Contents:
- Enumeration Results
- Methodology & Limitations
- About the OpenNet Initiative
India is among a handful of democratic states that has recently implemented some form of nationwide Internet content filtering regulation. In September 2003, the Indian Ministry of Communications & Information Technology ordered Indian Internet Service Providers (ISPs) to block the Yahoo! Group kynhun. In response, many ISPs blocked access to the entire groups.yahoo.com domain, resulting in the collateral blocking of thousands of newsgroups.
More recently, an Indian media organization, Rediff.com, reports that the Mumbai Police Commissioner's Office had ordered ISPs in India to block the website HinduUnity.org because of inflammatory anti-Islamic material contained on the website. The report also notes that there is varying compliance among ISPs, with one ISP in particular, SIFY, refusing to comply because the order had come from the Mumbai Police Commissioner's Office and not the Indian Computer Emergency Response Team (CERT-IN) -- a newly created unit of the Ministry of Communications & Information Technology whose mission is to handle computer-related security incidents.
In order to ascertain compliance with the latest order, we connected to the web sites in controversy through remote computers hosted by three ISPs in India: DISHNET, VSNL, and SIFY. Despite being readily accessible from our control location in Canada, the HinduUnity.org website is indeed inaccessible from remote computers hosted on these three ISPs -- including SIFY, which was reported not to have complied with the blocking order because of the dispute over jurisdiction. It is not clear at this time why SIFY is now blocking access to HinduUnity.org.
Our testing also reveals some unusual and unexpected collateral blocking. When our requests were made for HinduUnity.org, a message was displayed indicating that the requested website could not be accessed. Unlike the "block pages" generally delivered by commercial filtering applications, these pages are generic network errors produced by a computer's own browser indicating that a web site could not be reached. This type of error message suggests that the ISPs are complying with the order by denying access to the IP address (67.153.104.163) of HinduUnity.org as opposed to refusing to resolve the domain name itself.
While simple for ISPs to perform, this type of content filtering can also unintentionally block domains sharing the same IP address. Indeed, our testing shows that at least eight* other domains, including http://www.kahane.org/ and http://www.gwsystems.co.il/, are being filtered by the Indian ISPs because they share the same IP address as HinduUnity.org. Of significance is that kahane.org has been designated a "terrorist" website by the United States. It is not clear at this time whether the filtering of kahane.org is intentional or an unintentional by-product of it sharing the same IP address as HinduUnity.org, as appears to be the case with http://www.gwsystems.co.il/. To our knowledge, no order has been issued by any authority in India to block kahane.org.
We also tested the groups.yahoo.com domain as well as the specific Yahoo! Group kynhun to test compliance with the previously issued Ministry of Communications blocking order. We found that of the three ISP we tested, only VSNL -- the largest ISP in India -- continues to block the group. To our knowledge, no contrary order has been issued by CERT-IN or the Ministry of Communications.
Column | Remote Computer |
1 | Local access attempt |
2 | DISHNET |
3 | DISHNET |
4 | DISHNET |
5 | VSNL |
6 | VSNL |
7 | VSNL |
8 | SIFY |
9 | SIFY |
10 | SIFY |
High Impact | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
http://groups.yahoo.com/ | ||||||||||
http://groups.yahoo.com/group/kynhun/ | ||||||||||
http://www.hinduunity.org/ |
Virtual Hosts | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
http://www.hinduunity.org/ | ||||||||||
http://www.gwsystems.co.il/ | ||||||||||
http://www.kahane.org/ |
Legend | |
URL is accessible both through the local connection and the remote computer. | |
URL is accessible through the local connection but inaccessible through the remote computer, which returned a different HTTP response code. | |
URL is accessible through the local connection but inaccessible through the remote computer due to a network connection error. | |
URL is accessible through the local connection but inaccessible through the remote computer; a block page was positively identified. |
In order to enumerate Internet filtering worldwide, we use remote computers located in countries that employ content filtering and blocking practices.
However, there are limitations in content filtering and blocking research. The network connection errors indicative of Internet filtering and blocking are identical to normal errors that can occur during the course of regular Internet traffic routing. Furthermore, the remote computers may return results that are not indicative of overall Internet filtering within a given country -- the results might only indicate filtering taking place within a given ISP.
The OpenNet Initiative is a partnership of the Citizen Lab at the Munk Centre for International Studies, University of Toronto, the Berkman Center for Internet & Society at Harvard Law School, and the Advanced Network Research Group at the Cambridge Security Programme, University of Cambridge.
Notes:
[1] Mumbai police gag hinduunity.org
May 26, 2004
http://us.rediff.com/news/2004/may/26hindu.htm
[2] Web Sites Sharing IP Addresses: Prevalence and Significance
Benjamin Edelman
http://cyber.law.harvard.edu/people/edelman/ip-sharing/
[3] Federal Register: October 2, 2003 (Volume 68, Number 191)
http://a257.g.akamaitech.net/7/257/2422/14mar20010800/edocket.access.gpo.gov/2003/03-25017.htm
[4] Infothought blog
Seth Finkelstein
http://sethf.com/infothought/blog/archives/000622.html