Google Australia Level 18, Tower 1 Darling Park 201 Sussex Street Sydney NSW 2000
Tel: 02 9374-4000 Fax: 02 9374-4001 www.google.com.au
codes of practice as registered by the ACMA); and
the access provider has in place measures to takedown covered MA15+ content where the ACMA believes that the preceding four measures have not been adequately implemented and no remediation has occurred within a reasonable time following notification by the ACMA to the designated content/hosting service provider.
Google submits that the above requirements should be stated so as to facilitate use of a password or other unique identifier (such as a cookie) that has been issued to a person, so that this person can subsequently access content within that classification category by entry of that password or by the provider’s system recognizing that unique identifier.
Google believes that in order to be effective for all types of covered content, the requirements for an access control system in relation to R18+ content should take account of the extent of control of a content provider over the content available through the service and the character of the content service.
Google submits that where a content service: principally makes available content that is contributed by persons other than the content host or (if a different person to the content host) the provider of the content service, and the content service does not predominantly consist of content that is prohibited content or potentially prohibited content, then a restricted access system in relation to particular R18+ content that is the subject of a take-down notice should be required to have the same characteristics as specified above in relation to MA15+ content.
In relation to any other content service that makes available R18+ content, Google suggests that a restricted access system in relation to particular R18+ content that is the subject of a take-down notice might be required to comply with requirements broadly equivalent to the 1999 Declaration, namely requirements that:
a suitable form of personally identifying information (e.g. driver’s licence or credit card) is provided by an access seeker before an access key is issued;
a risk analysis that has been conducted by the access provider determines that the forms of personally identifying information that are accepted by the access provider are reasonably likely to be valid and to have been provided by the person identified in the information provided;
the access control system is capable of verifying or validating the information so provided.
Google considers that the above proposal would be more workable than the scheme currently proposed in the draft Declaration, and balances the need to protect children from unsuitable content on the internet with ensuring that this