France’s propsed SREN bill would force web browser developers to add code to block any website which the French government deems unsafe. This is a well intentioned but unwise move which could set a dangerous precedent for internet access across the globe. Like most laws regarding technology, this is motivated by a very real concern – computer facilitated crime inluding fraud and cyberbullying.
What is SREN?
SREN is a proposed bill from the French government which outlines intentions to prevent cybercrime and secure the internet. Article 6 (para II and III) specifically describe requirements for web browser providers to implement a blocking system which would prevent a browser from loading any site on the governments provided block list. The bill has honourable but misguided intentions to reduce cyber crime.
What’s so bad about that?
As is often the case with legislation regarding the internet, this bill comes at the expense of individual freedoms. This bill creates the technical capability within web browsers to block anything which a government does not want it’s citizens to see. In essence it creates a government controlled ‘firewall’ much like The Great Firewall of China. Web browsers play an essential role in accessing the web and it is impossible to access the web without one. If this bill comes into law in France, it will be much harder for browsers to reject similar requests from other governments. The feature could also be exploited by malicious agents to restrict web access.
What are the alternatives?
There are already a number of functioning alternatives in use today. The two most popular alternatives are Microsoft’s Smart Screen and Google’s Safe Browsing; You may have seen a warning such as below when attempting to view a questionable website.
For years Microsoft and Google have been maintaining lists of potentially dangerous sites and web browsers have been using these lists to ‘block’ malicious sites. At a glance these systems may seem very similar to SREN, however there is one key difference – Microsoft and Google simply warn you about the risk and allow you to visit the site anyway. This bill threatens to destroy the open web and should not be entered into law; Instead the bill should focus on improving the already existing systems.