PART 3

REGULATING

This part examines various solutions that can be envisaged to reduce or even curb child pornography on the Internet.

First, we will look into technical solutions. At this level, there are different possibilities: from filters, which can be installed on the network to restrict the diffusion and reading of this kind of information, to solutions which require human intervention and initiative, like the moderation of newsgroups or the controls of access that can be established by Internet providers. However, these technical possibilities are limited and the efficiency of their application largely depends on the initiative of man to exercise in his field his responsibilities as a citizen.

Secondly, we will turn to law. Even if the law seems to be sufficient to counter child pornography when all the participants are in Belgium, things get more complicated as soon as the phenomenon becomes international, which unfortunately happens often. At this level, only international agreements concluded between states can stop the phenomenon. We definitely think that, in this field, Belgium must lead other states in an initiative to protect the rights of children on the Internet.

The third subsection concerns self-regulation. Today, many people say that, faced with the limits of technical and legal solutions, self-regulation is the only pragmatic solution to diminish child pornography on the Net. Yet, without rejecting this argument, the MAPI group stresses that self-regulation cannot be applied by people working with the Internet alone. Ethical rules must be set by all the parties involved, users and service providers. Without this democratic conception of self-regulation, these rules could easily and quickly become corporatist codes which aim at limiting the responsibilities of those working with the Internet.

MAPI tried to make an educational presentation of these solutions because action will only come from a knowledge and understanding of these solutions.

Each of the proposed solutions has its limitations. Nonetheless, MAPI is definitely convinced that their application could significantly contribute to the development of the protection of children's dignity and integrity on the Internet.

3.1. Some clues to a technical answer

We suggest below some technical possibilities to limit or suppress the creation and public diffusion, on the Internet, of data openly transmitted and relating to child pornography. These solutions are mainly intended for service and access providers, as defined in section 1.2.7. Then we point out the limits of efficiency of these techniques, and their restrained sphere of applicability. Lastly, we address some recommendations to access and service providers, Internet users and public decision-makers.

We define public information as any information intended for (or put at the disposal of) a group of persons without specifying any name and without giving further determination. This concept is opposed to the notion of private information, which consists of communication between well-defined persons. For instance, the content of a message sent in a discussion group is classified in the category of public information, whereas a message sent by e-mail to a (list of) person(s) is considered as private information.

Within the context of our study, we decided to confine ourselves to public information because the limitation or suppression of illicit private information poses many problems, not only technical, related to the possibility of knowing public information, but also legal, such as the invasion of privacy, correspondence secrecy, etc.

By openly transmitted information, we mean any information which does not require any decoding phase. This concept is opposed to the notion of coded information. We must note that coding a message amounts, in general, to make private the information it contains since only the people who have the decoding key can really access this information, and the keys are usually not public or, at least, their use is private.

3.1.1. Technical possibilities

The various techniques involved will only be treated briefly here. Indeed, it is impossible to go into details as there are so many different computers and so much software involved in the communication on the Internet. We therefore prefer to give an idea of generic techniques, that is to say which can be applied on most systems logged on to the Internet and which respect standard protocols of communication and service, rather than explain particular solutions in details.

We limit ourselves to the services most commonly used on the Net to publicly diffuse openly transmitted information, namely the forums or discussion groups (News) and the World Wide Web.

a. News

A description of the system of discussion groups and a brief explanation of its working have been made in section 1.2.3. We will simply remind the reader that there is a procedure for subscribing to the various forums offered by a server to another server or user, and that messages spread from server to server. Different authorization levels limit the creation and/or reading of messages, for instance only to the users known by the server, or anyone else, etc.

It should also be repeated that there are moderate and non-moderate discussion groups. In a moderate discussion group, someone is responsible for deciding whether a new message intended for the discussion group can really be inserted in it or, on the contrary, must be rejected.

Our proposals concerning the news are the following.

a.1. For the creation of a new discussion group

To facilitate the identification of the person responsible for a discussion group, one solution would consist of promoting the appointment of a moderator for any creation of a new discussion group. Initially, the moderator could be, if there is anyone else, the discussion group's founder. However, several problems arise such as the fact that, in the case of paedophile newsgroups, the moderator could be himself a paedophile. In addition, in the case of big discussion groups, the moderator's task, which consists in reading all received messages, could easily turn out to be unrealistic. In this case, yet, resorting to some technical systems of filters on the basis of keywords is feasible.

a.2. For the creation of a new message and the spreading of the message

between servers

The same principles apply to the procedures used when a user wants to insert a new message in a discussion group and the spread of this message to other servers. That is why the same techniques can be used in both cases.

We would suggest the use of automatic filters on these floods of information. This software would detect, on the basis of keywords, the messages liable to contain paedophile information, and report them to someone responsible (the access provider, the moderator, etc.), for a more detailed analysis and possible suppression of the messages. This technique can also be effective in the case of messages which contain images. Indeed, these images are nearly always accompanied by a text: a description of the image, a title or a legend. However, in the case of images, this solution is imperfect because it is easily bypassed. Indeed, it is enough to suppress all illicit words in the message accompanying the image.

Finally, we would like to note that total automation of these procedures of search and suppression is not advisable because it might be too efficient and lead to the abusive suppression of messages. Resorting to human judgment must therefore remain predominant.

Date: Thu, 12 Sep 1996 20:12:29 -0700
From: sebastien.declercq@skynet.be (De Clercq Sébastien)
Subject: paedophile images in newsgroups...

Hello MAPI,

I think we should simply put someone in charge of regularly erasing paedophile images hosted by Belgian providers in their newsgroup. This seems to be what XXX has started to do some time ago !!!

Sébastien

a.3. For the reading of messages by the user

It should be remembered that every access provider decides on which discussion groups will be accessible on his system. A simple way of restricting the users' access to paedophile information is thus to limit the offer of discussion groups to which they can subscribe. We are thinking of the groups which are typically paedophile, such as alt.sex.pedophilia, alt.binaries.pictures.pre-teen or alt.support.boy-lovers, for instance.

b. World Wide Web

A description of the Web and a brief explanation of the way it works have been given in section 1.2.4. We would simply like to remind users that a Web server contains a certain number of hypertext pages. The creation and modification of these pages is (generally) limited to one user or one group well defined on the server. There are different authorization levels for the consultation of these pages: for example, only the users known to the server, or anyone.

As we shall see in the next section on legal solutions, the service provider (more precisely the hosting provider) is clearly responsible for the information he hosts and can be prosecuted if it is of a paedophile nature. We therefore suggest that the person in charge of the server should regularly browse all the pages existing on his/her server in order to determine and eliminate those with litigious information. This task can be facilitated by a specially designed software which locates illicit pages by searching for keywords for example. This exhaustive search can also be replaced by tests carried out on a sample of pages. The provider can also ask his clients to report on the existence of such pages on his server. Concretely, the service provider has to do all he can technically to limit the existence of illicit information on his server.

One of the measures proposed by Minister di Rupo at the Council of Ministers of 13 September 1996 requires, among other things, providers to transmit to the IBPT (Institut Belge des Postes et TŽlŽcommunications) a complaint about a Web site they might have received. If the IBPT decides to ban access to this site, the provider will have to install a filter on his server (Renard (1997)). We should insist that these measures are still under consideration and that, consequently, nothing has been decided at this level. Indeed, it seems that the Minister of Justice is also entitled to have his say in the matter since we are confronted with criminal offences which are not only restricted to aspects of telecommunication.

We think that the addition to Web navigators of software extensions aimed at forbidding children access to some pages, such as SurfWatch, CyberPatrol or NetNanny, is also a possible solution, but requires a voluntary participation on the part of the creator of pages and of the navigator user (or, at least, of the person who is responsible for its configuration). The creator has either to equip his pages with marks (invisible to the screen) indicating to these software that the page is forbidden to children, or report these pages to organizations who keep up to date lists of pages forbidden to children. Another solution consists in the use of PICS codes, detailed in the next point.

However, it should be remarked that this software is intended for parents who want to prevent their children from accessing (that is why we talk about below filters) harmful information. The techniques we propose are rather above filters (which act at the diffusion of information rather than its reception) for illicit information.

c. News and Web: the PICS system

The PICS system24 (Platform for International Content Selection) is intended for the Web as well as newsgroups and can be considered as a standard, a filter software and a reference to an institution recognized by users25 . The Council of Europe recommends its use.

PICS attributes to each Web site or discussion group a "label", a "rating" which corresponds to the type of information a user is supposed to find on it. In practice, it means that a Web page will be given an X rating if it provides information relating to professional software, a Y rating if it deals with economic theory, or a Z rating if it concerns sexual information. If he has the appropriate browser26 , the final user (or someone responsible for the system) can ban the access of his machine to some sites labelled with certain ratings27 . The PICS system allows a targeted filtering of the

information available on the Internet and an easier search on the Net for all the users who have the appropriate software. It is an "interactive" system which requires registration to a collective but private authority in charge of assigning ratings.

Nevertheless, to make this system effective and satisfactory for users, that is to say a system which effectively censors, when requested, "sensitive" information while guaranteeing that the user can potentially access all the information available on the

Internet, each site or discussion group should be effectively registered with PICS and receive a "rating". At present, it falls far short of the target even if more and more sites worldwide pass by this "unofficial certification".

Furthermore, the implementation of this system to limit and discourage the spread of paedophile information on the Internet (and more generally of illicit information) raises many technical and legal issues.

Firstly, it is obvious that, currently, there is no legal obligation for someone eager to provide information on the Net to register with PICS (which is not, strictly speaking, an official organization). Moreover, even if such an obligation existed, we cannot imagine people being eager to supply illicit information registering (officially or not) as people expressing this sort of wish.

Secondly, considering the moving and very dynamic nature of the Internet, the information should be regularly checked to see if it corresponds to the PICS rating it was initially attributed. Yet the problem of control in that field is acute, for practical reasons (how can one check that all sites and newsgroups propose a PICS rating and that it corresponds to the transported information ?) as well as legal ones (who will be in charge of the control and on what legal basis ?). It appears that the only "way out" is that users assume their responsibilities and, for instance, denounce the sites which do not have "ratings" or whose content does not correspond with the one indicated by the "rating". We still have to know to which official and/or legal authorities such sites would be denounced and what will be the effective power of the authorities... Once again, the problems connected with the harmonization of different legal principles will arise in all their acuteness (what is illicit in Belgium is not necessarily illicit in Canada and vice versa).

Thirdly, supposing the PICS standard becomes a worldwide standard and one or several official authorities are internationally designated to guarantee it, it seems, as previously said, that there is a significant risk of seeing an illicit "ghost network" develop parallel to the "official" Internet.

A possible technical solution to avoid such an outcome would be to devise browsers in such a way that they can only access sites and newsgroups which have a PICS rating28 . Of course, such a decision would have some consequences on freedom of expression and the respect of individual liberties in general. For this reason, one should legislate towards a strict limitation of the missions and powers of the possible certification and control authorities, and be endowed with the means to enforce the law in order to prevent the "PICS certification" from taking turns of political, cultural and intellectual control.

3.1.2. The limits of technical possibilities

Often, unfortunately, all these techniques are not very restricting for a skilled user who wants to get round them. Indeed, they are quite easily bypassed. For instance, an automatic search with keywords can be made inefficient with specific or clandestine codes used by the enthusiasts of child porn in general and on the Net in particular. As regards

the reinforcement of the appointment of a moderator for newsgroups, we have already underlined the problem in the case of big newsgroups and the fact that the moderator can himself indulge in illicit practices. In addition, the solution which consists in resorting to a moderator can occasionally play the role of an abusive information censor, which is already the case in certain discussion groups. However, in such cases, the discussion group's members can complain and decide jointly to replace their moderator or to open another, non moderated, discussion group on the subject. As for the PICS standard, we have just mentioned some of its limitations.

Besides, these technical possibilities only apply to some services distributing information and to openly transmitted information. Many other services existing on the Net offer the possibility of transmitting information, sometimes relying on less known or experimental, or even confidential protocols. The information can also be ciphered.

Finally, these solutions which, we think, can prevent to a large extent the novice or average user from transmitting or being unwillingly confronted with paedophile information, require those who have to apply them to use major human and material means. Therefore these solutions may, in some cases, come up against the weakness of the means. However, in the present case, the end should justify the means and oblige access and service providers to display ethical and professional behaviour by supplying the means needed to apply these techniques.

From: Olivier Biston (Network administrator) <craphyto@fsagx.ac.be>
Subject: Info MAPI

Dear Sir,

Being a computer scientist and a big user of the Internet, I found a large number of paedophile images in the newsgroups XXX. Then I contacted the network administrator to tell him that I do not tolerate the diffusion of such atrocities.The same day, he replied to me that he didn't know anything about it and that, anyway,he was unable to check the information he distributed on the network. I informed my immediate superior about my "findings" and he decided to warn the legal authorities.

The Gendarmerie of Gembloux came to the Research Centre in order to view the images in question. Since then, the Gendarmerie took the images back (printed) and wrote a report, saying to us that the case would be transferred to the proper authorities.

Recommendations

* To access and service providers

We ask each access and/or service provider to apply, as far as possible, the few techniques above-mentioned: the suppression of discussion groups clearly dedicated to child pornography, the promotion of the discussion groups' moderation, the use of filters on the discussion groups' messages for access providers and the monitoring of the Web pages' content for service providers. The basic principle of these solutions is the need for the application of means rather than the obligation of results.

It should be noted that the effort to apply the proposed techniques can be made up for with advertising. It is quite conceivable that a provider uses as an effective commercial argument the fact that his server is completely "free" from paedophile information, mainly towards parents, for instance.

* To the users of Internet services

We ask each user to join a movement of opposition to the diffusion and existence of paedophile information on the Net, such as the MAPI campaign.

Besides, it is important for each user to exercise his/her citizen's responsibilities30 on the Internet by helping, by his/her vigilance and action, to reduce child pornography on the Net.

* To public decision-makers

One effective means to keep watch on and intervene against the delinquents who intentionally act on the Net remains the setting-up of a network police at an international level. They would be responsible for detecting illicit messages and receiving the complaints of users confronted with such messages, and seeking their authors (which is a delicate and complicated task requiring abilities of investigator and perfect technical knowledge). In Belgium, such an initiative was born when Brussels Criminal Police31 founded a committee to this end. Of course, its efficiency must be assessed in the long run. For us, it is essential to clearly define the tasks of such a network police in order to limit abuses and invasions of privacy32. This recommendation is in line with the philosophy of the possible actions proposed by the Government33.

* Concerning the PICS standard

If we decide that the PICS standard, of which we have seen some advantages, is compulsory or at least highly recommended, as it is by the Council of Europe34, it must be provided for accompaniment measures like the official recognition of an international organization responsible for the attribution and control of ratings, and whose tasks must be clearly defined by a law or an international convention.

3.2. Some clues to a legal answer

It is often said that the Internet is above the law because of its virtual and/or international nature. We do not approve of this affirmation. Indeed, there are laws which can apply to the Net, but it may be difficult to determine what is exactly the applicable law and, above all, to know if it is "technically" applicable. These questions are at the centre of the following part.

To clarify the question of the laws applicable to the Internet, we are going to present in this section some basic principles of Belgian and international law, and develop some applications of the law.

3.2.1. Belgian law

We think it is unnecessary to provide for new rules applicable to the Internet. Belgian traditional laws can easily apply to the network.

a. Basic principles

Within the Belgian context, as regards the network's responsibility for illicit contents, which we consider as the crux of the matter, paedophilia on the Internet can be regulated by two kinds of rules: on the one hand, and in particular, the rules coming within criminal law; on the other hand, and in a more limited way, the rules coming within civil law, in its aspects of responsibility connected with a harm caused.

a.1. Criminal responsibility

Within the context we are dealing with, criminal responsibility is mainly based on two articles: on the one hand, Article 383bis of the criminal code, introduced by the Act of 13 April 1995 and containing measures of repression against slave trade and child pornography; on the other hand, Article 380quinquies introduced by the Act of 27 March 1995 and punishing the advertising and/or distribution of pornographic material whether minors are involved or not. We will not go back over the comment of these articles since it has already been done in section 1.1.2., but we would like to take up the content of both articles which will be very useful to determine the responsibilities of the different actors involved in the diffusion of child pornography on the Net.

Article 383bis, worded as follows, has been added into the criminal code:

"Art. 383bis. (1) Without prejudice to the application of Articles 379 and 380bis, whoever displays, sells, rents, distributes or delivers emblems, objects, videos, photographs, slides or any other visual material which represent pornographic or sexual

acts, involving or presenting minors under the age of 16, or whoever, with a view to trade or distribution, produces or possesses, imports or has someone import, or delivers this type of material to a forwarding or distribution agent, shall be sentenced to prison and shall be fined between five hundred and ten thousand francs.

(2) Whoever deliberately possesses emblems, objects, videos, photographs, slides or any other visual material stipulated in section 1, shall be sentenced to imprisonment for a period lasting from one month to twelve and shall be fined between one hundred and one thousand francs.

(3) The offence stipulated in section 1 shall receive a sentence of ten to fifteen years' hard labour and shall be fined between five hundred and fifty thousand francs, if it proves to be an act of participation in the main or subsidiary activity of an association, whether the defendant is or not the director of the association.

(4) The special confiscation provided for in Article 42 (1) is applicable to offences stipulated in sections 1 and 2, even if the owner of the objects confiscated is not the defendant.

(5) Article 382 is applicable to offences stipulated in sections 1 and 3.

 

Article 380quinquies, worded as follows, has been added into the criminal code:

"Art. 380quinquies.- (1) Shall be sentenced to imprisonment for a period lasting from two months to two years and shall be fined between two hundred and two thousand francs, whoever, whatever the means used, produces or has someone produce, publishes, distributes or diffuses advertising, directly or indirectly, even by hiding its nature with tricks of language, for an offer of sexual services with a view to making profit, directly or indirectly, when this advertising is specifically intended for minors or when it presents services offered either by minors or persons supposed to be underage.

The sentence shall consist in imprisonment for a period lasting from three months to three years and shall be fined between three hundred and three thousand francs when the advertising stipulated in Article 1 is aimed at or has the effect of facilitating the prostitution or sexual exploitation of a minor, directly or indirectly.

(2) The sentence shall consist in imprisonment for a period lasting from one month to one

year and shall be fined between one hundred and one thousand francs, whoever, whatever the means used, produces or has someone produce, publishes, distributes or diffuses advertising, directly or indirectly, even by hiding its nature with tricks of language, for an offer of sexual service with a view to making profit directly or indirectly, when this service is offered by telecommunication means.

(3) In the cases which are not provided for in sections 1 and 2, shall be punished of imprisonment of one month to one year and shall be fined between one hundred and one thousand francs, whoever, whatever the means of advertising used, even by hiding its nature with tricks of language, makes known that he/she prostitutes him/herself, facilitates the prostitution of other people or wants to enter into contact with a person who practises prostitution.

Similar sentences are applicable to whoever, whatever the advertising means used, encourages the sexual exploitation of minors or adults, by alluding to it, or uses such advertising in offering services."

If an Internet participant adopts a behaviour which constitutes a criminal offence, the state, represented by the prosecutor, can, on his own initiative, invoke the offender's criminal responsibility. It means that the state can sentence a person only because he/she breaks Belgian law without necessarily causing someone harm.

In practice, however, we must look at the various actions that a citizen can initiate to make the courts intervene. Several cases are possible:

• You can lodge a complaint as victim of a harm if, for example, you have recognized a member of your family on a pornographic image spread on the Net. In this case, your complaint will be handled by an examining magistrate and you will be claimant at the criminal trial.
• You are not victim of a harm, as defined above, but you want to prosecute the people responsible for the diffusion of child pornography on the Internet. The only thing you can do is report on the situation to the prosecutor who can, on his own initiative, sue the people responsible. However, if nobody who is claimant "urges" the courts, your complaint may well result in "nonsuit" or be disallowed.

To avoid such a situation, you must find someone who is claimant and who can represent you in legal procedures and have your complaint handled by an examining magistrate. At this level, the lawmaker has to be innovative. For instance, he could officially recognize certain non-profit-making associations in the fight against paedophilia, child pornography or children's disappearance, such as the Mouvement du Nid, ECPAT or the future Centre for missing children, to allow them to "be claimants", without having to prove the direct harm caused or their interest in acting. In this case, a citizen could call on these associations to have his/her complaint handled by criminal courts. Another solution would consist in giving the National Magistrate a clear mandate, in the matter of the fight against paedophilia and child pornography, which would allow him to be claimant in the criminal courts on the mere strength of a denunciation by a citizen. These solutions require some adjustments to the law, which are necessary to make the laws applicable in the case of child pornography on the Internet.

In the absence of such adjustments, you must not forget that the mere fact of denouncing to the prosecutor acts of child pornography committed on the Net can already have a certain impact. If you publicize this denunciation as much as possible, it can indeed have an educational effect on the conscience of the people as regards the illegality of their acts, and therefore indirectly reduce this sort of behaviour on the Net.

a.2. Civil liability

If someone does someone else harm, he/she is liable for the harm he/she has caused and must consequently make reparation for it.

Each Internet participant is supposed to behave as a good father should and can therefore be summonsed on the basis of the common law of liability, in accordance with Articles 1382 and 1383 of the civil code.

Article 1382
"Any act of man which causes others harm obliges the one liable for the harm to repair it".

Article 1383
"Everyone is liable for the harm they have done, not only by their act but also by their negligence or imprudence".

It must be stressed that suing someone requires, on the one hand, that the citizen has effectively suffered harm, on the other hand, that the link of causality between the civil wrong committed by the defendant and the harm suffered by the victim is clearly established. Both conditions make it particularly difficult to apply civil liability in the case we are dealing with. As a result, it seems more reasonable to refer to criminal procedure and try to improve its applicability by various adjustments. That is why the applications of the law studied below only take into account the criminal side of the wrong.

b. Applications of the law

The below-mentioned cases basically concern offences committed via e-mail, newsgroups or the Web. We have not studied the problem of BBSs or IRC which we found to be too complex and which requires a more detailed analysis.

b.1. The sender

* Is the message's sender affected by Articles 383bis and 380quinquies of the criminal code ?

Yes, as the author of a message containing illicit information as defined in Articles 383bis and 380quinquies, the sender is directly responsible for the offence.

* Who can prosecute the sender ?

The prosecution can prosecute the sender on the basis of a denunciation or on its own initiative.

* What are the sanctions incurred ?

As direct author of the message, the sender incurs the sanctions stipulated in Articles 383bis and 380quinquies of the criminal code (fine, imprisonment,...).

b.2. The consumer

* Is the message's consumer affectedby Articles 383bis and 380quinquies of the criminal code ?

Yes, as a consumer of child pornography on the Internet, he is responsible for an offence stipulated in section 2 of Article 383bis. However, this consumer cannot be considered responsible for an offence he has not deliberately committed. As a consequence, if you unwillingly receive a paedophile message, as unfortunately often happens, your responsibility cannot be invoked. The term "possesses" , mentioned in section 2 of Article 383bis, will certainly be subject to several interpretations in the case of the Net.

* Who can prosecute the consumer ?

The prosecution can prosecute the consumer on the basis of a denunciation or on its own initiative.

* What are the sanctions incurred ?

The consumer incurs the sanctions provided for in section 2 of Article 383bis (fine, imprisonment,...).

b.3. The access provider

* Is this access provider affected by Articles 383bis and 380quinquies of the criminal code ?

Yes, the access provider, as a participant in the diffusion and distribution of child pornography on the Internet, is responsible according to the two articles previously mentioned. Nevertheless, the access provider can, above all, exercise a real control of the contents circulating in the newsgroups to which he gives access and, with more difficulty, of those distributed on Web pages which users access via their connection to the network. The control of Web pages is possible, but requires considerable work and adequate tools. However, the PICS standard35 will probably facilitate the access provider's task.

Thus the access provider's responsibility will certainly be invoked in the case of newsgroups and probably of Web pages. To evade this responsibility, the provider could refer to the material impossibility of exercising an efficient control of his network. However, he will have to prove his sincerity to the judge. One way of proving it is by asking clients to report any illicit content existing on his network so that he can take appropriate measures to erase this information..., which is also a means of reducing child pornography on the Internet !

* Who can prosecute the access provider ?

The prosecution can prosecute him on the basis of a denunciation or on its own initiative.

* What are the sanctions incurred ?

Being responsible for the diffusion and distribution of child pornography on the Internet, the access provider incurs sanctions provided for in Articles 383bis and 380quinquies of the criminal code (fine, imprisonment,...).

b.4. The service provider (Web page hosting)

* Is this service provider affected by Articles 383bis and 380quinquies of the criminal code ?

Yes, if the service provider, and particularly the hosting provider, is not simply a technical relay of bits but puts at the disposal of users fully meaningful information, he is responsible as accomplice in the offence primarily committed by the author of the Web page in question. Indeed, he is supposed to know the information he puts at the disposal of the public.

* Who can sue the service provider ?

The prosecution can prosecute the service provider on the basis of a denunciation or on its own initiative.

* What are the sanctions incurred ?

As accomplice in the offence primarily committed by the Web page's author, the service provider runs the risk of sanctions provided for in Articles 383bis and 380quinquies of the criminal code (fine, imprisonment,...).

b.5. The telecommunications operator

* Is the operator affected by Articles 383bis and 380quinquies of the criminal code ?

Since he is technically unable to know the illicit aspect of the data channeled on his network and because it cannot be considered that he "distributes" data as mentioned in section 1 of Article 383bis, we think it difficult to consider the telecommunications operator responsible.

b.6. Contributing organizations

Without being directly involved in the distribution of child pornography on the Net, contributing organizations (VISA, American Express, etc.) which facilitate the exchange of such information on the Internet could be under investigation as accomplices of the participants who, themselves, directly take part in this market on the Internet.

Table 3. Summary of some applications according to Belgian law

3.2.2. International law

It is essential to know that the Belgian legal arsenal is sufficient to regulate the Internet but, given the Net's international character, the fundamental question is in what circumstances these laws can be applied.

First, we have to note the diversity of laws applicable, according to the different countries, to the problem of paedophilia on the Internet, which is due to big differences in culture and viewpoint.

In addition, the Internet's international aspect raises the classic questions of international law: applicable law, competent jurisdiction and enforcement of legal decisions outside the territory (notion of extraterritorial enforcement of laws).

a. Basic principles

a.1. Determination of applicable law

An offence committed via the Internet is often difficult to locate. A paedophile message can be sent from a computer in one country and diffused by machines in many other countries. However, it is possible to trace back information to its initial source. Yet some techniques enable the message's author to remain anonymous, as previously stated in section 1.2. (figure 1).

In Belgium, the criminal law principle of territoriality prevails. Article 3 of the criminal code stipulates that Belgian law is applicable to offences committed on Belgian territory, by Belgians or foreigners. From a criminal point of view, the questions of applicable law and the determination of a competent judge are closely related. According to case-law, a Belgian judge is competent to rule on an offence as soon as one of its constituent elements has been committed on Belgian territory. A Belgian judge could therefore be referred to in the case of diffusion via the Internet of child pornography on Belgian territory.

Article 4 of the criminal code stipulates that an offence committed outside Belgian territory by Belgians or foreigners is punished in Belgium only in cases defined by Belgian law.

The Act of 13 April 1995 relating to the repression of the slave trade and child pornography, adds the new Article 10ter under the preliminary Title of the rules of criminal procedure. This article stipulates that a Belgian or foreigner found in Belgium, who has committed an offence mentioned in Article 383bis of the criminal code outside Belgian territory, can be prosecuted in Belgium even if the Belgian authorities have not received any complaint or official notice from foreign authorities36.

a.2. Extraterritorial enforcement of legal decisions and extradition

Once the competent judge has taken the decision in pursuance of the determined law, the judgment has to be enforced abroad and the offenders extradited.

In accordance with the principle of state sovereignty, states are reluctant to grant extradition of their nationals. Besides, they are unwilling to enforce a legal decision taken by a foreign judge. To be enforced, the decision has to be examined by the judge of the enforcement's state and receive exequatur d.

In Europe, the Brussels Convention of 27 September 1968 and the Lugano Convention of 16 September 1988 make almost automatic the exequatur of foreign court decisions. Extradition is dealt with by the European Convention on Extradition of 13 December 1957.

Outside Europe, refusals to grant exequatur are frequent because of differences between legal systems, but there are extradition agreements between many countries. Nevertheless, extradition is only possible for offences considered criminal by both states, which present a minimum of seriousness and are not of a political nature.

b. Applications of the law

Before going further into the examination of the applications of the law in international law, we should repeat that any sender, consumer, access or service provider located on Belgian territory, who sends, consumes or gives access to child pornography coming from abroad, is punishable in Belgian law in accordance with clauses mentioned in section 3.2.1. It is therefore impossible for someone to hide behind the complexity of international law to justify his/her refusal to act !

We will limit ourselves to the cases which require international intervention.

The legal difficulty in determining the applicable law and the competent judge, combined with the practical difficulty in prosecuting offenders and enforcing the sentence, place these two cases at the centre of the problem.

Posting a piece of information on the Net makes it automatically international. Moreover, its author automatically exposes him/herself to different laws and might therefore break one. However, is it reasonable to expect everyone to know all the laws ?

Supposing the Belgian judge is competent to hear the case by virtue of Article 3 of the criminal code, it seems improbable that he is going to prosecute a service provider or a foreign sender. That is why, in this case, it would be interesting to resort to a network police37 which would centralize complaints and ensure the effective implementation of the co-ordination of judges and the police, provided for in conventions.

Nevertheless, even if such prosecutions against a foreign offender might fail, they could have a publicity effect and encourage service providers and senders to pay more attention to this matter.

3.2.3. The limits of legal solutions

In Belgian law, while the principles of criminal law are clear, they may be difficult to apply. Indeed, if the offence which is committed is not supported by a claimant, in so far as the offence does not directly cause someone harm, the complaint lodged with the prosecutor might well be disallowed. The consumer of child pornography on the Internet will probably be very difficult to identify. Moreover, it will be difficult to prove that he has "deliberately possessed" the illicit material in question. Finally, although it is quite obvious that access providers distribute illicit material in the case of newsgroups, the question is probably different for the access to Web pages. Yet Minister di Rupo suggests that if the IBPT, informed by a complaint about the existence of such sites, decides to ban access to the same, the provider will have to install a filter on his server (Renard (1997)). Note that these measures are still being studied.

At the level of international law, without ratified and applied international conventions on the co-operation of judges and the police, and on the choice of applicable law for child pornography, it is impossible to determine the applicable law and the sanction inflicted to law-breakers precisely.

Conclusions

Belgian law seems to be applicable to the Internet, at least for offences committed in Belgium, though we have already highlighted the need to amend Article 383bis whose conception of child pornography is too restricted.

We think it unnecessary to create a new regulation on the Internet, at least certainly not on the basis of a particular case such as paedophilia. This would be a wrong way of doing things. If it turns out that a regulation of the Internet is sensible, it must regulate the network globally. It is too soon to take new measures in this matter since it will certainly keep on developing. Let the courts first set precedents.

Recommendations

* Concerning Belgian law on access and service providers' responsibility

We have just stressed that it is unnecessary to create a new regulation on the diffusion of paedophile information on the Internet. However, the specific issue of the Internet access and service providers'responsibility, as mentioned in section 2.2., should be clarified soon. We find it unacceptable to take refuge behind possible codes of ethics which would be set by providers themselves and limit their responsibilities short of law. The lawmaker has therefore to clarify a number of minimal requirements regarding their responsibilities and which should be listed in a code of ethics for the sector concerned.

* Concerning Belgian law on criminal procedure

To allow the citizen to prosecute the offender, the lawmaker has to amend the procedure by which someone can be a claimant. Two solutions are to be explored.

On the one hand, the official recognition of non-profit-making associations in the fight against paedophilia, child pornography or children's disappearance, such as the Mouvement du Nid, ECPAT38 or the future Centre for missing children, to allow them to be claimants without having to prove the direct harm caused or their interest in acting. This official recognition would allow the citizen to have his/her complaint handled by the criminal courts by going through these non-profit-making associations.

Furthermore, one can give the National Magistrate a clear mandate in the matter of the fight against paedophilia and child pornography, which would allow him to be claimant in the criminal courts on the mere strength of a denunciation by a citizen.

* Concerning international conventions

The network's international aspect does not facilitate the enforcement of laws. However, we think that the solution does not consist in creating international conventions which regulate paedophilia on the Internet with a minimum threshold of tolerance, the problematic choice of interventions and the very concept of paedophilia. The solution would rather consist in creating international conventions on procedures, on the co-operation of judges and the police and on the choice of applicable law. The Belgian Government seems to have started this initiative at a European level39.

* Concerning contracts

It is necessary to multiply intervention means by combining laws and contracts. For this reason and, as we have already mentioned it at the end of section 2.2., it will certainly be very useful to encourage Internet providers' associations like ISPA to establish a code of ethics as well as a standard contract in which certain clauses would deal with their responsibility towards illegal contents.

* Concerning a possible standardization

A system of standardization is conceivable. Modelled on ISO 9000 standards guaranteeing a certain quality of the item, the possibility of tracing the item back at each production stage, the methods of control, etc., is it imaginable to grant a quality label to the providers who present a satisfactory degree of reliability and a good management of the data put on the Internet, methods of control ensuring a good security level of data, etc. ? The Belgian Government's proposal of a "code of good conduct" preceding the delivery of a commercial licence seems to fit this recommendation.

* Concerning the setting-up of a network police

We have stressed in this section and the previous one the interest of a network police at national and international levels. It would be in charge of centralizing complaints, detecting illegal messages, looking for the message's sender or the provider of the Web page concerned, or even of ensuring the effective implementation of co-operation between judges and the police provided for in conventions. However, it is necessary to legislate in this area in order to clearly and unambiguously fix the tasks of this police.

* To providers

Besides an intense use of the above-mentioned contracts, we highly recommend providers to take a number of concrete measures enabling them to prove to a judge, in case they are prosecuted in accordance with Articles 383bis and 380quinquies, for instance, that they have done all they could technically to fight against the existence of paedophile information on their Web pages or in the newsgroups for which they provide access. We are thinking, for example, of including in the contract a clause which stipulates that they do not give access to clearly illegal newsgroups, or a firm commitment on their part to suppress all access to illegal information, whatever the form it takes, as soon as a client informs them of its existence. The provider would therefore have a more "adult" relationship with his client by making the latter aware of his responsibilities towards the existence of such information on the network.

Nevertheless, when implementing these recommendations, notably at the level of Belgian law, one must keep in mind the limits of these possibilities of legal amendments and wonder about the efficiency of a law if it is not applied or applicable because of various constraints.

3.3. Self-regulation and ethical behaviour

Today, faced with legal gaps or in a concern to complement or even anticipate the law, many people put forward the idea of self-regulation. It may be useful to clarify this notion before studying more specific measures, notably at a European level, and then to assess the possible impact of self-regulation in the area we are dealing with.

When we suggest that service providers should set codes of conduct, this undoubtedly places us in the field of self-regulation. However, when proposing that users self-regulate the Internet to personally show disagreement, for instance, on illicit images or texts, it is rather a matter of ethics: actually, they exercise their own responsibilities according to their own convictions40.

From: olivier.gouallec@skynet.be (Gouallec Olivier)
Subject: Fight against paedophilia on the Internet

It is with great pleasure that I have noticed your initiative. Indeed, I have e-mailed a message to my provider (XXX) to tell him about my stupefaction regarding the accessibility of paedophile sites on his server, and to threaten him to send a selection of pictures "found" on the Net to the Lord Chancellor. In response to this letter, many alt. binaries addresses were closed.

If users act according to rules decreed within the context of a discussion group for instance, we can also talk about self-regulation since we are faced with a "community of users" which fixes its way of acting. More broadly speaking, at Internet level as a whole, the so-called Netiquette rules could belong to this category although they are pure rules of good behaviour.

Thus, the reflection on self-regulation is divided between ethics and law. To try to clarify the approach, we find it important to suggest the place of self-regulation in relation to these two poles.

3.3.1. Ethics, self-regulation and law

Ethics is not impossible to define. We speak about an "idea or moral belief which acts upon behaviour, conduct or the philosophy of life of a group of people" (Collins). Somehow or other, it concerns the distinction between good and evil and consequent duties and obligations. However, when we want to know how it could influence Internet users' behaviour, we have to yield to the evidence of the diversity of codes of ethics, without mentioning the diversity of theories which support them and the difficulty in assessing the legitimacy of social practices here and there.

Pierre Trudel (1989) defines self-regulation as "the resort to norms voluntarily developed and accepted by those who take part in an activity"41. The codes of deontology or conduct are thus a matter of self-regulation, but not strictly limited to this area. The rules of deontology or conduct set the duties of an occupation in specialized fields even though the scope of this occupation is still not well defined. These rules either complete the law or anticipate it because the occupation weighs up emerging issues at stake. They also guarantee the maintenance of the occupation's dignity.

In Belgium, we are considering delivering a commercial licence to Internet providers on condition that they accept such a code of conduct whose content, however, has not yet been exactly determined (Renard (1997)).

The third term, law, is a body of rules applicable to everyone, decreed by the authorities democratically set up and approved by a public authority.

Table 4 could summarize the link between the three terms.

Table 4. Distinction between ethics, self-regulation and law

From: Laurence Humblet <laurence.humblet@csl.sni.be>
Subject: How to react when receiving this type of mail ?

Hello,

I feel a bit helpless because I've received a mail on Monday morning42 and I'd like to react to prevent such thing from happening again. I've already sent a mail of protest to postmaster@aol.com and abuse@aol.com (an address to which people can report abuses on the Internet and in newsgroups) but I don't know if it will be useful. Have you any other recommendation to suggest ?

Thanks for your advice.
Laurence Humblet

3.3.2. Participation in and public elaboration of self-regulation

We would like to repeat that according to Pierre Trudel, self-regulation is "the resort to norms voluntarily developed and accepted by those who take part in an activity". It would be useful to assess all the implications underlying the words "developed and accepted by..." or "take part in an activity". Those who "take part in an activity" can constitute an occupation, group or community. If we add that they are "developed and accepted by...", there is the underlying idea of a "participation in the elaboration of these norms". This participation could give them more democratic and political legitimacy and bring us a more adequate framework than the one which too often looks like self-defence on the part of the associations resorting to self-regulation, notably with regard to proceedings. Has the survey conducted with service providers not revealed their concern for the defence of their responsibility by resorting to a code of ethics ? Yet it is hard to imagine that these codes limit their responsibility short of what is provided for by law.

If we speak about "norms voluntarily developed and accepted by those who take part in an activity", can we leave only one of the parts concerned by this activity to take care of this development ? If we look closely at the functions usually attributed to the codes, we notice that functions turned onto the occupation itself come first: its identity, the ability of its members, the way of adhering to it, of solving conflicts in it, etc. Functions which place the codes on the borders of society and occupation, notably in the matter of contribution to law, are more rare.

As we rely on such considerations, we probably should review a number of too narrow positions which appear within the movements of self-regulation. Their elaboration should therefore not be limited to one association or another, but should, as far as possible, rely on the participation of"those who take part in the activity" or those concerned by this activity. A use of self-regulation restricted to the occupation or association looks very much like a game in which one is both judge and judged.

We could also see in it a certain abdication on the part of the one who should remain the manager of general interest, namely the state: should its role not consist in fixing the border between occupation and society, by opening a discussion and defining the procedure but also by ensuring that the interests of society can be recognized and represented in professional institutions ?

From: Andre.Rombauts@ping.be (Andre Rombauts)
Subject: EDUbel's support to MAPI

Our association would like to participate in the debates on paedophilia on the Internet. As teachers, we feel particularly concerned about the reactions of pupils -and of their parents- since we propose them educational projects focussed on the Internet.

André Rombauts, president of non-profit-making association EDUbel (16830/93 - anc.EDUnet), Promotion of telecommunication technologies in education and training - e-mail: eduteam@k12.be

3.3.3. European measures

Following a Communication on 16 October 1996 to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions43 and a Green paper44, the Council adopted, on 28 November 1996, a resolution on the messages with illicit and harmful content diffused on the Internet45.

The distinction between illicit material and harmful material proposed by the Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions as well as the Green paper, may be due to the fact that, on the one hand, "adults access pornography involving children" (Commission of the European Communities, 1996b, p.9) and, on the other hand, "children access adult pornography" (Commission of the European Communities, p.10).

Recommended measures correspond to this distinction. Member States are invited, on the one hand, to reinforce co-operation measures, to use all legal and already available resources, and to "encourage and facilitate self-regulation systems combining representative associations of Internet service providers and users, and the establishment of codes of conduct and possibly direct on-line 'reporting' systems accessible to the public" (Council of Europe, 1996, point 4). On the other hand, they are invited to "promote the possibility for users to have at their disposal systems of filter and the creation of codification systems (moral rating), such as the PICS standard (Platform for Internet Content Selection) launched by the World Wide Web Consortium" (Council of Europe, 1996, point 4).

In fact, in the arguments developed and measures proposed, we notice a wavering between the needed protection of minors, freedom of expression, the principle of free movement of services and the differences in social and cultural assessments. Only the fight against the slave trade and child sexual exploitation is an object of general consensus and of pursuance which must be observed at an international level, notably in the context of a Charter of international co-operation on the Internet, as was presented by France to OECD. For the rest, we can ask ourselves if the legal authorities do not renounce their right of control in favour of a self-regulation to be developed with access and service providers and of handing over the responsibility to parents. We are, however, very pleased at the existing willingness to have representative organizations of service providers and of users participate and to associate them in the setting-up of self-regulation.

Recommendations

Self-regulation is a regulating means difficult and delicate to use. However, it seems to be becoming increasingly needed, notably for its functions of anticipation and complement of measures which strictly consist of regulations. For this reason, a minimum legal framework is highly recommended.

* Concerning the notion of self-regulation

In relation to ethics, self-regulation must remain open to the borders between occupation and society. If it is not the case, it may be only a means of protection either of occupation or of the communities which decree it: the measures taken might be minimalist and only express common principles or rules which are only aimed at protecting associations against prosecutions.

Moreover, the people who guarantee general interest have to institute areas of discussion where everyone can, according to procedures to be defined, express their convictions and open their mind to the appearance of self-regulation principles which can be approved by everybody.

For the moment, a certain openness should accompany the drawing-up of self-regulating measures, as well as their publicity, which would enable everyone to assume their responsibilities.

It is important for the Belgian Government to be able to ensure the representation of civil society in the drawing-up of a "code of good conduct" which is presently under discussion within ISPA.

* Concerning the citizens' behaviour

Lastly, it is quite obvious that self-regulation, as defined above, is likely to prove rather inefficient if it is not supported by a voluntary ethical behaviour on the part of users46. However, it is not enough to leave it to the users' goodwill or own convictions. In the cultural horizon of the Internet, the diversity of moral codes requires the institution of procedures so that a number of principles shared by all arise from the discussion. It is time Europe acts promptly, otherwise it could be dictated practices normalized by specific ethical movements !