In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. Article 6 (para II and III) of the SREN Bill would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools.
While motivated by a legitimate concern, this move to block websites directly within the browser would be disastrous for the open internet and disproportionate to the goals of the legal proposal – fighting fraud. It will also set a worrying precedent and create technical capabilities that other regimes will leverage for far more nefarious purposes. Leveraging existing malware and phishing protection offerings rather than replacing them with government provided, device level block-lists is a far better route to achieve the goals of the legislation.
Why target the browser for fraud prevention? How about targeting banks? They are the middle man for almost all the online fraud that is happening and would have an relatively easy time to shut it off. Make them liable for all the money that leaves the bank account without the users expressed consent and it wouldn’t take long until they introduce security measures that actually work.
Ex-banker president targets banks… Now that’d be quite an unexpecred headline! Shame it’ll never be.