From comp.infosystems.www.misc Wed Jun 21 22:46:16 1995 From: riche@crl.com (Alex Stewart) Subject: Proposal: Internet Voluntary Self RatingThe following has been being developed by myself and a few others for a little while now. This is the first official request for comments which has been put forth to the internet community at large. Some portions of this were written before some recent events in the net-regulation arena had taken place (in particular, the recent passage by the US senate of the "Communicaitons Decency Act"), and thus may not be completely accurate, but should still apply in the capacity they were included. It was my judgement that releasing this proposal in a speedy manner was more important than keeping it up-to-the-second accurate.
My apologies in advance for posting such a lengthy document to multiple newsgroups. I've tried to keep the crossposting to a minimum overall. Please note that all followups have been directed to the comp.infosystems newsgroup, and that should be the primary arena for news-based discussion of this subject.
-alex
The following is a proposal and a general request for comments. Please note that it should be considered only as a preliminary draft of a general proposal to the internet community, and nothing more. In particular, in no way should it be seen as any kind of standard or convention specification, or even as an official document. It is simply an idea, on which comments and (constructive) criticisms are being solicited at this time.
This document is written by Alex Stewart (riche@crl.com). It may be reproduced, in its entirety, and redistributed through any forum or medium which may be appropriate for the purposes stated above. If other forms of reproduction are desired, please contact the author.
This document can also be accessed (in hypertext form) via the World Wide Web as: http://www.crl.com/~riche/IVSR/proposal.html and via anonymous FTP from ftp.crl.com in the /users/ro/riche/IVSR directory as IVSR_proposal.txt
Ideas, suggestions, or (constructive) comments regarding this proposal should either be sent directly to riche@crl.com or posted to the newsgroup comp.infosystems.
A Proposal: Voluntary Self-Rating System for Internet Resources
================================================================
Prologue
--------
By this time, most regular users of the great resource we know as the Internet
are becoming increasingly aware of a growing regulatory climate amongst many
people in and outside of the internet community regarding the information and
interactions which take place here every day.
One of the most recent and widely known such efforts to date, the "Communications Decency Act" sponsored by Senator Exon, has served to bring home the scale of the impending problem for many net-goers. For those still unfamiliar with this bill, its primary effect upon the Internet would be to make every host and network administrator in the US responsible and prosecutable for any "obscene" material which might pass through their systems. The ramifications of this for the internet community as we know it are (quite literally) devastating, as it would require every service provider, network manager, and telecommunications company to actively police every piece of information passing through their systems. Not only a daunting task for anyone to try to undertake, it would inevitably multiply the required manpower and costs for running such a system astronomically, driving most current providers out of business completely, effectively cutting off many networks from the internet as a whole, and even, in many respects, isolating the entire North American portion of the internet (or at least large chunks of it) from the rest of the world to escape liability. This is a condition which, in the ever-growing global environment the internet has fostered to date, would be unarguably detrimental to the usefulness and productivity of the entire system, on both sides of the US border.
Unfortunately, this bill and the others like it, even if eventually defeated, will undoubtedly not be the last of their kind. Internet users and providers will continue to be faced, on an ever more aggressive basis, with potential laws and other regulatory techniques created almost entirely by people unfamiliar with and even oblivious to many of the important issues and ramifications of the the Internet and its operation (Sen. Exon, at last report, did not even have an email address).
However, at the same time, many people within the internet community itself are coming to recognize some of the same problems, and realizing that something must be done. We, as a community of informed, responsible people have a duty not only to the rest of the world but to ourselves to show that our community can be responsible and responsive to the concerns of parents, teachers, and others of the larger world in which we also live, and we have a responsibility to children and those who care about them to provide ways in which they can take advantage of the great resources of this environment without a (prohibitive) requirement of constant monitoring or risking exposure to inappropriate or even emotionally or psychologically damaging materials.
We also have a responsibility, to ourselves and the world, to ensure that these measures can be undertaken and used, effectively and appropriately, in a way which does not destroy the free flow of information which has made this environment such a valuable resource to begin with, and to demonstrate the way in which this should be done.
The following proposal is intended to address some of these concerns, and hopefully provide a (by no means complete, but a first step) solution to making our environment more socially responsible and safe for everyone, hopefully alleviating some of the paranoia that has spurred such misguided legislations as Senator Exon's bill in the process.
Most regulatory attempts up till now have attempted to introduce source or transmission limitations on content (limiting what people can put out, or what can be transmitted from one place to another). This is, to some extent, understandable given the way the real world works and how regulation has necessarily needed to be pursued under those conditions, BUT applying the same paradigm to network-based communication ignores outright what is one of the most fundamentally important and useful aspects of this form of communication, and one which, if exploited properly, can serve as a much more effective mechanism for legitimate regulation in many of these situations.
Unlike most physical situations, net explorers have, between them and everything else, powerful information processing and manipulation tools built into the very systems they use to access the Internet (their operating systems, network software, and applications), many of which, if properly configured, can provide a far more appropriate, individual filter for what people come in contact with than could ever be arbitrarily imposed on the net as a whole by some outside regulation.
The key, therefore, is to establish a set of mechanisms whereby this level of individual control can be easily and automatically made available to Joe Average User and his or her family, when surfing the wilds of the internet. As external regulation is virtually impossible in an environment so heavily diverse and multinational as this, the best form of such a system, if possible, would be based on voluntary participation by responsible members of the community, and as this has also proven to be a powerful and useful form of action in this environment in the past, this is the form which the system proposed here will take.
This is not an entirely new way of doing things, actually. It's really very similar to (and in some ways a combination of) both parental advisory stickers on music albums and the movie rating system used for motion pictures. The former have already helped, if nothing else, to alleviate some of the concerns and growing hysteria regarding music content not too long ago in the US and elsewhere, and the latter has proven itself, over many years of productive use, to be an effective and useful form of voluntary self-regulation and consumer information.
Proposal
--------
This is a proposal for a voluntary-participation system for self-rating and
client-end regulation of the content of resources and documents freely
available on the Internet. It is predicated on the belief that in a civilized
environment, responsible adults have the right and responsibility to determine
for themselves what is and is not appropriate for them and those for whom they
are responsible, on the belief that in a civilized environment, information
producers and distributors should be competent and responsible enough to
provide enough information for end users to make such decisions, without
arbitrarily limiting or forcing any particular content or information based on
others' decisions, and on the belief that the Internet community can and
should, for the most part, be such a civilized environment.
Obviously, the last assumption will not be entirely true for everyone on the net, as everyone knows there will always be pranksters and those wishing simply to promote mayhem and misdeeds, as there are in any environment, but the proposed system also makes some allowances and corrections for some problems inherent in such an assumption, and the method by which the system will work will, hopefully, also encourage more appropriate and full participation over time.
The proposed mechanism is intended to be simple and general enough that it can be used effectively in one way or another for nearly every context for which such controls are warranted, and easily implemented for the appropriate software and documents which might take advantage of it, without the need for special protocols or low-level interactions beyond those already present for a given application.
This proposal calls for the establishment of a convention for a "rating tag" for indicating document and document-collection content. This tag would take the form of a text string, which may be located anywhere within a document (though preferably as close to the beginning as possible, for convenience and for detection by applications which may not read the entire document before presenting part of it), and is fairly easily distinguishable from the normal text of the document. This tag could be inserted by a document's author, a moderator of a forum in which the document is published, or automatically, in some cases, by transmission or translation programs (such as when sending a mail message) and any other appropriate mechanisms.
A proposed representation for this "rating tag" would match the following regular expression:
\[IVSR:[a-zA-Z0-9]*\]
That is, it would consist of an open bracket ("["), followed by the text "IVSR" (standing for "Internet Voluntary Self-Rating"), followed by a colon (":"), and any number (including zero) of alphanumeric digits, followed by a close-bracket ("]").
Within this tag, following the colon, would be a set of "rating codes", which would indicate various cumulative, non-exclusive properties regarding the content of the document or collection to which the rating tag is attached. These rating codes would consist of one alphanumeric character per code. Order of codes within a tag would not be significant, nor would upper/lower case (though the suggested representation would be upper-case characters). The following options for rating codes would be available:
L - May contain language unsuitable for some readers This, I think, is fairly self explanatory, really.. Graphic language or vocabulary which some parents might want to (however vainly, as anyone who was ever a kid knows :) try to prevent their children from being exposed to as much as possible.. This could actually be checked for pretty easily on a per-message basis by rating-aware mail/news/etc programs by checking the outgoing/incoming message against various dictionaries, but it's also useful for rating whole areas (alt.swear.as.much.as.you.can, etc).. (please note that this applies only to the particular words and phrases used, not to the ideas they convey)
M - May contain material unsuitable for some readers This is rather a "miscellaneous" some-people-may-not-want-their-kids -reading-this type category.. Primarily it would be for things such as instructions and directions to perform illegal activities (Anarchist's Cookbook type of thing), alt.2600, etc..
S - May contain textual depictions of sexual acts Well, what it says, basically.. alt.sex.stories comes to mind.
D - May contain disturbing textual content This is mainly for non-sexual things which might be emotionally disturbing for some readers.. Stories about murdering people, graphic descriptions of horrible accidents, etc. (a rape story might have an SD rating instead of just an S, for example)
E - May contain controversial or extreme viewpoints Now, admittedly, this could include all kinds of things, but then again it's rather intended to, too. This is basically a catch-all category for things which parents might wish to look over individually before determining how to handle them, or things which parents might want to make a point of discussing with their children before just letting them stumble across them out there on the net. This marking would be for everything from people talking about killing all the politicians, to abortion, to religious discussions, etc.
N - May contain pictorial depictions of nudity Pretty much another self-explanatory one..
P - May contain pictorial depictions of sexual acts ..and yet another self-explanatory one..
G - (Graphic) May contain disturbing pictorial content This is, like its textual equivalent, for non-sexual stuff (this isn't to say that some pictures might not get a NG or PG combination, just that sex or nudity by themselves don't warrant a G rating unless there's some additional non-sexually disturbing elements as well), like a lot of the pictures that show up in places like alt.binaries.pictures.bizarre (Kurt Cobain's dead body, people who have been in traffic accidents, etc)
U - Unregulated medium This goes without saying for a lot of areas (such as email and most of the alt.* newsgroups, etc), but it's still a good idea to explicitly state it wherever it might apply if possible. Basically this is used to indicate that while a given rating applies for the _intended_ content of an area, no restrictions are actually made on who can put what type of things there, so it is possible that someone will post a graphic sex story to alt.love.barney, etc. Moderated newsgroups, maillists, etc, where all incoming messages are checked by a human for compliance with the rating for the area are the only kinds of places that would legitimately _not_ have this rating. And of course static documents where an identifiable author is responsible (such as web pages)..
A - Rating generated by automatic mechanisms This is for things like the aforementioned automatic L-rating which might be applied by a mail program upon checking the message against dictionaries, etc. Basically to indicate that this particular rating may have missed some subtleties or just plain whole areas it wasn't designed to handle or capable of determining, which a human might have recognized.
For a given document, only the first such rating tag encountered would be interpreted by applications or network software designed to act upon this rating system, and must be passed through as transparently as possible when retransmitting the document as a whole (and, preferably, when retransmitting in part as well, though this is not always possible). This is to avoid documents containing example rating tags and other potential uses for strings which might match as a rating tag from having all instances within the document be interpreted by software programs (one need only put an appropriate tag at the beginning of the document and all succeeding tag-like-strings would be treated as just part of the document).
This type of system, while potentially quite useful and powerful, will require assistance in propagating to those areas where it is most needed. Moreover, such ratings as this also run a risk of being abused or used in ways which will ultimately be detrimental to the system as a whole (such as individual internet providers deciding arbitrarily to filter newsgroups or mail messages based on IVSR tags).
For this reason, this proposal also calls for the establishment of a (volunteer, of course) group of internet community leaders and users who will aid in promoting the development of software designed to take advantage of this system, making known its availability and location once it is developed, and (perhaps most importantly) working to prevent abuses and misuses of the rating system and its tags in ways which would be detrimental to the functioning or ideals of the system itself (namely, the free distribution of all forms of information and user-end(-only) discretion and restriction).
Notes
-----
Following are some general notes on aspects of this proposal:
1. It should be noted throughout this proposal that the idea here is not to restrict information of any form or content in any way, and is, in fact, precisely the opposite. This proposal is not a foundation for discussing the merits or evils of any particular form of expression or information, or even whether it belongs one place or another. The point is that the free flow of ALL information is not only the best policy for the Internet, but an essential part of a properly informed and responsible community and world, and thus should not be limited by anyone except those who put it up in the first place or the end users to whom it finds its way. There are, possibly, some exceptions to this general principle involving harrassment or illegal activities, but these are entirely beyond the scope of this proposal anyway.
2. There are some rating codes (in particular, the "E" rating) which some people may find highly debatable. In all cases, the point of this proposed system is to provide controls for others. In this vein, decisions on which codes apply or don't apply should:
a) be based entirely on what _other_ people _might_ consider falls into that category (assuming rational people who are capable of making such distinctions for themselves).
b) be decided in favor of the presence of a code in a rating tag if there is any doubt (i.e. better safe than sorry).
This, for example, means that discussions about _all_ religions deserve an "E" rating, regardless of how popular or "right" they are, etc.
3. The rating codes here are in no way meant to be definitive, though I think they do cover the bulk of categories on which people might want to base individual restrictions and such. If you have additional suggestions in this area they're also welcome.
4. An important part of this proposal, as noted above, is that there also be a (preferably large) group of internet users who would help in promoting the idea and ideals of this system to others, and ensuring that it's not abused (by exerting appropriate pressures on providers who attempt to introduce arbitrary filters based on this system (which would ultimately be detrimental to the entire system, net-wide), registering complaints with access providers of those who deliberately use false ratings in their documents, etc..)
5. Regarding the last part of 4, this is one of the ways I was hinting at above to help ensure those who use the voluntary rating system do it responsibly. While it is inevitably true that in some situations there is simply nothing you can do about some individuals (except mask them out entirely, see the implementation notes below), it's nevertheless quite possible that in many situations the existence (and abuse) of a concrete system such as this could provide a very specific and easy to identify form of net-abuse which many service providers might be much more inclined to investigate and do something about than if they simply received complaints that so-and-so was putting up such-and-such type of material. Even those who specifically make no judgements on the content put out by their users could still make decisions based on misleading or outright false tagging of such materials.
6. Recently, several other, similar ideas have been introduced based on evaluation of materials by trusted authorities (official committees, those who create the software, etc). While such systems can be valuable, and can provide a somewhat higher level of security under some circumstances, it should also be noted that, as anyone who's wandered around the net much can easily attest, there is simply no way any singe entity or organization, no matter how big or empowered, could keep up with the sheer bulk of information flying about and the billions (and growing every second) of documents and areas available for perusal, let alone determine content and provide up-to-date information for all of them. The result is that such systems are inevitably, and necessarily, limited in scope and accuracy. The intent of this proposal with respect to these other systems is therefore to attempt to provide an additional, cooperative mechanism for evaluation which, while weaker in some other areas, can both help to cover a much wider range of materials and also to assist such third-party evaluations as might be required by other systems as well. It is also the hope, however, that as this system progresses and gains acceptance and legal and/or administrative backing that such additoinal systems based on third-party evaluation will become less necessary, and eventually obsolete as well.
Some Notes on Possible Implementations, Etc.
--------------------------------------------
Ok, here's just a few ideas I have for how the codes could be used, etc:
For a lot of situations (mail, news postings, HTTP accesses, etc), it would be fairly straightforward and appropriate simply to come up with a fairly standard header ("X-Rating:" or some such) to hold the rating code for a given document. Note that the full rating tag would still need to be included in the header ("X-Rating: [IVSR:AU]", for example), and not just the codes, both for consistency and so that environments and applications for which it isn't obvious that such an X-Rating header serves that purpose, the pattern-match for the rating tag would still be effective.
This isn't to say that any other ways of including the tag (such as just putting it somewhere in the body of a message) shouldn't also work and be recognized by appropriate software, but this is the most straightforward way to include it generally, for these media.
For other text documents which don't have headers as part of their format would still be able to include the tag fairly unobtrusively at the beginning of the document, or even with an explanatory human-readable line attached if appropriate. Likewise UUencoded and similar documents would be able to have a tag inserted into the beginning of the body of the document without any corruption of the contents, etc.
Part of the plan for this whole thing, however, is to rate entire areas, such as newsgroups or maillists. For the purposes of newsgroups, the most obvious way to deal with it would be to put the rating code into the descriptive text (which is often displayed by newsreaders and such) stored for each newsgroup.
For maillists, of course, a rating could just be tacked on to every message sent out.. One problem with this tho is that depending on what order ratings got tacked on the maillist rating could either be superseded by a rating the author put on a message they sent or would completely block out any additional ratings a conscientious author decided to add (since only the first rating tag for any message would be interpreted). What might actually be needed is some custom forms of maillist servers (listserv, majordomo, etc) which could recognize such codes and put out a cumulative rating combining both the list's mandatory rating and any additional tags accompanying the submission itself.. If anybody has any better suggestions for ways to handle this I'd be glad to hear them..
The one drawback to this system is that the tags can't necessarily be inserted directly into some forms of binary data without corrupting them. This might not be that major a concern though, actually.. Most common image formats and such do, I believe, have potential for "comment" or "description" fields within the file format where such codes could be stored, and for those forms of data which don't, they could probably be located fairly easily inside some other container (a FTP directory, or a MIME message format, or whatever) which could bear appropriate tags itself.
As for FTP and things like that, many common FTP servers nowadays have the ability to have a text message printed upon entering a directory and such, and this would be an obvious way to display a code for a whole area of things.
For web documents, the ratings could be included easily enough in comments within the source, and thus need not even be seen by the reader unless the author wanted them to, while still being interpretable by an aware web client..
Regarding how software could be designed to accomodate these ratings, there are quite a few possibilities for both source-end and reciever-end implementations. Some of the source-based automatic mechanisms such as dictionary checking have already been mentioned above. As for reception-based implementations, the general idea would be to allow a secure user (such as a parent or teacher) access to a list of options (one for each rating code listed above), which they could check off yes-or-no according to what the "insecure user" (a child, for example) should or shouldn't be blocked from accessing. Under most circumstances, of course, this software would be set up to consider a document without a tag as being completely unknown, and presumably block it (unless there's some larger context, like a moderated newsgroup, which would ensure a certain level of content restriction already). Such software, should it encounter a no-no code, might do something like pop up a dialog box indicating it can't display the document without a password first, etc.
Given the point of some ratings such as "E" codes and such, it would also be important to allow the user to un-lockout individual documents or areas (a newsgroup, or a set of web pages, etc) should they look over them and decide that in spite of a particular rating in general, for the specific audience they are ok, or whatever.
Another aspect which might be worth pursuing, in this modern age of software suites and SLIP accounts, would be a more or less integrated system for various platforms (Windows, Mac, etc) which would provide the security and information mechanisms for the whole system, independant of any given application program, and applications could be designed to look for such a system and plug into it if it's available. This would allow someone to set up their system a certain way, all at once, and then even if they installed new software it would (assuming it was sufficiently aware) automatically be set up appropriately when run on that system. In Windows this could be done fairly easily with a standard DLL or something. If one wanted to get even more secure (so that, for example, a restricted user wouldn't even be able to download a non-rating-aware client and use it instead) it's possible something could even be built into the transport system itself (such as a special version of a Winsock system) which would disallow use by non-rating-aware programs, or only a specific set of programs..
BTW, the necessity of making aware programs not allow un-rated documents through has a useful side-effect that will encourage the propagation and use of the system to a greater degree, as more people start using the clients for restricted access and people need to make their documents available through those means. Those documents which don't need ratings to get by such software then slowly dwindle to be more or less the same group of documents that most people don't want their kids seeing anyway.
It is conceivable that under some circumstances people would end up putting falsely benign ratings on things, to allow them through these clients. My feeling is, however, that given the nature of interactions and people who compose the majority of the internet this won't be that big a problem, and in almost all cases such things will be traceable to specific individuals and may be handlable in other ways. Also, considering the potential reasons for such actions, it also seems likely that should people be doing it deliberately, it's quite possible that in most situations it would be accompanied by other illegal activities which could be pursued and prosecuted, etc.
Nevertheless, it is possible that in some situations it will be necessary to lock out entire users/addresses in these secure clients to prevent continued abuse of this form. This is probably also a good feature to have just on general purposes (effectively a "global kill file" for all methods of reception). It is quite possible that if such systems become readily available and easily usable, people will find that all they result in doing by mislabeling their documents is to increase the chances that everyone will automatically ignore them completely, which would serve, in itself, as something of a deterrant for such behavior.
Anyway, those are just some ideas.. These codes could equally easily be used for any number of other services as well, such as including a tag in the welcome message for a MUD, or etc, or etc, and I'm sure I've only scratched the surface of potential applications and software relating to all this..
Please note that this system isn't perfect, as no system is, but that doesn't mean it won't work fairly effectively for what it's intended to do, and it also has the potential of both staving off inappropriate legislation from outside, and promoting future development of appropriate systems for a safe and responsible Internet, based on free communication and the rights of the individual.