Connected Research

Union policy research in the 21st century

DPI and net neutrality

leave a comment »

An interesting aspect to the net neutrality debate in the US, about which I blogged a couple of days ago, is how internet service providers know which traffic to prioritise so as to manage the load on the internet at peak times.

The naive assumption might be that they monitor particular servers, or use of particular sites, and then throttle that traffic back – and some might well do it this way. At least Comcast amongst US ISPs, however, uses Deep Packet Inspection [registration required; limited viewing time], which brings a whole new aspect to net neutrality: that of online privacy. Deep Packet Inspection, in the definition of online privacy campaigners, is akin to post officers opening your Royal Mail envelopes and examining the contents before handing you your post. To extend that analogy, DPI allied to traffic management measures is akin to your first delivery post being opened, the postal delivery officer saying to you ‘Oh, I see you’ve got some pretty big files in there – you can’t have it now but I’ll bring it back when I come back with second delivery’ [or tomorrow, for those who don’t get second post].

So, Comcast knows whose traffic to throttle back not because it has a general approach to the management of traffic to and from particular sites but because it knows you, as an individual, are downloading a file from the computer of someone on the other side of the world who you’ve never met – and it knows that because it has examined your communications in detail (and then sidelined it in terms of priority).

The above link talks in general about companies offering DPI services not having actively marketed their offerings in the US since Comcast was cited for its traffic management last August – but having concentrated on Europe and the Middle East. Should the net neutrality debate cross to Europe – as some have suggested it might – this is an aspect that campaigners will have to be aware of – and not only then, if DPI companies are already actively marketing in Europe.

This tying up of DPI and online privacy with net neutrality casts a dangerous aspect to the debate. Traffic management measures (to paraphrase what I argued earlier) are probably a necessary evil, currently – but not at the price of online privacy. If ISPs must manage traffic to ensure that too-thin pipes don’t fall over under the weight of our net usage, how they do that must not compromise the privacy of your online communications.


Written by Calvin

24/09/2009 at 12:14 pm

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s