​When it comes to navigating the web, just what is meant by an online location can be hard to define.

The battle to block the Web has bogged down in the Federal Court where counsel representing Foxtel and Village Roadshow argued that the Court should adopt the quixotic reasoning presented and dump the almost 'impossible' task onto Internet Service Providers (ISP).

The separate proceedings, initiated by Foxtel and the distribution arm of Village Roadshow on 15 March 2016, were joined by Justice Nicholas who said that as both proceedings were, for the first time, seeking a decision under the Copyright Amendment (Online Infringement) Act 2015 that "the evidence in one be evidence in the other, which I think would be appropriate in this case."

It is nearly a year since the Act was passed by both houses of Parliament and in just under three pages, the Act provides a copyright owner with a simple procedure to seek an injunction in the Federal Court of Australia against an online location. For the injunction to be granted the Court must be satisfied that:

(a) a carriage service provider provides access to an online location outside Australia; and

(b) the online location infringes, or facilitates an infringement of, the copyright; and

(c) the primary purpose of the online location is to infringe, or to facilitate the infringement of, copyright (whether or not in Australia).

If the Court agrees with the copyright owner the remedy is to grant an injunction "to require the carriage service provider to take reasonable steps to disable access to the online location."

Whilst the process to get an injunction may be simple and straight forward, the Act is vague about the meaning of an "online location" and "reasonable steps to disable access to the online location."

Counsel representing both Foxtel and Village Roadshow Richard Lancaster, who represented iiNet in the Dallas Buyers Club online piracy related legal action, argued that the Court, having ordered a block against a particular website, should take a broad view of the term "online location" and implement a rolling injunction to prevent access to the online piracy website reappearing using a new domain name or different Internet Protocol (IP) address.

Lancaster stated that "there is an ongoing problem with what you can call workarounds by site operators, where new URLs or addresses and so on are registered to provide the same access to the material via different pathways, and that's occurred to one of the sites subject to the Foxtel proceedings."

"The explanatory memorandum says the term online location is intentionally broad, and includes that which is not limited to a website, and would also accommodate future technologies."

Telstra, Optus, TPG and M2 argued that the copyright owner should have to seek a new injunction for each "online location", even if it is a mirror site of a previously blocked website.

The ISPs argued that the courts should determine what "online locations" are to be blocked and the cost of court documents detailing mirror sites would be similar to out-of-court notifications sent directly to ISPs.

At an earlier hearing counsel for TPG Chris Burgess argued that Domain Name Server (DNS) blocking be adopted rather than IP address blocking because online piracy organisations adopt practices that mean "IP addresses change very rapidly."

Websites are identified using their Uniform Resource Locater (URL) which is something like http://www.theconversation.com/. Websites are hosted on a server that is allocated an IP address - 131.160.22.128 is an IP version 4 address. DNS act as part of a globally automated system that keep track of where websites are located on the Internet and provide a directory service that is used to find the current IP address for a website.

When you enter a website URL into a browser the ISPs DNS server returns the IP address of the website to the browser and it then proceeds to connect to the the website using the URL and IP address.

IP address blocking is not recommended because it can have unintended consequences as the Australian Securities and Investment Commission (ASIC) found in April 2013 when it used powers to compel ISPs to block websites under Section 313 of the Telecommunications Act. By ordering website IP addresses be blocked ASIC accidentally caused 250,000 websites to be blocked having failed to identify that more than one website can be hosted at a single IP address.

The cost of implementing DNS blocks has not been determined with the government failing to identify who would pay for the scheme. ISPs are expected to argue before the Court against being required to foot the bill, which could be as high as AU$130,000 per annum.

It is reasonable to argue that the Act is seriously flawed because the Government's failure to define in the Act the meaning of "online location" and "reasonable steps to disable access to the online location" has left the Court with an almost 'impossible' task.

DNS blocking provides a very superficial solution that can easily be circumvented using [virtual private networks (VPN), changing to a non-Australian DNS or using a non-Australian proxy server.

The most commonly used non-Australian DNS servers are provided by Google at 8.8.8.8 and 8.8.4.4 and unless the Court can compel Google to also block online piracy websites then DNS blocking will only work with those that don't know how to change DNS settings. If Google decided to comply with Court orders, and it is not a party to the current Federal Court actions, then there are thousands of other non-Australian public DNS that can be used.

A proxy server acts an an intermediary that does the work of relaying requests for connections to webpages and as a proxy server can act as a cache they are most commonly used in companies to reduce the amount of web traffic generated from within the company.

Whilst using a non-Australian DNS and proxy server can be done free of charge it is possible for ISPs to inspect your traffic and see the websites that you've connected to.

A VPN is an encrypted tunnel between two locations and this cyberspace wormhole permits you to appear on the Internet in two locations at the same time. By paying as little as AU$10 per month for a VPN to an international location you will be provided with a direct tunnel to the Internet in another country, one that is outside the reach of Australian Courts.

The three approaches identified to circumvent an ISP DNS block are a means to provide access to online locations which may be subject to a Court injunction. So should we expect counsel for Foxtel and Village Roadshow to ask the Court to provide a determination on the meaning of "reasonable steps" including preventing the use of non-Australian DNS, proxy servers and VPNs?

In a Senate Report released in 2015 prior to the Act being adopted Greens Senator Scott Ludlam wrote “There is a substantial weight of evidence showing that it will be relatively easy to evade the Bill’s provisions, that it does not contain appropriate safeguards, and that it may result in legitimate online sources being blocked.”

“Most importantly, there is also a significant weight of evidence showing that the Bill will not meet its aims, as it does not address the underlying cause of online copyright infringement: The continual refusal of offshore rights holders to make their content available in a timely, convenient and affordable manner to Australians.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Federal Court of AustraliaRMIT UniversityISPVPNsiiNetIT Securityfoxtelcyber securityVillage Roadshow

More about Australian Securities and Investment CommissionBillCounselFederal Court of AustraliaFoxtelGoogleOptusVillage Roadshow

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Gregory

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place