Child abuse image content list

From Wikipedia, the free encyclopedia

The child abuse image content list (CAIC List) is a list of URLs and image hashes provided by the Internet Watch Foundation to its partners to enable the blocking of child pornography & criminally obscene adult content in the UK and by major international technology companies.

Launched by BT as Cleanfeed in July 2004,[1] as of 2009 the list covers 98.6%[2] of UK internet connections. Cleanfeed was temporarily extended to block Newzbin[3] until this process was moved to ISP-specific programmes. In October 2013, the UK government announced that as part of anti-terrorist measures it is considering a similar technology to block "extremist" material[4][5] [6]


Cleanfeed is a content blocking system technology implemented in the UK by BT, Britain's largest Internet provider. It was created in 2003 and went live in June 2004.[1] BT spokesman Jon Carter described Cleanfeed's function as "to block access to illegal Web sites that are listed by the Internet Watch Foundation", and described it as essentially a server hosting a filter that checked requested URLs for Web sites on the IWF list, and returning an error message of "Web site not found" for positive matches.[7][8][9] Cleanfeed is a silent content filtering system, which means that Internet users cannot ascertain whether they are being regulated by Cleanfeed, facing connection failures, or the page really does not exist.

By the beginning of 2006, Cleanfeed was used by 80% of Internet service providers.[10] By the middle of 2006, the government reported that 90% of domestic broadband connections were either currently blocking or had plans to by the end of the year. Home Office minister Alan Campbell pledged that all ISPs would block access to child abuse websites by the end of 2007[11] and UK Home Office Minister Vernon Coaker instructed all UK ISPs to implement a version of Cleanfeed by the end of 2007 on a voluntary basis, or face legal compulsion.[12] However, no legislation was ever introduced and ISPs are still free to join on a voluntary basis.[13] Despite the target for 100% coverage being set for the end of 2007,[14] by the middle of 2008 the proportion of consumer broadband connections that were covered was only 95%.[15] In February 2009, the Government said that it is looking at ways to cover the final 5%.[16] A report in March 2014 by the Culture, Media and Sport Committee reported 98.6%[17] of domestic broadband lines are subject to blocking arrangements.

The Internet Watch Foundation used to[18] also take reports about racial hatred from the public and IT professionals until 2011. This content is not included in the IWF URL list supplied to the online industry for blocking purposes.

CAIC targets only alleged child sexual abuse content identified by the Internet Watch Foundation. In June 2011 the Motion Picture Association began court proceedings in an attempt to force BT to use Cleanfeed to block access to NewzBin2, a site indexing downloads of copyrighted content.[19] BT was ordered to block access to the site in late July[3] and in a later clarification, BT was given two weeks to implement the block starting at the end of October.[20] The case ( Twentieth Century Fox Film Corp & Ors v British Telecommunications Plc [2011])[21] only compels BT's ISP division to implement the block on NewzBin, it remains outside of remit of the IWF URL list which is strictly limited to blocking sites which host child sexual abuse content.[22]

In August 2015 the IWF announced it was to begin sharing the list with tech giants Facebook, Google, Twitter and Yahoo to block contents being distributed through their networks.[citation needed]

Technical implementation[edit]

The confidential url hash blacklist contains URLs of pages (not whole sites) to be blocked. A less confidential list of sites potentially containing blocked pages is available to ISPs. Routers on the edge redirect traffic to these sites to special HTTP proxy servers which perform the actual filtering by matching HTTP requests to URLs on the blacklist. Traffic that does not match the specific URL is forwarded through the proxy filter.

Chapter 7 of a research paper by Richard Clayton[23] provides an overview of the Cleanfeed technology.

The routers at an ISP that has implemented Cleanfeed technology check traffic destination against a list of IP addresses of sites that are suspected of hosting filtered traffic. If there is no match, the traffic is directed to the content host:

If the site IP address is found in the list of suspected sources of unwanted material, the traffic is routed to proxies (highlighted as IWF proxies)[24] that check the specific page against a confidential blacklist of pages.

This two-pass implementation reduces the load on the proxy servers by not requiring that all traffic pass through them.

Technical detection[edit]

Due to the filtering mechanism, to detect whether a site is being filtered via an individual ISP's connection, one must first capture the filtering servers IPs by running traceroute for the first few hops to some websites known to be blocked[23][25]

In the example below, the IP addresses in bold are the ISP filtering servers.

Demon Internet were the only ISP to notify users routinely when content is blocked and offer the option to intercept and serve filtered content over https connections.[26]

Filtering comparison[edit]

The other popular way of blocking content is DNS manipulation. Compared to this, Cleanfeed has the following properties:

  • Slightly harder to circumvent, although users can use open proxies, or the Tor network, and servers can use another port than 80, or HTTPS.
  • Less collateral damage. DNS-based blocking is criticized for blocking all content on a site with the same domain name. Cleanfeed only blocks what is explicitly blacklisted. For example, it would be possible to block only one image in an article. DNS-based schemes also break the whole concept of DNS security.[27]

Related surveys of opinion[edit]

The first UK survey of Internet regulation was carried out in 2007 and 2008.[28][29] 90.21% of the participants in the limited scale survey were unaware of the existence of CleanFeed; of those who had heard about it, only 14.81% percent understood it completely. 11.1% learned about CleanFeed from UK government statements, and 22.2 percent from BT's statements. 60.87% did not trust BT, and 65.22% did not trust IWF to be responsible for a silent content blocking system in the UK.

A majority of the participants preferred an open content blocking system targeting child abuse content, rather than no Internet regulation. More specifically, 65.2% would prefer to see a message stating that a given site was blocked, 57.3% would like to have access to a form for unblocking a given site, and 68.5% would prefer more frequent briefing by BT, IWF and the UK.


One of the criticisms of Cleanfeed is its lack of transparency. This is a consequence of the list of blocked sites being secret. There are no safeguards to stop sites unrelated to child pornography being added to the list as a result of policy changes.[19] It thus has a potential for the censorship of materials outside of its original remit. Indeed, the Home Office in the UK has previously indicated that it has considered requiring ISPs to block access to articles on the web deemed to be "glorifying terrorism", within the meaning of the new Terrorism Act 2006, saying: "our legislation as drafted provides the flexibility to accommodate a change in Government policy should the need ever arise."[30] This has led some to describe Cleanfeed as the most perfectly invisible censorship mechanism ever invented and to liken its powers of censorship to those employed currently by China.[31] However, at present no legislation is in place, and the implementation of the IWF URL list is still a voluntary agreement between ISPs and the IWF.

The measures have also been criticised for being inadequate as they only block accidental viewing and does not prevent content delivered through encrypted systems, file sharing, email and other systems.[32]

Another criticism is that Newzbin claims to have successfully circumvented Cleanfeed following a court order forcing BT to censor the website over copyright infringement claims.[33][34] This poses the question as to whether websites hosting child pornography could adopt similar measures to allow their users access to blocked content.

Due to the proxy server implementation of the Cleanfeed system, websites that filter users by IP address such as wikis and file lockers will be significantly broken through the system,[35] even if only a tiny proportion of its content is blocked.

Finally, information has surfaced that suggests that Cleanfeed could potentially be manipulated to provide a blacklist of blocked websites.[36][37] This is problematic as it could allow the dissemination of child pornography, rather than the prevention of access to it. Again this has led some to question Cleanfeed as a successful system for blocking illegal internet content.

See also[edit]

Wikipedia internal[edit]


  1. ^ a b Bright, Martin (6 June 2004). "BT puts block on child porn sites". The Guardian. London. Retrieved 30 April 2010.
  2. ^ McIntyre, TJ. "Child Abuse images and Cleanfeeds: Assessing Internet Blocking Systems". Research Handbook on Governance of the Internet: 5. Archived from the original on 20 January 2022. Retrieved 26 April 2014.
  3. ^ a b "BT ordered to block links to Newzbin 2 website". BBC News. 28 July 2011.
  4. ^ "'s web filtering mission creep". The Register. 29 November 2013.
  5. ^ "Hansard Oct 23rd 2013 - question 10". Hansard. 13 October 2013.
  6. ^ "Ministers will order ISPs to block terrorist and extremist websites". The Guardian. 27 November 2013.
  7. ^ "How net providers stop child porn", BBC News, 7 February 2006. Retrieved 29 May 2006.
  8. ^ Arnfield, Robin (20 July 2004). "BT Technology Blocks Online Pornography". NewsFactor Network. Archived from the original on 11 December 2008.
  9. ^ "IWF/BT Project Cleanfeed Archived 24 February 2009 at the Wayback Machine", Internet Watch Foundation. Retrieved 29 May 2006.
  10. ^ Paul Goggins (Parliamentary Under-Secretary, Home Office) Commons, 13 February 2006 col. 1130 Internet (child pornography)
  11. ^ "Home Office clueless: The transcript". Computer Shopper. 17 March 2009. Archived from the original on 21 March 2009.
  12. ^ "Government sets deadline for universal network-level content blocking". Archived from the original on 23 January 2016. Retrieved 12 January 2016.
  13. ^ Internet Watch Foundation - "URL List". Accessed 12 November 2013
  14. ^ Vernon Coaker (Parliamentary Under-Secretary, Home Office) Written Answer, 15 May 2006 col. {{{column}}} Child Abuse (Internet)
  15. ^ Vernon Coaker (Parliamentary Under-Secretary, Home Office) Written Answer, 16 June 2008 col. {{{column}}} Pornography: Internet
  16. ^ "Online child abuse images warning". BBC News. 23 February 2009. Retrieved 5 May 2010.
  17. ^ "Online safety - Page 16" (PDF). Retrieved 19 March 2014.
  18. ^ "Incitement to racial hatred removed from IWF's remit". Archived from the original on 13 November 2011. Retrieved 12 January 2016.
  19. ^ a b "Film-makers seek injunction to block pirate site". BBC News. 28 June 2011. Retrieved 28 June 2011.
  20. ^ "UK ISP BT Given 14 Days To Block Newzbin2". TorrentFreak. 26 October 2011. Retrieved 31 October 2011.
  21. ^ [2012] 1 All ER 806, [2012] Bus LR 1471, [2011] RPC 28, [2011] EWHC 1981 (Ch)
  22. ^ Internet Watch Foundation. Blocking Good Practice Archived 26 July 2013 at the Wayback Machine. Accessed 12 November 2013
  23. ^ a b Clayton, Richard (November 2005). "Anonymity and traceability in cyberspace" (PDF). Richard Clayton. Richard Clayton. Retrieved 10 December 2008.
  24. ^ Hogge, Becky. "IWF censors Wikipedia, chaos ensues". Open Rights Group. Archived from the original on 19 April 2009. Retrieved 10 December 2008.
  25. ^ "Check The IWF list".
  26. ^ McIntyre, T J. "Child Abuse images and Cleanfeeds: Assessing Internet Blocking Systems". Archived from the original on 20 January 2022. Retrieved 6 May 2014.
  27. ^ Steve Crocker, Shinkuro, Inc.; David Dagon, Georgia Tech; Dan Kaminsky, DKH; Danny McPherson, Verisign, Inc.; Paul Vixie; Internet Systems Consortium (2011). "Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill" (PDF).{{cite web}}: CS1 maint: multiple names: authors list (link)
  28. ^ "Internet regulation: The need for more transparent Internet filtering systems and improved measurement of public opinion on Internet filtering - Koumartzis - First Monday". Archived from the original on 21 October 2012. Retrieved 12 January 2016.
  29. ^ Book: BT's Cleanfeed and Online Censorship in UK, N Koumartzis, London College of Communication (University of the Arts London)
  30. ^ "Government sets deadline for universal network-level content blocking Archived 1 June 2006 at the Wayback Machine", LINX, 29 May 2006. Retrieved 29 May 2006.
  31. ^ Professor Lilian Edwards, University of Southampton. "From child porn to China, in one Cleanfeed". Archived from the original on 16 May 2013. Retrieved 26 April 2014.
  32. ^ "Restricting All but the Predators", Dark Reading, 14 June 2006. URL accessed on 24 June 2006.
  33. ^ "Newzbin claims BT block 'not working'". BBC News. 3 November 2011. Retrieved 12 January 2016.
  34. ^ Mark Jackson. "Banned Piracy Website Expands BT Circumvention Tool to Include The Pirate Bay". Retrieved 12 January 2016.
  35. ^ "Six UK ISP's block a Wikipedia article locking out Wikipedia edits". Archived from the original on 2 December 2013. Retrieved 12 January 2016.
  36. ^ Failures in a Hybrid Content Blocking System
  37. ^ SA Mathieson (26 May 2005). "Back door to the black list". the Guardian. Retrieved 12 January 2016.

External links[edit]