Analysis: ipoque, DPI, and bandwidth management

Bandwidth-exceededIn 2008, ipoque released a report titled “Bandwidth Management Solutions for Network Operators“. Using Deep Packet Inspection appliances, it is possible to establish a priority management system that privileges certain applications’ traffic over others; VoIP traffic can be dropped last, whereas P2P packets are given the lowest priority on the network. Two  modes of management are proposed by ipoque:

  1. Advanced Priority Management: where multi-tiered priorities maintain Quality of Experience (rather than Service) by identifying some packet-types as more important than others (e.g. VoIP is more important than BitTorrent packets). Under this system, less important packets are only dropped as needed, rather than being dropped once a bandwidth cap is met.
  2. Tiered Service Model: This uses a volume-service system, where users can purchase so much bandwidth for particular services. This is the ‘cell-phone’ model, where you sign up for packages that give you certain things and if you exceed your package limitations extra charges may apply*. Under this model you might pay for a file-sharing option, as well as a VoIP and/or streaming HTTP bundle.

The danger with filtering by application (from ipoque’s position) is that while local laws can be enforced, it  opens the ISP to dissatisfaction if legitimate websites are blocked. Thus, while an ISP might block Mininova, they can’t block Fedora repositories as well – the first might conform to local laws, whereas blocking the second would infringe on consumers’ freedoms. In light of this challenge, ipoque suggests that could ISPs adopt Saudi Arabia-like white-lists, where consumers can send a message to their ISP when they find sites being illegitimately blocked. Once the ISP checks out the site, they can either remove the site from the black-list, or inform the customer of why the site must remain listed.

The problem with these kinds of ‘solutions’ are manifold, but I’ll just touch on a few:

  1. ISPs should not be responsible for determining what is permissible and impermissible online content. They are expected to be common carriers and, as such, should deliver traffic without filtering traffic based on its originating/destination application or point of origin (within reasonable bounds).
  2. Nation-states, even Western states, have demonstrated that they cannot be trusted to filter the ‘net. Australia’s experimental firewall has shown us this.

While prioritizing some packets over others on the basis of their type (e.g. VoIP) doesn’t strike me as unreasonable in many circumstances, prioritizing on the basis of the application (e.g. Skype, WoW, etc) is unfair. Should some form of advanced priority management be used by ISPs, it should involve broad categorizations of applications, and such categorizations should be made public (e.g. all VoIP applications, including any that are offered by the ISP itself). Tiered service models just seem like a mess to me, and the idea of implementing black- and white-lists to limit copyright infringement strikes me as a recipe for disaster and broad censorship.

ipoque’s white paper concludes with a discussion of how DPI can be implemented by universities, and uses a German university as an example for typical bandwidth use in 2007. In essence, ipoque argues that educational institutions should consider deploying DPI to limit their students from consuming bandwidth for infringement purposes, where that bandwidth is needed for other university business. This is an effort to normalize DPI by ‘teaching’ the educated elite that filtering is permissible even in educational environments. If such activities are permissible in a space of academic freedom, then surely filtering practices are permissible outside of these special environments!

The attempts to lean on schools to ‘regulate’ their students is a mode of governance meant to instill a particular, very American, conception of intellectual property and copyright into the hearts and minds of university students. Given the broad implications of American attitudes on these subjects, as well as on the topics of cultural growth and free speech, IT departments should not be the business of deciding whether DPI should come to campus; students and faculty members who are indebted to academic freedom and best able to understand the implications of wide-spread filtering of Internet content should have the first, and final, say about whether these network appliances are permitted onto campus grounds.

* note that extra charges will, almost certainly, always apply.