Broadband ISP CenturyLink Is Blocking Users' Internet Access Just To Show An Ad
from the ill-communication dept
US telco CenturyLink is under fire for temporarily disabling the broadband connections of broadband customers in Utah unless they click on an ad for CenturyLink security software. Even more oddly, the telco is repeatedly (and falsely) trying to blame a new Utah law for its ham-fisted behavior.
Just had @CenturyLink block my internet and then inject this page into my browser (dns spoofing I think) to advertise their paid filtering software to me. Clicking OK on the notice then restored my internet… this is NOT okay! pic.twitter.com/NtCZUeJF8I
— Rich Snapp (@Snapwich) December 9, 2018
In a blog post first spotted by regional Utah news outlets and subsequently Ars Technica, the user explains how he was initially under the impression that CenturyLink had tried to block him from visiting a phishing website, only to realize later that the ISP was really just temporarily holding his connection hostage until he engaged with a product ad:
“At first glance I was worried that I had somehow been redirected to a malicious website and that this was some kind of phishing attempt… After all, I didn’t navigate here. I attempted to do another search but still ended up at this same notice. I considered the idea that maybe my ISP had detected some kind of threat coming from my network and that’s why I was seeing this official looking page. Eventually, after reading over the page several times, I clicked “OK” and my internet was back.”
When criticized, CenturyLink repeatedly told the user and many reporters (myself included), that it had to block user access in this fashion due to a new Utah law:
Legislation requires us to notify Utah consumers of content filtering options to protect minors in a conspicuous method. To protect those most vulnerable, the most conspicuous method is a pop-up. We did not engage in DNS hijacking. – Zac
— CenturyLinkHelp Team (@CenturyLinkHelp) December 18, 2018
Except that’s false. Utah is, Techdirt readers will be aware, home of what has been a near-constant stream of ridiculous efforts to filter porn, a technically impossible task (something backers of the idea refuse to learn). And while this new law in question is dumb, it’s not quite that dumb. The law requires ISPs to inform users that filtering software is available to them as a sort of half-measure toward combating porn. ISPs can do this in a number of ways; the law specifically recommends either including mailers in user bills or sending an email.
The law does not require that ISPs sever access to the internet in order to show them ads for an ISP’s own software, something CenturyLink executives appear to have come up with on their own. That’s something the bill’s author himself confirmed when asked by the impacted user on Twitter:
I?m sorry you are having problems. SB134 did not require that ? and no other ISP has done that to comply with the law. They were only required to notify customers of options via email or with an invoice.
— Todd Weiler (@gopTODD) December 10, 2018
Users on Reddit indicate this wasn’t isolated to just this user — all Utah CenturyLink customers appear to be experiencing this unnecessary, heavy-handed nonsense. Now it’s possible CenturyLink could argue it was just over-complying to adhere to the law, but since the law is pretty clear an email is ok, this argument doesn’t hold up. More likely, CenturyLink executives either thought they’d use the law as a marketing opportunity, or wanted to bring attention to the dumb new law. Unfortunately that’s not really accomplished by behaving stupidly yourself.
Of course this is the kind of ISP behavior our since-discarded net neutrality rules were designed specifically to prevent. And while a few days of press shame may drive Centurylink away from the policy if users are lucky, that’s really no substitute for an attentive FCC that actually cares about keeping the internet free from idiotic monopoly ideas exactly like this one. The battle over net neutrality has always been about slippery slopes, and letting an ISP interrupt internet traffic to market its own products–and then lie about it–is slippery as hell.