Click for next page ( 32


The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 31
2 Technology Suppose that a student is assigned to do a report for school on ani- mals that build things, and he selects beavers as his primary topic. Con- necting to the Internet through a computer at home, he goes to an online search engine, where he tries to search the Internet for information about "adult beavers." The search engine returns links to a large number of Web pages. When he clicks on a certain link, he is surprised when he finds a sexually oriented Web site intended for adult use. This scenario or one similar to it is one of the most common that underlies parental concerns about children using the Internet. This chap- ter addresses the technological dimensions of this "reference scenario" and some of the things that can be done to protect against it. 2.1 AN ORIENTATION TO CYBERSPACE AND THE INTERNET 2.1.1 Characteristics of Digital Information In the reference scenario, the student is seeking information (content) on beavers a kind of animal. All information on the Internet is repre- sented in bits electronic strings of l's and O's that are later interpreted according to some algorithm to produce a representation that is meaning- ful to human beings. Digital information has properties very different from those of the information that a student might retrieve in a book. For purposes of this report, the salient aspects of this digital representation of information are the following: 1 1More discussion can be found in Computer Science and Telecommunications Board, National Research Council, 2000, The Digital Dilemma: Intellectual Property in the Information Age, National Academy Press, Washington, D.C. 31

OCR for page 31
32 YOUTH, PORNOGRAPHY, AND THE INTERNET Reproducible. Unlike a physical book or photograph or analog au- dio recording, a digital information object can be copied infinitely many times, often without losing any fidelity or quality. Easily shared. Because information is easily copied, it is also easy to distribute at low cost. Digital information can be shared more easily than any type of analog information in the past. In the physical world, broad- casting information to groups has serious costs and hence requires a cer- tain wherewithal and commitment. Technologies such as e-mail and Web sites allow broadcasting to many people at the touch of a single button. Flexible. A variety of different types of information can be repre- sented digitally: images, movies, text, sound. Digital information can even be used to control movement in the physical world through digitally controlled actuators. Easily modified. Digital representations of information can be easily manipulated. It is trivial to modify an image say, changing hair color from blond to red, adding a few notes to a musical score, or deleting and adding text to a document. So, for example, a naked body can be affixed to a head of a child, words modified from their original intent and music "borrowed" freely, and even virtual "people" created, all without leaving a visible trace of these manipulations. Difficult to intercept. Because no physical object is necessarily asso- ciated with a digital information object, interdiction of digital information is much more difficult than interdiction of a physical object carrying in- formation. In other words, there is no book, no magazine, no photo that can be intercepted by physical means. 2.1.2 The Nature of the Internet Medium and a Comparison to Other Media Types In the reference scenario, the student relies on the Internet. The pre- ceding discussion about digital information is important, but the nature of the Internet itself also makes it quite unlike other more traditional media such as television, film, print, and the telephone. Thus, it is useful to describe certain key features of the Internet medium and to compare it to some other, more traditional media. The Internet supports many-to-many connectivity. A single user can receive information and content from a large number of different sources, and can also transmit his or her content to a large number of recipients (one-to-many). Or a single user can engage with others in a one-to-one mode (one-to-one). Or multiple users can engage with many others (many- to-many). Broadcast media such as television and radio as well as print are one-to-many media one broadcast station or publisher sends to many recipients. Telephony is inherently one-to-one, although party lines and

OCR for page 31
TECHNOLOGY 33 conference calling change this characterization of telephones to some ex- tent. The Internet supports a high degree of interactivity (Box 2.1~. Thus, when the user is searching for content (and the search strategy is a good one), the content that he or she receives can be more explicitly customized to his or her own needs.2 In this regard, the Internet is similar to a library in which the user can make an information request that results in the production of books and other media relevant to that request. By con- trast, user choices with respect to television and film are largely limited to the binary choice of "accept or do not accept a channel," and all a user has to do to receive content is to turn on the television. The telephone is an inherently interactive medium, but one without the many-to-many con- nectivity of the Internet. The Internet is highly decentralized. Indeed, the basic design philoso- phy underlying the Internet has been to push management decisions to as decentralized a level as possible. Thus, if one imagines the Internet as a number of communicating users with infrastructure in the middle facili- tating that communication, management authority rests mostly (but not exclusively) with the users rather than the infrastructure which is sim- ply a bunch of pipes that carry whatever traffic the users wish to send and receive. (How long this decentralization will last is an open question.3) By contrast, television and the telephone operate under a highly central- ized authority and facilities. Furthermore, the international nature of the Internet makes it difficult for one governing board to gain the consensus necessary to impose policy, although a variety of transnational organiza- tions are seeking to address issues of Internet governance globally. The Internet is intrinsically a highly anonymous medium. That is, noth- ing about the way in which messages and information are passed through the Internet requires identification of the party doing the sending.4 One Customization happens explicitly when a user undertakes a search for particular kinds of information, but it can happen in a less overt manner because customized content can be delivered to a user based, for example, on his or her previous requests for information. 3Marjory s. Blumenthal and David D. Clark. 2001. "Rethinking the Design of the Internet: The End to End Arguments vs. the Brave New World,,, in Communications Policy in Transi- tion: The Internet and Beyond, a. compaine and s. Greenstein, eds. MIT Press, Cambridge, Mass. 4It is true that access to the Internet may require an individual to log into a computer or even to an Internet service provider. But for the most part, the identity of the user once captured for purposes of accessing the Internet is not a part of information that is auto- matically passed on to an applications provider E.g., a Web site ownery. More importantly, many applications providers for entirely understandable business reasons choose not to require authentication. Strong authentication in general requires an infrastructure that is capable of providing a trusted verification of identity and in the absence of such an infra- structure, strong authentication is an expensive and inconvenient proposition for the user. This point is discussed at greater length in section 2.3.2.'

OCR for page 31
34 YOUTH, PORNOGRAPHY, AND THE INTERNET

OCR for page 31
TECHNOLOGY 35 important consequence of the Internet's anonymity is that it is quite diffi- cult to differentiate between adult and minor users of the Internet, a point whose significance is addressed in greater detail in Chapter 4. A second consequence is that technological approaches that seek to differentiate between adults and minors (discussed in Chapter 13) generally entail some loss of privacy for adults who are legitimate customers of certain sexually explicit materials to which minors do not have legitimate access. The capital costs of becoming an Internet publisher are relatively low, and thus anyone can establish a global Web presence at the cost of a few hundred dollars (as long as it conforms to the terms of service of the Web host). Further, for the cost of a subscription to an Internet service pro- vider (ISP), one can interact with others through instant messages and e-mail without having to establish a Web presence at all. The costs of reaching a large, geographically dispersed audience may be about the same as those required to reach a small, geographically limited audience, and in any event do not rise proportionately with the size of the audience. Because nearly anyone can put information onto the Internet, the appro- priateness, utility, and even veracity of information on the Internet are generally uncertified and hence unverified. With important exceptions (generally as- sociated with institutions that have reputations to maintain), the Internet is a "buyer beware" information marketplace, and the unwary user can be misinformed, tricked, and seduced or led astray when he or she encoun- ters information publishers that are not reputable. The Internet is a highly convenient medium, and is becoming more so. Given the vast information resources that it offers coupled with search capabilities for finding many things quickly, it is no wonder that for many people the Internet is the information resource of first resort. 2.1.3 Internet Access Devices In the reference scenario, the student uses a computer to access the Internet. While today a personal computer is the most common way to connect to the Internet, devices for accessing the Internet are proliferating. Entire businesses have begun to spring up in order to ready content and delivery of information for a host of other devices. These devices include: Handheld organizers like Palm and Handspring typically these devices contain built-in wireless modems and use services like OmniSky; Cell phones with built in Web access; WebTVTM and Internet access devices that are used on TV sets and customized to MSN and AOL and whose deployment began in 2001; Blackberry RIM and wireless paging devices;

OCR for page 31
36 YOUTH, PORNOGRAPHY, AND THE INTERNET Standalone Internet machines like the Compaq Ipaq and mail- stations; Kiosks designed for surfing the Internet and typically used in pub- lic spaces; Game machines like Sega, Nintendo, Microsoft's Xbox. Today's gaming technology (e.g., Sony's Playstation) increasingly uses the Inter- net to provide users with multi-player communities in which a user can compete against and/or cooperate with other like-minded individuals. Software is generally available on CD-ROMs, and the widespread avail- ability of CD-ROM writers makes the possibility of non-vendor-produced games and activities a realistic one. Game-playing applications are also increasingly available for use on various Web sites, sometimes for free. Note that such games often contain violent material. In addition, many commercial establishments frequented by children, including coffee shops, department stores, and fast food restaurants, will have customer-usable Internet access points. Broadband Internet access- needed for efficient transmission of images and movies will also grow in the future, though with some uncertainty about how fast it will be deployed. Specialized Web access devices will cost much less than today's computers (a few hundred dollars each rather than several hundred or thousand dollars). Wireless Internet access is also expected to grow in popularity, though the feasibility of transmitting high-quality images through wireless links remains an open question. These devices and business trends suggest increasingly ubiquitous access to the Internet. Note also an important social point wireless ac- cess and access "anywhere" enable users, including children, to escape many forms of local supervision (e.g., someone looking over his or her shoulder), and individuals will not be as dependent on school, libraries, and work to provide Internet access. Consequently, approaches to Inter- net protection and safety for children that depend on actions whose effect is limited to a single venue will be increasingly ineffective. 2.1.4 Connecting to the Internet In the reference scenario, the student connects to the Internet. In general, access to cyberspace is provided by one or more Internet service providers (ISPs). For children, Internet connections are available via: Personal Internet service. In this case, a party subscribes to a con- sumer-oriented ISP, and gains access to the Internet through as many places as the provider can provide access ports. Such services are gener- ally responsible for home access. There are many variations in the offer- ings from ISPs and many different fee structures as well. Note that an

OCR for page 31
TECHNOLOGY 37 individual child may be using a family account, a personal account asso- ciated with a family account, or a friend's personal Internet service. School and/or library Internet service. A student (or faculty member or staff person) or a library patron uses school or library facilities to obtain Internet access. In general, schools and libraries obtain Internet service for their students and patrons through business-oriented ISPs, and a whole host of classroom ISPs have been brought to the market. Public terminals. An individual pays "by the minute" for Internet access at a public terminal, which may be located in a coffee shop or an airport, or through a wireless service. In addition to Internet connections, some ISPs offer other services designed to enhance the user's experience. Proprietary services (includ- ing parental controls to help manage the online experience of children) and content are offered by a number of online service providers. These services and content are available only to those who subscribe to those online service providers. In other cases, services are available to some non-subscribers (for example, the instant message (IM) services of some ISPs can provide IM service to those who do not subscribe to those ISPs). Moreover, various online service providers develop and seek to de- velop reputations about the kinds of content that they may offer. For example, a service provider may bill itself as being "family-friendly" and thus provide access only to Web sites that it regards as appropriate. The denial of access to all Web sites not on the provider's "family-friendly" list is a proprietary service that the online provider offers that is unavail- able to others who do not subscribe to it. ISPs offer dial-up or broadband access to the Internet. The majority of at-home access is today achieved through dial-up connections a user's computer dials an ISP phone number and connects to the ISP through an ordinary modem. However, broadband access, generally through DSL (digital subscriber lines) from phone companies or cable modems from cable TV companies, is growing because of the higher-bandwidth connec- tions offered. Higher bandwidth is relevant because some kinds of mate- rial contain many more bits than others. Text, for example, typically contains many fewer bits than do images, and images contain many fewer bits than movies have. Thus, viewing of graphics-intensive material online through a low-bandwidth connection is often very tedious and tries the patience of all but the most dedicated users. ISPs also require their subscribers to abide by certain terms of service, violation of which is grounds for termination of the service contract with a subscriber. An individual subscriber to an ISP is bound directly by the terms of service of that ISP. An individual who obtains Internet service through an intermediary is bound by the terms of service imposed by the

OCR for page 31
38 YOUTH, PORNOGRAPHY, AND THE INTERNET intermediary, which may (or may not) be stricter than those that bind the ISP and the intermediary. Note also that ISPs vary across a wide range in the extent to which they enforce their terms of service. A typical provi- sion in the terms of service of many ISPs might forbid a user from posting sexually explicit material under most conditions. ISPs make decisions about content that they will carry. In particular, many ISPs do not allow access to every Usenet newsgroup (e.g., they may not carry newsgroups that carry a large volume of child pornography).5 For subscribers to these ISPs, the newsgroups that are not carried can be difficult to find and are for many practical purposes non-existent.6 Finally, ISPs are funded by subscription and/or by advertising. Sub- scription entails periodic payment by the user to the ISP for access privi- leges. Advertising entails payments by advertisers to the ISP for the privilege of displaying ads, and thus the user must be willing to accept the presence of ads in return for access privileges. 2.1.5 Identifying Devices on the Internet: The Role of Addressing Every computer or other device connected to the Internet is identified by a series of numbers called an IP address.7 The domain name system is a naming system that translates these computer-readable IP addresses into human-readable forms, namely domain names. Thus, a domain name is a name that identifies one or more IP addresses. A canonical domain name has the form "example.com." Every domain name has a suffix corresponding to a top-level domain (TLD), in this example .com. Until October 1, 2001, the most common top- level domains allowed for Internet use have been .net, .org, .com, .edu, 5usenet is a worldwide distributed discussion system consisting of a set of newsgroups with names that are classified hierarchically by subject. "Articles" or ''messages,, are "posted" to these newsgroups by people on computers with the appropriate software- these articles are then broadcast to other interconnected computer systems via a wide vari- ety of networks. Some newsgroups are "moderated"; in these newsgroups, the articles are first sent to a moderator for approval before appearing in the newsgroup. For more infor- mation, see Chip Salzenberg, "What Is Usenet?," available online at . 6There are Web sites through which one can read Usenet newsgroups even if the ISP has decided not to carry certain newsgroups, thus circumventing the ISP's selection policy. 7The IP address of a device provides a unique address to which and from which mes- sages can be routed. A typical IP address has the form a.b.c.d, where a, b, c, and d are numbers from zero to 255. The mapping between domain name and IP address is managed by devices known as domain name servers. More information is given in a Computer Science and Telecommunications Board report on domain name systems that is currently in preparation. Note also that IP addresses may be mapped dynamically to devices, so today, a user's computer would have one IP address and tomorrow it might have a different one.

OCR for page 31
TECHNOLOGY 39 .gov, and .mil. In addition, a number of two-letter country suffixes have been recognized. As this report goes to press, a number of other top-level domains have been approved: .biz, .info, .pro, .coop, .aero, museum, and .name. (How many other TLDs will eventually be available is an open question, and the issue of the number and type of TLDs is highly charged politically and economically.) As a rule of thumb, the non-country suf- fixes indicate something about the nature of the party with which the site is affiliated. For example, example.museum is likely operated by a mu- seum; example.gov is operated by a government agency. The domain name is a key element of routing traffic across the Internet. For example, a typical e-mail address is of the form 'fohn.Doe~ example.com." The address of a typical Web site has the form "www.example.com." The Web site address is generally part (or all) of a uniform resource locator (URL) that identifies a particular Web page that can be found on a Web site. Thus, www.example.com/pagel might refer to a page on the example.com Web site. 2.1.6 Functionality of the Internet In the reference scenario, the student used a search engine to search the World Wide Web for information about beavers. Search engines are only one aspect of the functionality that the Internet of- fers, and as the Internet matures, new functions based on new appli- cations and technologies are constantly being introduced. Some of the more important applications of the Internet are described below and are summarized in Table 2.1. The World Wide Web (WWW) refers to the set of all the information resources that can be accessed via the hypertext transfer protocol (HTTP). Loosely speaking, it is the set of all Web pages that can be addressed by a request of the form "http: URL."8 Today, the publicly accessible World Wide Web consists of over 2 billion Web pages,9 though there is a great deal of uncertainty in any estimate of Web size. Web pages are associated with particular hosts (though not every host has a Web page), and many Web pages themselves include links to other Web pages. The Web is based on a client-server model a user (client) specifically requests a Web page from a host (server). Search engines help to organize, classify and return information based on a query, and those who surf the Web typically rely on various .J 1 .J .J Most browsers handle addresses without a preceding "http:" as though it was present. Also, some Web pages are accessible only through the "https:" protocol. 9For example, as of November 2001 the Google search engine had indexed 1.6 billion Web pages. As of April 2002, it had indexed 2.1 billion Web pages.

OCR for page 31
40 YOUTH, PORNOGRAPHY, AND THE INTERNET TABLE 2.1 Selected Internet Applications and Their Implications for Exposing Children to Inappropriate Sexually Explicit Material and Potentially Dangerous Experiences Channel Key Points Web pages Identified by and accessed through knowledge of the uniform resource locator (for example, http://www.random_sex_site.com, http: / /www.just_fine_kids_site.com) Can display still images, text, and movies Generally the channel used today by the adult online industry Can be found by typing the URL into a browser or clicking on a link (links can be embedded in instant messages, e-mail, and so on; included in other Web pages; or found through a search engine) E-mail Requires knowledge of a user's e-mail address Can contain (or carry) text, images, links to Web pages; can be used to initiate two-way dialog as well as to deliver information and files Sender's e-mail address can be faked (or be misleading) Is the route for unsolicited commercial e-mail (spam) Chat Generally text-based, and conducted in a "chat room"; text can contain links to Web pages Can be public (accessible to anyone) or private (by invitation only) Content of chat and online identities of participants are visible to everyone participating in the chat room Chat rooms are an online equivalent of CB radio Used to initiate, establish, and maintain online relationships Instant One-on-one dialog, and private messages Text-based, but can contain links; images and voice can sometimes be transmitted as well Initiation of instant message requires knowledge of user name "Buddy lists" allow user to know who is online at the same time as the user Usenet Populated by some 30,000 newsgroups of specialized topics; newsgroups function essentially as online bulletin boards on which users can post anything they wish, often anonymously Many newsgroups contain sexually explicit material, and some are oriented primarily toward such material; sexually explicit content on Usenet newsgroups is often more extreme than those on adult-oriented Web sites Cost of content distribution is borne by Internet service provider that carries newsgroups with content rather than by publisher or receiver Sexually explicit Usenet newsgroups serve as conduits for advertising of adult-oriented Web sites and as a medium in which sexually explicit content can be exchanged among users Internet service providers make choices about what Usenet newsgroups to carry; some carry the full line, and others carry only a subset (e.g., all except those devoted to child pornography) Peer-to-peer Connection between two users that is made directly without connections mediation through a central server Purpose of peer-to-peer connection is typically for file-sharing (of any kind of content, including sexually explicit content) Not generally anonymous (because connections are peer-to-peer, each user must have an Internet address with which to interact) Cost of distribution is borne by the Internet service provider rather than the end users

OCR for page 31
TECHNOLOGY 41 types of search engines to find the information they are seeking. Box 2.2 describes how search engines work. Search engines rely on technologies of information retrieval, as discussed in Section 2.2. Given the enormous volume of information on the Web, users in general do not know where to find the information they seek. To cope with this situation, search en- gines have been developed to help users find the addresses of informa- tion residing on the Web. While no data have been collected on this point, it is probably fair to say that search engines enable the finding of most information that people access on the Internet.

OCR for page 31
60 YOUTH, PORNOGRAPHY, AND THE INTERNET

OCR for page 31
TECHNOLOGY 6

OCR for page 31
62 YOUTH, PORNOGRAPHY, AND THE INTERNET In the physical world, the authentication process is conceptually straightforward because of face-to-face interactions. When an individual buying beer presents a driver's license to a liquor store clerk, the clerk can compare the picture on the license to the individual in front of him. Of course, the license could be phony, but the face-to-face nature of the interaction helps to ensure that the subject being compared to the cre- dential is real.23 Such assurance is not available when a face-to-face interaction is not possible, as in the automated authentication of a user to a computer sys- tem.24 Automated authentication depends on the prospective system user sharing with the authentication device something the person knows, has, or includes as a feature, such as a "smart card" belonging to the appropri- ate individual, a secret password, the individual's voice, or a biometric signature such as a fingerprint or retinal pattern. Authentication is only one dimension of keeping children away from age-inappropriate materials. The second key element is that of ensuring that a user is older than some specified age (e.g., older than 17~. While authentication involves assessing the validity of an assertion about the identity of a user, it does not speak directly to the issue of age verification. Assurance about age must, in general, be provided by reference to a docu- ment that provides information about it, and today's infrastructures needed to support online authentication of identity ~enerallv do not in- clude such documents. In the physical world, age verification can be provided as a part of the credential being presented a driver's license generally has a date of birth 23Indeed, in the physical world, someone who presents a fake ID that is recognized as such by the clerk is subject to arrest. 24In principle, age verification could occur through the use of streaming video and audio. In this scenario, a Web camera and microphone located on the user's access point would be used to transmit a high-fidelity voice and video image to a human being working on behalf of the adult content provider. The human being (who might be called a cyberspace "bouncer") would ascertain the adult status from viewing the image and listening to the voice, and if there were any doubt, the bouncer would demand to see a driver's license that the alleged adult could hold up to the camera. Even through voice alone, a trained human verifier can often determine whether the person on the other end is in fact an adult, though this may not always work for very young adults. The human verifier asks questions, and then listens for tone of voice, composure, presence, stuttering, and other things that are not reflected in a typed textual interaction. Because adults tend to have more confidence and self-assurance than children, such voice interactions provide valuable distinguishing infor- mation. These scenarios are technically feasible even today, but are likely not to be eco- nomically attractive. The reason is that one of the major advantages of Internet commerce is the ability to drastically reduce the extent to which human beings are involved. Given that many adult-oriented Web sites operate on very thin margins, the cost of using such a mechanism would likely be prohibitive.

OCR for page 31
TECHNOLOGY 63 recorded on it. However, a driver's license would be just as good an authenticator of identity if it did not have the date of birth on it. In an online environment, age verification is much more difficult be- cause a pervasive nationally available infrastructure for this purpose is not available. One method is based on the fact that many adults (but not very many children) have credit cards presentation of a valid credit card number is presumed to be an indicator that the presenter is an adult. Taken in the large, this is not a bad assumption the vast majority of credit cards are in fact owned by adults, and the vast majority of minors do not own or have legitimate access to credit cards. Thus, an adult- oriented Web site that uses credit cards as its medium of exchange pre- sumes that the presentation of a valid credit card also verifies that the card user is of legal age. Entering a valid credit card number grants access to the inside of the site.25 Many online adult verification services (AVSs), which provide a veri- fication of adult status to other adult Web sites, also use credit cards.26 Because the credit card is generally the user's method of payment for the service, the AVS relies on the credit card to verify the adult status of the user.27 Another approach to age verification is to rely upon databases of public records (i.e., government-issued documents such as voter registra- tions and/or drivers' licenses). For example, an individual wishing to gain access to an adults-only service sends an online request to an age verification service (along with a credit-card number to effect payment) for a certification of age for a given individual. He or she also provides appropriate personal information, and the adult verification service checks that information against public records such as state drivers' li- censes and voting registration that contain or imply age information. Even higher confidence in age verification can be obtained by cou- pling the use of public record databases to an authentication process that 25Determining with certainty whether a submitted credit card number corresponds to an account in good standing requires an online transaction between the site operator and the credit card company. That is, the site operator transmits the number to the credit card company and the company checks to see if the number refers to an account in good stand- ing. There are other methods that allow the offline identification of some invalid credit card numbers, but they can be defeated with a little effort and sophistication. 26Such services also accept applications via 1-900 phone numbers (which children are not supposed to use without parental permission) that charge phone bills automatically and via U.S. mail. Mail applications are supposed to include proof of age. 27The "typical" adult verification service provides the user with a special code number. Adult Web sites contract with the service (of which many exist). A user wishing access to one of these adult Web sites enters the code number. The adult Web site then contacts the AVS to confirm that the number is valid, and if it is, grants the user access. (The adult Web site usually pays the AVS a commission for users who are verified in this manner.)

OCR for page 31
64 YOUTH, PORNOGRAPHY, AND THE INTERNET provides assurance of identity. In this case, when adult status is con- firmed, a credential certifying one's adult status is mailed (via postal service) to the address of record on those public records. In this context, the postal service serves as an authenticating process that ensures the adult credential is sent to the right person. The individual can then use this special key to obtain access to adults-only services that recognize this special key. A third approach is to use age verification scripts. An online script can guide a user through a questionnaire that asks, among other things, the user's age, and it can reject users who are underage. To help deal with the problem of lying about one's age, some scripts are written to accept only one attempt at entering age, and so a user who enters "15" at first, is rejected for being underage, and then tries to enter "20" is unsuccessful. In such cases, he or she may have to try again from another computer. Note that each of these methods imposes a cost in convenience of use, and the magnitude of this cost rises as the confidence in age verification increases. Age verification scripts are very convenient for the legitimate adult user, who must simply tell the truth about his or her age. But they are also susceptible to being fooled by a savvy adolescent who knows that the correct age must be entered. A credit card is less convenient for the legitimate adult user, because he or she must be willing to incur the expense of a subscription (or the hassle of canceling one). However, since most credit cards are owned by adults, the use of a credit card provides additional confidence that it is truly an adult who is seeking to use it. At the same time, some minors do own credit cards or prepaid cards that function as credit cards, while other minors are willing to use credit cards borrowed with or without permission from their parents. (Even when parents review credit card statements, either their own or those of their children, they may not be able to identify transactions made with adult- oriented sexually explicit Web sites, as the adult nature of such transac- tions is often not readily identifiable from information provided on the statement.) Using public record databases to verify adult status provides additional confidence in age, but increases the amount of personal infor- mation that the user must provide to gain access. Mailing the certify- ing credential to the user provides the greatest confidence of all that the alleged adult is truly an adult, but because the user must wait for the processing and mailing of the adult credential, it is also the least convenient. Claims have been made that certain "biometric" signatures can differ- entiate between adults and children. While human physiology does in- deed dictate that certain changes in one's body occur as one grows from child to adult, the precise trajectory of these changes varies from indi-

OCR for page 31
TECHNOLOGY 65 vidual to individual. However, one's legal status as being entitled to privileges as an adult that are not enjoyed as a child is fixed by laws that specify, for example, that individuals even one day over 18 are consid- ered adults and one day under 18 are considered unemancipated minors. No technology today or on the horizon can hope to make such fine dis- tinctions in the case of individuals.28 For this reason, biometric technolo- gies as a method for age verification are not considered here. Age verification technologies as integrated into functional systems are discussed in greater detail in Chapter 13. 2.3.3 Encryption (and End-to-End Opacity) Encryption is used to hide information from all but specific autho- rized parties. In the most general encryption process, an originator (the first party) creates a message intended for a recipient (the second party), protects (encrypts) it by a cryptographic process, and transmits it as ciphertext. The receiving party decrypts the received ciphertext message to reveal its true content, the plaintext. Anyone else (a third party) who wishes undetected and unauthorized access to the message must pen- etrate (by cryptanalysts) the protection afforded by the cryptographic pro- cess or obtain the relevant decryption key (or use another approach to obtain the key, such as bribing someone to reveal it). Encryption also has relevance to the protection of digitized intellec- tual property, such as proprietary images. Because encryption restricts the access of unauthorized parties, encryption can be used to help prevent the dissemination of unauthorized reproductions of digital objects. En- cryption is thus the fundamental technology underlying digital rights management systems (discussed in greater detail in Chapter 13~. The use of encryption may increase dramatically in the coming years. In the context of this study, the significance of encryption is that if content, whether acceptable or inappropriate, is encrypted properly, it cannot be identified by third parties. Thus, while it is possible to interdict all information flows that are encrypted, it is impossible to interdict spe- cific transmissions on the basis of content a point with obvious relevance to filtering systems intended to block specific content. Thus, encryption allows transmission and reception of information to occur with essen- tially no outside scrutiny possible. 28See, for example, testimony of John Woodward, senior policy analyst, RAND, to the COPA Commission on June 9, 2000. Available online at .

OCR for page 31
66 YOUTH, PORNOGRAPHY, AND THE INTERNET 2.3.4 Anonymizers As noted in Section 2.1.2, the technology of the Internet itself does not generally require any party to authenticate its identity. Thus, users and online identities (e.g., a screen name or an e-mail address) are bound together through administrative procedures, usually those of an ISP, that are associated with gaining access to the Internet. Through such bind- ings, any interaction of an individual with an Internet-related service- whether visiting a Web page, sending an e-mail, posting a message, set- ting up a Web page, or participating in a chat room is tied to a specific identity that can, in principle, be traced administratively back to that specific individual. Anonymizers break this binding and decouple an individual from a specific online identity. The anonymizer provides what amounts to an identity that is randomly generated. This identity is then used for posting messages, sending e-mail, participating in chats, and accessing Web pages. (Some anonymizers enable return paths when necessary; for example, the recipient of an anonymous e-mail may wish to reply to the (anonymous) sender.) However, anyone seeking to trace the anonymized identity back to the original user will find a number of barriers that make it very diffi- cult to recover the identity of the original user. One example of an anonymizer useful to publishing information on the Web is described in Box 2.9. Anonymizers are significant because they enable individuals to un- dertake activities for which they need not suffer retribution. For an indi- vidual living in a totalitarian state, an anonymizer enables him or her to post an anti-government message in safety or to browse forbidden Web sites. In the United States, it enables someone to freely post a message expressing unpopular political views or to browse Web sites in privacy. Commercial enterprises which need to have a way to accept money do not have much use for anonymizers, even if they are posting materials that may be controversial. But those with non-commercial interests can use the same technology to anonymously post child pornography or ha- rass or stalk an individual online. When anonymizers are used, tracing the identity of online criminal perpetrators becomes difficult. 2.3.5 Location Verification The legal regimes of today are ones in which jurisdiction is based largely on geographical borders. For example, as noted in Chapter 4, "community standards" are an important factor in determining whether a given image is obscene. However, the Internet is designed and struc- tured in such a way that geographical borders and the physical location of

OCR for page 31
TECHNOLOGY 67 a user have no significance for the functionality he or she expects from the Internet or any resources to which he or she is connected. This fact raises the question of the extent to which a user's location can in fact be established. One way to establish location is simply to ask the user where he or she is located upon logging in. Thus, the first screen seen by the user might ask for his or her present zip code (or state, or country). But in the event that the user chooses to be deceptive (e.g., to avoid restrictions on Internet service based on his or her location), the problem shifts to one of determining location through technological means. Under some circumstances, it can be virtually impossible to deter- mine the precise physical location of an Internet user. Consider, for ex- ample, the case of an individual connecting to the Internet through a dial- up modem. It is not an unreasonable assumption that the user is most likely in the region in which calls to the dial-up number are local, simply because it would be unnecessary for most people to incur long-distance calling costs for such connections. However, nothing prevents a user from using a long-distance telephone call (e.g., from Tennessee) to access a modem in California.

OCR for page 31
68 YOUTH, PORNOGRAPHY, AND THE INTERNET In practice, recovering location information is a complex and time- consuming process.29 As a rule, the information needed to ascertain the geographic location of an IP address associated with a fixed (wired) Inter- net access point at a given time is known collectively by a number of administrative entities, and could be aggregated automatically. But there is no protocol in place to pass this information to relevant parties, and thus such aggregation is not done today. The bottom line is that determining the physical location of most Internet users is a challenging task today, though this task is likely to be easier in the future. Appendix C provides additional discussion. 2.4 WHAT THE FUTURE MAY BRING The hardest part of this report to calibrate is how the future will change the technologies that today scope both the problem and any puta- tive solutions. As of this writing (May 2002), the World Wide Web is not even a decade old, while the creation and adoption rates for new tech- nologies show generally accelerating deployments of these technologies. The rapid changes of capability in the hardware underlying informa- tion technologies will lead to computing that is 100 times more cost- effective, storage 1,000 times more cost-effective, and bandwidth 10,000 times more cost-effective 10 years hence, and it is highly likely that many applications will emerge to take advantage of such increased capability, as has occurred in the past. What follows below is admittedly specula- tive, but even if any given speculation is far from the mark, taken together these notions paint a portrait of a very different technological milieu in which the age-old problem of "protecting children on the Internet" will play out in the future. Mechanisms for financial transactions will change significantly over the course of a decade. Financial transactions are likely to become increasingly less private, as the various forms of payment embody differ- ent features to enable traceability. Even cash may become more traceable in the future. This development will favor parents who wish to monitor the expenditures of their children, but will have no impact on those chil- 29While location information is not provided automatically from the IP addresses that an administrative entity allocates, some location information can be inferred. For example, if the administrative entity is an ISP, and the ISP is, for example, a French ISP, it is likely- though not certain that most of the subscribers to a French ISP are located in France. Of course, a large French company using this ISP might well have branch offices in London, so the geographical correspondence between French ISP and Internet user will not always be valid for this case, though as a rule of thumb, it is not a bad working assumption.

OCR for page 31
TECHNOLOGY 69 dren who borrow electronic wallets at home or who access those sources of sexually explicit material that do not charge. Voice interaction with computers will become increasingly com- mon, and the capability of computer-generated voices to sound like real people, or even parties known to an individual, will increase. Today, a 55-year-old man can pretend to be a 13-year-old girl using e-mail and instant messages; tomorrow, a 55-year-old man may be able to sound just like a 13-year-old girl over the telephone. It may even be possible for the same 55-year-old man to sound like the girl's mother. In short, technol- ogy will offer greater deceptive capabilities, and those that are most at risk from the existence of such capabilities are likely to be children who lack the experience to identify deception. Voice interaction will allow younger children, who would find typing difficult, to speak a Web site address to their computer. Peer-to-peer interactions will be increasingly common, as the tech- nology will largely eliminate the need for large-scale servers, thus elimi- nating them as principal points of leverage for any control strategy. It already grows ever more expensive to selectively delete content than to keep it all, and this economic fact will dominate the future with implica- tions for privacy, digital rights management, and the steady accumula- tion of data that is best described as digital detritus. Virtual reality advances will soon defeat the ability of even experts to distinguish pictures that are real from those that are synthetic. Haptic devices (i.e., touch-, motion-, and pressure-sensitive devices) may become more common as a way to interface with computers. Whether then a person, an action, or an event is real or not may soon be irrelevant to many consumers. Action, especially "action" in the sexual and violent sub-meanings of those words, will be as realistic as the audience is willing to pay for, and the prices of such offerings will inevitably drop. Locations from which access to the Internet is possible will prolif- erate wildly. And, with an expansion in the types of information re- sources that are accessible (e.g., new virtual reality resources), policies that give permission to view, access, modify, or delete any information resource will present an enormously complex problem simply as a result of scale. Even today, fine-grained access control driven by policy is, or soon will be, beyond the scope of human management and may be be- yond the scope of mechanistic alternatives. If access control policies are impossible to formulate, the only alternative is an approach that depends on users to exercise self-control. Monitoring of user actions in order to ensure appropriately self-controlled users then becomes the only tech- nical alternative to access control. This is not a statement about the de- sirability of this outcome, only that it is a possible one if access control policies become impractical.

OCR for page 31
70 YOUTH, PORNOGRAPHY, AND THE INTERNET Although the notions described above are not necessarily desirable from a societal or personal standpoint, they are extrapolations of certain phenomena today, and there are at least some paths from today that could result in their coming true. On the other hand, they may not come true, a point that emphasizes a vast range of uncertainty about the techno- logical future. What has been true over the years is that those who produce and consume sexual content both for commercial and non-commercial pur- poses have stayed on the leading edge of new technologies.30 Thus, whatever the technological future is like in detail, it seems safe to predict with reasonably high confidence that sexual content will be dispropor- tionately present in the initial stages of adoption of any new technology. Because technology changes rapidly, no final technological solutions are possible. It is for this reason, among others, that the committee in later chapters emphasizes social and educational strategies for protecting chil- dren from inappropriate sexually explicit material. Finally, many of the issues associated with protecting children from inappropriate material and experiences on the Internet relate to the archi- tecture of the Internet as it exists today, a state of existence that reflects policy and engineering decisions made decades ago. These are not im- mutable, though major changes that might facilitate control of content delivery could be made only at very considerable cost and at the potential expense of other societal interests. 30For example, the video cassette recorder, inexpensive video cameras, and CD-ROM technologies found some of their first applications in the production and viewing of sexu- ally explicit "adult" movies and interactive sexual games and entertainment. For one per- spective on this point, see Jonathan Coopersmith, 2000, "Pornography, Videotape, and the Internet," IEEE Technology and Society 19~1~: 27-34.