Does Europe need a firewall much like the famous Great Firewall of China? As we continue to struggle with the ideas of the internet, censorship, and illegal activity, Torrent Freak is reporting about a movement for the “Great Firewall of Europe”. My question is do we really need it, or does it portray a lack of understanding what exactly happens when you enact national level firewalls?
This is the part that I do not think at times our national leaders or corporations truly understand, firewalls are important, but they will not stop everyone from doing things they should not do. Even in China, people have found their way around the national firewall, and they will continue to do so. The desire to know what is forbidden is more enticing to people psychologically than anything else a nation state can do. Many of us crave the forbidden, and they will get it regardless of firewalls or other hurdles that are put in place.
While the working paper from the Law Enforcement Working Party (LEWP) mostly concerns hacking, terrorism, and other good things to think about, the problem comes in with the block lists. Of course we all want to block illegal pornography, of course we want to keep cyber criminals out of our networks, and of course we do not want to aid and abet terrorism. All those good things that we do not want to have happen in our countries or on our computers. Most of us would be horrified to know that we were unknowingly running a bot net that aided identity theft. The problem arises because the solution is to use block lists rather than any other technological solution that is out there.
There has always been an issue with block lists because they are many times simply tools of political concerns rather than true law enforcement concerns. Traditionally block lists have been used as a behavior modification system in corporations and to obscure or hide data from populations. There might be a side use to firewalls to combat terrorism, but the black lists that go along with them are often focused on real news sites like CNN, or no surfing porn at work or in China, or to hide and marginalize voices that could be used to open up new avenues for society. This is a dead certainty that Wikileaks would have been blocked at the national level once any data was made public.
National level firewalls are a speed bump because people will work their way around it. There is no true ability to truly block everything a national level firewall would want to block. The blacklists are normally secret, we do not know who is on them or the reason they are on them. Black lists can change over time as sites go down and come back online under new ownership. People always have worked out a way around speed bumps that keep them from doing what they want to do. All you have to do is look at a company that is running a block list of sites not to visit at work, and then look at the number of people who are using proxies and otherwise to get to those sites that are blocked at work.
While the idea is interesting, the proposal shows a lack of original ideas at the national level. There are better ways than using a national level firewall such as education, training, reaching out to people to see if they will do the things that government wants them to do. A community that enforces community standards is more effective than the technological hurdles that are put into place. Even then, there will always be a person who want to, and can break through anything that is in their way. As a person I was interviewing for a paper I am writing about bittorrent said:
“I don’t want to wait, I’ll torrent it watch it and move on”.
No firewall in the world is going to stop that person.
(Cross-posted @ Managing Intellectual Property & IT Security)