Feeds

Hard 'core'? Birmingham City Council's net filtering

No sex, drugs or cannibalism, please, we're Brummie

Securing Web Applications Made Simple and Scalable

Back in early July, the Birmingham Post reported on Birmingham City Council's adoption of online filtering software. It will block Council workers from accessing sites on subjects as diverse as smut, porn, cannibalism and witchcraft. But is it a sign of (bad) things to come for net users in public service?

The story took a turn for the better last week, as the National Secular Society (NSS) wrote to Birmingham City inquiring whether the council seriously intended banning access to New Age and Atheist material, whilst leaving open access to religious sites of almost any and every other denomination. On the surface, this would seem to represent a foot-in-mouth result on the part of the Council. It would also be followed with legal action by the NSS if it turned out to be true.

Not so fast. What appears to be happening is that Birmingham City Council is starting to translate some broad existing guidelines on internet use into actionable policy. At the highest level, the guidelines are almost unexceptionable. Employees’ time is divided into "core" (when they are presumed to be hard at work) and "non-core" (eg lunchtime, when they are allowed some access to the internet using Council facilities).

According to the internet Use Policy, at no time should Council workers engage in activity that is illegal, involves hacking, or giving undertakings on behalf of the Council without prior authorisation. So far, so good.

Bullring

In core time, they should stay well away from sites and software that encourage social networking, chatting, RP gaming, etc. Equally good – since it would be difficult to sell to the local ratepayers a policy that allowed employees to sit around socialising all day.

Besides, Birmingham City Council is probably still smarting from an exposé last year, when it was revealed that 75 employees had been disciplined for serious misuse of the internet – and 11 had been sacked for downloading porn.

Where it begins to get murky is in their Internet Code of Practice, which elaborates on the Use Policy. In fact, whilst this does not add a great deal in terms of detail, it does clarify that users should not access sites that might be “sexually-explicit (sic) or offensive in any other way”.

That opens a can of worms. To bolster its position, Birmingham Council has bought Bluecoat's WebFilter software, applying a veneer of objectivity to the process. It performs a range of functions, including monitoring and reporting on individual internet usage. It also allows the Council to block access to specific sites.

Which is where we came in. Under this software, sites are tagged according to a variety of different descriptors. “Adult”, “Alcohol”, “Alternative Sexuality” and so on. A document listing “Site Categories provided by the Bluecoat Software, with definitions and Proposed Actions” appears to have been circulated for comment. Someone leaked this to the Press - the rest is history.

Given the fuss this has caused so far, it seems unlikely that Birmingham City will go ahead and block access to sites featuring alternative spirituality – though bans on “extreme” and “pornographic” sites seem likely to stay.

Questions remain over the use of such a tool. First, why buy American? Public authorities are required to put software purchases out to tender (three suppliers) and buy the cheapest. However, there must be some lingering concern that a solution that has already found favour in Birmingham (Alabama) is unlikely to be finely tuned to the nuances of what a British audience find offensive or pornographic. Or as Terry Sanderson, President of the NSS put it today, “The decision is just bonkers. And if we have to buy this sort of software, there are British Suppliers as well”.

More fundamental, however, is the question of what should be the rule for employers. It may be overkill to remind employees that they should not be using the internet to carry out illegal activities, but it is defensible. What, though, about use of the net at times when individuals are clocked off from work?

Since access to the net remains at all times under the control of Birmingham City, there is no doubt that they have the (legal) right to do this. But having the right to do something and doing it are two quite different things.

If it's not illegal, is it really any business of an employer what an employee gets up to in their spare time? ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.