E LAW - MURDOCH UNIVERSITY ELECTRONIC JOURNAL OF LAW ISSN 1321-9347 Volume 9 Number 3 (September 2002) Copyright E Law and author File: chalmers93.txt ftp://law.murdoch.edu.au/pub/elaw-issues/v9n3/chalmers93.txt http://www.murdoch.edu.au/elaw/issues/v9n3/chalmers93.html ________________________________________________________________________ Regulating the Net in Australia: Firing Blanks or Silver Bullets? Robert Chalmers University of Adelaide School of Law Contents * 1. INTRODUCTION * 2. DIFFICULTY IN IMPLEMENTING REGULATION * 3. THE EXAMPLE OF CENSORSHIP o 3.1 Limitations of pre-existing censorship laws o 3.2 Broadcasting Services Amendment (Online Services) Act + 3.21 The process of developing the legislation + 3.22 The legislative framework + 3.23 Technological and cross border problems + 3.24 Operation and Review of the scheme + 3.25 EFA - FOI requests and AAT Appeal + 3.26 Government's legislative response to FOI requests o 3.3 Non-regulatory approaches o 3.4 State Implementation of the Federal laws o 3.5 United States o 3.6 Europe * 4. INTERACTIVE GAMBLING CONTROLS o 4.1 Enabling Legislation - Queensland Interactive Gambling (Player Protection) Act o 4.2 Blocking Legislation - Interactive Gambling (Moratorium) Act 2000 o 4.3 Ban - Interactive Gambling Act 2001 o 4.4 Recent Case Law from the US * 5. CYBERCRIME o 5.1 Cybercrime Act 2001 o 5.2 Cybercrime Convention o 5.3 US Action * 6. SPAM o 6.1 NOIE interim report * 7. CONCLUSION * NOTES 1. INTRODUCTION 1. Many of the recent Australian regulatory initiatives created to address perceived Internet based problems were subject to widespread criticism at the time of their generation and inception (in particular the censorship[1] and gambling controls). 2. This paper will consider the following examples of local Net regulation: • Broadcasting Services Amendment (Online Services) Act 1999, attempts to introduce State "mirror" legislation[2] and other State laws; • Interactive Gambling Act 2001 (and predecessors); • Cybercrime Act 2001 (in particular its provisions directed against denial of service attacks); • The 2002 "Spam" reference to the National Office for the Information Economy (NOIE). 3. Based on performance data now available, how successful have the older regimes been in addressing the issues that prompted their creation? Do any of the newer reforms or proposals reflect any learning from earlier experiences? Given the difficulties (technical, practical and jurisdictional) of regulating Internet based activity, is the law of any real use in these fields or is it just window dressing? Or even if ineffective, does it serve some other useful signalling or symbolic function? 4. Some comparison will also be made with international experiences in this area, especially in the United States and Europe, along with mention of alternative and extra-legal methods of control. 5. The problems posed by the Internet are serious, but this paper argues that recent attempts to tailor specific laws to deal with these problems have proved fairly futile in providing an effective remedy. They may have achieved certain political goals, but they have done so at a significant cost. More care and consideration is needed in crafting appropriate laws, and more emphasis needs to be placed on extra-legal methods of control. 2. DIFFICULTY IN IMPLEMENTING REGULATION 6. The Internet provides a new communications medium which is potentially very flexible and can enable very fast, widespread distribution of information of all sorts on a world wide basis. It is also possible to encrypt such information, hide the nature of information which is being distributed, or even the fact that any meaningful data is being exchanged at all. This new technology challenges the reach and effectiveness of previous regulation of media in more traditional formats, including (but not limited to) censorship regulation. The sheer volume of material transmitted through the Internet also contributes to the impossibility of creating a watertight monitoring system. 7. The Internet provides a new channel not merely for the distribution of all sorts of material, but also the establishment of interactive services. Some of these may involve materials or activities that have previously been regarded as offensive or are restricted, regulated or prohibited in some way in the "off line" world. 8. Obviously the Internet and other information technologies pose considerable challenges for the effective regulation of activities they mediate, given: the ease of reproduction and dissemination of material in digital form; the anonymity possible in information distribution; the ability to hide information (through encryption or steganography or other methods);[3] and difficulties in enforcing controls. The difficulties in enforcing controls apply particularly in relation to cross border activities (participants in such activities may be in a number of different jurisdictions). The problems here include inconsistency of regulation cross-border, the difficulties of establishing effective co-operation of authorities cross-border, and the general cost and complexity of dealing with activities that need to be traced through many different countries. 3. THE EXAMPLE OF CENSORSHIP 9. This section will consider the Broadcasting Services Amendment (Online Services) Act 1999 and related State legislation. This example is useful to consider as it is now the oldest of the relevant Commonwealth regulatory schemes in Australia. The regime was subject to widespread criticism, particularly in the lead-up to its introduction when some commentators decried the proposals as making Australia a "global village idiot" or the dunce of the networked world, in purporting to control the uncontrollable, and serving only to hurt local industry (content producers), partly through uncertainty as to the reach of these controls. While the Government never promoted these laws alone as constituting an effective system of control (as we will see below), there did seem to be a significant political motivation in introducing these laws and being seen to try to do something, or reassure a less informed public that the Internet was a safe place to interact with.[4] 10. The effectiveness and cost of the regime in achieving anything beyond short term political aims is however another question, and it is an opportune time to re-examine its achievements as there is soon to be a formal review into the impact of these laws. 3.1 Limitations of pre-existing censorship laws 11. Pre-existing censorship laws[5] still applied to online content published, sold or hired using the Internet, where the resulting materials were expressed in hard-copy form, or stored in a permanent form. But it was not clear whether the acts of publishing, distributing or accessing information over the Internet would be an offence.[6] Further, the models adopted in many countries to regulate traditional media content have relied on the production and distribution of trackable and seizable "hard copy" content being carried out domestically in a relatively centralised and organised manner. The Internet provides a radically different distribution model. 12. As a result of this, and public concern about exposure of offensive material on the Web in a readily accessible form, many governments have been considering or have attempted to implement controls which extend to regulate the distribution of information via this new technology. Australia has been at the forefront of such efforts for some years, and has alternatively been viewed as "world leading", "draconian" or as being a "global village idiot" for these attempts. There are very real problems at a technical and regulatory level in trying to effectively regulate the dissemination of offensive material, which are acknowledged at least to some degree even by the Federal Government. 3.2 Broadcasting Services Amendment (Online Services) Act 3.21 The process of developing the legislation 13. Concern about how to deal with Internet based distribution of offensive material had been building for some time. The Australian Broadcasting Authority had been involved in a pioneering study into international regulatory issues.[7] The Standing Committee of Attorney Generals had also been considering draft model legislation for online content since 1996.[8] 14. After announcing its basic intentions in 1997 and being involved in some consultations, the Federal government eventually introduced the Broadcasting Services Amendment (Online Services) Bill 1999 into the Senate on 21 April 1999, without a previously promised exposure draft stage (pre-empting more extensive public comment and involvement in its formulation). The legislation was passed in the Senate in late May and debated and passed in the House of Representatives in June 1999. 15. The prefatory statement in the Explanatory Memorandum states that: "The Government takes seriously its responsibility to provide an effective regime to address the publication of illegal and offensive material online, while ensuring that regulation does not place onerous or unjustifiable burdens on industry and inhibit the development of the online economy." 16. The regulatory framework purports to strike a balance between the interests of the industry and wider community concerns about illegal or highly offensive material that may be harmful to children. While acknowledging technical difficulties with blocking material that is hosted overseas, the Government considers that where it is technically feasible to block material this should be done and states that: "It is not acceptable to make no attempt at all on the basis that it may be difficult." 17. The government had considered four regulatory models:[9] (a) an individual licensing scheme for service providers setting standards of propriety pre-market; (b) co-regulation involving industry self-regulation within a legislated framework; (c) industry self-regulation without legislative supervision; (d) no specific action, relying on the market in conjunction with existing law. 18. Model (b) is the model the government selected. Another issue they needed to consider was what range of material should trigger action by the ABA. There were two pre-existing models to choose from: that applying to videos and magazines or that applying to subscription broadcasting and narrowcasting television services: (1) restricting the definition to any material that has been (or would be) Refused Classification (RC) under the National Classification Code. This would leave X- and R-rated material to be regulated under State and Territory legislation and would be consistent with the regulation of `off-line' material, such as videos and magazines; (2) restricting the definition of proscribed material to any RC material and material classified X, and material classified R that is not protected by adult verification procedures such as passwords or PINs. This would be consistent with the regulation of content on pay TV and narrowcast services where X rated material is prohibited and R rated material must be encrypted or modified. 19. The government also considered a compromise position but decided ultimately to proscribe RC and X rated material, plus R-rated material that is not protected by adult verification systems. Part of the reasoning was to ensure consistency with regulation of subscription broadcasting and narrowcasting services (given that access to online services can be seen to be less discretionary than access to conventional content in hard copy form). The decision also sought to take into account possible future technological convergence which may result in online services becoming more like broadcasting (and so purportedly needing a higher level of regulation). The government was also concerned about the ease of child access to such material. 3.22 The legislative framework 20. The Broadcasting Services Amendment (Online Services) Act 1999 amended the Broadcasting Services Act to provide for the regulation of online services. There are numerous other articles discussing the detail of the framework[10] but for the purposes of this article in overview the main elements of the system are as follows: • "Internet content" is defined as stored information which is accessed over an Internet carriage service, including material on the World Wide Web, postings on newsgroups and bulletin boards, and other files that can be downloaded from an archive or library; • a complaints mechanism is set up so that people can complain to the Australian Broadcasting Authority (ABA) about offensive material online; • material that will trigger action is defined on the basis of National Classification Board guidelines for film (Guidelines for the Classification of Films and Videotapes), as material Refused Classification and rated X,[11] and material rated R[12] that is not protected by adult verification procedures[13] It is important to note that the R classification is not preserved simply for pornography, but extends to cover other material, including that dealing with "adult themes" - including non sexual material such as suicide, crime, corruption, marital problems, emotional trauma, drug and alcohol dependency, death and serious illness, racism and religious issues; • the ABA can issue notices (so called "take down" notices) to service providers aimed at preventing access to prohibited material. If the material is hosted in Australia and is prohibited, or is likely to be prohibited, the ABA will direct the Internet content host to remove the content from their service; • If the material is sourced overseas the ABA will notify the content to the suppliers of approved filters.[14] Makers of the filtering software products update their products to "blacklist" access to sites hosting offensive material to filter future Internet access. Referral of content to the makers of approved filtering software products is provided for in industry codes of practice developed by the Internet Industry Association (IIA), which are given teeth by the legislation in this so-called "co-regulatory" scheme.[15] • If the material is sufficiently serious (eg child pornography), the ABA may refer the material to the appropriate law enforcement body; • indemnities are given to service providers to protect them from litigation by customers affected by ABA notices; • there is a graduated scale of sanctions against service providers breaching ABA notices or the legislation; • subject to the ability of the Minister to declare a person to be an Internet Service Provider ("ISP"), the legislation does not apply to private or restricted distribution communications such as ordinary e-mail or real time chat services or voice over Internet communications.[16] • a community advisory body exists to monitor material, operate a `hotline' to receive complaints about illegal material and pass this information to the ABA and police authorities, and advise the public about options such as filtering software that are available to address concerns about online content. 3.23 Technological and cross border problems 21. The Regulation Impact Statement in the Explanatory Memorandum acknowledges the difficulties faced in attempting to regulate this area: "Online communications are an intrinsically global medium. This means that no system of national regulation, short of isolating the nation from all transborder electronic communications, can expect to control all information transmitted online. Similarly, network or service provider blocking of objectionable content emanating from overseas may not be effective, given the rapid growth of Internet sites, the impossibility of monitoring each one or monitoring all telecommunications traffic, and the relative ease with which users can by-pass domestic service providers by accessing Internet nodes offshore through the international telephone system. Nor can online service providers be made to 'police' the content transmitted through their service (as for example a cinema or newsagent is made to in relation to conventional media), because the online service provider will often not be aware of, or be in a position to be aware of, much of the content which is being accessed or provided by users of their service." 22. The government acknowledged the difficulties with blocking international access, including a CSIRO study that concluded that blocking by service providers of non-hosted material (such as material sourced from overseas) may be ineffective. It rejected the option of doing nothing about such overseas material on the basis that the majority of online material is sourced overseas, and so supposedly exclusion of it from the regulatory model might undermine confidence in the regulatory framework. However, the government did not seem to acknowledge that doing something comparatively ineffective about it (which might be seen as the end result) may also undermine confidence. 23. Internet service providers (ISPs) play their part by providing filtering software to their users in accordance with the IIA codes. ISPs have to supply filters if requested - most people apparently don't want them[17] (note also that users are responsible for their configuration and maintenance). The CSIRO conducted a major study for the government on filtering products, which noted the lack of any perfect solution and the dilemma posed by the fact that the more "effective" a filter was in filtering out objectionable content, the more likely it was to impact on overall performance and access to non objectionable content.[18] 3.24 Operation and Review of the scheme 24. What do available data about the operation of the scheme tell us as to its success in meeting its aims? The scheme started on 1 January 2000 and during the first 3 months, the ABA received 124 complaints, issued final take-down notices for 31 items of Australian-hosted content, referred 45 items of content to the makers of filtering software products and referred 7 items of content to law enforcement agencies. About half the investigations resulted in the location of prohibited or potential prohibited content.[19] 25. Some of the tables from the ABA's 6 month review of the operation of the Act are reproduced below. As will be seen from an examination of these tables, the bulk of the offensive content complained of was hosted outside of Australia, and so was effectively beyond the reach of the system's take down provisions. Table 1: Outcome of Completed Investigations Australia Outside Aus Total Not Prohibited or Potentially 27 9 36 Prohibited Content Prohibited or Potentially 9 26 35 Prohibited Content Total 36 35 71 Table 2: Action Arising from Completed Investigations Australian Hosted Items* R Classified (restricted access system not implemented - 5 final take-down notice issued) X Classified (final take-down notice issued) 3 RC Classified (final take-down notice issued) 23 Hosted Outside Australia[20] Items* Prohibited or Potential Prohibited (X) - referred to 10 makers of approved filters Prohibited or Potential Prohibited (RC) - referred to 35 makers of approved filters[21] Referral to Police 7 * Some items were the subject of more than one complaint while some complaints resulted in the investigation of a number of items. 26. As even the ABA representatives involved in administration of and reporting on the scheme acknowledged in a paper relating to their six month review, "in the end, it is up to individual users to actively manage their own use and that of the young people in their care".[22] 27. The latest report from the ABA on the operation of the scheme was issued on 13 February 2002 and related to the period 1 January and 30 June 2001.[23] A few excerpts from its tables sections are shown below. Again obvious, but this time more markedly than in relation to the 6 month review, is the fact that the vast bulk of such material is not hosted in Australia and so is beyond the reach of its regulators. Outcome of investigations Location of Prohibited/potentially Not prohibited Total Internet content prohibited[24] host Australia 8 8 16 Outside Australia 90 79 169 Total 98 87 185 Referral to law enforcement agencies Jan to Jun Jul to Dec Jan to Jun Total 2000 2000 2001 Australian Federal 51 105 104 260 Police State or Territory 44 45 23 112 Police 28. Clearly the scheme can do nothing mandatory about material hosted off-shore, where indeed the vast bulk of it is stored. Equally obvious is that there has been no noticeable reduction in the availability of pornography on the Internet (indeed in the wake of the dotcom crash this is purported to be one of the Internet's few remaining growth areas). And now we are facing new and more intrusive methods of distribution or advertising for such material (by means of spam - see below under section 4). 29. Further, many groups are concerned about the potential breadth of the controls, the actual practices used in their enforcement and the lack of checks or balances in the system: "This is an unaccountable regime?Unless it is made more accountable, there is no way to know whether the ABA is implementing the law properly?For instance, they've refused to even give us information about materials classified 'R,' which is not illegal for adults to access... At this point, the public is not even being allowed to know what the ABA is censoring?If no one tries to make them accountable, they could become more and more draconian."[25] 30. On the other hand, while there may have been some degree of inhibition of local activity in posting material to the Internet which deals with adult themes or otherwise skirts the boundaries of "acceptable" content in the name of art or freedom of speech, there has probably not been as profoundly chilling effect in this respect as some earlier commentators feared,[26] if for no other reason than lack of awareness of the potential impact of the controls, and the lack of publicity in relation to such matters now that the political debate has moved on to other issues. 31. Note that the legislation is required to be formally reviewed by 1 January 2003. It is to be hoped that the review will result in some improvement,[27] although it seems unlikely that the current scheme will be dismantled, despite its ineffectiveness in doing anything substantial about the presence of offensive material on the Internet. 3.25 EFA - FOI requests and AAT Appeal 32. As is evident from the quote set out above, Electronic Frontiers Australia is one of the organisations that has been concerned about the lack of transparency around the operation of the scheme, in particular in relation to how the ABA is making decisions about classification of content, especially at the border line where such decisions are being made in relation to content which is not of a blatantly offensive nature (such as child pornography) but rather relates to "adult themes". The EFA filed a request in February 2000 under the Freedom of Information Act seeking further details of the "take-down" orders issued under the Act. They eventually received a censored copy of documents but these provided little further information about the sites taken down or their content. EFA then went to the Administrative Appeals Tribunal in July 2001 seeking review of the decision to censor most of the important information. They complained that Internet sites are being treated more harshly than "offline" films, publications and video games, where such details are available.[28] 33. However the chairman of the ABA, David Flint, defended such differential treatment: "While there are obvious practical and legal difficulties in obtaining access to a censored film, an Internet access allows and even invites access?Many of these proscribed sites show the most appalling abuse of children, sometimes very young."[29] The ABA argues that it can't make address or URL information public or it might be seen to be promoting such sites. However the EFA has repeatedly denied that it is actually seeking such address details - rather it is seeking relevant information in relation to how the ABA is operating the scheme and making decisions about content. 34. The AAT handed down its decision in Electronic Frontiers Australia Incorporated and Australian Broadcasting Authority (Q2000/979)[30] on 12 June 2002, rejecting EFA's appeal, but evidently not without some difficulty in trying to balance administration of the system against public rights of access to information relating to that administration. The AAT acknowledged that there were: "important issues relating to censorship, openness of government and even to the confidence that the public has in the agencies of government to implement and administer its schemes with integrity for secrecy can ultimately lead to the public's questioning integrity even where there is no need for such questioning"[31] 3.26 Government's legislative response to FOI requests 35. Apparently in response to the FOI requests from EFA, the Government introduced proposed amendments to the Freedom of Information Act 1982 on 27 June 2002 - in the form of the Communications Legislation Amendment Bill 2002. The changes would exempt the Office of Film and Literature Classification and the Australian Broadcasting Authority from requirements under FOI law to disclose certain documents that relate to the operation of the censorship regime. Two new definitions are inserted: "offensive Internet content means Internet content (within the meaning of Schedule 5 to the Broadcasting Services Act 1992) that is: (a) prohibited content (within the meaning of that Schedule); or (b) potential prohibited content (within the meaning of that Schedule)." "exempt Internet-content document means: (a) a document containing information (within the meaning of Schedule 5 to the Broadcasting Services Act 1992) that: (i) has been copied from the Internet; and (ii) was offensive Internet content when it was accessible on the Internet; or (b) a document that sets out how to access, or that is likely to facilitate access to, offensive Internet content (for example: by setting out the name of an Internet site, an IP address, a URL, a password, or the name of a newsgroup)." 36. In the words of the EFA: "The amendments are designed to further prevent public scrutiny (and potential criticism) of the operation of the Internet censorship regime and of claims made by the Minister, the ABA and the OFLC."[32] The EFA thinks the changes will enable the ABA and OFLC to completely censor all records relating to Internet classification decisions (for instance by means of use of relevant banned URLs as headers or footers on every page of relevant documents). While the changes may not be interpreted to go to quite the extent suggested by the EFA, they do seem to represent a questionable extension of special exemption to the scheme and run counter to a more open and accountable operation of the classification process. And on the basis of past responses to FOI requests by the ABA the EFA can be forgiven for being suspicious as to how these new provisions, if passed into law, might be used. 3.3 Non-regulatory approaches 37. As described in the Explanatory Memorandum, the Government's approach does not rely on regulation alone. It is also encouraging better education, the development of content labelling and labelling standards, and the provision by Internet service providers of a range of options for consumers to permit subscription to services that only allow access to a "sanitised" cache of permitted material or alternatively services that are filtered by the service provider. 38. Some hope that self-rating and filtering systems will give users choice and offer a means of protection. Initiatives include PICS - the Platform for Internet Content Selection, development of which was supported by the World Wide Web Consortium.[33] Such systems rely on voluntary self-labelling of content according to certain standards, which can be automatically picked up by a properly configured Internet browser, which can then screen access to content which is outside of the user set preferences. The concept for child protection purposes is then that adults can set password protected preferences for child access - presuming the adult has the requisite skill! However only a tiny portion of content accessible on the Internet has been PICS rated and this is a voluntary self rating system in any event, which could be readily abused. 39. Other filtering systems can also be both over and under inclusive in the breadth of the material that they block or filter, indeed there is no such thing as a perfect filter.[34] This has posed major problems for US attempts to mandate the use of such filtering products, given US freedom of speech laws. Note also that such systems can have a degree of cultural loading in the formulation of the relevant categories of content type.[35] For instance, it has been noted that most of the filter products on the market are US developed and so fairly US centric in their cultural concerns and construction. 3.4 State Implementation of the Federal laws 40. There has only been slow and patchy progress towards implementation of the State laws that are needed to mirror and give further sanctions in conjunction with the federal legislation (the federal legislation only gives practical take down sanctions in relation to service providers, but the State legislation is meant to impose criminal penalties on content providers). 41. South Australia moved towards putting such legislation[36] in place but those moves stalled initially in the face of widespread criticism.[37] Legislation has now been reintroduced into Parliament but at the time of writing had not yet been passed. 42. NSW passed laws (not yet proclaimed), but they were referred to a legislative review committee in the face of continuing public concern.[38] That committee issued a detailed report in June 2002.[39] Amongst the key findings of the committee were the following: the proposed model "could have a significant effect on the legitimate use of the Internet and may affect the fair reporting of news and current affairs"; o "legitimate use of the Internet by residents of NSW may be deterred"; o the provisions "may have the unintended consequence of criminalising a wide range of academic or other material which would be legal to publish off-line"; o the regime will not meet the stated policy objectives of deterring the making available of objectionable matter and protecting minors from unsuitable material and is ineffective and unenforceable; o a much better way of achieving the policy objectives would be to use a combination of existing laws, some take down notices, voluntary use of filters, and more education; o the Office of Film and Literature should provide more information about the operation of the scheme and a low cost voluntary classification scheme. 43. Some other states (Victoria, Western Australia and the Northern Territory) had already introduced related laws before the Commonwealth laws. So there is a very inconsistent legal position even within Australia on this topic.[40] Other states such as Queensland apparently have no plans to introduce legislation: "We have our doubts about their effectiveness, so we will wait and see? [it] makes people feel good, but it may not actually do much."[41] 3.5 United States 44. The US has tried unsuccessfully to introduce similar controls on a number of previous occasions. The key additional problem there has been the potential impact of constitutional protections for free speech. US courts struck down Congress's first attempt on First Amendment grounds, the Communications Decency Act[42] ("CDA") which were passed as part of the Telecommunications Act of 1996.[43] 45. Then the later Child Online Protection Act[44] was also struck down on constitutional grounds: "Because material posted on the Web is accessible by all Internet users worldwide, and because current technology does not permit a Web publisher to restrict access to its site based on the geographic locale of each particular Internet user, COPA essentially requires that every Web publisher subject to the statute abide by the most restrictive and conservative state's community standards in order to avoid criminal liability. Thus, because the standard by which COPA gauges whether material is" harmful to minors" is based on identifying "contemporary community standards" the inability of Web publishers to restrict access to their Web sites based on the geographic locale of the site visitor, in and of itself, imposes an impermissible burden on constitutionally protected First Amendment speech?we are forced to recognize that, at present, due to technological limitations, there may be no other means by which harmful material on the Web may be constitutionally restricted, although, in light of rapidly developing technological advances, what may now be impossible to regulate constitutionally may, in the not- too-distant future, become feasible."[45] 46. The US Child Online Protection Act (COPA) Commission was then established to consider strategies for ensuring the safety of children using the Internet. It reported on 23 October 2000, and advocated renewed efforts at education, "user empowerment", and enforcement of existing laws, rather than new legislation. It also raised constitutional concerns about the filtering technology proposed for mandated use in schools and libraries. The latest version of the legislation is the Children's Internet Protection Act.[46] Under this Act schools and libraries receiving federal technology funding were required to use specified Internet filtering software. However, a three-judge panel of the US Federal Court in Philadelphia struck down this Act in May 2002, again because of the inaccuracy of filtering technology that would also suppress legitimate free speech.[47] 3.6 Europe 47. Europe has not been so notable for the introduction of general censorship controls. However there has been much discussion of the efforts of French courts to restrict Internet access to Internet auction sites offering (amongst many other things) Nazi memorabilia - an offence under French Law. In May 2000 French judge Jean-Jacques Gomez of the County Court of Paris ordered Yahoo to block French users from auctions of Nazi artifacts. This ruling was stayed until a three-person international technical panel could debate the technical aspects of the block. It eventually determined (in a partially split report) that Yahoo could keep 70-90 percent of French users away from the offending material. Consequently on 20 November 2000 the Judge upheld the earlier ruling and gave Yahoo 90 days to comply.[48] 48. The Times of London reported this as "the first attempt by any country to impose international censorship on the World Wide Web".[49] There is now a conflicting US decision not recognizing enforcement of the French orders.[50] 4. INTERACTIVE GAMBLING CONTROLS 49. The prospect of Internet gaming activities arrived when there was already growing public disquiet at the impact of more traditional gaming technology such as poker machines. However industry groups (including the Internet Industry Association and gambling operators) stressed the difficulties of enforcing strict controls and the commercial potential of enabling Australian industry involvement in this area and advocated a policy approach of so called "managed liberalism". In response to these different agendas, interactive gambling has been the subject of both "enabling" (State) and "blocking" (Commonwealth) legislative controls, as examined briefly below. 4.1 Enabling Legislation - Queensland Interactive Gambling (Player Protection) Act 50. Initially, a number of state governments were keen to provide a legislative framework to enable or purport to control online gaming activities, with a view to encouraging the local development of new Internet industries, providing some level of "player protection", and (not insignificantly) allowing the State to tap into new gaming revenue flows. State and Territory Gaming Ministers put forward a Draft Regulatory Control Model for New Forms of Interactive Home Gambling in May 1996. 51. An example of such legislation is the Queensland Interactive Gambling (Player Protection) Act No 14 of 1998, which commenced operation in October 1998. Part of the theory was that an operator of such services established in a jurisdiction which imposed controls on these services may actually have a market edge (especially in the early start up phase of the provision of such services) over other unregulated operators elsewhere, because potential users might see such a service as more credible/reliable or situated within a framework allowing some redress if something went wrong. It was thought this might give Australian providers an edge over providers in other countries, enabling them (and the governments regulating them) to tap into a worldwide market.[51] Ironically, while the adoption of this so called "AUS Model" has been blocked in this country by Federal legislation, it has apparently been recognized as best practice elsewhere and is being considered for adoption in other countries.[52] 52. The objects of the Queensland Act were to: regulate and control interactive gambling; protect players; and provide a basis for an inter-jurisdictional regulatory scheme (by reciprocal recognition of regulation and sharing of taxation). The Act contains quite extensive provisions, including a licensing and audit scheme and various provisions directed to giving some basic level of player protection (eg requiring funds in a player's account to be remitted on demand, giving licensed providers limited recourse to players' accounts, and dealing with the issue of inactive accounts, and even allowing for special orders banning certain people (problem gamblers) from participating in interactive gambling, amongst many other things). Section 16 prohibits a person from conducting an interactive game wholly or partly in Queensland or allowing a person in Queensland to participate if the game is not authorised under the Act or a corresponding recognised scheme (in an attempt to provide for recognition of similar systems operating in other jurisdictions). The Act contained a licensing (and taxation) scheme for authorised providers, under which control systems were required, players were required to be registered and could not be given credit. 53. However the permissive but regulated approaches of some States and Territories were fairly rapidly neutered by the actions of the Federal government, as detailed below. 4.2 Blocking Legislation - Interactive Gambling (Moratorium) Act 2000 54. With a change in mood over the abuse of gambling, and following the passage of controls over offensive online material (see censorship discussion earlier), the Federal Government also stepped in to impose a moratorium on the further development of interactive gambling services. The concern was voiced that the Internet (and "datacasting" - a peculiar and subsequently failed Australian regulatory invention) would produce a 'quantum leap' in accessibility to gambling - putting "a virtual 'poker machine' in every home", exacerbating a significant national problem.[53] 55. There was in-principle opposition from religious groups such as the Victorian Interchurch Gambling Taskforce as well as "economic" opposition to online gambling from other traders, including the Australian Retailers Association, whose members were concerned, based on experience with "pokies", that their trade would be impacted negatively by the expansion of online gaming services.[54] 56. Obviously this put the Federal government in direct opposition to State and Territory initiatives to regulate this area in a supportive way - and indeed some Federal Ministers denounced such efforts as "sick and greedy".[55] After some failed attempts to pass the legislation, the government eventually succeeded in persuading previous minority Senate opposition and the Interactive Gambling (Moratorium) Act 2000 came into effect on 22 December 2000. Part of the compromise used to achieve this support was to exempt Interactive wagering services that are simply an extension of current offline betting services (eg betting on horse races, harness races, greyhound races, and sporting events).[56] However, the moratorium applied to the introduction of new wagering services - such as those that offer real-time betting after a sporting event has commenced (eg services allowing wagering on mini-outcomes, or "ball-by-ball" betting). 57. The Act imposed a 12-month moratorium on the development of the interactive gambling industry in Australia. It did this by creating a new criminal offence, the provision of an interactive gambling service, which prohibited a person from providing an interactive gambling service unless the person was already providing the service when the moratorium started (19 May 2000 - the date that the Commonwealth Government announced its intention to legislate to impose the moratorium). Continuity of pre-existing services was permitted but their expansion was not. 58. The moratorium was intended to pause the development of the Australian-based interactive gambling industry while an investigation into the feasibility and consequences of banning interactive gambling was conducted. The Internet industry claimed it would destroy rather than pause investment in Australia, with business simply shifting off shore (to less regulated areas, with the potential for greater detriment to users). 59. The Act defined an interactive gambling service to be a gambling service provided (in the course of carrying on a business) to customers using any of the following communications services: • an Internet carriage service or any other listed carriage service; or • a broadcasting service or any other content service; or • a datacasting service provided under a datacasting licence 60. The service also needed to be linked in a specified way to Australia. These links did not require an interactive gambling service to be targeted to, or available to, Australians. The Interactive Gambling (Moratorium) Act 2000 applied to all interactive gambling services that had one or more of the specified links to Australia, irrespective of whether the service was intended to be provided to Australian residents. There were numerous specific exclusions from the definition of interactive gambling service, including: services for telephone betting; certain types of wagering services; services relating to the entering into of contracts that, under the Corporations Law, are exempt from a law relating to gaming or wagering (eg Futures contracts and options contracts); and services that the Minister determined were exempt. 4.3 Ban - Interactive Gambling Act 2001 61. The National Office for the Information Economy undertook further investigations into community attitudes and the feasibility and consequences of a permanent ban, with a view to providing more detailed information on which to base any further regulatory controls.[57] The government gave strong indications it wanted to move to a ban, not just a moratorium. Internet industry groups decried the proposals, seeing them as a blow to local Internet development opportunities. For instance, consider the following comments from the Internet Industry Association: "The IIA maintains its strong opposition to a total ban on internet gambling sites, a spectre which has been raised by the government several times. We are worried about a ban's impact on e-commerce, internet access charges, the loss of skills and technologies and other collateral damage, and recent information suggests that enforcement would either be imposed on ISPs (to block sites) or banks (to invalidate transactions). Neither in our view is acceptable, with the former likely to push up the cost of access and the latter striking at the heart of e-commerce."[58] 62. The Federal opposition described the move as a political stunt: "The Coalition has chosen to set up the internet as a scapegoat rather than tackle the very real social problems. It is about buying votes with cheap legislative tricks. The price is Australia's credibility as an internet-savvy nation"[59] Nonetheless, a permanent prohibition was introduced. In bringing this legislation to Parliament the Federal Government engaged in further rhetorical display: "The Interactive Gambling Bill brings into sharp focus Mr Beazley's refusal to do anything to prevent an explosion in the accessibility of poker machine and casino like games in the living rooms of Australian families. Why on earth are Mr Beazley and the Labor Party in favour of a massive proliferation of the most insidious and social destructive forms of gambling, against the will of the vast majority of Australians?"[60] 63. The Interactive Gambling Act 2001 commenced on 11 July 2001, with some of its provisions not taking effect until 12 January 2002. The legislation has various cut outs or exemptions to avoid application to activities such as wagering before an event has commenced (including sports betting - in response to heavy lobbying by state TABs and others), telephone betting, office footy tipping competitions or Melbourne Cup sweeps or Internet share trading.[61] 64. Also, it does not prohibit Australian operators offering services to overseas punters - this element in particular has been labelled hypocritical and inconsistent (although there is a "good neighbour" system under which the government can ban provision to residents of another country that has equivalent prohibitory laws). 65. Essentially this Act attempts to regulate interactive gambling services by: • prohibiting provision or advertising of such services to customers in Australia; • prohibiting Australian-based services from being provided to customers in designated countries (basically those with an equivalent system of control); • establishing a complaints system regulated by the ABA in relation to prohibited Internet gambling content:[62] • If such content is hosted in Australia the ABA will refer the complaint to the police; • If such content is hosted outside Australia the ABA may refer it to the police but will principally refer it to ISPs so they can deal with it in accordance with the industry code. This code was registered by the ABA on 13 December 2001. It basically means that ISPs have to offer customers filtering services or software, and have to add any sites nominated by the ABA into the filtered lists. 66. So what of the effectiveness of the scheme? There is not yet the same regulator provided data available in relation to the performance of this regime as there is with the censorship controls. However, while "real world" poker machines seem to be the biggest gambling problem in Australia at the moment, general media coverage, specific reports on gambling activities, and the plethora of magazines devoted to such Internet gaming services would not suggest that the ban has had any noticeable effect in stemming the rise of such gambling. Some recent studies have shown a steady rise in Internet gambling since the introduction of the ban, with varying numbers of Australian interactive punters reported, up to one estimate from Accenture of 2.1 million.[63] 4.4 Recent Case Law from the US Similar or broader gambling bans apply in some other jurisdictions also[64] although enforcement of such bans in an international context is always a difficult issue. However, the US Court of Appeals for the Second Circuit recently decided a case on interactive gambling and convicted the defendant for supplying such services back into the US even though the operation of the business was based in Antigua, where such activities were not unlawful.[65] 5. CYBERCRIME 5.1 Cybercrime Act 2001 67. The Cybercrime Act 2001 made a range of amendments to the Criminal Code Act 1995 to update the computer offences, in ways based on the joint Commonwealth, State and Territory Model Criminal Code Damage and Computer Offences Report (January 2001), along with other changes to authorise certain intelligence activities. Some are concerned at the broad language of the Act and the possible abuse of its provisions by security agencies.[66] 68. I do not suggest that the introduction of the Cybercrime Act was quite as directed to short term political goals as the Federal censorship and gambling controls. The Act does make some substantive improvements. However no doubt it is also intended to fulfill something of a similar symbolic role in painting cyberspace as a more regulated and safer place to inhabit. Also, it may be that in the rush to push through amendments the new laws were not as well considered or crafted as they might have been. 69. For example, one of the many things apparently targetted by these amendments was the problem of so called "denial of service" attacks.[67] These forms of attack on websites often involve the unknowing co-option through rogue software of hundreds or thousands of "innocent" computer systems to bombard a website with so many information requests that the increased traffic denies access by "legitimate" users. They go under appropriately crypto anarchic/new age descriptions such as "Tribal Flood Network". Such attacks are very hard to guard against as it may be virtually impossible to discriminate between legitimate and illegitimate access requests.[68] 70. However, as intimated above, there are a wide range of activities that could come within the ambit of the description of "denial of service" attacks, from co-ordinated but manual flooding of a website with queries or requests of varying types by, for example, environmental or anti-globalisation lobby groups, right through to a clandestine and fully automated distributed denial of service attack under which a range of innocent host computes are hijacked by "trojan horse" software and used by the attacker in a deliberate attempt to take a particular website offline (from commercial or other motivations).[69] 71. The discussion in the Explanatory Memorandum about the relevant new provision (477.3) does not discuss these complexities but simply describes its purpose as follows: "This proposed offence is designed to target tactics such as 'denial of service attacks', where an e-mail address or web site is inundated with a large volume of unwanted messages thus overloading the computer system and disrupting, impeding or preventing its functioning. The proposed offence would extend to situations where a person impairs a computer 'server', 'router' or other computerised component of the telecommunications system that relays or directs the passage of electronic communications from one computer to another." 72. The relevant provisions inserted into the Criminal Code are as follows: "477.3 (1)A person is guilty of an offence if: (a) the person causes any unauthorised impairment of electronic communication to or from a computer; and (b) the person knows that the impairment is unauthorised; and (c) one or both of the following applies: (i) the electronic communication is sent to or from the computer by means of a telecommunications service; (ii)the electronic communication is sent to or from a Commonwealth computer."[70] "476.2 (1)In this Part the impairment of electronic communication to or from a computer by a person is unauthorised if the person is not entitled to cause that impairment. (2) Any such impairment caused by the person is not unauthorised merely because he or she has an ulterior purpose for causing it. (3) For the purposes of an offence under this Part, a person causes any such impairment if the person's conduct substantially contributes to it." 73. Obviously a lot hinges around the interpretation of the highlighted element above - whether or not the person is "entitled" to cause the impairment. The difficulty here is in applying this to the context of denial of service attacks (of which there are many different kinds, as noted above). But if all a person engaged in such "attacks" is doing is communicating with a website deliberately open to the public, with explicit avenues for such communication, then it seems hard to say that such a person is clearly not "entitled" to engage in such activities (whether or not there may be a simultaneous overflow in the ability of the website to process those communication requests). 74. Also, interestingly, while it does not discuss "unauthorised" acts in detail, the Explanatory Memorandum also includes the following discussion about 477.3: "The proposed offence would only apply to unauthorised impairment. Consequently, the offence would not apply, for example, to a refusal by an Internet Service Provider (ISP) to carry certain types of electronic communications traffic on its network if such a refusal is pursuant to a contractual arrangement or an agreement between the ISP and users of the service." 75. This raises a number of interesting further questions. For instance, it would appear that the "authorisation" can be given by a person other than the operator of an affected website - eg one that was indirectly excised or censored out of access due to a contractually authorised technical measure, for example some blacklisting activities directed against servers allegedly used for "spamming" purposes.[71] But it would also imply that those measures need contractual authorisation by the network users and cannot be implemented as a technical block alone. Of course whether the gloss put on these provisions by the Explanatory Memorandum is reflective of the actual provisions is another matter. 5.2 Cybercrime Convention 76. In 2001 the Council of Europe concluded the text of a Convention on Cybercrime.[72] This convention focuses on international regulatory co-operation, enforcement mechanisms and expedited extradition procedures to combat cybercrime, rather than introducing too much new model substantive law. It is intended to harmonize the computer crime laws of the members of the members of the Council (but is also open to other countries). It contains many controversial elements expanding surveillance powers and limiting encryption, anonymity, and security tools. Some of its controversial elements include: • provisions to force service providers[73] to either capture content themselves by building in surveillance capabilities, or to "cooperate and assist" with authorities in doing so; • criminalising "illegal devices," such as software which can be used for hacking purposes (and permitting extradition for these offences);[74] • provisions allowing government agents to force disclosure of computer system functioning or encryption of data. 77. There have now been additional draft protocols released in relation to the Convention, in relation to matters such as the criminalisation of racist or xenophobic acts committed through computer systems, and terrorist messages.[75] The Convention illustrates a widespread recognition that the Internet raises special needs for prompt and internationally co-ordinated responses to threats. In its emphasis on improving the mechanisms for such co-operation and also in its back up to technical controls and forensic data collection, rather than substantive law changes, it also shows a recognition that it is in these other areas that initial attention might be best directed in attempting to confront Internet threats. 5.3 US Action 78. This is a new focus for legislative activity in the wake of the September 11 attacks and concerns about the vulnerability of information infrastructures to attack. In the US we have seen the passage of the USA Patriot Act[76] which contains specific provisions directed against acts of cyberterrorism (eg section 814). There is also the US Cyber Security Enhancement Act of 2001,[77] as well as relevant prior US legislation such as the National Information Infrastructure Protection Act of 1996. However the US is not simply relying on the passage of new provisions outlawing such provisions - some of these new laws and other executive actions are allocating very significant resources into the development of technical responses and enforcement action. 6. SPAM 79. For those lucky enough not to have received it, in the context of the Internet spam is not a tinned ham product but a term for unsolicited bulk electronic messages. There is no sharp consensus as yet on precisely what defines inappropriate spam and what distinguishes it from acceptable marketing practices, but offensive spam usually includes one or more of the following features:[78] o it is largely untargeted, sent in an indiscriminate manner, and often automated; o illegal or offensive content; o a fraudulent or deceptive purpose; o the originator is disguised (eg email may appear to come from an innocent third party - this is referred to as "spoofing"); o there is no functional way to opt out of further receipt of communications. 80. There is no specific legislation directed against spam in Australia as yet, although there have been anti-spamming laws introduced in the US and proposed in the EU. There is little evidence that the US laws have had any effect in stemming the tide of spam, which is growing at a very fast rate.[79] 81. One informal technical measure that has been adopted by a number of Internet Service Providers and others responsible for administering the Internet is to publish or exchange details of computer servers that are the source of spam, or the intermediaries (sometimes unknowing) used by spammers, and then to implement blocks so that no traffic emanating from those addresses is accepted or forwarded by participating members of the group.[80] 82. This has potentially deleterious side effects as legitimate mail or access may also be incidentally blocked or censored out.[81] Recently this issue gained prominence in Australia when a person who had posted details about a company allegedly involved in spamming activities was sued by that company for "unlawfully interfering" with its trade.[82] There are also some browser settings and new software tools and intelligent agents that can be adopted and configured by users to try to screen out spam.[83] 6.1 NOIE interim report 83. In response to the problem of spam the Federal Government gave the National Office for the Information Economy (NOIE) a reference to investigate the problem and countermeasures to it. The terms of reference for the spam review were as follows: 1. Investigate and Assess Nature and Extent of Spam[84] 2. Identify and Assess Existing Australian Counter-Measures[85] 3. Identify and Assess Overseas Counter-Measures 4. Possible New or Improved Counter-Measures[86] The NOIE has recently released its interim report "The Spam Problem and how it can be countered".[87] 84. NOIE's Summary of Draft Recommendations focuses strongly on things such as: technical measures, industry self regulation, international co-operation, and education. There is also proposal to better use of existing laws (although it is hard to see that there are many meaningful ways much spam could be attacked using such laws and the issue of the applicability of law to conduct overseas and the difficulty of cross border litigation is ignored). However what is most notable is that there is comparatively very little reliance on the option of new laws. It is one option listed to be further considered (number 12 of 15), but it is clearly and probably quite deliberately not at the top of NOIE's list of suggestions. 85. So perhaps here at last in the context of the spam debates the government may be treading more lightly and not rushing in with another blunt or blank legislative tool? The issue is arguably more blurred around the edges than other examples of Internet abuse, in particular in that it merges into the field of "legitimate" unsolicited commercial direct mailing or advertising, and so drifts into areas that the government may be wary of regulating too tightly for fear of annoying commercial interest groups. However it is probably a bit dangerous to speak so early, as previous cautious or negative reports in relation to the earlier problems of censorship and gambling did not seem to dissuade the government from new regulatory paths. Note that the report was very prominently labelled as being an interim NOIE document designed to obtain further feedback, prior to preparation of another report for Government consideration, rather than itself representing any final Commonwealth position. 7. CONCLUSION 86. The earlier regimes (censorship and gambling controls) appear to have been highly political or symbolic in motivation - to enable the Government to be seen to be doing something rather than achieving anything much. They are also subject to considerable criticism, only some of which has been discussed above.[88] There is certainly a very concerning lack of transparency around the administration of the censorship scheme. 87. More fundamentally, performance data shows little real outcome. Some have argued that "there is wisdom even in an unenforceable law",[89] but such arguments seem to ignore the potentially deleterious effect of such unenforceable laws on the respect for and functioning of the whole legal system. There are surely better ways of sending signals about appropriate conduct rather than through legislation, and arguably the money consumed through initiation, administration and reporting on the scheme might have been better spent on education or other direct intervention against the relevant problems at an executive level.[90] Indeed, merely concluding that the controls on these issues consist of useless window dressing may be too kind - given the uncertainty and disrespect they engender, at least in some quarters. They are hardly models for regulatory intervention, even though produced by a government that is apparently concerned to introduce more rigour into regulation generally, and avoid further regulation where possible. 88. The more recent Australian cybercrime controls are fairly cursory and perhaps technically flawed in drafting in parts. While there was some consultation leading up to their formulation and they do represent an attempt to improve pre-existing computer crime laws to take account of some new Internet related problems, arguably they don't really reflect a considered approach. This is not to gainsay the efforts to sensibly address these new problems by various Commonwealth and State bodies.[91] However these problems require additional resourcing and technical measures as much as new laws. 89. In relation to regulation of spam the Government seems at this stage to be treading more lightly and not rushing to implement further legislation. Perhaps this is due to a deeper recognition of the complexity of the underlying issues (and the difficulty in discriminating between bulk spam and unsolicited, targetted but potentially legitimate promotion of product), technical difficulty in implementing regulation, and the meaninglessness of implementing a control structure locally when activity is cross border and uncontrollable under local Australian rules. 90. Generally, while a number of the government's moves in relation to regulation of the Internet are understandable in a political or symbolic context, it does not have a sound track record in crafting well tailored legislative responses or in achieving effective control of the highlighted problems through those systems that have been introduced. But there does now seem to be a belated acknowledgement of the futility of local legal regulation in the face of the difficult technical and cross border problems posed by the distribution of digital content enabled by the Internet. As the NOIE Spam report puts it: "Whilst many in the community are calling for legislation, this is no silver bullet."[92] 91. So what developments can we expect in the future? Probably a mix of responses. There will no doubt be further emphasis on technical methods of control, but of course there will always be ways around such measures, so we can expect to see a continuing battle on that front. It also seems likely that there will be further attempts to reach some international standardisation of approach, but cultural differences will frustrate the ready formulation of clear and complete standards.[93] 92. Additional resources devoted to enforcement of existing laws would be useful, but there is never enough money to resource all desirable enforcement activities.[94] Therefore there will be no rapid resolution for the abuses of the Internet that have caused such concern. There are no perfect silver bullets out there, legal or otherwise, but that does not excuse a hail of blanks. Let us hope that governments advance more carefully in the future, paying fuller regard to the limitations, financial costs and other downsides of laws, especially those that are effectively unenforceable or meaningless. Perhaps some of our best hopes lie in better education. It is interesting that the further we advance our technologies, the more starkly we are confronted with the consequences of our human nature and failings. No externally imposed laws or technical fixes will resolve our inherent problems. NOTES [1] See for example University Of New South Wales Law Journal (UNSWLJ) Volume 23(1) 2000, which was devoted to a forum on Internet Content Control. This included the following papers amongst others: Arasaratnam, Niranjan 2000, ' Brave new (online) world', UNSWLJ 23 (1) 2000: 205-214; Argy, Philip N. 2000, 'Internet content regulation: an Australian Computer Society perspective', UNSWLJ 23 (1) 2000: 265-267; Chen, Peter 2000, 'Pornography, protection, prevarication: the politics of Internet censorship', UNSWLJ 23 (1) 2000: 221-226; Coroneos, Peter 2000b, 'Internet content control in Australia: attempting the impossible?', UNSWLJ 23 (1) 2000: 238-245; Garnett, Richard 2000, 'Regulating foreign-based Internet content: a jurisdictional perspective', UNSWLJ, 23 (1) 2000: 227-231; Gilchrist, Kate 2000, 'Millennium multiplex: art, the Internet, and censorship', UNSWLJ 23 (1) 2000: 268-273; Handsley, Elizabeth & Biggins, Barbara 2000, 'The sheriff rides into town: a day for rejoicing by innocent westerners', UNSWLJ 23 (1) 2000: 257-264; Heitman, Kimberley 2000, 'Vapours and mirrors', UNSWLJ 23 (1) 2000: 246-256; Jones, Melinda 2000, 'Free speech and the 'village idiot'', UNSWLJ 23 (1) 2000: 274-281; Scott, Brendan 2000, 'Silver bullets and golden egged geese : a cold look at Internet censorship', UNSWLJ 23 (1) 2000: 215-220. For an excellent annotated bibliography that includes these and many other references, see Angela Pratt, "net regulation in Australia - a summary of the new regulatory process" CLP project - Institute of social change & critical inquiry, University of Wollongong - at section 7 (p.14) - available at http://www.uow.edu.au/arts/cmc/publications/clp_project.pdf [2] See for example the South Australian Classification (Publications, Films and Computer Games) (Miscellaneous) Amendment Bill (No. 2) 2001 [3] For instance, latest developments in this field include the software application "Peekabooty" that allows users to communicate confidentially and defeat censorship attempts such as those imposed by governments (such as China and Saudi Arabia) that require their ISPs to blacklist certain websites. Communications through Peekabooty are disguised as standard encrypted browser traffic - see Will Knight , "Peekabooty aims to banish internet censorship" New Scientist Online News 19 February 02 at http://www.newscientist.com/hottopics/tech/article.jsp?id=99991948&sub=Computing [4] For further discussion of the possible political and symbolic functions of the legislation see the forum on Internet Content Control in UNSWLJ Volume 23(1) 2000, in particular: Peter Chen, "Pornography, Protection, Prevarication: The politics of Internet Censorship" UNSWLJ Volume 23(1) 2000 at 221. [5] Such as the Commonwealth Classification (Publications, Films And Computer Games) Act 1995 and related State legislation [6] Some prosecutions have however been initiated under section 85ZE of the Commonwealth Crimes Act 1914 (that section makes it an offence for a person knowingly or recklessly to use a carriage service supplied by a carrier in such a way as would be regarded by reasonable persons as being offensive). [7] In January 1997 the United Nations Educational, Scientific and Cultural Organisation (UNESCO) commissioned the ABA to conduct a pilot study into the Internet and international regulatory issues. The study includes: an overview of issues arising in the on-line environment; a discussion of technical developments such as the Platform for Content Selection (PICS) and the emergence of labelling schemes; an overview of regulatory developments in Australia, Singapore, Malaysia and the United Kingdom; and the identification of some areas of potential international cooperation. See http://www.aba.gov.au/internet/research/unesco/index.htm [8] SA introduced legislation backing up the implementation of the federal model (originally in the form of the Classification (Publications, Films and Computer Games) (Miscellaneous) Amendment Bill 2000 - see further discussion below at section 3.4). Victoria, Western Australia and the Northern Territory already had legislation in place which differs from the model legislation. The Federal Government does not have power to censor publications (or film, video or computer games) as this power is vested in the States. However, most States abide by content classifications determined by the Federal Office of Film and Literature Classification. The Commonwealth does have power over TV and radio broadcasting (through the telecommunications power) and it has legislated on Internet content regulation based on these powers. But the Commonwealth cannot prosecute content providers except for extreme offences (eg transmission of child pornography - an offence under the Crimes Act 1914). Only the States and Territories have the power to prosecute generally "offensive" content. [9] See the regulatory impact statement in the Explanatory Memorandum for further detail on the issues discussed in the remainder of this section. [10] See the forum on Internet Content Control in UNSWLJ Volume 23(1) 2000. [11] This would include material containing detailed instruction in crime, violence or drug use; child pornography; bestiality; excessively violent or sexually violent material; real depictions of actual sexual activity. [12] This includes material containing excessive and/or strong violence or sexual violence; material containing implied or simulated sexual activity; material which deals with issues or contains depictions which require an adult perspective. See the Internet Industry Association Code at http://www.iia.net.au for description of basic adult account verification requirements. [13] In December 1999 the ABA released its final determination on the requirements for these procedures. Electronic Frontiers Australia has posted criticisms of those determinations on its website http://www.efa.org.au citing their onerous, privacy-intrusive nature. [14] The Government does not mandate any particular technological solutions to filtering overseas sourced material - this is left to industry. However, if the industry is unable or unwilling to develop such procedures itself, or if the procedures are deficient, the ABA can make a mandatory industry standard, and the Minister can direct the ABA to determine an industry standard. Apparently only 2% of users have taken up the option that ISPs must now give to supply filtering software - "Censorship law 'a joke'" The Australian IT 24 October 2000 p34. [15] The current version (7.2 - May 2002) of the Code is accessible from the Association's website at http://www.iia.net.au. This scheme also involves a so called "webseal" system under which compliant sites are permitted to display a "ladybird" icon to demonstrate they are family friendly. Such systems are wide open to abuse as there would be nothing preventing non compliant sites adopting similar imagery or even using apparently "third party" certification. [16] But current provisions of the Crimes Act 1914 (Cth) in relation to offensive or harassing use of a telecommunications service may be relevant. [17] See again footnote 14 above. [18] "All filtering technologies are fallible, and the more effective they are, the more they risk intruding on general Internet useage" -see the report prepared for Net Alert and the ABA by CSIRO "Effectiveness of Internet Filtering Software Products" September 2001 at p16 - available at http://www.aba.gov.au/internet/research/filtering/index.htm. [19] See press release NR 27/2000 [19] April 2000 from ABA for further details - http://www.aba.gov.au/internet/complaints/complaints.htm [20] In terms of country of origin of prohibited/potential prohibited content hosted outside Australia, the majority was hosted in the USA (33 items). The other countries were Canada, Denmark, Finland, Japan, Mexico and Russia. [21] Seventeen of these items were originally Australian-hosted content subject to final take-down notices that subsequently moved to a content host outside Australia. To users this may evince no change at all as such sites may elect to retain their original "URL" or address in the .au domain - they are just hosted elsewhere, but the hosting issues are invisible to users in any event. [22] Stephen Nugent and Andree Wright, "Australia's co-regulatory scheme for internet content: the first six months" at p.11, available at http://www.aba.gov.au [23] Copies of the report ("Six-Month Report on Co-Regulatory Scheme for Internet Content Regulation January To June 2001") are available at http://www.dcita.gov.au/Article/0,,0_1-2_10-4_15651,00.html [24] Most of the prohibited or potentially prohibited content that was hosted outside Australia was hosted in the US (71%) and the Russian Federation (11%), as well as in Japan, the Netherlands, Canada, Singapore, New Zealand and Denmark. [25] EFA Executive Director Irene Graham quoted in Stewart Taqqart, "Oz Censor Law Still Confuses" wired 2 February 2002 available at http://www.wired.com/news/print/0,1294,50177,00.html [26] See eg Gilchrist, Kate 2000, 'Millennium multiplex: art, the Internet, and censorship', UNSWLJ 23 (1) 2000: 268 (predicting a bland cultural desert); Scott, Brendan 2000, 'Silver bullets and golden egged geese : a cold look at Internet censorship', UNSWLJ 23 (1) 2000: 215-220 (predicting 3-7% higher delivery costs disadvantaging the Australian economy). [27] As the AAT commented about the difficulties it had faced in giving its decision in Electronic Frontiers Australia Incorporated and Australian Broadcasting Authority (Q2000/979) at paragraph 97: "we?would hope that the review is able to incorporate issues of the type that have faced us in this case", with particular reference to the difficulties in balancing the effective administration of the scheme against the public right to be informed about censorship decisions, or use relevant information for other worthwhile purposes (such as filter creation). See also further discussion below about this decision. [28] There is a debate about whether the "film" type rules are more appropriate for Internet content than those rules that apply to published works. The multimedia nature of Internet content means that it may share elements of both types of work. [29] Quoted in Stewart Taqqart, "Oz Censor Law Still Confuses" wired 2 February 2002 available at http://www.wired.com/news/print/0,1294,50177,00.html [30] The EFA have made the AAT decision available online at: http://www.efa.org.au/FOI/AAT2000-979_dec.pdf [31] At paragraph 93 of the decision. [32] See the EFA comments relating to the Bill at http://www.efa.org.au. There is an extensive analysis available there. [33] For further details see http://www.w3.org/PICS/ [34] For further information on latest developments in relation to such measures see the CSIRO report "Effectiveness of Internet Filtering Software Products" - prepared for NetAlert and the ABA - available at http://www.aba.gov.au/internet/research/filtering/index.htm. [35] There have been some efforts by the Internet Content Rating Association (ICRA) to develop cross cultural guidelines - see the ABA's website for links and further details - in particular http://www.aba.gov.au/internet/intl_liaison/icra.htm [36] See the South Australian Classification (Publications, Films and Computer Games) (Miscellaneous) Amendment Bill (No. 2) 2001. See http://www.efa.org.au/Campaigns/sabill.html for further extensive information including a copy of the Bill. [37] Simon Hayes, "States move to censor net" The Australian November 20, 2001 [38] Caitlin Fitzsimmons, "Net censorship stalls", The Australian December 06, 2001. The reference was to the Standing Committee on Social Issues. [39] Parliamentary Paper Number 89 from the Legislative Council's Standing Committee on Social Issues, "Safety Net? Inquiry into the Classification (Publications, Films and Computer Games) Enforcement Amendment Bill 2001", a link to which is available at http://www.efa.org.au/Campaigns/nswbill.html [40] For a more complete analysis, refer once more to the EFA website http://www.efa.org.au. [41] A spokesman for Queensland Tourism, Racing and Fair Trading Minister Merri Rose quoted Caitlin Fitzsimmons, "Net censorship stalls" The Australian December 06, 2001. [42] 47 U.S.C. § 223 (1996) [43] see American Civil Liberties Union v. Reno, 929 F. Supp. 824 (E.D. Pa. 1996), aff'd, 521 U.S. 844 (1997) [44] 47 U.S.C. §§ 230, 231 (1998) [45] American Civil Liberties Union v. Reno, 31 F. Supp. 2d 473 (1999), aff'd, 217 F.3d 162 (3d Cir. 2000) [46] § 1712, § 1721(b) (codified at 20 U.S.C. § 9134 and 47 U.S.C. § 254(h)) [47] American Library Association v United States May 31, 2002 - available at http://www.eff.org/Legal/Cases/Multnomah_Library_v_US/20020531_cipa_court_opinion.html [48] An English translation of the judgment (League Against Racism and Anti-Semitism (LICRA) and the French Union of Jewish Students v Yahoo Inc and Yahoo France) is available with other material at http://www.cdt.org. [49] See the article and links at http://thestandard.com/article/display/0,1151,20331,00.html [50] Yahoo!, Inc. v. La Ligue Contre le Racisme et l'Antisιmitisme, F.Supp.2d, 2001 WL 1381157 (N.D.Cal. Nov. 7, 2001). Text of the decision is available at http://www.eff.org/Cases/LICRA_v_Yahoo/20011107_us_distct_decision.html. [51] However, others have countered that permitting on-line gambling would actually negatively affect existing State gambling revenue and "kill the goose that lays the golden egg" so far as State treasuries in Australia are concerned - see Media Release 5 October 2000 available at the website of "No Pokies" MLC Nick Xenophon http://www.xen.net.au [52] See eg the Internet Industry Assocation's submission to the Environment, Communications, Information Technology & the Arts Legislation Committee review of the Interactive Gambling Bill 2001 (dated 24 April 2001) at point 9 - available at http://www.iia.net.au/news/senate_submission2.html [53] The Explanatory Memorandum to the Bill states that Australians spend twice as much on legalised gambling as people in North America and Europe and an estimated one in ten Australians are affected by problem gambling, although it provides no references or evidence for these figures. [54] The ARA carried out a study which supposedly found that over 80% of South Australians surveyed opposed on-line gambling - for details see Media Release 7 November 2000 available at the website of "No Pokies" MLC Nick Xenophon http://www.xen.net.au [55] Senator Newman quoted in Selina Mitchell, "Federal threat to net gaming" The Australian 23 May 2000 p35 [56] Apparently Senator Bob Brown did not support the Bill when voted on in October because of concerns the Tasmanian TAB would be disadvantaged - relative to other State TABs - if the ban applied to "standard" on-line wagering as well. [57] For further detail on this study "Commonwealth study into the feasibility and consequences of banning interactive gambling" see http://www.noie.gov.au/projects/consumer/gambling/report.pdf /. Further general information on the Federal government's policy stance and investigations into interactive gambling is also available online at http://www.noie.gov.au. For Federal parliamentary reports into the issue (eg Senate Inquiry into "Online Gambling, Study into interactive gambling ban" and "Netbets: A review of online gambling in Australia") and links to other sites, look at http://www.aph.gov.au/senate/committee/it_ctte/index.htm. There have been numerous other reports - including a local South Australian report: 'Legislative Council Select Committee on Internet and Interactive Home Gambling and Gambling By Other Means of Telecommunications in South Australia' which was released in SA Parliament on 5/10/2000. A collection of interesting background policy discussion documents from a conference in May 1998 "Technology and Society: Regulatory Challenges for the 21st Century" (organised by the Australian Institute of Criminology in association with Australian Institute for Gambling Research Gambling whose website is http://www.aigr.uws.edu.au/gambling.htm) is available at: http://www.aic.gov.au/conferences/gambling/index.html [58] From the "Newsletter of the Internet Industry Association", December 2000 - available at http://www.iia.net.au [59] Kate Lundy "Demonising net a Coalition gambit" The Australian 29 August 2000 p51 [60] Senator Alston's media release, 29 June 2001. However some surveys have apparently indicated that less than 2% of Australians on line use the net for gambling, and 94% of all Australians have no interest in trying (see "Internet gambling, don't fence us in" 5 elawpractice magazine (August 2001) 22 at 24). [61] For further detail see S.8A for explanation of "Excluded wagering services", s.8B in relation to "Excluded gaming services", s.8C on "Designated broadcasting links and designated datacasting links", s.8D "Excluded lottery service". [62] This commenced on 11 January 2002. The ABA has been shoe-horned into handling complaints about such services in a similar fashion to the general censorship role it performs under the Broadcasting Services Act. See PART 3 of the Interactive Gambling Act for the full detail. See also the guidelines and other information as available at www.aba.gov.au . [63] Reported in Katrine Nicholas, "Gambling ban fails to stop online punters", The Australian Financial Review Weekend April 6-7 2002 p14. [64] Along with similar criticisms to those directed against local controls: some US articles analysing Internet betting that are available online include: Tom W. Bell, "Internet Gambling: Popular, Inexorable, and (Eventually) Legal" http://www.cato.org/pubs/pas/pa-336es.html; Andrea M. Lessani, "How Much Do You Want To Bet That The Internet Gambling Prohibition Act Of 1997 Is Not The Most Effective Way To Tackle The Problems Of Online Gambling?" http://www.gseis.ucla.edu/iclp/alessani.html [65] USA v Cohen - text of the decision is available at http://caselaw.lp.findlaw.com/scripts/getcase.pl?navby=search&case=/data2/circs/2nd/001574.html. [66] See eg James Elder, "Cyberterrorism" e.Law Practice Magazine December/January 2001 available at http://www.elawpractice.com.au, quoting Philip Argy. An example of the possible harsh application of such laws can be found in the US in relation to an employee who installed a distributed-computing program without employer authorization (distributed computing is an initiative used by a number of organizations that uses the networked power of idle PCs co-operating across the Internet to carry out complex computational tasks). Mr McOwen loaded such a program onto the PCs of the college he worked for - in relation to a volunteer code-breaking challenge. He was charged with computer theft and trespass, with possible penalties of $415,000 and 8- 120 years in jail. He eventually accepted a plea agreement to avoid this - after 2 years of legal action - ending up with probation, a small fine and community service. Others in similar situations have been sacked - see "When screensavers are a crime" 28 January, 2002 available at http://news.bbc.co.uk/hi/english/sci/tech/newsid_1782000/1782050.stm [67] As the Explanatory Memorandum stated: "Advances in computer technology and electronic communications have created new means and possibilities for committing cybercrimes such as hacking, denial of service attacks and virus propagation. The proposed offences are designed to address these new forms of cybercrime. The existing computer offences were inserted into the Crimes Act in 1989. The emergence and expansion of new technologies, such as the Internet, since that time has reduced the effectiveness of these provisions. For example, the current provisions do not sufficiently address the impairment of electronic communications (eg. 'denial of service attacks')?" [68] There are some efforts to develop tools to combat such attacks - eg see "Itrace to identify attack hackers" The Australian IT 1 August 2000 p55 - however, use of such tools may raise privacy concerns. [69] It is interesting to compare this situation to that of "spam" - as the NOIE Interim Report discussed below in Section 6 notes, there are many different types of activity which could be loosely described as spam, and some of those may be seen by some people as legitimate activities. [70] The maximum penalty is 10 years imprisonment. [71] Cf the following quote from an article in "wired" in relation to spam in China: "'I do not want to choose what is beautiful e-mail and what is not,' said one systems administrator in the Guangdong province. 'I will wait for advice (laws) to tell me what to stop and what to let go. Sometimes when you make your own choices, there is trouble.'" - from Michelle Delio "China Sweet, Sour on Spam" (March 6, 2002) available at http://www.wired.com/news/print/0,1294,50856,00.html [72] Available at http://conventions.coe.int/Treaty/EN/projets/FinalCybercrime.htm. [73] Defined very broadly as any public or private entity that provides to users of its services the ability to communication by means of a computer system. [74] One difficulty here is that many security analysis tools have obvious legitimate uses in improving security and that even given amendments to put the burden of proof on the prosecution in relation to the purpose of use, the restrictions may discourage development of such tools. [75] See http://www.cyber-rights.org for further information and links to draft texts and explanatory memoranda. [76] Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA Patriot Act) Act Of 2001 Public Law 107-56-OCT. 26, 2001 for text of the Act see http://thomas.loc.gov/cgi-bin/bdquery/z?d107:h.r.03162: [77] Text is available at http://thomas.loc.gov/cgi-bin/query/z?c107:H.R.3482:. For discussion see For further detail on this see eg Declan McCullagh, "Cybercrime Bill Ups the Ante" in wired (12 Feb 2002), available at http://www.wired.com/news/print/0,1294,50363,00.html. [78] These elements are drawn from p7 of the NOIE report discussed below. [79] See the NOIE interim report discussed below, eg at p.11: "many of the medium to large ISPs are receiving 4 million plus spam messages a month on behalf of their customers. The Coalition Against Bulk E- mail (CAUBE) tracking of the amount of spam received at their survey e- mail address grew in volume by a factor of six in 2001"; and at p.12 - where it is estimated that spam represents about 20% of all email. [80] See for example the "Spam Prevention Early Warning System" at http://www.spews.org (make sure you type in .org and not .com as "http://www.spews.com" has been "porn napped"!) [81] For further discussion see Michelle Delio , "Not All Asian E-Mail Is Spam" (Feb. 19, 2002) available at http://www.wired.com/news/politics/0,1283,50455,00.html. [82] The case is The Which Company v Joseph McNicol (No 1312 of 2002 in the District Court of WA, Perth). For discussion see Kim Griggs, "Aussie Gets Into Pickle With Spam" (June 11, 2002) available at http://www.wired.com/news/politics/0,1283,53102,00.html. For documents in relation to the case see http://t3-v-mcnicol.ilaw.com.au/. [83] See eg Cheryl Jones, "Silicon Secretaries" The Australian IT Cutting Edge 25 June 2002 p1&4. [84] Including: defining spam, identifying major problems associated with it (privacy breaches, fraud, spoofing, undue cost, damage to Internet functionality); assessing the relative size and trends in relation to these problems. [85] Looking at: Content-based legislation (Broadcasting Services Act, Interactive Gambling Act); Privacy legislation; Crimes Act (and Cybercrimes Act); Consumer protection legislation (Trade Practices Act and Corporations Act); Industry codes and contracts; Technical tools (filters and Caller ID), browser settings; Consumer awareness measures. [86] Including the most appropriate balance of regulatory, co-regulatory, self-regulatory, user awareness; and International cooperation measures (multilateral guidelines, bilateral enforcement arrangements). [87] 16 July 2002, available at http://www.noie.gov.au/Projects/consumer/Spam/index.htm. [88] There are also many other conceptual arguments that have not been canvassed in this paper. Again, see the papers in the forum on Internet Content Control at UNSWLJ Volume 23(1) 2000 for further detail. See also, for example, Christopher N Kendall, "Australia's New Internet Censorship Regime: Is this Progress?" Digital Technology Law Journal Volume 1 Number 3 available at http://wwwlaw.murdoch.edu.au/dtlj/ - this article goes in to considerable depth looking at appropriate conceptions and alternative legal treatments of the harm caused by pornography, suggesting a human rights based approach as more ideologically sound than that adopted by the Broadcasting Services Amendment (Online Services) Act 1999. [89] Melinda Jones arguing in the context of the value of sending signals against offensive conduct "Free Speech and the 'Village Idiot'" UNSWLJ Volume 23(1) 2000 274 at 280 [90] Cf similar comments in the NSW Legislative Council's Standing Committee on Social Issues report "Safety Net? Inquiry into the Classification (Publications, Films and Computer Games) Enforcement Amendment Bill 2001" [91] See in particular the papers available from the Australian Centre for Policing Research at http://www.acpr.gov.au/. [92] p.17 of the NOIE Report on Spam, citing as remaining problems: "difficulties in identifying spammers, the global nature of the Internet and the competing enforcement priorities faced by regulatory agencies." [93] There are also the inevitable practical delays in trying to reach a broad international consensus, as recognised at p.17 of the NOIE Report on Spam: "broader international counter-measures ? will inevitably take longer to design, negotiate and implement." [94] This is another obvious point reinforced by the NOIE Report on Spam.