Slashdot Mirror

← Back to Stories (view on slashdot.org)

Will ISPs Be Driven To Spy On Their Customers?

Posted by timothy on from the won't-be-a-long-drive dept.

bs0d3 writes "In regards to the new 'voluntary' graduated response deal (where no one really knows how ISPs will track and accuse customers of copyright infringement), according to CNN, it may be the ISP directly spying on their customers. 'But now that they're free from individual blame, there's also the strong possibility that the ISPs will be doing the data monitoring directly. That's a much bigger deal. So instead of reaching out to the Internet to track down illegally flowing bits of their movies, the studios will sit back while ISP's "sniff" the packets of data coming to and from their customers' computers.' This could be a problem for people who use U.S.-based internet services. If the U.S. wants to be an internet savvy country, they still need the competition in the marketplace that's always been missing, and a digital bill of rights that isn't a sneaky anti-piracy measure."

7 of 133 comments (clear)

  1. short answer by roman_mir · · Score: 5, Informative

    yes

    --
    You can't handle the truth.
  2. Re:You mean they don't do it already? by ATMAvatar · · Score: 5, Interesting

    I don't think anyone believed that many (if any) ISPs were fighting the good fight, as it were. The assumption was more that ISPs are typical businesses, which do not incur costs unless required to do so. Setting up infrastructure and staff to monitor subscriber traffic costs money and effort. Without some well-defined, monetary gain in doing so, ISPs simply won't bother.

    So to answer your title - no, most ISPs probably haven't monitored traffic already, because it was a waste of time and resources to do so.

    --
    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
  3. Short answer: No (the correct answer) by gavron · · Score: 5, Informative

    Fact:
    First, there is no law requiring any action on the part of any ISP.
    Disclosure: I participate in running an ISP, but not one of the ones involved in this.

    Fact:
    Some large national carriers have agreed to do some things. "Agreed" and "partnership" have no legal meaning. "An agreement is yet to be signed." is in the OP's link and that gives us an idea that in the future there MAY be an agreement. For now, should it happen, it's voluntary.

    Fact:
    No law of any jurisdiction in the United States currently requires any ISP to provide any content monitoring. The only requirements close to that are to allow Law Enforcement access should they have the right to it -- CALEA.

    Opinion:
    It would be counter to the AOL decision (Zeran v AOL) that an ISP is responsible for either monitoring content, taking action based on content, or being liable for content or failing to take action based on content. That's a fourth-circuit decision that makes it likely that any ISP that doesn't want to join the "partnership" with the MPAA/RIAA can easily not opt-in to their program. Note that I didn't say "opt-out" because that would beg the question of whether there's a requirement to join.

    Looking forward, I can guess that our "friends" in the MPAA/RIAA will continue their program to CHANGE THE LAW through spending lots of money, lobbying, using the influence of former senator Dodd, etc. If they can get the law to require ISPs to do so, and thereby trump the 4th circuit's AOL decision, then there will be a concern.

    However, as Sonic.net's CEO Dane Jasper said ISPs should keep as little logs as possible, preferably under two weeks. That would make it difficult unless they are doing real-time DPI, analysis, investigation, and sending out C&D letters for any of this to have meaning.

    While the resources necessary for ISPs to provide access under CALEA are minimal ("Here's your Ethernet port, have a nice day, Feds") the requirement to do DPI for hundreds of gigabits-per-second of data is beyond onerous -- if even achievable. Consider -- it's not just that an ISP has to monitor their "upstream" pipes, but also customer-to-customer. The amount of bandwidth inside each ISP's core is immense.

    Sorry to be long-winded, but having read the other responses, I see a lot of D&G and nay-saying. I agree that the landscape is pretty harsh, and the earth is getting scorched. I see hope because I see that we have defeated SOPA, PIPA, ACTA, (and yes I know the TPP is still alive) and we can likely continue to teach our congressional non-representatives that when the majority of the country doesn't want something ... it's likely not something they should support in our name.

    Ehud

  4. Re:You mean they don't do it already? by Kjella · · Score: 5, Insightful

    Really? Anyone? Really believes that the ISP are protecting you? Your privacy? With claws and fangs?

    No, I think they're covering their own asses by making sure they know absolutely nothing about anything I do or don't do. If they start flagging copyright infringements for one company I'm sure they'll get sued by a bunch of other companies for secondary infringement or criminal negligence or being co-conspirators as they let all the other infringements pass. And not just copyright infringement but everything else too, the user is sending SPAM and they let it pass? Sue the ISP. Internet fraud? Sue the ISP. Hacking? Sue the ISP. If anyone can show the ISP "knew" the customer was doing something illegal but continued the subscription to turn a profit, they could get in all sorts of legal shit. Either you're reading the bits or you're not, you can't both do that and claim ignorance at the same time.

    --
    Live today, because you never know what tomorrow brings
  5. Re:The US is not a free market by sqrt(2) · · Score: 5, Interesting

    Which is why the physical infrastructure should be nationalized and leased by the government to private businesses who must then compete with each other. This would lower the barriers to entry and open up competition. And laying all that fiber will create a lot of jobs too.

    --
    If you build it, nerds will come. Soylentnews.org
  6. Re:The US is not a free market by Jane+Q.+Public · · Score: 5, Interesting

    "Once one ISP has an area cabled up, it's no longer financially viable for another to move in."

    That's why some smart communities have decided to let the city or county build the cable infrastructure, using tax dollars. Then they rent the infrastructure to data providers.

    Not only do they save money, they are not subject to coercion by monopolies.

  7. Re:Just use SSL for everything by DarkOx · · Score: 5, Insightful

    I think most ISP have enough common sense not to try that. All it would take is for some 3rd party DNS provider to stuff a NAT statement into their iptables such that 80 -> 53. Doing DNS on TCP is not to much overhead for modern hardware.

    At that point they'd have to start doing inspection to make sure all 80 traffic looks like http. That would even get somewhat more complicated if the SSL port were used. Its game over once people implement local stub DNS resolvers that actually call a web service somewhere over https to do queries.

    Unless ISP are prepared to essentially deploy Websense or something like it with SSL intercept and block any protocol including VPNs etc, that is not http, https, possibly ftp, and does not appear to some other protocol implemented on top of those its impossible. I don't think consumers would stand for it.

    *What do mean I can't connect to my companies VPN?
    *WOW and all my old games wont work any more, I have to buy new ones that use webservices and have shit latency thru your proxy!
    *No more VOIP

    That dog won't hunt.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html