Month: May 2009

EU: Judicial Review Central to Telecom Disconnects

/ Christopher Parsons

elpalaciodejusticiaI’m perhaps a bit idealistic, but I think that there are clear contemporary demonstrations of democracy ‘working’. Today’s example comes to us from Europe, where the European Parliament has voted to restore a graduated response to copyright infringement that pertains to when and how individuals can be disconnected from the Internet. Disconnecting individuals from the ‘net, given its important role in citizens’ daily lives, can only be done with judicial oversight; copyright holders and ISPs alone cannot conspire to remove file sharers. This suggests that any three-strike policy in the EU will require judicial oversight, and threatens to radically reform how the copyright industry can influence ISPs.

What might this mean for North America? If policy learning occurs, will we see imports of an EU-style law on this matter? Do we want our policy actors to adopt an EU-model, which could be used to implement a three-strike rule that just includes judicial review at the third strike? In Canada, with the tariffs that we pay, there are already permissible conditions for file sharing – do we really want to see strong American or WIPO copyright legally enforced on our soil?

Continue reading

Privacy, Dignity, Copyright and Twitter

/ Christopher Parsons

privacyfield[Note: this is an early draft of a section of a paper I’m working on titled ‘Who Gives a Tweet about Privacy’. Other sections will follow as I draft them.]

Unauthorized Capture and Transmission of Data

Almost every cellular phone that is now sold has a camera of some sort embedded into it. The potential for individuals to capture and transmit our image without permission has become a common fact of contemporary Western life, but this has not always been the case. When Polaroid cameras were new and first used to capture images of indiscretions for gossip columns, Warren and Brandeis wrote an article asserting that the unauthorized capture and transmission of photos and gossip constituted a privacy violation. Such transmissions threatened to destroy “at once robustness of thought and delicacy of feeling. No enthusiasm can flourish, no generous impulse can survive under [gossip’s] blighting influence” (Warren and Brandeis 1984: 77). Individuals must be able to expect that certain matters will be kept private, even when acting in public spaces – they have a right to be let alone – or else society will reverse its progress towards civilization.

Continue reading

Privacy Advocates and Deep Packet Inspection: Vendors, ISPs, and Third-Parties

/ Christopher Parsons / 11 Comments

sandvinetestnetwork[I recently posted a version of this on another website, and thought that it might be useful to re-post here for readers. For a background on Deep Packet Inspection technologies, I’d refer you to this.]

There is a very real need for various parties who advocate against Deep Packet Inspection (DPI) to really work through what Packet Inspection appliances have done, historically, so that their arguments against DPI are as precise as possible. Packet Inspection isn’t new, and it’s not likely to be going away any time soon – perimeter defences for networks are essential for mitigating spam and viruses (and rely on Medium Packet Inspection).

I’m in no way an expert in the various discussions surrounding DPI (though I try to follow the network neutrality, privacy, and communications infrastructure debates), but I have put together a paper that attempts to clarify the lineage of DPI devices and (briefly) suggest that DPI can be understood as a surveillance tool that is different from prior packet inspection technologies. From a privacy perspective (which is where I sit in relation to the deployment of DPI), it’s important for privacy advocates to understand that approaching the issue from a principle-based approach is fraught with problems at legal, theoretical, and practical levels. The complexities of developing a principle-based approach is one of the reasons why many contemporary privacy scholars (myself included) have opted for a ‘problem-based’ approach to identifying privacy infringements. What, exactly, do most advocates mean when they say that their privacy is ‘violated’? I don’t think that a clear position comes out in the advocate position (maybe it does, and I’m just not aware of it) – they appear to allude to a fundamental right to privacy, while pointing to specific instances as ‘violations’ of that right. The worry with principled approaches is that they are challenged to fully capture what we mean when we say something is private, and equally challenged to capture contextualized social norms of privacy (e.g. streetview in the US versus Japan, bodily privacy in differing cultures, etc etc).

Continue reading

Deep Packet Inspection: The Good, the Bad, and the Ugly

/ Christopher Parsons

goodbaduglyIn this post, I want to try to lay out where I see some of the Deep Packet Inspection (DPI) discussions. This is to clarify things in my head that I’ve been thinking through for the past couple of days and to lay out for readers some of the ‘bigger picture’ elements of the DPI discussion (as I read them). If you’ve been fervently following developments surrounding this technology, then a lot of what is below is just rehashing what you know – hopefully the summary is useful – but if you’re relatively unfamiliar with what’s been going on this might help to orient what’s been, and is being, said.

Participants and Themes

The uses of DPI appliances are regularly under fire by network neutrality advocates, privacy advocates, and people who are generally concerned about communication infrastructure. DPI lets network operators ‘penetrate’ data packets that are routed through their networks and this practice is ‘new’, insofar as prior networking appliances were generally prevented from inspecting the actual payload, or content, of the data packets that are shuttled across the ‘net. To make this a bit clearer, when you send email it is broken into a host of little packets that are reassembled at the destination; earlier networking appliances could determine the destination, the kind of file being transmitted (e.g. a .mov or .jpeg), and so forth but they couldn’t accurately identify what content was in the packet (e.g. the characters of an email message held within a packet). Using DPI, network operators can now (in theory) configure their DPI appliances to capture the actions that users perform online and ‘see’ what they are doing in real time.

Continue reading