Compliance and Enforcement and Telecom Decision CRTC 2022-170-1

PDF version

Reference: 2022-170

Ottawa, 11 October 2022

Public record:1011-NOC2021-0009

Development of a network-level blocking framework to limit botnet traffic and strengthen Canadians’ online safety – Correction to the decision

  1. The Commission received requests from the Canadian Internet Registration Authority (CIRA) and Vaxination Informatique to correct errors that appeared in paragraphs 63 and 126 of Development of a network-level blocking framework to limit botnet traffic and strengthen Canadians’ online safety, Compliance and Enforcement and Telecom Decision CRTC 2022-170, 23 June 2022.
  2. The Commission agrees with CIRA and Vaxination Informatique that parts of those paragraphs do not accurately describe CIRA’s partnership with Mozilla Firefox. The Commission considers that these statements do not materially affect its analysis and determinations in the decision and that these statements can be removed from the decision without consequence to its conclusions. The Commission therefore corrects the errors in those paragraphs by removing three sentences in the second bullet of paragraph 63 and part of one sentence in paragraph 126. The sentences to be deleted are in bold and strikethrough below:
  1. Nonetheless, the Commission considers that network-level blocking is an effective and appropriate mechanism for the following reasons:
    • Most Canadian carriers have invested resources in network-level blocking of their own initiative for many years.
    • The CIRA Canadian Shield is successful. Despite its low adoption rate by the general public,Footnote 16 the solution has blocked more than 20 million malicious domain requests for its 100,000 users in its first seven months of operation. In addition, according to CIRA’s website, CIRA recently entered into a partnership with Mozilla Firefox, by virtue of which the service is enabled by default for users of the web browser. Under the partnership, Canadian Mozilla Firefox users’ web traffic is filtered by default by CIRA Canadian Shield blocking infrastructure. This initiative has been deployed over the course of this proceeding. It began in July 2021 and had reached 100% of Canadian Mozilla Firefox users by late September 2021. According to its website, CIRA has since blocked approximately one malicious domain per user every day.
    • The federal government has implemented network-level blocking for its own network. The CSE, which is the technical authority for cyber security in Canada and the manager of the blocklist for the federal government’s network, considers that a new network-level blocking framework would improve Canadians’ average level of cyber security.
    • Other countries have implemented such solutions.
    • A narrowly constrained blocking mechanism would have a minimal, or even nonexistent, net impact on net neutrality.Footnote 17 While some might characterize botnet blocking as inconsistent with net neutrality in that it blocks the delivery of telecommunications, it also has a role in preserving net neutrality. Not only does such a mechanism serve to protect Internet accessibility, a necessary condition for net neutrality, it also corrects the distortion created by botnets in the overall Internet bandwidth resulting from the significant and unfair advantage in favour of machine-generated traffic from cyber threat actors. Accordingly, the Commission considers that the benefits of botnet blocking for Canadians and for carriers’ networks outweigh the minimal, or nonexistent, net impact on net neutrality, provided that botnet blocking is subject to appropriate constraints.
  1. The Commission finds that neither opt-in nor opt-out options are appropriate and that, where network-level blocking is provided, it should apply by default. This approach would ensure that all the TSP’s customers benefit from the blocking in the most efficient and effective manner. The Commission notes that the blocking-by-default model is consistent with the Cleanfeed blocking model and with CIRA’s current blocking model resulting from its partnership with Mozilla Firefox.

Secretary General

Date modified: