Feeds

Hard 'core'? Birmingham City Council's net filtering

No sex, drugs or cannibalism, please, we're Brummie

Protecting against web application threats using SSL

Back in early July, the Birmingham Post reported on Birmingham City Council's adoption of online filtering software. It will block Council workers from accessing sites on subjects as diverse as smut, porn, cannibalism and witchcraft. But is it a sign of (bad) things to come for net users in public service?

The story took a turn for the better last week, as the National Secular Society (NSS) wrote to Birmingham City inquiring whether the council seriously intended banning access to New Age and Atheist material, whilst leaving open access to religious sites of almost any and every other denomination. On the surface, this would seem to represent a foot-in-mouth result on the part of the Council. It would also be followed with legal action by the NSS if it turned out to be true.

Not so fast. What appears to be happening is that Birmingham City Council is starting to translate some broad existing guidelines on internet use into actionable policy. At the highest level, the guidelines are almost unexceptionable. Employees’ time is divided into "core" (when they are presumed to be hard at work) and "non-core" (eg lunchtime, when they are allowed some access to the internet using Council facilities).

According to the internet Use Policy, at no time should Council workers engage in activity that is illegal, involves hacking, or giving undertakings on behalf of the Council without prior authorisation. So far, so good.

Bullring

In core time, they should stay well away from sites and software that encourage social networking, chatting, RP gaming, etc. Equally good – since it would be difficult to sell to the local ratepayers a policy that allowed employees to sit around socialising all day.

Besides, Birmingham City Council is probably still smarting from an exposé last year, when it was revealed that 75 employees had been disciplined for serious misuse of the internet – and 11 had been sacked for downloading porn.

Where it begins to get murky is in their Internet Code of Practice, which elaborates on the Use Policy. In fact, whilst this does not add a great deal in terms of detail, it does clarify that users should not access sites that might be “sexually-explicit (sic) or offensive in any other way”.

That opens a can of worms. To bolster its position, Birmingham Council has bought Bluecoat's WebFilter software, applying a veneer of objectivity to the process. It performs a range of functions, including monitoring and reporting on individual internet usage. It also allows the Council to block access to specific sites.

Which is where we came in. Under this software, sites are tagged according to a variety of different descriptors. “Adult”, “Alcohol”, “Alternative Sexuality” and so on. A document listing “Site Categories provided by the Bluecoat Software, with definitions and Proposed Actions” appears to have been circulated for comment. Someone leaked this to the Press - the rest is history.

Given the fuss this has caused so far, it seems unlikely that Birmingham City will go ahead and block access to sites featuring alternative spirituality – though bans on “extreme” and “pornographic” sites seem likely to stay.

Questions remain over the use of such a tool. First, why buy American? Public authorities are required to put software purchases out to tender (three suppliers) and buy the cheapest. However, there must be some lingering concern that a solution that has already found favour in Birmingham (Alabama) is unlikely to be finely tuned to the nuances of what a British audience find offensive or pornographic. Or as Terry Sanderson, President of the NSS put it today, “The decision is just bonkers. And if we have to buy this sort of software, there are British Suppliers as well”.

More fundamental, however, is the question of what should be the rule for employers. It may be overkill to remind employees that they should not be using the internet to carry out illegal activities, but it is defensible. What, though, about use of the net at times when individuals are clocked off from work?

Since access to the net remains at all times under the control of Birmingham City, there is no doubt that they have the (legal) right to do this. But having the right to do something and doing it are two quite different things.

If it's not illegal, is it really any business of an employer what an employee gets up to in their spare time? ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.