Re: Enforcing the CDA improperly may pervert Internet architecture

[Scott Brickner <sjb@universe.digex.net>]

Mike McNally writes:
>Declan B. McCullagh wrote:
>> The attached paper by Dr. Reed is worth reading -- I haven't seen this
>> argument raised before. One portion that I found fascinating was:
>> 
>>   "It is quite silly to imagine that the Ascend router at the ISP can
>>   figure out if it is me or my child generating each packet."
>>
>> But that's exactly what the defenders of the CDA are claiming! Here's
>> some background that might be interesting:
>
>I sent a letter to the Economist last year pointing this out after reading
>an article containing the offhand statement, "... and of course it is
>entirely feasible to control Internet content" (or something like that).
>I don't have those magic two letters at the front of my name though.  It
>seems so utterly obvious.  When you connect to an ISP via PPP or SLIP,
>all the ISP is doing is routing packets. 

Wait a second.  I don't know that it's really as impossible as you
think.  Given the CDA advocates' hypothesis that anonymity is a Bad
Thing (tm), it's reasonable for them to assume that the ISP can arrange
to have a policy requiring that it know who's making the SLIP/PPP
connection.  It's not too hard to have *every* packet generated by a
given connection flagged with an IP option indicating "adult" or
"minor".  It's not that different from the "Security Classification"
option that's already in the IP spec.  Incoming connections to a
server are then already marked, leaving no excuses for servers that
deliver contraband to such connections.

The only technical problem comes when the SLIP/PPP link serves a mixed
group of users, as described in Dr Reed's paper.  In this case, I'd
think the ISP would be responsible for verifying that the person
requesting the "adult-flagged" service is really an adult, and *that*
person is responsible for what happens to the data after it's
delivered.  It'd be no different from the case where an adult goes into
an adult bookstore, buys contraband, and gives it to a minor.  The
bookstore isn't accountable.

The argument that this is technically infeasible is hooey.  This
doesn't address the issue of whether it's a Good Thing (tm), though.
Dr Reed argues that such end-to-end policies are best left out of the
network layer, but admits that adding support to the network layer may
reduce the implementation cost.  It's still expensive, though, since
all providers of indecent material and all participating ISPs have to
upgrade their software.

What possibilities does it leave for anonymity?  ISPs that don't
participate in the packet flagging might permit anonymous connections,
since it's entirely up to the information provider whether to deliver
the requested data.  Adult content providers who deliver contraband to
unflagged connections are asking for trouble.

>> Chris Hansen from the ACLU told me last Friday: "Olsen is going to push
>> this tagging idea that the government has, that you can imbed in your
>> tag -- in your address -- an adult or minor tag. They're going to
>> suggest that the market will come into existence that will make that
>> tagging relevant."
>
>Uhh...  what about the rather obvious problem that some of these new
>fangled computers can support an enormous spread of information?  My
>web site at io.com has no offensive materials (though I recently rated
>it as basically "Satan's Headquarters" via SurfWatch), but other stuff
>at io.com may well be offensive.  Packets routed out through io's
>interface will of course all come from the same address.

Given your position, io.com is only accessible to adults in the world
of the CDA advocates.  Just upgrade your IP software to refuse
connections from minors.

My response to the censors' position that too much stuff on the 'net is
unsuitable for children is:  "Keep 'em off the net, then."  I'd rather
have internet access by minors generally forbidden than have
censorship.