Artificial truth

The more you see, the less you believe.

 [archives] [latest] | [homepage] | [atom/rss]

On defining adult content on the web and Cloudflare
Tue 07 April 2020 — download

A couple of days ago, Cloudflare announced with much fanfare a new product: 1.1.1.1 for Families:

This year, while many of us are confined to our homes, protecting our communities from COVID-19, and relying on our home networks more than ever it seemed especially important to launch 1.1.1.1 for Families. We hope during these troubled times it will help provide a bit of peace of mind for households everywhere.

1.1.1.1 for Families has two default options: one that blocks malware and the other that blocks malware and adult content

Unfortunately, defining what is adult content is a hard problem, and Cloudflare has an very problematic take on the topic:

$ dig www.stonewall.org.uk @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 40205
$ dig lgbt.foundation @1.1.1.3 | grep status 
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 38128
$ dig garcon-magazine.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 25615
$ dig www.mag-jeunes.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 13385
$ dig inter-lgbt.org @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47914

$ dig cock.li @1.1.1.3 | grep status      
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54579
$ dig 8chan.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19142
$ dig 4chan.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58747
$ dig 8kun.top @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48415
$ dig dailystormer.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6390
$ dig davidduke.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55269
$ dig www.stormfront.org @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17497
$

Interestingly, dating websites are ok, except if they're for the LGBT+:

$ dig weareher.com @1.1.1.3 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 17695
$ dig tinder.com @1.1.1.3 | grep status  
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36708
$

Cloudflare spent weeks agonising whether they should do business with nazis and white nationalist terrorists, but apparently censoring LGBT+ resources was only a dumb mistake. I disagree with this assessment: it's an obvious symptom of systemic biases. Nobody at Cloudflare thought about LGBT+ people. More worrying, nobody thought that their system could have false positive, since there was no way to report them at the time.

They are currently scrambling to fix this, by removing the most preeminent LGBT+ websites from their blacklist. But they are only addressing symptoms, while not acknowledging the elephant in the room: how are they telling apart adult content from family content? This is a hard problem, illustrated by countless examples of controversial classification. But more importantly, it's a social problem, which should be resolved via social means, not technical ones.

Of course, blacklisting shock sites is a good idea, I don't think that anyone disagrees about this. But what about the rest of the web, all the shades of gray? I'm convinced that the only viable long-term solution must be based on harm reduction doctrine: spend time with kids, to discuss, explain and answer questions on complex topics like pornography, sexism, racism, biases, human trafficking, white supremacism, homosexuality, systemic oppression, … and while this is of course much much harder than simply changing DNS settings, it will yields way better long term results.

Moreover, on a technical note, Cloudflare is already controlling a significant position of the web (more than 12%), I don't think naming them Internet police is the way we want to go.