Ability to Block Discourse Access from Geographic Regions or Countries

Continuing the discussion from EU Copyright Directive just passed through Parliament:

The EU Copyright directive and censorship system was just passed, and it’s pretty lousy. The full impact is still unknown, but the main problems we know of now are:

  • Required filtering system for anything that could possibly be copyrighted. This at least is restricted to more popular sites. But what about a forum that’s part of a larger site? Unclear
  • Link tax - Linking and excerpting to a site and including anything over a couple of words is not allowed. Unless I’m mistaken, this applies to all sites, not just large ones.

One of the constants in forum discussions is linking to other sites and quoting from their articles to further the discussion. This has always been considered Fair Use, unless people are posting the entire contents of an article (which also happens frequently and should be moderated).

My suggestion is to add this feature to Discourse:

  • Allow blocking of viewing or using the forum from a list of geographic regions, such as Europe. Ideally with a message to display to those people.
  • Allow restrictions on where user accounts can be added from.

These could be useful either way if you get a lot of spam from a particular region that would not realistically be reading your forum.

(I’m going to be moving my forum behind Fastly anyway, and I’ll handle this there instead. Just giving feedback)

3 Likes

As far as I was aware, any site over three years old is caught by this article of the Directive - not just popular sites.

1 Like

Well that makes it much worse, I guess, if that’s the case. I know the exact details kept changing a little bit, and the member states can implement their own exact versions of the rules — which makes it worse, IMO, because every country there will have slightly different rules. How can anybody navigate that?

1 Like

It’s been discussed but it is a complex thing to build, and we’d only build it for enterprise customers who absolutely required it.

There are one or two relatively minor related feature things Discourse would gain out of implementing this, but it’d be a lot of work, so the cost/benefit is not quite there outside enterprise.

@sam might have more to add. This is not currently on our roadmap, to be clear, because the enterprise customers who “needed” this suddenly decided they didn’t when we told them the cost :wink:

6 Likes

With the availability of VPN services the user of geographic blocks doesn’t achieve anything. A user originating from Europe on a VPN still exposes you to the same risks. If any part of the traffic passes through europe, it can be considered as included.

Member countries have yet to turn the EU ruling into local laws, and if GDPR is anything to go by they’re free to interpret the EU wording to the limits of the language.

Just like GDPR this is a problem without an easily navigable solution.

2 Likes

Technically now that we ship the maxmind db out of the box, this kind of feature would only take a few weeks to build.

Caveats being:

  1. NGINX would not do any blocking so “anon requests” would unconditionally have to be funneled through the app which would cause perf issues.

  2. CDN support would be tricky, most CDNs out there don’t support a mechanism for this so it is likely you would not be able to use most CDNs.

I don’t see us building this though cause it goes against a lot of our principles. Closet feature I can see us building is “self service, best effort strong IP block” (aka. if your IP matches list then application will return an access denied prior to walking through all the app code) cause this can allow all sorts of forums to protect themselves a bit better against abuse beyond the rate limiting we ship.

If you really really deem that you need this, why not drive all your traffic via cloudfront and have it do it for you?

2 Likes

To be clear though, it’s not just about blocking visitors, it’s about sites embedding re-using or embedding content from EU entities.

That’s why the YouTube geoblock is useless, rights holders could still identify their content being shared with other audiences worldwide.

@Stephen totally understood, from reading:

My guess is that @geek is simply saying, “I don’t want to think about this problem, I am worried Europe are going to put me out of business, can I have this feature please”

I think there is a lot of uncertainty when new laws pass, some of us are a lot more risk averse than others

The last thing I want is for this topic to devolve into one of those GDPR scare topics. Where 1 side is saying “Don’t worry be happy” and the other side is saying “The sky is falling”.

Happy to talk about what Discourse can technically do and what we have in our roadmap.

:warning: Warning though for all the readers here, cause we are just in post 7 and this my spidey sense is tingling real bad. :spider:

Lets stay laser focused on discussing:

“Ability to Block Discourse Access from Geographic Regions or Countries”

6 Likes

The only thing I’m saying is that an option to block the entire forum at a country level would be nice. That would neatly solve the issue entirely for anybody that doesn’t want to navigate the legal issues. If you don’t operate in a country you aren’t subject to its laws.

I don’t actually need this personally, as I mentioned in my original post.

Was just giving feedback.

3 Likes

Yep, I get that, but as I said geo-blocking EU users doesn’t achieve that.

Don’t believe this is correct.

First, it’s not a tax, so let’s drop the fear-mongering ‘spin’.

The data in the open graph tags is much more than a couple of words. Given its purpose, despite not being a lawyer (@angus), my hunch is that there exists an implicit licence to use this data as previewing remotely is exactly what it’s meant for. If they didn’t want you to use this text, why include it in their open graph tags? We might need this tested in court to confirm, though why someone would bring a case against you for linking to their site using their link data is anyone’s guess!

I suspect therefore oneboxing will continue to not require an explicit licence.

I will certainly continue to do so without any fear of repercussions.

I appreciate quoting from arbitrary points in the main text is going to be a bit more tricky.

2 Likes

If you dig through the legalese they’re mostly concerned with lifting enough of an excerpt to negate the need to click through to the article.

Opengraph is neither the problem nor the solution. As previous EU decisions it will be down to individual member states as to how this manifests into enforceable laws.

But yes that’s the crux of it, they’re concerned with publisher to publisher, not audience.

2 Likes

And that is at their discretion because they determine the link excerpt.

All blown out of proportion!!

2 Likes

Easy:

  1. Add your site to Cloudflare
  2. Block any country you want
  3. Enjoy your CDN and hiding your server ip for free
  4. ??? profit

The only thing you lose is the ability to see the real IP of users if you are using a reverse proxy + cloudflare, but that can probably be fixed too if you really care about it.

Maybe there are other CDN’s that can do it, but with a free CDN like Cloudflare that can serve the needs of like 90% of the websites for free I don’t see a reason to look for another one.

1 Like

Does someone really believe, that blocking will solve anything?

It’s a regulatory / compliance question, that will be addressed sooner or later by legislation due international free trade and copyright agreements.

In my opinion, we need to talk about risk management and watch dog processes instead of over-blocking and the chilling effects.