Ordering ISPs to block illegal websites is not effective, says European Commission

Road block
Road block

A report on online gambling released by the European Commission on Tuesday has described the blocking of websites by Internet Service Providers as “easily circumvented”.

The report describes two methods by which unauthorised gambling websites can be blocked; Domain Name System (DNS) filtering and Internet Protocol (IP) blocking. DNS filtering is more common.

Gambling authorities can either directly order ISPs to filter unauthorised services, or may instead be required to seek a court order for such. In the first instance, a gambling authority would communicate a dynamic list of offending domains to an ISP that would then to required to redirect traffic from said domains to a regulator’s website, or similar. In the second instance by way of court order, the directive is issued by the court ordering an ISP to restrict access to a certain domain.

However, in its report, the European Commission questioned the effectiveness of current blocking mechanisms, stating that “blocking access to websites does not work as an isolated enforcement tool and can be easily circumvented”. It also raised concerns that website blocking could impact on legitimate businesses.

Eircom, an Irish ISP, famously began to block access to The Pirate Bay in September 2009, but this can easily be circumvented by using services like Hide My Ass!

The task of keeping an up-to-date list of unauthorised domains by a gambling authority “requires significant resources” and these “internet addresses can be changed instantly”.

The European Commission also raised concerns that ISPs were solely responsible for costs involved in implementing blocking mechanisms, and were also vulnerable to potential liability issues.

If website blocking at ISP-level is so ineffective, why is it so common in anti-piracy practices?

1 Comment

  1. Depends what filtering technology is used at what ISP. It also depends on what degrtee of effective blocking is acceptable to be considered a positive step. Nothing but nothing is 100% on the internet and it never as, and never will be. That is the internet. To demand that some measure needs to be 100% secure 100% of the time is naive. No AV, no firewall, no IDS, no internet routing, no uptimes, no bandwidth levels, no security etc are 100%. Yet internet access and web security, web accces controls are used in millions of entities across the internet to an acceptable level every minute of every day.
    The question here is really about what could or would make a positive difference to a major problem area with minimal material and actual impact on usage by other users. Based on actuall facts and some comprehensive testing, not assertions and therories…?
    Ther are only so many changes that illegal gambling operators can make until this begins to disrupt thier illegal business. It would again be naive to think that they can continually change addresses and their business rolls on unaffected… This is after all the internet, and it is all about connectivity…
    The proposed methods are anything but optimal, but far better than sitting around on our hands chanting “der der der der doing”…. >;))
    Lastly, as an ISP, would you leave the operational direction of your setup and business to the etchnical expertise of the European Commission??? LOL, no! Not me and not you…
    Quoting their decision is a political exercise and not a credible technical analysis.

Leave a Response

Darren McCarra
Darren McCarra is co-editor of The Sociable. He has a keen interest in photography, all things mobile, and writing about technology and social media. You can follow him on Twitter, Facebook and Google+.