Why Conroy must answer for ASIC’s internet blockade

Over the past nine months the Australian Securities and Investment Commission (ASIC) has used Section 313 of the Telecommunications Act 1997 to force Internet Service Providers (ISPs) to block access to websites deemed by ASIC to be carrying out a criminal activity.

News of the website blocks was first reported by the Melbourne Times Weekly when it reported that more than 1,200 websites might have been blocked by “the Australian government”.

Melbourne Times Weekly reported that one of the websites blocked was Melbourne Free University, an independent learning organisation which was told by Exetel, a budget ISP, that its website server IP address had been blocked at the request of the Australian government.

Later, Delimiter revealed the extent of ASIC’s actions. ASIC appears to have been using Section 313 to force ISPs to implement website bans including using IP addresses rather than domain names which led to the unwarranted block of 1,200 websites.

Late last year, I wrote about the potential for the Australian government departments and authorities to take unilateral action to filter the internet by using Section 313. The concerns voiced in that article now appear to have become a reality.

Opening the Pandora's box 

Communication’s minister Stephen Conroy first opened this Pandora’s Box through his use of Section 313 last November to block websites on Interpol’s “worst of” list. It set a precedent in which a government body was allowed to use Section 313 to block a range of websites.

While this in itself was a grievous mistake, the fundamental fault lies in the way in which Conroy failed to mandate how government agencies should use this law.

Traditionally, organisations that are subject to Section 313 would be brought before a court and that a judge would at least issue a warrant to provide legal validity for an action under Section 313. The courts should provide details of any actions brought or warrants sought by ASIC through its use of Section 313.

The court process also helps elucidate the owner of the blocked website as to why they were targeted in the first place. Under the act, the ISP that blocks the site cannot disclose who they were blocked by or why they were blocked.

But in this instance, there’s no indication that ASIC has brought anyone before the courts. At a glance, it seems as if the body has acted on its own, and hasn’t even sought advice from the internet regulator, the Australian Communications and Media Authority.

This is perhaps why the body ended up un-intentionally blocking Melbourne Free University site and 1,200 other websites including the intended target. Conroy’s office confirmed this was the case in a statement to the media.

“ASIC believed that the website in question was operating in breach of Australian law, specifically section 911a of the Corporations Act 2001, and under Section 313 of the Telecommunications Act, websites that breach Australian law can be blocked,” Conroy’s office said.
“Melbourne Free University’s website was hosted at the same IP address as the fraud website, and was unintentionally blocked. Once ASIC was made aware of what had happened, it lifted the original blocking request. The government is working with enforcement agencies to ensure that Section 313 requests are properly targeted in future.”

Conroy's cavalier misstep

It’s easy to lay the blame for this circumstance solely on ASIC, after all it was the one doing the blocking and to this day, it is yet to even attempt to compensate the sites it mistakenly locked up as part of its raid. Its actions also leave it open to a sweeping class action from those affected by the blocks.

But, none of this would have happened without Conroy’s cavalier use of Section 313 and his failure to mandate any future use of this law.

Without immediate action this censorship spat could get a lot worse - perhaps to the point where the law is administered in a totalitarian way. It could hypothetically lead to a situation where any government body could wipe information off the internet at its leisure without any repercussions for its actions.

Or it could swing the other way, where bodies like the Australian Federal Police – who are supposed to use this law – are left to apply it at their discretion; effectively giving them the power to cherry-pick cases.

There are plenty of questions that remain around the ASIC blocking as to what actually took place and exactly who was made aware and condoned it. We may never find the answers to them.

But despite this, there’s one question that we must find an answer for. And it’s for the communications minister Stephen Conroy.

What are you going to do about this? 

Mark Gregory is a Senior Lecturer in Electrical and Computer Engineering at RMIT University.