The Australian Securities and Investment Commission (ASIC) has revealed that it has used powers in Section 313 of the Telecommunications Act to request that internet service providers (ISPs) block websites 10 times over the past 12 months, including one instance where 250,000 websites were blocked.
Last month, it was revealed that the financial regulator had inadvertently caused the block of more than 1,200 websites, when it sought the block of websites associated with a cold calling investment scam. Since then, it has become known that three agencies across the government have been using this power with no central oversight.
Appearing before a Budget Estimates hearing last night, ASIC deputy chairman Peter Kell told Greens communications spokesperson Scott Ludlam that ASIC has used the power 10 times over the past 12 months. In his opening statement, Kell said that in one instance in March, ASIC blocked 250,000 websites, the "vast majority" of which (99.6 percent) was said to contain "no substantive content". Kell said no .au websites were blocked in this instance.
He said it was not used prior to the last 12 months, and the timing with when the Australian Federal Police (AFP) began using the power to block websites on the Interpol "worst of" websites list was a pure coincidence.
"It's not to knock out a website, but rather to block access to the website by Australian consumers or investors ... to ensure they don't lose money through overseas criminal operations," he said.
"This appeared to us to represent an additional opportunity to limit the exposure of Australian consumers and investors to these websites."
ASIC decided to begin using the power when it appeared that it would be more effective than asking the overseas domains to voluntarily remove the websites.
ASIC targeted at most five ISPs in that time, sending a fax out to the biggest ISPs. The organisation indicated that this method was used, because the larger ISPs also controlled some of the overseas capacity used by the smaller ISPs, and this would also block those websites for those smaller ISPs.
In the wake of the revelation that ASIC had accidentally blocked 1,200 websites in April in relation to one of the scam sites, Kell said that ASIC wants to be more transparent, and is looking to find a way to inform the public when a website has been blocked.
"We are making a commitment that we will publicly report on the use of our Section 313 powers," he said.
"For ASIC, we want to be very public about this; we want people to know about it."
ASIC's claim that the Section 313 notices are effective comes in stark contrast to the AFP's own experience. Last week, AFP's deputy commissioner Michael Phelan said that the AFP has used the Act to block malware and phishing attempts since 2004, but found that it was not a very effective way to deal with the problem.
"Over time, it's much more useful and far more valuable to actually get in contact with those that are hosting the material, and so on, and block it at the source, and get them to just tear down the sites, and so on, off-shore," Phelan said last week.