What is geo-blocking?
Geo-blocking is blocking something based on its location. More specifically, geo-blocking means blocking access to a network-accessible resource based on the supposed location of the system or user seeking access to that resource. Blocking can mean network-level blocking, such as dropping IP packets, or system-level blocking, such as enabling the application to reject the access attempt or to ignore it.
The geo-blocking system usually doesn't know the location of the requester. It infers that location based on the information it can see, starting with the IP address from which the request comes. Some IP address ranges, or the domain names they correspond to, can be reliably mapped to a region or location. Others cannot.
Geo-blocking systems may also look at other IP traffic characteristics, such as routing and traffic data. They might look at the number of router hops a packet from that source has to take to get to it and at packet latencies and jitter to see if the distance implied by the data is in accord with the location associated with an address.
Geo-blocking sites may try to access location information from a requester, especially when the request is coming from an app on a mobile device. Mobile devices usually have precise geolocation functionality based on the Global Positioning System, as do an increasing number of laptops. Some devices also have location information attached to them by their internet service providers. However, such systems can also deny access to that information, both broadly and on an app-by-app basis.
Geo-blocking is one of a spectrum of actions IT systems take in response to the geographical location of a person or system. Other location-aware responses might include the following:
- Switching the language a service uses to interact with network resources.
- Switching the currency of online transactions.
- Modifying authentication protocols and account authorizations based on user or system location in a zero-trust network access environment.
Geo-blocking use cases
The highest-profile use of geo-blocking is by streaming services, such as Netflix, Amazon Prime Video, Hulu and Disney+, to control access to online content. They have geo-blocking in place because they are streaming content under different pricing plans in different geographies or because the content is subject to different licensing agreements in different places.
Some content streaming services have the right to show in some places and not in other places due to intellectual property and copyright laws. Some content they are forbidden by law from showing in some places as a matter of governmental censorship. Sometimes, they wish to, or are required to, show different versions of the content in different places. Similarly, in the world of DVDs and Blu-rays, there's been a long practice of region coding for the discs and players.
How effective is geo-blocking?
In and of itself, geo-blocking is quite effective. Online content and retail companies have succeeded at partitioning the internet in this fashion to control what users pay based on where they are and limiting who has access to what.
The fundamental effectiveness of geo-blocking has spawned a variety of efforts and methods for bypassing it.
Many legal questions often swirl around geo-blocking. For instance, is geo-blocking legal? Is bypassing geo-blocking legal? The answers vary by where the provider and end user are located and the reasons for trying to circumvent geo-blocking.
Is geo-blocking legal?
Yes, geo-blocking is mostly legal, unless you live in the European Union, in which case it is mostly not. It is generally not just allowable, but necessary under international copyright law for providers to block access to content from jurisdictions where they do not have the right to sell or distribute it so that they are not contributing to infringing activities.
Is bypassing geo-blocking illegal?
Yes, bypassing geo-blocking is illegal in some places, by some methods and for different reasons. But, in most places, no, bypassing geo-blocking is not illegal. It largely depends on why a person would want to bypass geo-blocking.
Mainly, bypassing geo-blocking conflicts with a content provider's terms of service or end-user license agreement. In most places, the biggest risk of getting caught is being banned from the platform, rather than facing legal action.
The main methods to bypass geo-blocking are to use a virtual private network (VPN) service or an anonymizing technology or service.
VPN services put a client on a user's device. That client sets up encrypted channels to VPN servers, usually the one closest to the end user. Traffic from that client then passes through that server to other VPN servers close to the traffic's destination, such as a content provider. To the content provider, the traffic appears to come from the VPN server or a set of IP addresses controlled by that VPN provider, rendering geolocation irrelevant.
Anonymizers work in one of two ways. Anonymous routing works at the network level, like a VPN, using the The Onion Router, or Tor, protocol or something similar. Packets leave the requesting system and pass into a private routing space. Packets are passed among routers, but packet source information is hidden from the next router. So, the traffic cannot be traced back to its origin. Anonymizing proxies work at the application level. A web browser, for example, can be told to use a proxy, and the requests it makes -- say, to a content provider -- appear to come from that proxy.
A smart DNS or DNS changer can also bypass geo-restrictions. These tools operate only in the DNS space and do not change the IP address of other packets in a traffic stream, so they're less effective than a VPN or proxy approach.