Year: 2009

Update: CRTC PN 2008-19 Filings

/ Christopher Parsons

200902122343.jpgI’ve only just now had a chance to start to summarize my thoughts on documents related to CRTC Public Notice (PN) 2008-19; Review of the Internet traffic management practices of Internet service providers that have been filed since January 26th, 2009. Below are points of interest that come up – my hope is in the next few days to integrate and update the initial summary document that I prepared for ISP filings, so that a more complete picture of what has been filed exists.

January 26, 2009 ISP Filings

These filings, by major Canadian ISPs, were in response to the earlier inquiries made by non-ISP interrogatories for the public notice. I put together a summary document concerning those inquiries, and wrote a post that pulled together interesting comments that emerged from them.

Cogeco noted hat it was well known that there was a growth in Internet data traffic, though was not willing to disclose their actual growth numbers. Bell and MTS Allstream both supported the suggestion that the CRTC aggregate raw data traffic information that was provided by ISPs, so long as the information was anonymized and thus kept trade secrets relatively secret. Bell suggested that such aggregations could be divided according to ‘HTTP/streaming’, ‘P2P’, ‘UDP’, and ‘Other’ categories. MTS Allstream suggested that aggregated numbers be divided by ‘Telcos’ and ‘Cable providers’, or by ‘ISPs that throttle’ and ‘ISPs that don’t throttle traffic’.

Continue reading

Update: Network Management, Packet Inspection, and Stimulus Dollars?

/ Christopher Parsons

200902122010.jpgIain Thomson notes that the stimulus bill that recently cleared the American Congress might work to legitimize ISP packet inspection practices under the guise of ‘network management’. Specifically, the amendment in question reads:

In establishing obligations under paragraph (8), the assistant secretary shall allow for reasonable network management practices such as deterring unlawful activity, including child pornography and copyright infringement.

While Thomson takes this to (potentially) mean that ISPs and major content producers/rights holders might use this language to justify the use of packet inspection technologies, it’s possible that alternate management methods could be envisioned. This said, given that copyright infringement is explicitly noted, there is a very real worry that this might legitimize this clause to push for ISP ‘policing’. Any such effect, I suspect, would further escalate the war between P2P and Media; encryption would become more common and effective, and result in a greater sophistication in avoiding inspection devices. This is a real loss for any and all groups who rely on non-encrypted traffic for intelligence purposes; any drive that will get ‘common folk’ thinking about encrypting more and more of their traffic, accompanied with relatively easy ways of doing so, will substantially hinder the capture of actual content. How you read the implications of this depends on your perspective on privacy and surveillance, but it seems to me that it threatens to further escalate a ‘war’ that criminalizes huge swathes of the population for actions that are relatively harmless.

Site Updates

/ Christopher Parsons

200902121947.jpgAs an administrative note, I’ll be updating the version of WordPress that I’m using and be performing some tweaks to the page navigation of the site for a little while tonight. Let me know if anything breaks!

Comment: Google Latitude

/ Christopher Parsons

200902121734.jpgIn the past week or so, Google has receive an enormous amount of attention because of their Latitude program. Latitude, once installed and enabled, will alert specified friends to your geographic location very specifically (i.e. street address) or more broadly (i.e. city). Google has developed this system so that users can turn off the system, can alter how precise it locates users, and has (really) just caught up to the technologies that their competitors have already been playing with (I wrote a little about Yahoo!’s Fire Eagle software, which is similar to Latitude, a few months ago).

While many people have already written and spoken about Latitude, I’ve found myself on a fence. On the one hand, I think that some of the criticisms towards the ‘privacy’ features of the program have been innane – at least one privacy advocate’s core ‘contribution’ to has been a worry that individuals might be given a phone with Latitude installed and active, without knowing about its presence or activation. As a result, they would be tracked without having consented to the program, or the geo-surveillance.

Continue reading

Update: Ontario EDL Suppliers Named

/ Christopher Parsons

200902042317.jpgDr. Ann Cavoukian, the Ontario Information and Privacy Commissioner, announced yesterday that GND (located in Munich) would be responsible for producing Ontario EDLs. Further, she is working with the company Peratech to develop an on/off switch that would enable or disable the EDL RFIDs. As of yet, Peratech only has their technology working with contactless smart cards (i.e. cards with a 10 cm range), but they expect to overcome this. Ann is presently in talks with DHS to let them build the Peratech solution into the EDLs – this ‘privacy protective’ feature is not currently in the EDL spec. This is part of her ‘PETs Plus’, or ‘positive sum’ approach to security and privacy.

BC Privacy Commissioner Would Resign Over Longterm Surveillance

/ Christopher Parsons

200902042255.jpgSeveral sessions about the Vancouver 2010 Olympics were held over the course of the 10th Annual Security and Privacy conference. The BC Privacy Commissioner, David Loukidelis, has stated in each session that he is opposed to the continued presence of surveillance infrastructure installed for the games after the games conclude. When asked by a member of the audience if he would consider resigning were this infrastructure not dismantled (and thus mirror the actions taken by Greek privacy officers when police refused to limit their use of surveillance infrastructure developed for the Athens games) he responded that he would consider it.

Micheal Vonn, the policy directory for BCCLA, noted in her presentations that the Vancouver police have established a policy for ‘routine’ consent searches throughout the lower eastside area of Vancouver during the games – by her rough calculations, around 300 people would be searched each patrol. Over two weeks, this would amount to a minimum of 4200 searches, and this assumes that only one patrol would be moving through the area each day. What is most significant is that the proposed target area is where the safe injection site is, as well as other essential social services facilities for the most disadvantaged in society. Vonn’s information is in the Vancouver police’s business plan, which suggests that a premeditated, unwarranted, search regime may be coming to the games along with other ‘exceptional’ security measures.