Italy’s Piracy Shield proves the internet works

• Italy’s Piracy Shield breaks multiple sites.
• CDNs’ clients hit by association.
• Even limited censorship breaks parts of the internet.

Political parties are fond of making big promises, especially when in opposition, and few such claims are more specious than the promise to ‘clean up the internet’ to protect its citizenry from the scourges of pornography, piracy, and terrorism.

Political statements on the matter usually contain the word ‘children’ in the context of child abuse or protecting minors from the evils that lurk just a couple of mouse clicks away. While their aims are entirely laudable, they ignore or are unaware of the fact that the internet is not a place that can easily be policed either at national boundaries or by filtering content in an effective manner. The digital domain was never designed in a way that would allow total oversight, and attempts to impose the type of stricture required after the fact will always be hugely imperfect. Circumvention of stricture is in the digital DNA of the internet.

That’s never stopped governments trying, of course, with the latest attempt from the Italian government coming in the form of its Piracy Shield. This was designed to address just a small area of lawlessness: the highly popular activity of watching live sports streams without paying the official providers of such services.

Given such a tight remit, it may have been imagined to be a relatively trivial undertaking. Unfortunately, that’s proved not to be the case.

Sports fans at the weekend just gone soon discovered firsthand how complex a specifically-targeted act of traffic blocking can be.

An IP address belonging to CDN Cloudflare found itself on the wrong side of Italy’s Piracy Shield, which prevented innocent traffic from reaching the ODW Prison Volunteers Association and Elimobile, a telecomms company, among others.

Part of the issue is the complexity of the modern internet, where content distribution networks deliver large portions of online content. They offer this service because they’re better than smaller hosts at ensuring streams of data are delivered safely. Independent servers are more likely to suffer from interruptions caused by bad actors, and the fast voluminous cache-ing capabilities of CDNs makes their use logical in many instances; large-scale video streaming being one of the primary among them.

But because large CDNs aggregate data from multiple sources, the nefarious actions of just one of those sources can cause all of its clients to be tarred with the same brush. Bad actors are as wont to use CDNs as lawful parties, and traffic delivery assignment algorithms can’t differentiate between them. Additionally, it’s easy to mistake genuine traffic for bad traffic. In short, at a low level, things are very, very complicated, in ways not easily explained to those who draft laws.

The Italian experience should be a salutary lesson for lawmakers the world over. Even with a tightly constrained remit, the fallout from attempts to control the digital arena is unpredictable. As a rule of thumb, preventing dubious data movements is borderline impossible to achieve with any accuracy. The public has to be made aware of this fact, so that when the next clarion call goes out for legislation to ‘protect the children,’ the populace recognizes there may be secondary motives – or utter ignorance – at play. Both possibilities are equally alarming, and it’s naive to believe that people in government are any smarter than most.