ASIC fronts website-blocking inquiry

The Australian Securities and Investments Commission has appeared before a parliamentary inquiry into the use by government agencies of Subsection 313(3) of the Telecommunications Act 1997 to block Australian Internet users' access to websites engaged in illegal activities.

ASIC and other government agencies have used the act to issue requests for ISPs to block subscribers' from accessing particular Internet-based services.

ASIC's use of Section 313 to block access to fraudulent investment websites spectacularly backfired in 2013. The request for ISPs to block customer access to a number of IP addresses used by a number of scam websites led to access to thousands of unrelated websites being cut off for some Australians.

"The circumstance of this particular case as I understand is that we requested that a particular ISP — Internet service provider — address be blocked," ASIC commissioner Greg Tanzer, referring to IP addresses, told today's hearing.

"That address we understood or thought was only associated with the offending website. As it turns out, that address was also associated with a number of other websites..."

Now that ASIC is aware of the issue, "obviously what we'd do at the very least would be to enquire of the telecommunications provider if there are other websites [using that IP address]," Tanzer said.

"And we have our own forensic people can give us that information as to whether that address is unique to a website or not and whether or not there might be other avenues that one could take to block that particular website rather than the whole website address."

Tanzer said that it was one of the telecommunications providers that ASIC had issued a Section 313 notice to that eventually alerted the organisation to the inadvertent blocking of websites.

Tanzer said that ASIC welcomed the call for greater transparency around the use of Section 313 notices. "From our perspective as a serious white collar crime law enforcement agency, the transparency is actually quite important.

"We typically ... produce a media release or make some public announcement about this... there were one or two where that has not taken place but typically that is our approach and that's because it's part of our general attitude that we want to give a public warning to other investors to try to prevent them engaging or falling for these types of scam."

Despite the website-blocking debacle, Tanzer said ASIC backs the position of the Department of Communications, which has argued against an approach based on agencies obtaining court orders.

Instead the department and ASIC back a process whereby government agencies obtain one-time approval for their internal processes for issuing notices.

"An agency-led process for disrupting access to online services, with the availability of appropriate review mechanisms, is preferred by the Department to an approach which begins with a judicial process," a submission to the inquiry from the Department of Communications states.

"Our view is that we think it's appropriate, as the department submitted, that an agency-specific regime is the appropriate way to go," Tanzer said.

"That would be bolstered obviously by the agency head or relevant portfolio minister signing off on, if you like, the overall policy and taking responsibility."

The inquiry is due to report by 1 July next year.


Copyright © 2014 IDG Communications, Inc.

Shop Tech Products at Amazon