[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FYI] Zunehmende Internet-Regulierungsphantasien im BMJ

In schulung.lists.fitug-debate you write:
>Der Gesetzgeber wird vermutlich das absichtliche falschdeklarieren
>unter Strafe stellen (sonst könnt ja jeder das ganze umgehen),

Das reicht nicht. Nicht nur "zu niedrig" deklarieren muss unter
Strafe gestellt werden, sonder auch das "zu hoch" deklarieren
und das "nicht deklarieren", damit Ratingsysteme praktikabel
werden. Das ist jedoch mit der derzeitigen Rechtsordnung nicht
zu machen: Du kannst von einem Inhaltsanbieter nicht verlangen,
dass er sein Werk nach Massstaeben wie "promoted
Drogengebrauch", "promoted Ideen, die mit einer christlichen
Weltordnung" oder was da sonst an Kategorien anfaellt einordnet.

Siehe auch http://www.koehntopp.de/kris/artikel/rating_does_not_work/



- Labeling content that is not harmful nor prohibited is a
  requirement but cannot be enforced

The ultimate goal of Internet Content Rating and Selection is to
make harmful content inaccessible to minors and make prohibited
content inaccessible to all recipients on the Internet.
Basically, it would be sufficient to label all harmful and
prohibited content accordingly, so that it can be recognized and
intercepted. For First Party Rating, this requires the
cooperation of the provider of this content, so that the Label
is being delivered with the content itself. For Third Party
Rating, cooperation of the content provider would simplify the
process enormously, for example by providing stable identifiers
for the content or by organizing the content in a way that makes
it easier accessible to quick and accurate rating.

It can be safely assumed that this kind of cooperation will not
be available in many cases and that it specifically will not be
available in the most severe cases where the content provider
places content on the web with a malign purpose.

Thus, it is insufficient to block pages that are rated as
containing harmful or prohibited content. Instead, all unrated
pages must be blocked as well, so that the pages of
non-cooperating content providers will be made inaccessible. In
this case, the rating of harmful and prohibited content becomes
a moot point because such content will be blocked automatically.
The Internet as viewed from behind a filter will be immediately
clean in such a scenario because it will initially contain no
content at all. Clearly, this is not very attractive and most of
the targeted audience for content filtering services will not
tolerate such filters if large portions of harmless or valuable
content will be made unavailable to them by the content filter.

For a Content Rating Solution, it becomes a requirement to
provide Content Labels for non-objectionable content, so that at
least some pages will be available to those persons behind the
selection filter. Thus, all burden and cost of content rating,
labelling, and label distribution is placed on the providers of
perfectly legal, and in most cases, valueable content.

This situation is not different from, for example, the movie and
video industry where a film without a rating is automatically
rated as not suitable for minors (at least this is the case e.g.
in Germany and the United States). Unlike the movie industry,
many content providers have little or no incentive to have their
content rated because in many cases they do not sell content or
do not cater specifically to a younger audience. Specifically,
we can expect the large commercial websites positioned towards a
younger audience to provide content labels on a voluntary basis,
while most private content and content not specifically geared
towards a young audience will not have labels at all.

Consequently, it may be necessary to enforce the provision of
labels with content to make a sufficiently large portion of the
Internet available to minors. Some content providers will
probably try to evade such a requirement by providing a "safe"
default rating, such as "harmful content, not suitable for
minors", because they do not want to do the work to properly
evaluate and individually label their content. Others will do
this because they are insecure about the correct rating for
their content, and will rate their content more harmful as it
actually is, just to be legally safe. For a requirement to
provide labels to be effective, it may be necessary to treat the
provision of a too high label just like the provision as a label
that is too low.

This turns the situation perfectly upside down: To protect
against harmful and prohibited content, all work and all legal
liability is at the side of the well-behaved members of the
community, while it is technically completely unnecessary for
the providers of harmful content to do anything.

In some countries, rating your own content cannot be legally
enforced (see below).


- First Party Rating cannot be enforced

In the United States, certain First Amendment rights allow a
content provider to not rate own content. Similar rights exist
in other legislations.

But blocking unrated content unconditionally is open to
unexplored civil damages issues.



>Eine Sache stört allerdings sehr: den jetzt schon vielfach vorhandenen
>Zwangs-WWW-Proxy Server könnten diese Filterfunktionen aufgezwungen
>werden, denn sind nicht schon jetzt Porno Webseiten erst nach 22:00 im
>WWW erlaubt ?



- E-commerce and ICR&S are natural adversaries

The introduction of the Internet marks the ultimative shortening
of the communication pipeline, completely industrializing the
process of communication. Historically, the number of people and
institutions involved in the production and reproduction of a
specific publication has continually decreased. While many
people had to copy each page of a book manually in medival
times, the introduction of the printing press has dramatically
simplified the process. The advent of DTP technology has further
eliminated persons and institutions from this process by cutting
out the typographer, the layouter, and the editor. Xerox
technology has cut out printers for small editions.

On the Internet, all persons have been cut out except for the
sender and the recipient. Production, reproduction and
distribution of content are automated or controlled by either
party. In many cases, content location has been automated, too,
by using search engines, portal sites, web rings, or bookmark
lists. In some cases, even content processing has been automated
where automatic translation services, summary generator
services, or XML postprocessing are already deployed, thus
limiting the personal involvement of the receiver as well. Also,
in cases where content is being produced automatically, such as
in catalog systems, database driven web shops, or in community
content systems like slashdot.org, the involvement of the sender
in content creation is limited, too.

This does not mean that the absolute number of people involved
in the creating or processing of content has decreased. In fact,
there are many people needed to keep the Internet running and to
update web content. But these people are no longer involved in a
single specific project (working as craftsmen), instead they
keep running a generalized infrastructure which is used to
transport and produce many, many different works (they are
working as industrial workers).

E-commerce directly benefits from this, shortening supply and
retail chains to a length of 1, or where processing is
completely automated, even to a length of 0. E-commerce requires
that concealed, tamperproof 1:1 communication is possible, i.e.
that the infrastructure can be used to transport certain
transactional data, but without the ability to gain knowledge of
the actual transactional content, and without the ability to
change that content.

This is essentially the opposite of the requirements for ICR&S,
because ICR&S is all about gaining knowledge about the
transported content and from case to case tampering with it
(i.e. replacing the original content with a "this content is
inaccessible" message). You cannot build secure e-commerce on
any network that is capable of ICR&S and you cannot build
functioning ICR&S on any network that provides secure e-commerce
services - see below.

- Proxy-based ICR&S cannot work in an E-commerce enabled

In an installation where E-commerce is possible, it is
impossible to successfully deploy proxy-based ICR&S, because at
any time harmful or prohibited content can arrive in the form of
E-commerce transactions, i.e. serving porn pages from an SSL
server. The proxy cannot detect labels within such a connection
because the entire connection is a military-grade encrypted,
digitally signed, tamperproof connection pipe from within the
browser program into the remote web server. Improvements in
E-commerce, i.e. the wide deployment of S/WAN, IPsec and other
services, will only worsen this situation.