What is geo-blocking?
Geo-blocking is blocking online content based on its location. Blocking can be either network- or system-level. Network-level blocking includes dropping Internet Protocol (IP) packets, while system-level blocking enables the application to reject the access attempt or to ignore it.
Because geo-blocking restricts access to a network-accessible resource based on the presumed location of the system or user seeking access, the geo-blocking system usually doesn't know the requester's exact location. It infers the location based on the information it can see, starting with the IP address that the request comes from. Some IP address ranges, or the domain names they correspond to, can be reliably mapped to a region or location. Others cannot.
Geo-blocking systems may also examine other IP traffic characteristics, such as routing and traffic data. This information includes the number of router hops a packet takes to get to its destination, as well as packet latencies and jitter. With this information, the geo-blocking system can see if the distance implied by the data is in accordance with the location associated with an address.
Geo-blocking sites might try to access location information from a requester, especially when the request is coming from an app on a mobile device. Mobile devices and an increasing number of laptops usually have precise geolocation functionality based on the Global Positioning System. Some devices also have location information attached to them by their internet service providers. However, these systems can also deny access to that information, both broadly and on a per-app basis.
Geo-blocking is on a spectrum of actions IT systems take in response to a person's or system's geographic location. Other location-aware responses include the following:
- Switching the language a service uses to interact with network resources.
- Switching the currency of online transactions.
- Modifying authentication protocols and account authorizations based on user or system location in a zero-trust network access environment.
Geo-blocking use cases
The highest-profile use of geo-blocking is by streaming services, such as Netflix, Amazon Prime Video, Hulu and Disney+, to control access to content. Geo-blocking is in place because they stream content under different pricing plans or have different licensing plans in different geographies.
Streaming services have the right to show in some places but not others due to intellectual property and copyright laws. Some content is forbidden by law to show as a matter of governmental censorship in some places. Sometimes, they wish to -- or are required to -- show different versions of the content. Similarly, DVDs and Blu-rays have a long history of region coding for the discs and players.
Geo-blocking effectiveness
Geo-blocking is quite effective. Online content and retail companies partition the internet in this fashion to control what users pay based on their location and limit who has access to what resources.
The fundamental effectiveness of geo-blocking has spawned a variety of efforts and methods for bypassing it.
Geo-blocking legalities
Many legal questions swirl around geo-blocking. The answers vary by provider and end-user location, as well as the reasons for circumventing geo-blocking.
Is geo-blocking legal?
Geo-blocking is legal in most places. The European Union is the only place where geo-blocking is mostly illegal. Not only is it legal, but under international copyright law, providers must block access to content from jurisdictions where they don't have the right to sell or distribute it. This way, they are not contributing to infringing activities.
Is bypassing geo-blocking illegal?
It's illegal to bypass geo-blocking in some places, depending on the methods and reasons. It's not illegal to bypass geo-blocking in most places, however. Whether geo-blocking is illegal largely depends on why a person wants to bypass it in the first place.
Bypassing geo-blocking conflicts with a content provider's terms of service or end-user license agreement. In most places, the biggest risk of getting caught is being banned from the platform rather than facing legal action.
Methods to bypass geo-blocking include using the following:
- Virtual private networks (VPNs).
- Anonymizing technologies or services.
- Domain name system (DNS) services.
VPN services install a client on a user's device. The client sets up encrypted channels to VPN servers, usually the one closest to the end user. Traffic from that client then passes through that server to other VPN servers close to the traffic's destination, such as a content provider. To the content provider, the traffic appears to come from the VPN server or a set of IP addresses controlled by that VPN provider. This renders geolocation irrelevant.
Anonymizers work in one of two ways: routers and proxies. Anonymous routing works at the network level, like a VPN, using The Onion Router -- or Tor -- protocol. Packets leave the requesting system and pass into a private routing space. They are then passed among routers, but packet source information stays hidden from the next router so traffic cannot be traced back to its origin.
Anonymizing proxies work at the application level. For example, web browsers can be configured to use a proxy. When the browser makes a request to a content provider, it appears to come from that proxy.
A smart DNS or DNS changer can also bypass georestrictions. These tools operate only in the DNS space and don't change the IP address of other packets in a traffic stream. This makes DNS less effective than a VPN or proxy approach.
