Slashdot Mirror
CIPPIC Files Privacy Complaint Over DPI
dj_yaz writes "A group of University Of Ottawa law students who deal with online privacy issues last week filed a complaint with Canada's Privacy Commissioner about Bell Canada's use of Deep Packet Inspection (DPI) to monitor internet subscribers' online activities without their knowledge or consent."
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
As a veteran of the ISP business from the days of 14.4kbps up through ISDN, DSL, and tower-to-home wireless, let me assure you the little players didn't have the funds to do DPI on everyone.
For the places I worked, if we suspected one or two particular customers were into kiddie porn or trying to break our network, we could divert that user's packets through a path with a fairly high level of scrutiny. That was a really rare thing, and we were usually too busy keeping the servers and networking equipment running to bother even when we had suspicions.
We never, at any company I worked for, turned over information on which customer was on an IP address at a given time without a subpoena unless we had proof internally of either kiddie porn or attacking our networks. Any other crime, and the cops had to get their court order. One company I worked for even put up challenges to some subpoenas.
I'm pretty sure the upstream providers for those small to medium ISPs could carry on vastly more streams of packet inspection, but not enough to snoop on everyone. They might've done random sampling or investigated on a suspicion-led basis as we did. The tech to do DPI on everyone I think is just now becoming economically feasible. Although it probably could have been done with the tech of five years ago, I doubt anyone would have paid the cost.
I use charter.net for cable internet, and just saw this today. (kudos to Consumerist.com and DSL reports for the scoop!) Looks like Charter is using DPI, and your browsing habits to "replace" adds on the websites you visit with their own ads that are "more relevant". You can opt out by filling out your personal info on a non-secured website, but you must re-opt out anytime you delete your cookies. Not to mention the copyright ramifications. I would be pissed if I was a webmaster, and lost revenue becuase the ISP's replaced my ads.
What are we going to do tonight Brain?
But, ultimately, all of those packets have to travel over one of the backbones.
I fail to see how having a separate front-end access point could eliminate this problem. Surely you aren't proposing a completely separate networking infrastructure which would never travel over the same fibers as they do now -- that would likely be a very difficult thing to do, wouldn't it?
You still need routing to the rest of the internet. A completely separate network would be kind of useless.
Cheers
Lost at C:>. Found at C.
And here I thought somebody was suing over Dots Per Inch. But I see this acronym has been hijacked..
I think we need to start planing for an Alternate Network other than the Internet.
We already have one, just with really high latency: Large external HDDs.
And I don't mean that as a joke. It takes way too much time (after, for example, a major crash) to redownload hundreds of gigs of music, (*cough*porn*cough*), and movies. Easy solution? Give your friends a copy now, and pay them a visit when you need to "restore from backup" later.
Incidentally, for all their bluster about P2P, what I just described really terrifies the **AA... Not only do they have no ability to track it, but you can copy their entire catalog in a few hours (or less). Compared to that threat, a few low-quality leaks of Madonna's latest cry for attention pales in comparison.