashdot. All you have to do to kill Slashdot in Pensylvania now is persistenlty place kiddie porn links into your posts. But it is not honest and it is not verifiable so the state could just block Slashdot as it pleases. If people noticed and complained that they can't find Slashdot anymore, the State can claim it was an honest mistake. The damage would have been done as the people would have been kept from knowledge in a timely manner. Other sites that few no about can be blocked with impunity.
Friends don't help friends install M$ junk.
You are ASSUMING it is just child pornography that is being blocked.
How do you know? What if some site showing the current Governor of Pennsylvania's wife in a "compromising" position is also blocked?
Need help treating your acne? Come here!
How the hell are ISPs supposed to be able to implement and deploy this blocking according to the official list if they are not given a copy of the list? And doesn't that law at least claim it applies to any ISP, even out of state, as long as it serves customers in Pennsylvania ... at least for the Pennsylvania customers? I'd like to know if the list consists of IP addresses, domain names, or complete URLs (or some mix of these).
If the list has IP addresses only, then it would be theoretically possible to deploy this in a router access list. But many routers don't scale well with large lists because of sequential implementation. And what if the web site in question changes IP address periodically? Does the IP address list get updated equally as often?
If the list has domain names, perhaps those can be remapped to IP addresses regularly, and put in the access list.
In either case, using IP addresses has "collateral damage" effects on other web sites sharing the same server, and maybe even other services if not deployed to specific ports (e.g. other connections like SMTP won't work). I'm sure that Mike Fisher, who is so full of himself that he tries to make people think he is the only attorney general around by registering attorneygeneral.com and attorneygeneral.gov, won't care (using the same theory spam fighters use that if the ISP hosts bad customers, then everyone should suffer until the ISP stops hosting them or goes out of business).
Or perhaps the list consists of URLs, including path names to specific site areas or user pages. The problem is most routers can't deal with that at all. You need a web proxy. That means ISPs now have to pay out more money to run web proxies, with all their associated problems, such as DNS lookup failures for users accessing web sites in different DNS realms (e.g. DNS name spaces NOT rooted at the normal ICANN root servers) or with add-on TLDs (e.g. pseudo-realms that take normal TLDs and combine with special TLDs like ... uh ... the ".xxx" and ".sex" TLDs). And what about accessing HTTPS sites via the proxy? The certificates won't match up unless the browser is configured to "trust" the proxy (e.g. accept the proxy's certificate for that half the end-to-end path, or just connect to the proxy unencrypted and ask for an HTTPS URL). If the ISPs don't filter on HTTPS, then the porn sites that are intended to be blocked can just make HTTPS work. OTOH, if the ISPs force proxying HTTPS, that becomes a major privacy violation.
So one way or the other, porn sites can evade the blocking. If blocked by IP address, they just move around ... maybe as often as every 5 minutes with very dynamic DNS or other very highly distributed methods. And if blocked by URL, they can use HTTPS to bypass proxies or force the ISPs to invade secure web privacy. And if blocked by domain name in the DNS server (using local authoritative zones) users can get around that by not using the ISP DNS servers, running their own DNS servers, or the porn site can register more domain names (they're cheap for porn operators).
And with tens of thousands of open proxies around the world (check today's load of spam for more addresses), there's going to be plenty of ways for perverts to get their fix once they learn these methods. Is the PA AG going to track all the open proxies out there, too?
But in either of these cases, there isn't much the ISP can do without the list. And I didn't see anything in the text of the law that says the list has to be held in strict confidence by the ISP (as if that would apply to an out of state ISP anyway).
now we need to go OSS in diesel cars
Or maybe the music industry is selling what people want but are ashamed to admit they want. Heck, it wouldn't be the first time.
I think people over-react to child porn. Just look at the replies in this topic. Everybody seems to have to put "I don't like kiddie-porn but..." in every message. It's almost like "I'm not a communist but..." Does anybody really think that someone who doesn't include that disclaimer goes out and rapes kids?
Exploitation of anybody, including children is bad. No question. I fully support going after anybody who makes, sells or buys child porn, but I'm not 100% sold on going after people who possess it. If it is simply found "in their possession", which could possibly even mean that it showed up in their browser cache. Should you be in trouble because you mistype a URL and get one of the many porn typo sites?
Maybe intentionally seeking out child porn online should be illegal, but the penalty should reflect the crime. Someone who doesn't buy, sell, or make kiddie porn hasn't hurt any kids. Now the the argument is of course that viewing child porn leads to other crimes against kids. But isn't that the kind of thing that Slashdotters hate when it comes to other things? Just because someone loves playing violent video games and perhaps even makes a level that reflects their school or office doesn't necessarily mean they're going to go shooting up their school or office. Perhaps the punishment for seeking out child porn should be giving up all their privacy in case they can't control their urges.
This isn't intended to be flamebait. I'm sure there's many a libertarian who would agree with me that any action that doesn't actually hurt somebody else shouldn't be illegal. If you're going to moderate it down because you don't like what I'm saying, consider posting a reply instead. And it's not offtopic, the topic is child-porn and law, isn't it?
I think you misunderstand the purpose of blocking access to child pornography. There are two reasons why child pornography is considered absolutely horrific by people:
1) They think its gross that someone gets aroused looking at a child.
2) Making child pornography requires a child to be put into a sexual situation, before they are of the age to know that such a thing could possibly be wrong.
Now, legally and constitutionally, the government cannot play thought police. You're allowed to think of gross things all day, as long as you don't hurt anyone with them. So, if someone sits around jacking off to thoughts of children, its gross, but you can't stop it.
However, if you start taking pictures of it, and forcing real children into that position, you are hurting someone (the child in question). Because of that, the production of child pornography CAN be deemed completely illegal, outlawed, and censored. Its a matter of stopping children from being sexually abused.
But, simply stopping people from producing this pornography is not enough for most people. They fundamentally feel that anyone who would look at this stuff, even if they haven't produced it, is a sicko who deserves to be punished. Furthermore, they argue that by allowing existing child pornography to be obtained, even though it causes no further harm to the child, it encourages the phedophile to think about his problem even more, and ultimately, will result in more sexual child abuse. The link between viewing porn and increased chances of sexual abuse is not very well proven. Some studies say maybe. Some studies say no.
Thus, the rationale isn't to stop people from things they shouldn't be looking at. Its two fold. First, they want to stop children from being used in this abusive manner for the photo shoots. Killing the market, kills the abuse. Second, they argue that viewing child pornography makes you more likely to commit sexual child abuse, and on those grounds they try to block it, for the good of the children.
As a side note, the Supreme Court heard a case about the possibility of virtual child pornography, where you have a computer generated child being sexually depicted, without ever having a real child involved. I forget how the court ultimately ruled, but I believe they found the law to be overbroad, and struck it down.
It's not quite enforcing the law. Enforcing the law would be putting down those sites rather than blocking the access to the sites.
The problem with this situation is that no one but the isp and the attorney general knows which sites are being blocked. There was a story in theregister.com a few weeks ago about a site that the city of Chesterfield wanted blocked by google. Seems that Chester the Molester was supposedly a child porn site. Google blocked them. The site had no idea they were being blocked.
Turns out that the site was actually a site with tasteless jokes. No child porn involved. But the city of Chesterfield didn't care or couldn't tell.
So what happens when PA decides that slashdot should be blocked? Or sites that critisize the PA attorney general? No one will know it because PA won't allow the list of sites be be known.
What happens when one of the sites being blocked goes out of business or gets a new IP? Some innocent site gets that IP, and no one in PA will know. Is the attorney general going to keep that list up to date? Is he going to let the ISP's know when to stop blocking address blocks? How can he? If the isp is blocked the address, he can never check that address again either, so he won't know it's clean.
The whole thing is just a mess.
Furthermore, they argue that by allowing existing child pornography to be obtained, even though it causes no further harm to the child, it encourages the phedophile to think about his problem even more, and ultimately, will result in more sexual child abuse.
I know you're just summarizing key points, but don't forget that those photos are of people who are still alive and/or have families. I think it could be easily argued that the act of distributing this stuff continues to victimize the survivor, even if no money changes hands, no other children are touched etc.
But your sentiment seems to be that this whole thing is a savage witch hunt... which I agree with.
If they really want to stop child pornography and child abuse, they should have a two-sided message. The other side being "if you have a problem..." But everyone seems to be more interested in projecting their hatred... It is socially encouraged to demand that pedophiles be dragged through the streets by their testicles, flayed to the bone, drawn, quartered then set on fire.
(Pause for cheers from the peanut gallery)
As it is now, the severe punishments and public shaming means that for a pedophile, it is in their best interest to beat or threaten a child into silence, or to kill them.
(Pause for morbid silence)
It's a sad and screwed up situation.
This is a moronic law, because it hides rather than addressing an issue. And the AG needs a beating with the dumbass stick for refusing to release the list, for which there is NO valid argument.
This has not one thing in common with immigration, so I'm not sure where you got that from.
This law, and support of it, belies a fundamental misunderstanding of what law is for. It's not the job of the state to protect you. If the state wants to stop kiddy porn, it has to seek out purveyors of it and arrest them. Blocking it at the ISP level won't do a damn thing.
Some other problems, which I'm sure the AG is aware of but doesn't care about:
a) No oversight. Since there's no way to confirm that a site is actually listed, there's no way to tell whether or not a site is listed incorrectly.
b) Related to a). No evaluation. If a site is listed incorrectly, or if the domain is bought by someone else (for example) and is no longer a porn site, there's no way to unlist it. There's not even any way to evaluate if it should be unlisted, since access to it from within PA is supposedly impossible and illegal.
c) Prevents law enforcement from prosecuting kiddy porn, for the same reason. Law enforcement officers can't access kiddy porn sites from within PA, and therefore can't investigate them.
This is exactly the sort of law that should be under immediate suspicion of abuse, because it fails to addess the problem it purpots to solve, it's overly broad and allows broad leway on behalf of legislature and law enforcement, and because there's no oversight. If it's not being abused right now, it certainly will be in the future.