AFP abandons legal pursuit over blacklist leak

The Australian Federal Police has abandoned attempts to prosecute those responsible for leaking the ACMA blacklist last year, the communications regulator said today.

Chairman Chris Chapman told a Senate Estimates Committee hearing that his understanding was the AFP "have not pushed on with any prosecution.

"It's my understanding from the AFP that they considered the prospects of success under their guidelines, but it wasn't sufficient to get a prosecution," Chapman said.

Other operational priorities were also understood to have contributed to the AFP's decision.

But the Australian Communications and Media Authority said it had beefed up security since the leak, which was understood to have been caused by the hacking of one of the filter providers.

It included accreditation re-testing by the Internet Industry Association (IIA) for all providers using a new set of criteria that took into account measures the providers had taken to ensure their storage of the list was secure.

"The industry has put its house in order," ACMA general manager Nerida O'Loughlin said.

"Only those [providers] tested by the IIA under the new set of criteria receive the blacklist from us."

O'Loughlin said ACMA had also introduced stronger encryption techniques between it and internet service providers that would increase the security of list transfers.

She said a six-month ban on distribution of the blacklist to filter providers in the wake of the leak was now lifted.

"We've improved our database management and automatic and manual reviews of content," O'Loughlin said.

"We've certainly raised the level of encryption [to send] the blacklist to current filter providers. But we've also required those filter providers on the family-friendly filter list to improve their security.

"We think what we've got in place now is a more robust system to meet security requirements."

She could not say whether the agency had conducted its own penetration testing of filter systems to determine whether or not they could stand up to a similar hack or leak attempt in the future.

Blacklist breakdown

ACMA also revealed a breakdown of the 1,254 URLs that reside on the current blacklist.

It said that 51 percent of the site addresses were for refused classification (RC) items - those that will be filtered under the Government's plans for mandatory ISP-level filtering.

A further 40 percent were X-rated and eight percent of the URLs were classified as R18+.

O'Loughlin confirmed that ACMA was "working closely" with the Internet Watch Foundation to "use some of their list as an adjunct to our list".

The foundation produced a blacklist that specialised in blocking child sexual abuse material.

"We've been aware of their list for quite some time. It has some similarities in the work we do in listing child sexual abuse material," she said.