EC mulls internet terrorist database

Internet users could contribute to an official blacklist of suspected terrorist content under the European Commission's budding 'Clean IT' project.

The project aims to create a text that commits the internet industry (web hosts, search engines and ISPs, among others) to helping governments weed out content that incites acts of terror.

Partners met in Berlin this week for the fourth Clean IT conference, led by the Dutch Ministry of Security and Justice and its peers in Belgium, Germany, Spain and the UK.

But Klaasen, Program Manager at the Netherland’s National Coordinator for Counterterrorism and Security, told iTnews that the organisations had so far developed 13 “best practice” proposals for governments and the internet industry.

A final version of the text is expected to be delivered in early 2013.

Flagging

Among those 13 courses of action is a proposal for a system that will allow users to ‘flag’ content they believe to be illegal when surfing the web. These alarms would be sent for review to the service provider and in turn, a government agency.

Participants in the talks were yet to narrow down how such a flagging system might work from a technical perspective, but Klaasen expected it to be among the proposals in the final Clean IT text.

Ideally, the solution would be built into popular web browsers (Mozilla Firefox, Microsoft Internet Explorer, Apple Safari, Google Chrome etc) such that users could flag suspicious material regardless of where it is hosted.

An easier but less comprehensive system would be to compel the world’s most popular content hosts – such as Google/YouTube or Amazon – to interface existing flagging systems with those of law enforcement agencies.

“Flagging happens already on some sites,” Klaasen told iTnews. “Many users already flag content they find concerning on services like YouTube. But many of those flags don’t reach law enforcement.”

Referral, notice and takedown

A related ‘best practice’ proposal calls for governments to establish ‘referral units’ – teams of experts that analyse flagged content to assess its legal status.

Internet content or access providers in Europe are already compelled to forward material to law enforcement if they feel its illegality is crystal clear. But often the line between dissenting content and terrorist content is blurry.

“We can't expect an ISP has the right level of knowledge of terrorist content to know if something is illegal or not,” Klaasen said.

“So we have to find a clever way to share the expertise within the Government with the ISPs.”

Any content deemed illegal is dealt with by a third proposal, for a notice and takedown scheme.

The Clean IT standard is being coordinated with a notice and takedown scheme being managed by the European Commissioner’s Director General of Markets.

Terrorist content database

One of the more recent “best practice” proposals put on the agenda has not yet been published within the draft text.

It has been proposed that an as-yet undecided authority create a database of content that has been deemed illegal and removed from a server under the flagging, notice and takedown mechanisms.

“Usually when illegal material is found on a server hosted by an Internet company and is removed, it pops up two days later somewhere else,” Klaasen said.

“So why not try and create a database where internet companies can check it to see if it's known illegal material? There are many known YouTube videos, for example, with content like be-headings. You don’t need to watch them to know if they are illegal or not.”

Again the focus of the discussions has not been on the technical requirements of such a database, but on more fundamental legal principles.

“The database is just an idea at this stage,” Klaasen said.

“Again it raises questions. If you have such a database, who is responsible for it? Is there a trusted organisation to maintain it? There are really important questions that we’ll look to address.”

Several more proposals are expected to be added to the draft text of Clean IT before a conference in London in September and the delivery of the final text next year.