Yes Virginia, ISPs Have Silently Blocked Web Sites

Slashdot contributor Bennett Haselton writes "A recurring theme in editorials about Net Neutrality -- broadly defined as the principle that ISPs may not block or degrade access to sites based on their content or ownership (with exceptions for clearly delineated services like parental controls) -- is that it is a "solution in search of a problem", that ISPs in the free world have never actually blocked legal content on purpose. True, the movement is mostly motivated by statements by some ISPs about what they might do in the future, such as slow down customers' access to sites if the sites haven't paid a fast-lane "toll". But there was also an oft-forgotten episode in 2000 when it was revealed that two backbone providers, AboveNet and TeleGlobe, had been blocking users' access to certain Web sites for over a year -- not due to a configuration error, but by the choice of management within those companies. Maybe I'm biased, since one of the Web sites being blocked was mine. But I think this incident is more relevant than ever now -- not just because it shows that prolonged violations of Net Neutrality can happen, but because some of the people who organized or supported AboveNet's Web filtering, are people in fairly influential positions today, including the head of the Internet Systems Consortium, the head of the IRTF's Anti-Spam Research Group, and the operator of Spamhaus. Which begs the question: If they really believe that backbone companies have the right to silently block Web sites, are some of them headed for a rift with Net Neutrality supporters?" Read on for the rest of his story.

In the aforementioned instance, AboveNet and TeleGlobe were not selling "parental filters" or other common types of filtered Internet access; the users being blocked from our Web sites were adults paying for what they thought were unfiltered Internet connections. What had happened was that AboveNet and TeleGlobe signed up to block Web sites on the Realtime Blackhole List, a list which was widely (but inaccurately) thought to be a list of "spammers", put out by a group called the Mail Abuse Prevention System. (MAPS and the RBL still exist, but under new management and in a form that bears little resemblance to their late-90's forerunners.) Most ISPs that used the RBL used it to filter only incoming e-mail, but AboveNet went all-out and blocked users from even viewing RBL'ed web sites, presumably because two of MAPS's founders, Paul Vixie and Dave Rand, were on the AboveNet board of directors. And it turned out that the RBL not only included spammers, but also Web sites that were not sending mail at all but were blocked because of their content -- in our case, our ISP got blocked because some other customers were selling mailing list software that MAPS believed could be too easily abused by spammers.

These two distinctions -- (1) the distinction between blocking incoming e-mail from spammers, versus blocking Web sites; and (2) the distinction between blocking traffic due to spam activity, versus blocking sites because of their content -- both go to the heart of what Net Neutrality is, and isn't, about. Net Neutrality is about user preferences -- not meaning that as a buzzword, but as an actual guiding principle to figure out what is and is not covered by the cause. If an ISP filters incoming mail from known spammers, that generally improves the user experience, and is something many users would expect an ISP to do anyway. But if an ISP blocks users from reaching Web sites (even, for the sake of argument, the Web sites of actual spammers), then that's generally counteracting the user's wishes -- if the user didn't want to go there, they wouldn't have typed it in. (After all, I visit spammers' Web sites all the time, usually right before I sue them.) Similarly, if an ISP blocks traffic from sites because of spam or other network abuse, that serves to protect their own users. But if an ISP blocks users from viewing sites because of their content, that's generally not expected by users, unless they've specifically signed up for something like parental controls. The Snowe Net Neutrality amendment proposed last year recognized both of these distinctions, and stated that nothing in the amendment would be interpreted to prohibit spam filtering, parental control services, or measures to protect network security.

The MAPS incident thus shaped most of my opinions about Net Neutrality 6 years before the debate even had a name. When I first found out in August 2000 that our ISP was blacklisted, like most people I believed that the RBL really was a list of spammers; after all the MAPS web page said that the RBL was a list of networks that "originate or relay spam". So I called my ISP screaming at them for being incompetent spam-enablers (the culmination of many frustrating issues with them), and saying that if they really were letting customers send spam, or running an insecure server that spammers were hijacking, I would leave on principle, if the cretins managing our server didn't drop it in the lake first. The ISP owner then told me what happened: that the ISP was not blacklisted for spamming customers, but because of the content of the other sites. (Buried in the list of RBL criteria on MAPS's site was the statement that sites could be blacklisted for providing "spam software", although the criteria did not define how they distinguished between spam software and regular mailing list software, which is how our ISP got caught in the net. And the criteria did not disclose anywhere the most controversial feature of the RBL, which is that if an ISP didn't comply, MAPS would start blacklisting other unrelated sites at the same ISP to put more pressure on them.) I agreed that this seemed to be absurd, and said I wouldn't leave the ISP if they were being blackballed just because of the content of hosted pages.

I don't know exactly what the mail software in question did or where MAPS thought the line should be drawn, but I am a purist about content -- it's a long-standing principle among the Internet security community that if a tool exists which exploits a security hole, you don't try to make the software disappear, you fix the hole. And besides, since MAPS and their supporters wanted to blackball ISPs that hosted spamming software (however you defined that), but the same people had never advocated blackballing ISPs that hosted network break-in tools and other cracking programs, for example, then what were they really saying? That spamming someone more unethical than breaking into their network?

But by far the most common objection to my complaint about AboveNet blocking Web sites was, "Hey, if a private company blocks things, as long as they're being honest to their users about it, who cares?" Well, true, but the fact that AboveNet blocked Web sites was not widely known even within the company; when I once called AboveNet feigning ignorance and asking them if they blocked RBL'ed Web sites, the technician who spoke to me said, "No, that wouldn't make any sense." (Well, half right.) Their AUP mentioned "protecting users from spam" but said nothing about blocking Web sites. In fact, other than "family-filtered" ISPs and similar services, I've never heard of any company blocking Web sites that actually did try to make their users aware of it. (On the other hand, even if AboveNet had fully disclosed their filtering, they were still a backbone company selling connectivity mainly to ISPs -- and I think if you sell something wholesale that can only be re-sold to the public by fraudulent means, then you're at least partly complicit in that fraud as well.)

If you're tempted to argue that backbone providers should be allowed to block whatever they want as long as they bury it in their AUP (although AboveNet and TeleGlobe didn't even do that much), just consider: When you access Google from your home computer, have you read the AUP of every network that the packets pass through, to check whether they reserve the right to block or even modify your traffic? Without doing a traceroute, could you even name all the networks that the traffic passes through? Do you really want the burden to be on you to check with all of them every time there's a problem reaching a Web site? Or do you feel like there's an understanding that as long as you pay your bill, they should let you go wherever you want?

Some have argued that if an ISP blocks the user from reaching a Web site, then even if the ISP is defrauding the user, that's still strictly an issue between the user and the ISP. But if a user is trying to reach your Web site, the user is trying to give you something of value: their attention, their eyeballs on your advertisements, sometimes even their money (with the expectation that you will provide them with something in return, of course, like some content worth reading). If the ISP steps in and blocks that, then the ISP has taken something of value that the user was attempting to give to you, and diverted it to serve their own interests. To me that doesn't seem ethically much different from the FedEx driver swiping the chocolates that someone tried to send you for Valentine's Day. Is that just between the sender and FedEx? Or do you have a beef because you didn't get the present that was intended for you, and you had to eat last week's chocolates to cheer up?

The modern-day threats to Net Neutrality are different: slowing access to Web sites unless the site owners pay a "toll", instead of blocking access to sites because of the content of other sites hosted at the same ISP. But they both boil down to the same thing: not giving end users what they have already paid for. If a user buys Internet access, they almost always buy it with the understanding that if they access a site, the content will download as quickly as their connection allows.

Thus the most common misconception about Net Neutrality is that the proponents are fighting against "capitalism" -- ISPs just charging more for different delivery speeds. But ISPs are already charging users for those delivery lines -- including different tiers for different prices. That's capitalism, and it works, with prices falling all the time in a fairly competitive market. But charging publishers for those higher delivery speeds to the user's house, is really more like double-billing, because the user has already been charged once for the lines that the content is coming over, so the ISP is trying to charge the content publisher again for the same service. Of course, if you charge party A for doing X, and then you try to charge party B for the same instance of doing X, and party B doesn't pay up so you don't do X, you're also breaking your deal with A. Brad Templeton of the EFF stated as much on his blog in 2006:

The pipes start off belonging to the ISPs but they sell them to their customers. The customers are buying their line to the middle, where they meet the line from the other user or site they want to talk to. The problem is generated because the carriers all price the lines at lower than they might have to charge if they were all fully saturated, since most users only make limited, partial use of the lines. When new apps increase the amount a typical user needs, it alters the economics of the ISP. They could deal with that by raising prices and really delivering the service they only pretend to sell, or by charging the other end, and breaking the cost contract. They've rattled sabres about doing the latter.

And I think the same is clearly true if, instead of trying to extract money from the content publisher, the ISP tries to extract something else, like an agreement to shut down certain Web sites before the ISP will let their users view other sites hosted at the same company. You can talk all day about how evil those Web sites are, but the ISP has already sold the user a connection with the implied ability to access them.

Anyway, this all came out in 2000 when a Slashdot article revealed that AboveNet had been blocking Web sites, and AboveNet stopped doing it two hours after the article came out. (TeleGlobe stuck with it for a few more months.) But from the hostility of the reaction, you'd think that we had published cartoons in a Danish newspaper showing Paul Vixie with a bomb in his turban. I got more e-mails than I could count arguing that AboveNet had the right to block whatever Web sites they felt like, regardless of whether the end users knew it was happening. To those people, I'd be sincerely interested in their answer to this question: Does that mean they've have no problem if they found out their ISP was silently blocking sites for political reasons? There is a clear line between following user preferences by blocking spam, and countermanding user preferences by blocking sites because of their content -- and once you've crossed that line, where's the logical stopping point? Seriously, I would have liked to have known how they would answer that, if I could have gotten any meaningful dialog going with them, which most of the time I couldn't. At the time, I'd just spent four years telling people that kids looking at porn was a non-issue, and that by the way if their kids came to my Web site I'd even help them get around their blocking software, and I still got more angry e-mails for disclosing the fact that AboveNet blocked Web sites based on their content, than I'd gotten in all the previous four years combined. (A few even accused us of moving into a blacklisted address block on purpose. This was because the actual move happened after the blacklisting was in place, even though I told them all that our ISP had announced the coming move two months before -- repeat, before -- they ever heard from MAPS. Some people were so in love with that "smoking gun" that they didn't believe me; that's their prerogative. But don't take my word for it -- when one supporter wrote to MAPS to ask about un-blocking our site, MAPS officer Kelly Thompson replied:

>Would it be possible to
>selectively unblock peacefire.org (209.211.253.169)?
Technically? Yes, it is. It's a violation of our policy, though, so I can't do so.

I would be willing to help you find other free or reduced cost hosting, however.

It was MAPS's decision, not ours or our ISP's, to have our site blocked. That should settle that once and for all, just as soon as there is peace in the Middle East and a black lesbian in the White House.)

But what do all these people think about Net Neutrality, 6 years later? I tried to track down the influential people who had spoken out supporting AboveNet's blocking of Web sites, or at least their right to block Web sites. My position was, we can agree to disagree on that, but if they really feel that way, why haven't they been speaking out against Net Neutrality? The proposed Snowe amendment was pretty clear:

SEC. 12. INTERNET NEUTRALITY
(a) Duty of Broadband Service Providers- With respect to any broadband service offered to the public, each broadband service provider shall--
(1) not block, interfere with, discriminate against, impair, or degrade the ability of any person to use a broadband service to access, use, send, post, receive, or offer any lawful content, application, or service made available via the Internet.

John Levine, webmaster of Abuse.Net, head of the IRTF's Anti-Spam Research Group, and one of the most vocal critics of Peacefire's campaign against AboveNet's Web filtering, said that he would have opposed the bill but didn't bother because it didn't have much chance of passing. Well, it didn't, but the bill was significant not because of its likelihood of passage, but because it articulated the principles that the Net Neutrality coalition had rallied around, and with the momentum behind the movement, it's likely to achieve at least some of its goals, by legislation or otherwise.

Paul Vixie, Dave Rand, and Steve Linford did not respond to requests for comment on Net Neutrality. But Paul Vixie wrote something very interesting in a May 2006 blog post:

Second, there's network neutrality. In telephone service, the government mandates that all companies providing voice-grade telephony interconnect with eachother at preset rates, thus ensuring that any phone can call any other phone and that new phone companies can enter the field to help ensure competition. In Internet service, the government mandates nothing. Recently SBC (I mean AT&T, I think, is it Wednesday?) rattled its sabre and said that Google and other content supplying companies should be paying for the use of SBC's backbone to reach SBC's eyeballs. Most of us said, uh, what? "Aren't SBC's own customers paying SBC to carry that traffic?" Some of us even said "I am not an eyeball, I am a person!" But anyway, from time to time these Internet companies shut down interconnects in hopes of creating new cash flows among eachother, and until the government regulates this, we're all at risk of higher prices or lower service with zero notice. Some well meaning democrats are trying to challenge this with "network neutrality" legislation, but this probably isn't their year. Or their decade.

San Francisco has a government, though. And if San Francisco owned and operated its own wireless Internet plant, we could mandate that any Internet company wishing to do business in this city interconnect at fair and reasonable cost to all other Internet companies wishing to do business in this city.

"Until the government regulates this"? "Government mandates"? "Fair and reasonable cost"? Quick, call the anti-socialist intervention squad! How long does it take those San Francisco hippies to suck the new arrivals' brains out anyway? Of course, I agree with everything he said. It's just that if you replace "create new cash flows" with "try to get ISPs to remove content from their servers", this describes exactly what Vixie and AboveNet were doing a few years earlier. He's a smart guy, and I'm sure this didn't escape his sense of irony, so perhaps this confirms something I'd suspected all along, which is that Vixie understood the subtleties of the issue better than most of his cheerleaders, and may be having second thoughts about AboveNet's Web-blocking misadventure. From the beginning, in a 1997 interview with Sun World, he sounded like someone trying to at least keep an open mind:

Concentration of power into a single individual: It's very true that power has corrupted every individual in whom it has ever been concentrated in the history of mankind. I do not feel that I am necessarily above whatever elements of human nature give rise to that. I worry about it. Probably other people worry about it more than I do.

Although, he didn't get to making any such frank statements during the controversy over AboveNet's Web site blocking. (Perhaps MAPS's lawyers were worried that he was a little too unfiltered and advised him not to comment; at the time, the MAPS Web site had a "How to sue MAPS" link on the front page.)

Speaking of which, Anne Mitchell, Director of Legal and Public Affairs for MAPS during the time when AboveNet was blocking Web sites, was the only MAPS adherent from the era that I could find who has since clearly and publicly come out against Net Neutrality. In May 2006 she wrote:

Here's the thing that the 3Ns (Net Neutrality Nuts) don't get: bandwidth costs money. And if you can't charge those who use the majority of it accordingly, then you are going to have to amortize it across everybody.

So, if a net neutrality law passes, don't be surprised when your costs to have an Internet account skyrocket.

Because somebody has to pay those bills, and if the law says that the ISPs can't charge the big guys - the big users - differently, it means that they have to charge them the same rate that they charge everyone else. And that means not that their rate will go down, but that everybody else's rate will go up.

And then again in February 2007 in another blog post titled "Towards A Nanny Internet", she wrote, "Network neutrality is the idea that ISPs should be forced to charge everybody the same for their Internet use", grouping it together with proposed anti-bullying and anti-anonymity laws.

Well, points to Anne for being consistent, and for publicly declaring her views in no uncertain terms, which is all I'm asking of the other supporters of AboveNet's website blocking policy. (Although she's coming at it from a different angle this time, "How do we work out who pays for the traffic" rather than "ISPs should be allowed to block whatever they want without telling anybody".) But this is also a textbook example of what I think are the three major fallacies of opposition to Net Neutrality:

First, lumping it together with other examples of unpopular regulation and calling it one more example of Big Government -- an argument also tried in other editorials ("Politicians and public figures alike should realize the absurdity of advocating more red tape to keep the Internet free"). This meme has never really caught on, possibly because groups like the ACLU and the EFF that have traditionally opposed true Internet censorship, have lined up in favor of Net Neutrality. All the proposed "red tape" and "regulation" really says is that if a user attempts to access a Web site over a connection that they've paid for, the ISP may not block or slow down their access, a law which most people would hardly consider tyrannical.

Second, asserting that "Network neutrality is the idea that ISPs should be forced to charge everybody the same for their Internet use." I've never actually heard anyone advocate anything close to that, but a common question among skeptics is why different "tiers" for Internet traffic are really any different from different-tiered pricing for dial-up vs. DSL, or for different levels of Web hosting. The difference is that when users and Web site owners pay for those connections, they are paying for their respective connections to the rest of the Internet. But an ISP charging a Web site owner to carry their traffic the last mile to the user's house, is not charging for a product or service, but really charging a fee not to break a service that they've already agreed to provide to the user.

Which leads to the third misconception: "Here's the thing that the 3Ns (Net Neutrality Nuts) don't get: bandwidth costs money... So, if a net neutrality law passes, don't be surprised when your costs to have an Internet account skyrocket." But it's not about how much a service costs, but about the ethics of double-billing for it. We know that ISP pricing models can already support the total traffic that people consume today, and ISPs do already follow net neutrality principles most of the time, so nobody's costs will "skyrocket" just because a neutrality law passes. If vastly more people start trying to stream CNN over the Internet 24/7, and fully using the services that ISPs have "only been pretending to sell" as Brad Templeton put it, then ISPs may have to charge more for users who consume too much bandwidth, encouraging people to stay at today's average levels by rationing themselves and perhaps watching 24 on their $5,000 TV sets sometimes instead of downloading it off of BitTorrent to their laptop every week because it makes them feel like a haX0r. Much as we all love our unmetered connections, it wouldn't be a violation of Net Neutrality for ISPs to charge users for bandwidth hogging, to keep everyone from going too far above today's levels. What ISPs should not do is charge users for implied full-throttle connections, and then turn around to charge publishers for moving bits over those same lines, or block the connection for any other reason.

So, yes, Virginia, blocking of Web sites does happen -- and by "Virginia", I mean FTC Chairman Deborah Platt Majoras, who said in a speech in August 2006: "I have to say, thus far, proponents of net neutrality regulation have not come to us to explain where the market is failing or what anticompetitive conduct we should challenge; we are open to hearing from them." This was echoed in an editorial later that month from Sonia Arrison of the Pacific Research Institute:

Internet service providers have voluntarily upheld content-neutral practices without the need for government intervention, and consumers would never stand for blocked Web sites... If the loss of net neutrality principles was really a problem, advocates wouldn't need to scare Americans in order to win their support. Using government regulation preemptively to shortchange business partners is a reckless abuse of the public policy process. New laws should be based on facts and reality, not fear and hypothetical situations.

I guess both of those ladies' ISPs must be blocking access to the SaveTheInternet.com Web site, so I e-mailed both of them the coalition's list of examples, and added a note about the AboveNet/TeleGlobe incident as well. No personal response from either of them yet, but I'm sure they just got lost in the shuffle while they were so busy sending out corrections. (On the other hand, I did get a courteous response from Randolph J. May of the Free State Foundation, when I wrote to him about an editorial he penned which also argued that violations have not happened: "It is generally agreed that except for a few isolated and quickly remedied incidents, neither the cable operators nor the telephone companies providing broadband Internet services have blocked, impaired or otherwise restricted subscriber access to the content of unaffiliated entities." He said he hadn't known about the AboveNet/TeleGlobe incident either.)

Another theme in some anti-Net-Neutrality editorials is that existing laws are enough to deal with the problem. In Majoras's speech, she said, "We should not forget that we already have in place an existing law enforcement and regulatory structure." Arrison's echoed that "Numerous federal agencies already have set a basic legal framework in place to preserve fair competition and business practices on the Internet". Well, as Yogi Berra says, in theory, there is no difference between theory and practice, but in practice, there is. After I found out AboveNet and TeleGlobe were blocking my Web site, I called about twenty lawyers in the Bellevue phone book, figuring: I wasn't greedy, but surely there would be financial damages for deceiving users and blocking our site, enough to pay a lawyer in return for handling the case? I think about two lawyers called me back, and they both said that even though what the backbone companies were doing clearly looked like fraud, it would take tens of thousands of dollars just to get started, and even if we ever got to court, the judge could call it however they wanted. Whatever laws exist now, they may help the slightly smaller big guy against the bigger big guy, but are not much use to the little or medium-sized guy.

So, any informed debate about Net Neutrality has to include the fact that, yes, some providers have blocked Web sites on purpose, for long periods of time, and no, the free market didn't fix it by itself. Even if something on that scale never happens again, if the free market and the anti-trust laws didn't automatically correct a case where Web sites were being blocked outright, then it's wishful thinking to think that those forces will prevent ISPs from merely slowing down Web access to sites that haven't paid a "toll", as they have made noises about doing. One AboveNet customer, Sam Knutson, said when he found out about the Web site blocking, "This type of behavior on the part of an ISP is reprehensible. I pay for a pipe and don't expect this type of monkey business." Well, I agree that it's reprehensible; whether we should "expect" more of it or not, depends on how much the Net Neutrality movement achieves its goals.

Nothing to see here

[Anonymous Coward]

Slightly worryingly, the first time I clicked on the link to this story, I got a blank Slashdot page with the message

Nothing to see here. Please move along.

I like the part on peacefire...

[rthille]

Where the candidate in the 2000 election was infavor of blocking software until they found out it blocked _their_ site.

Are they just stupid or what?

It is ridiculous

[paladinwannabe2]

Seriously, the way people complain about being blocked or having their bandwidth thottled, you'd think they were paying money for their internet connection or something.

Re:500 word summary, MOD PARENT UP +2 AS FOLLOWS

[Nom du Keyboard]

Mod parent up:
CONCISE +1
PITHY +1.

Re:Translation...

[Anonymous Coward]

Did you read as far as the 5th word in the title?

You must be new here.

And hey, what's that symbol next to your user ID? Is that to identify new users or something?