Big Telco wants to ream you with "deep packet inspection"

You may experience mild discomfortThe extremist "free market" crowd wants to toss hundreds of years of common and public law in the toilet so a few near-monopolies can maximize their profits and minimize your choices. Should you care?

You may experience mild discomfort The extremist "free market" crowd wants to toss hundreds of years of common and public law in the toilet so a few near-monopolies can maximize their profits and minimize your choices. Should you care? Only if you use the Internet.

"We don't care. We don't have to." That was AT&T's unofficial motto back when they were a regulated monopoly. For decades you could buy a phone in any color you wanted, as long as it was black.

Attach a fax machine at home? Oh no! It could damage the network!

Buy a handset from a low-cost supplier? Oh no! It could be incompatible! Just rent ours in perpetuity. Much better - for our bottom line.

Telecommunications is the backbone of the information age And it can't be handed over to the "(un)free market" for care and feeding. In the US we did that with cellphone standards and after enormous investment we've ended up with a patchwork of incompatible networks and services that lag the rest of the world.

It took an act of Congress to get cell phone number portability and the telco's dragged their feet as long as possible implementing it.

Why? So they could lock you in for a little bit longer. How can anyone trust these people to act in the public interest?

The latest abuses Today's Wall Street Journal - subscription required - reports on new gear that allows ISPs and telcos to track your Internet usage to provide ads based on the sites you visit. It is a fast-growing business. Per the WSJ:

The newer form of behavioral targeting involves placing gear called "deep-packet inspection boxes" inside an Internet provider's network of pipes and wires. Instead of observing only a select number of Web sites, these boxes can track all of the sites a consumer visits, and deliver far more detailed information to potential advertisers.

According to Wikipedia:

DPI devices have the ability to look at Layer 2 through Layer 7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. The DPI will identify and classify the traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information.

A classified packet can be redirected, marked/tagged (see QoS), blocked, rate limited, and of course reported to a reporting agent in the network.

The "reporting agent" could be with the FBI, a divorce lawyer or maybe just someone with a grudge and access to a National Security Letter.

Getting privacy right means transparency and legal sanctions The history of US government abuse of police powers to coerce, embarrass and control people is long and sordid. Nothing has changed. Give people power and they WILL abuse it.

We have Martin Luther King Jr. day now, but 45 years ago he was just another un-American agitator in the FBI's view. They used phone taps to gather information to smear and discredit him.

Corporations are hardly better. General Motors sent detectives after Ralph Nader in the '60s and HP sent detectives after their own board members just a couple of years ago. Comcast's packet forging is just par for the course. Along with a "technical requirements" argument.

The Storage Bits take With proper safeguards, DPI can extend advertising-supported infrastructure with broad benefits for many people. But hoping won't make it so.

This service needs a legal framework that includes a prohibition on tracking or reporting visits to sites of a medical, religious, sexual or political nature. Information that ties surfing records to your name, address, age and the like needs to be kept separate. Government access must require warrants, not just subpoenas.

DPI will no doubt be abused no matter what the rules are. Which is why there must be criminal penalties for abuse. Stiff ones.

And net neutrality.

Comments welcome, of course. What other kinds of personal information should be protected?

Update+ Readers, thanks for flagging the missing *law* in the first sentence. AFAIK, us ZDnet bloggers are not edited. When we screw up, it is our own fault.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All