NZ online – only half safe?
>>> Within a couple of months, New Zealand ISPs will be able to filter their customers’ Web traffic, to determine whether they’re viewing illicit material – specifically, child sexual abuse. But the country’s leading Internet safety organisation is asking why there has been little public debate about this, and says not enough is being done to make us more secure online.The Department of Internal Affairs (DIA) has been testing a voluntary filtering system for many months now, and it’s just about ready. ISPs that want to use it will be hooked up to a ‘secure tunnel’ that checks for anyone trying to access a site that is on a blacklist of hosts for child pornography. The user will receive a message that access to that link is blocked, but they can seek a review if they think the system has made an error (see September NetGuide, page 10, and tinyurl.com/o8utk8 for details). But the system will be voluntary, unlike the one proposed in Australia, which has sparked widespread protests from that country’s online community and civil liberties groups. The Rudd government plans to legislate this year for mandatory filtering by all ISPs of Refused Classification (RC) –rated content.In late January, more than a thousand Australian Web sites were blacked out by their owners in a week-long protest that coincided with Australia Day. Organisers of The Great Australian Internet Blackout said the legislation would not work, and could block content that was merely controversial, as opposed to illegal, offensive or obscene. Details of the measures can be read at tinyurl.com/ya8jxft And while New Zealand Web users may think we’re better off than the Aussies – we can always change ISPs if the one we’re using adopts filtering and we disapprove – NetSafe says we should be asking more questions, not only about filtering, but about our online security as a whole.Martin Cocker, Executive Director of NetSafe, says filtering is what grabs attention, but it is actually a small part of the fight to clean up the Internet. “Filtering will make people feel safer, but if we actually want to be safer New Zealand needs to boost cyber crime fighting resources,” he said.Cocker says while some Australians may be up in arms about compulsory Web censorship, at least they’re getting the chance to have a public debate, with legislation to go before parliament.“There’s been no debate or discussion amongst New Zealanders about a national filtering scheme; there’s been no indication from our political masters that they’re either pro or anti it or anything like that,” he told NetGuide. “Nobody is going to have an argument against filtering content which has already been deemed illegal, but I think people should have the opportunity to debate what sort of filter they want. In actual fact, the average person might want to know why the filter has such a narrow focus instead of focusing on all of the content which is illegal under New Zealand law.”Cocker says he has no problems with a filtering system per se, but he believes too much emphasis has been placed on this aspect of online safety, when more needs to be done in other areas.“I don’t think that filtering has anywhere near the impact on safety that people believe it might. When you think about all the issues we face in terms of safety, very few of them are going to be positively or significantly impacted by filtering. Exposure to content is just one of the things we deal with – we have fraud, scams, online bullying, privacy invasion, etc. None of those things is impacted by a filter, so it represents a pre-Web 2.0 view of the Web.”The Australians, Cocker explains, have invested much more than this country in online safety resources overall. They have a high-tech crime centre (AHTCC), which coordinates resources nationally, and each state has dedicated police resources for fighting online crime. They have invested heavily in education through the Australian Communications and Media Authority (ACMA), while corporate Australia has instituted cybersafety programmes.In New Zealand, we still don’t have a computer emergency response team (CERT) – which is considered essential in most countries. NetGuide reported on efforts to establish a CERT here a year ago (see December 08/January 09 issue, page 25), but progress has been slow. The matter is in the hands of the Government Communications Security Bureau (GCSB), which runs the controversial Waihopai listening station and reports directly to the Prime Minister.“The GCSB remains committed to the establishment of a CERT in New Zealand,” a spokesman told NetGuide. “There is presently whole-of-government work underway on the development of a national cyber security strategy for consideration by the government. The establishment of a CERT, either as a standalone entity or as part of a wider National Cyber Defence Centre, is one possible outcome of that process. “The Centre for Critical Infrastructure Protection (CCIP), a business unit of the GCSB, continues to work with critical infrastructure owners but is not structured to undertake the functions of a CERT.” The underlying problem, of course, is money.“A CERT programme is not cheap to set up, and there are already people doing this on a volunteer basis, so it’s not as if there’s no CERT activity; there’s just no coordinated activity, no national programme in place at the moment,” says Cocker.Part of NetSafe’s agenda in the year ahead will be to lobby the government for more funds. If it’s prepared to spend $1.5 billion on rolling out fibre connectivity, it’s got to ensure that the Web infrastructure is secure.“These are the type of things that are going to create a safer Internet environment for New Zealanders, so this is what we want to see in place,” Cocker says.