Feeds

Hard 'core'? Birmingham City Council's net filtering

No sex, drugs or cannibalism, please, we're Brummie

Beginner's guide to SSL certificates

Back in early July, the Birmingham Post reported on Birmingham City Council's adoption of online filtering software. It will block Council workers from accessing sites on subjects as diverse as smut, porn, cannibalism and witchcraft. But is it a sign of (bad) things to come for net users in public service?

The story took a turn for the better last week, as the National Secular Society (NSS) wrote to Birmingham City inquiring whether the council seriously intended banning access to New Age and Atheist material, whilst leaving open access to religious sites of almost any and every other denomination. On the surface, this would seem to represent a foot-in-mouth result on the part of the Council. It would also be followed with legal action by the NSS if it turned out to be true.

Not so fast. What appears to be happening is that Birmingham City Council is starting to translate some broad existing guidelines on internet use into actionable policy. At the highest level, the guidelines are almost unexceptionable. Employees’ time is divided into "core" (when they are presumed to be hard at work) and "non-core" (eg lunchtime, when they are allowed some access to the internet using Council facilities).

According to the internet Use Policy, at no time should Council workers engage in activity that is illegal, involves hacking, or giving undertakings on behalf of the Council without prior authorisation. So far, so good.

Bullring

In core time, they should stay well away from sites and software that encourage social networking, chatting, RP gaming, etc. Equally good – since it would be difficult to sell to the local ratepayers a policy that allowed employees to sit around socialising all day.

Besides, Birmingham City Council is probably still smarting from an exposé last year, when it was revealed that 75 employees had been disciplined for serious misuse of the internet – and 11 had been sacked for downloading porn.

Where it begins to get murky is in their Internet Code of Practice, which elaborates on the Use Policy. In fact, whilst this does not add a great deal in terms of detail, it does clarify that users should not access sites that might be “sexually-explicit (sic) or offensive in any other way”.

That opens a can of worms. To bolster its position, Birmingham Council has bought Bluecoat's WebFilter software, applying a veneer of objectivity to the process. It performs a range of functions, including monitoring and reporting on individual internet usage. It also allows the Council to block access to specific sites.

Which is where we came in. Under this software, sites are tagged according to a variety of different descriptors. “Adult”, “Alcohol”, “Alternative Sexuality” and so on. A document listing “Site Categories provided by the Bluecoat Software, with definitions and Proposed Actions” appears to have been circulated for comment. Someone leaked this to the Press - the rest is history.

Given the fuss this has caused so far, it seems unlikely that Birmingham City will go ahead and block access to sites featuring alternative spirituality – though bans on “extreme” and “pornographic” sites seem likely to stay.

Questions remain over the use of such a tool. First, why buy American? Public authorities are required to put software purchases out to tender (three suppliers) and buy the cheapest. However, there must be some lingering concern that a solution that has already found favour in Birmingham (Alabama) is unlikely to be finely tuned to the nuances of what a British audience find offensive or pornographic. Or as Terry Sanderson, President of the NSS put it today, “The decision is just bonkers. And if we have to buy this sort of software, there are British Suppliers as well”.

More fundamental, however, is the question of what should be the rule for employers. It may be overkill to remind employees that they should not be using the internet to carry out illegal activities, but it is defensible. What, though, about use of the net at times when individuals are clocked off from work?

Since access to the net remains at all times under the control of Birmingham City, there is no doubt that they have the (legal) right to do this. But having the right to do something and doing it are two quite different things.

If it's not illegal, is it really any business of an employer what an employee gets up to in their spare time? ®

Remote control for virtualized desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
prev story

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.