Internet Providers | Cyberbullying & Sextortion Responsibility. Are They Doing Anything To Protect?

CAVEAT

This article was spawned over an incident several years ago where we attempted to help a family whose young teen was being ruthlessly targeted online for digital peer aggression (cyberbullying). Through our investigation we were able to identify a suspect who we learned was using their cellphone to target this teen as well as many others. We were also able to identify the mobile internet service provider that they were using.  When we connected with this mobile internet service provider, we notified them that one of their customers was clearly violating their Terms of Service. When we repeatedly asked who could we report this to, we heard NOTHING.

For several years now, many of us digital literacy and internet safety advocates have been speaking about how social media vendors such as Instagram, Snapchat, YouTube, TikTok, and all the other popular teen apps need to be held more accountable for allowing their platforms to become breeding grounds for issues such as cyberbullying, sextortion, online predation/exploitation, and the distribution of Child Sexual Abuse Material.  To date, we have left it to these platforms to police these issues themselves, but time and time again they have taken very little action, or the action that they have taken is nothing more than window dressing from a public relations perspective.

This article is about shining a light on another group of technology vendors that we believe deserve just as much attention as these social media platforms and apps – “Internet Service Providers” commonly referred to as ISP’s. 

ISP’s allows a social media platform (like Instagram or TikTok) to deliver their product to the end user, the person using a cellphone or computer. Using the analogy of a car, if the gas tank is the social media vender and the engine is the user, then the ISP is the gas line that delivers the gas (product) to the engine (person).

We decided to do research on three major mobile ISP’s here in Canada (Bell, Telus, and Rogers). Remember, most teens have transitioned to cellphones as their primary access device when it comes to the internet. We were impressed to learn that all three of these mobile ISP’s had “Terms of Service” (TOS) that clearly outlined that the use of their networks, for the purposes of transmitting less than desirable content, such as cyberbullying or sextortion, was clearly prohibited and could in fact be a violation of their TOS which could void a user’s contract. (1,2,3)

We next started to do some research to find any incidents where one or more of these Canadian mobile ISP’s enforced their own TOS specific to cyberbullying or sextortion, but we were unable to located any information online or in the public domain to show such enforcement. As a result, we decided to contact all three ISP’s via their social media accounts on Twitter and via email.

On August 17th 2022 at 10:48 we sent the following Tweet:

“@Bell @Telus @Rogers How do you enforce your own Terms of Service that are clearly being breached by some of your customers when it comes to issues such as cyberbullying or sextortion? Can you provide examples of such enforcement, and stats on such enforcement?

After 24hrs of no reply to this Tweet, we then posted a follow up Tweet on August 18th 2022 at 2:23pm that stated:

“@Bell @ Telus @ Rogers I posted the above questions 24hrs ago and I still haven’t heard anything. The new School Year is about to start, so I wish to inform students and families accordingly”

We still have had no reply from Bell, Telus, or Rogers even though their twitter accounts have been extremely active with other postings.

Given that we had no reply using Twitter, on August 19th 2022 at 9:49am we decided to send the following email to all three ISP’s including to their customer relations email, their consumer digital protection email, their internet support email, and lastly to their report abuse email:

Good Morning:

I am doing research on Internet Service Providers and their Terms of Service and I am hoping someone from (the ISP emailed) can answer these questions specific to your Terms of Service:

      1.     Your terms of service states it is a breach of services if clients use your service to conduct illegal activity does your company enforce these terms if so, how?

      2.     How many copyright violation Notice and Notice statements were sent to your clients in 2021?

      3.     How many customer services have been terminated in 2021 due to breach of terms of service?

      4.     How many customers services have been terminated in 2021 due to copyright or intellectual property right violations?

      5.     How many customers services have been terminated in 2021 due to illegal activity as defined in your terms of service?

      6.     How many customers services have had corrective, punitive or disciplinary action in 2021 due to breach of terms of service?

      7.     How many customers services have had corrective, punitive or disciplinary action in 2021 due to copyright or intellectual property rights violations?

      8.     How many customers services have had corrective, punitive or disciplinary action in 2021 due to illegal activity” as defined in your terms of service in 2021?

Looking forward to your reply

After 5 weeks, we have had no reply from Bell or Telus in response to our questions. However, we did receive the following email from Rogers:

“We apologize but this is not something abuse@rogers.comcan assist with.”

Of interest, this email did not offer any recommendation to whom we could contact in their organization who could answer our questions.

As a result of our research and inquiries, and lack of any kind of acknowledgment or feedback from these three ISP’s, several questions started to percolate:

• Why have we heard nothing from these three major mobile ISP’s? We can’t answer this question only they can.

• Are these ISP’s actually enforcing their Terms of Service specific to cyberbullying and sextortion?  Again, we can’t answer this question without hearing directly from these ISP’s. Based upon our research in the public domain, we can’t find any evidence to support that they are enforcing their TOS specific to cyberbullying and sextortion.

• Is there any kind of external oversight agency or organization that consumers can turn to when an ISP is not enforcing their Terms of Service? Based upon our research, the answer to this question is “no”. We actually contacted the Canadian Radio-Television and Telecommunication Commission (CRTC) and asked them if they had the power to ensure that an ISP was enforcing their own TOS. The CRTC, unlike the ISP’s, did response back to us and stated, “The regulations that come from the CRTC through the internet code cover mostly issues that are related to billing and if the service is working properly” In other words the CRTC has no enforcement power specific to an ISP enforcing their own TOS – NONE!

We must acknowledge that these three ISP do have education and prevention programs, especially Telus, specific to youth social media safety and digital literacy, including on the topics of cyberbullying and sexting. Some also donate money to several “not-for-profit” anti-bullying organizations here in Canada. However, there is a clear disconnect when an ISP promotes digital literacy and internet safety, but don’t appear to be enforcing a breach of their own code of conduct and Terms of Service when a customer weaponizes a mobile ISP for the purposes of cyberbullying or sextortion.

Now these ISP’s may say, “these are criminal matters that need to be dealt with by the police and not us” and we would agree with such a statement.  However, these breaches are still a clear violation of their TOS so why are they not also not taking action? If it “takes a village” to deal with these issues, aren’t ISP’s a part of that village? Also, some forms of cyberbullying are not “criminal” in nature so police involvement is irrelevant, but yet the cyberbullying by their customer’s actions still meet the criteria as a violation of these ISP’s TOS. By not enforcing their own TOS, do they not become complicit and a part of the problem?  Without consequences to actions, is an ISP willfully allowing their service to be used by a customer as a weapon to continually and relentlessly target others?

So, who has the power to ensure that an ISP is enforcing their Terms of Service?  The answer - only the ISP themselves. However, it appears based on all the information mentioned in this article that ISP’s, much like social media vendors, are inherently resistant to enforcing their Terms of Service specific to cyberbullying and sextortion. Could it be that self-enforcement could mean the loss of a customer, which means lost revenue? Considering that all three ISP’s mentioned in this article are multi-billion-dollar companies, we would suggest that such enforcement would be an extremely small financial loss.

So how could an ISP enforce their TOS? – here are some thoughts:

• Have a specific department/unit that will be dedicated to enforcing a TOS.  All three ISP’s had a “abuse” email reporting function so why not use it for TOS violations as well.

• Create a gating process that outline who can submit a report such as the police, a school principal or counsellor, or the mobile account owner. Also, clearly outline what needs to be included in the report such as a screen capture of the content that breaches a TOS as well as the account owner’s name, cell phone number, and IP address if able

• If the report passes the gating process, then consider an incremental consequence to actions approach:

1. Warning letter, email, text should be sent to the owner of the phone.  In most cases given that teens will likely have a device whose phone service and data/text plan contract was signed by a parent, in all likelihood the parent will receive the notification.  We actually think this is a good idea given that most parents will be unaware that their child is using their phone inappropriately, thus creating an opportunity for family dialogue on the use and misuse their child’s phone.

• If after a first warning notice the TOS violations continue, cancel the owner’s ability to use data/text for a short time (longer in multiple violations), but still allow the phone talk function.  This will still allow parents to communicate with their child when needed, or for the owner to still talk to friends or to contact 911 if needed.

Again, these are only some thoughts, and we are sure there are also many other options that we have not considered. Such a process will take time, effort, and investment on the part of an ISP.  However, these three ISP’s, and many others, are multi-billion-dollar companies so isn’t the investment on self-enforcement important when it comes to our kids emotional, psychological, physical, and social well-being?  As mentioned earlier in this article, by not enforcing their own TOS, do they not become a part of the problem?

In conclusion, “YES” parents, schools, police, and teens have a part to play in dealing with issues surround the use of technology for the purposes of cyberbullying and sextortion. However, we believe that both social media vendors and internet service providers also have a significant role to play, but have been willfully blind specific to their participation often hiding behind “safe harbor” legislation like the Canada United States Mexico Agreement (Canada) or Section 230 of the Communications Decency Act (USA). Both of these pieces of legislation provide immunity to online platforms and ISP’s from civil liability based on third-party content and for the removal of content in certain circumstances.

Using the earlier analogy of a car, does it not make sense to pinch the ISP gas line specific to customers who use and weaponize their service to target others online that are clear violation of their own Terms of Service? We believe it is, but to make this happen their needs to be enforceable legislation in place that places a significant financial consequence when an ISP is willfully blind to their own TOS. We the people need to be speaking to our government leaders and asking them to create the legislation needed to hold social media vendors and ISP’s accountable. This is what Australia has done with their eSafety Commissioner Office as well as the State of California. Recently The eSafety Commissioner announced that “there are draft mandatory industry codes coming shortly which will seek to address the roles & interventions across 8 sub-sectors of the tech industry, Including ISPs.”  However, this will be a significant challenge given that we here in Canada don’t have a dedicated eSafety Commissioner.

The collective wealth and power that social media platforms and ISP’s have to lobby government to meet their corporate financial benefit, rather than the needs of the general public who depend upon their services in our daily lives, will continue to be the lay of the digital land here in Canada until we have an independent government watchdog to hold them accountable!

Digital Food For Thought

The White Hatter.