Deep Packet Inspection and Your Privacy Online

The Internet is a world penitentially embroiled in a Cold War. Now, as then, an arms race between factions is constantly ongoing, each working to counter the efforts of the other. Into this race, comes deep packet inspection, a serious threat to online privacy.

When I say Cold War, it’s not just an a reference thrown up to thrown up to invoke emotion. Like the real Cold War, it is mainly fought by proxy, one side using a third party to score hits. However, unlike the Cold War, it is not a contest between two fairly equal forces. One side has money and power, and the will to use it. The other has sheer weight of numbers, but what seems like general apathy.

One of the new weapons in this conflict, is called ‘Deep Packet Inspection‘ (DPI). An innocuous sounding name for a technology that basically means ‘Internet monitoring’. Deep packet inspection is a technology that some companies are salivating over, including advertisers and entertainment lobby groups like the MPAA. With it, their dreams can come true, some of them anyway.

There are various uses for deep packet inspection, such as its use by intelligence agencies (It’s a wiretap for the Internet) to intercept email and other web traffic, like in Sweden. However, there are two more sinister usages being rolled out that are not so good for the everyday Internet user.

With the ability to see the contents of data packets, it’s no surprise that it’s a prime candidate for traffic shaping and throttling. With ISP’s increasingly overselling their capacity, they are starting to spend money not on infrastructure, but on DPI equipment, to throttle BitTorrent traffic for example. Until recently, the processing power required to inspect data packets has made this prohibitive, as it required massive computers, and significantly slowed down network traffic. Now, though, companies like Procera Networks are selling systems capable of DPI on 40Gbps of traffic, per system. Think Sandvine, without the telltale RST packets.

The MPAA loves the idea of DPI as well. It, like other groups, figure, that if people can see the contents of packets, that it can tell if those packets contain copyrighted data. Of course, they’re oblivious to the idea that their material can be used in a non-infringing way, and staunchly against fair use (and don’t forget, Fair Use Day is only a week or two away). If this becomes a popular view, though, we may see multi-part rar files in torrents growing in popularity again.

The other, arguably more sinister usage of DPI, is the growing interest by advertising companies to use deep packet inspection to observe what Internet users are doing. Watching your browsing activity, you can gain all kinds of insights into the user behind the keyboard. Similar to spyware, but on your line not your system, it’s not a good thing, and impossible to remove. Worse, it may be able to tell who is behind the keyboard at the time, by identifying trends in connection behavior. In the case of a p2p lawsuit, these DPI-based advertising companies may end up being called to testify who their systems believe to be behind the keyboard at the time of the allegations.

With British Telecom in the UK having experimented with DPI based advertising , without telling the subscribers about it , and with Charter in the US looking into trialling it (or as has just been announced – discouraged from it) it is a pressing concern. Fortunately, some people are not exhibiting the apathy mentioned above, and are doing something about it. Alex Hanff (you might remember his tangle with the MPAA) has been studiously working against the likes of Phorm, and indeed, we linked to his dissertation on it last time. He is holding a protest outside British Telecom’s AGM next month, to protest this rape of user’s privacy for commercial gain.

no-DPI banner

While the protest might be mainly against advertising based systems, it’s a worry for all net users, and needs to be dealt with by something other than apathy. At least one torrent site admin has told me he will be there and I may be there, but the more that attend, the better. So, users of the world, it’s time to start acting for what you believe in, and stop just moaning about it.

Tagged in:

, , , ,

You may also like:

c There are 65 comments. Add yours?

comment policy