Child Sexual Abuse (CSA) Online Content Filtering System

Under section 18 (1) m of the ICT Act 2001 of Mauritius, one of the functions of the ICT Authority is to “take steps to regulate or curtail harmful and illegal content on Internet and other information and communication services”.

To fulfill this mandate, the ICT Authority has launched on the 8th of February 2011, a centralised online content filtering solution to filter access to child sexual abuse (CSA) sites for Internet users in Mauritius. The deployment of this filtering system will reduce the availability and circulation of child abuse images in Mauritius – and limit the trauma experienced by victims’ when their images circulate on the Internet. At the same time, it will protect against accidental viewing, giving people in Mauritius, the confidence in the Internet they deserve.

In order to implement this centralised online content filtering solution, the ICT Authority has chosen the Netclean Whitebox technology which has been developed specifically for this task in 2006. This CSA filtering set up was hosted at the ICT Authority and was connected to all local ISPs providing Internet access to the public in Mauritius until June 2014 after which the CSA filtering set up has been shifted on a cloud-based mode whereby no hardware is required at the ICTA premises. From November 2020 to November 2023, Netsweeper Inc. is the new service provider for CSA filtering which uses the same technology as before which is also cloud based.

The system is based on a hybrid Border Gateway Protocol (BGP) and Uniform Resource Locator (URL) filtering system. The first step is where a server containing the list of blocked sites (blacklist) checks the IP addresses of these sites and advertises the routes for these sites to go to a filtering server hosted at the ICT Authority rather than the destination web site. The second step is where the filtering server checks the URL against the blacklist using packet inspection and if blocked then the request is not passed on to the destination web site but redirected to a blocking server and displays a block page. If the site is not on the list, the filter passes the request as normal and the site is accessed by the ISP customer (“clean traffic”). The URL filtering list for this component will be the list provided by the Internet Watch Foundation (IWF), a non-profit organization that is widely recognised as one of the best in the world at managing a URL list of CSA sites coupled with the Interpol blacklist.

This system has the following advantages:

It has very little effect on the passage of most network traffic so has little effect on performance.

It has a lower cost than one-step filters that need to filter all of the ISP’s traffic.

As it does not have a proxy server it does not suffer from the potential problem of requests being changed to the proxy IP address from the customer’s original one.

As it uses external BGP it can be hosted external to the ISP and is ideal for country gateway implementations

The centralised system can be used as  a cyber security infrastructure shared among ISPs and managed by the regulator

With the implementation of this CSA filtering solution, the regulator is ensuring that ISPs are supplying their customers with an Internet connection which is clean from access to CSA websites in the same way that a water company makes sure that the water provided in its pipes is uncontaminated.

Click here to view FAQ

Click here to view statistics

(Please note that you will be redirected to stats section)