In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. Article 6 (para II and III) of the SREN Bill would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools.

While motivated by a legitimate concern, this move to block websites directly within the browser would be disastrous for the open internet and disproportionate to the goals of the legal proposal – fighting fraud. It will also set a worrying precedent and create technical capabilities that other regimes will leverage for far more nefarious purposes. Leveraging existing malware and phishing protection offerings rather than replacing them with government provided, device level block-lists is a far better route to achieve the goals of the legislation.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I’m philosophically against this idea. But on the other hand why is this being implemented in the browser? Why isn’t France asking it’s ISPs to block the hosting address of the sites. Or the DNS. Going after the endpoints it seems silly. Because now every single browser in the country is going to have a list of the " good websites ".

    • Jomn@jlai.lu
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      France already does DNS blocking. It honestly has near to no impact, since targeted websites (usually digital piracy related stuff) just change the domain.