Telstra’s filter supplier also blocks for Qatar, Yemen, UAE
The company you keep
Updated: Telstra Responds, stops collection Netsweeper, the Internet filtering supplier linked to Telstra’s voluntary filter trial is also a supplier to the Yemen, the UAE and Qatar.
Telstra’s URL data collection for users of its 3G data services was originally noted in Australian broadband community site Whirlpool and followed up by the Australian Network Operators Group (AusNOG). Both ZDNet Australia and IT News have followed the story.
The carrier originally
denied described the activity as normal network operations, but later confirmed that URLs are being compared to the database supplied by Netsweeper. New URLs are passed back to the company’s servers in America for categorization and inclusion in the database. Telstra says its trial will be implemented as a paid, opt-in service for mobile Internet users called “Smart Controls”.
As noted on AusNOG, the terms and conditions document (PDF) describing Smart Controls dated 26 June was drafted in such a hurry that Telstra misspelled its own name.
Network engineer Mark Newton, who penned this missive to Telstra’s privacy team, told ABC Radio that “Australians should know when their private data is collected, what that data is going to be used for” – as well, of course, as knowing who data is being shared with.
Newton contends that the dispatch of users’ clickstream data in this manner is a possible breach of Australia’s privacy principles.
Telstra’s choice of partner is also interesting: the company has been linked to repressive filtering in the Middle East by a local newspaper in its home town of Guelph in Ontario, Canada.
According to the Guelph Mercury, Netsweeper’s client list includes Yemen, Qatar and the United Arab Emirates (it maintains an office in Dubai).
The Guelph Mercury states that filters implemented by those countries block sites associated with news, political activism and satire, religious freedom – and Tumblur, which in Yemen’s case is classified as pornography.
The Register has asked Telstra whether it is comfortable sharing data with a company associated with these regimes. Other filtering companies, such as Websense, have pulled back from contracts that associate them with oppressive government-mandated censorship.
We will update this story when Telstra responds. ®
Update: Telstra's response is below.
· Our customers trust is the most important thing to us and we’ve been listening to the concerns of our customers regarding the development of a new cyber safety product
· We want to reassure all our customers that at no point in the development of this product was personal information collected or stored
· We’ve heard the concerns online and we acknowledge more consultation was needed
· We are stopping all collection of website addresses for the development of this new product
· More explanation would have avoided concerns about what we were collecting
· To this end, we want to make clear what this development process involved:
o The website addresses were collected for a new opt-in cyber safety tool that allows parents to specify the website categories kids in their care can access on their mobile phone
o In order for this product to work accurately we needed to classify internet sites, based on the content they hold
o We are working with a company called Netsweeper, which undertakes this type of classification work for a number of communications and internet companies around the world
o The data Telstra recorded was anonymous, only the website addresses were captured. There was no information captured or kept that would link specific customers with the websites they visit
· We apologise for any concern caused to our customers
Sponsored: Global DDoS threat landscape report