Draft – Deep Packet Inspection: Privacy, Mash-ups, and Dignities

This is a draft of the paper that I’ll be presenting at the Counter: Piracy and Counterfeit conference in Manchester in a few days. It’s still rough around some edges, but feels like a substantial piece. Comments, as always, are welcome.

Abstract:

Privacy operates as an umbrella-like concept that shelters liberal citizens’ capacity to enjoy the autonomy, secrecy, and liberty, values that are key to citizens enjoying their psychic and civil dignity. As digitisation sweeps through the post-industrial information economy, these same citizens are increasingly sharing and disseminating copywritten files using peer-to-peer file sharing networks. In the face of economic challenges posed by these networks, some members of the recording industries have sought agreements with Internet Service Providers (ISPs) to govern the sharing of copywritten data. In Britain, file-sharing governance has recently manifested in the form of Virgin Media inserting deep packet inspection (DPI) appliances into their network to monitor for levels of infringing files. In this presentation, I argue that ISPs and vendors must demonstrate technical and social transparency over their use of DPI to assuage worries that communications providers are endangering citizens’ psychic and civil dignities. Drawing on recent Canadian regulatory processes concerning Canadian applications of DPI, I suggest that transparency between civil advocacy groups and ISPs and vendors can garner trust required to limit harms to citizens’ psychic dignity. Further, I maintain that using DPI appliances to detect copyright infringement and apply three-strikes proposals unduly threatens citizens’ civil dignities; alternate governance strategies must be adopted to preserve citizens’ civil dignity.

Download paper

Why Mash-up Matters

livemashupdj[Note: this is an early draft of the first section of a paper I’m working on, presently loosely titled “Mash-up Meets Deep Packet Inspection: Culture, solutions, and the demand for transparency”. Other sections will follow as I draft them. I’ve adopted this format based on positive reactions to my similar drafting process last year on ‘Who Gives a Tweet About Privacy?‘ Comments welcome. I’ve excluded full bibliographic information, but retained enough that you can find my sources. Text has been copied and pasted from a word processing document; this may result in some links being broken *cough* footnotes links *cough*]

I’m composing the beginning of this article to the sounds of Girl Talk’s ‘Like This’ from his Feed the Animals album. His artistic technique is to take very short samples from a variety of artists – twenty-nine samples are taken in the three minutes and twenty-one seconds of ‘Like This’ – and remix the work to create entirely new songs.[i] He isn’t a DJ but a self-described musician of the digital era, and when his work was presented to Marybeth Peters of the US Registrar of Copyrights she recognized that his music was amazing. She also recognized it was likely illegal, and the fact that his own creativity clearly imbued his creations offered no defense against copyright infringement: “You can’t argue your creativity when it’s based on other people’s stuff.”[ii] This position is mirrored by Barry Slotnick, head of the intellectual property litigation group at Loeb & Loeb, who has stated that “[w]hat you can’t do is substitute someone else’s creativity for your own.”[iii] Girl Talk’s work is recognized as amazing and creative, even by defenders and advocates of the present copyright regime, but is still questionably legal (at best). Feed the Animals is a popular album that pulls together anthems of pop culture, and its artist has been used as a defender of copyright reform movements,[iv] but it is only one item in a rapidly developing and emerging ‘mash-up’ culture that draws together existing cultural artifacts to in the creation of a recombinant digital culture.

Continue reading

Will Copyright Kill eHealth?

bodyworldsThere is a metric ton of cash that’s being poured into eHealth initiatives, and to date it doesn’t appear that governments are recognizing the relationship between copyright law and eHealth. That makes a lot of sense in some ways – when most of us think ‘medicine’ and ‘doctor’ we think about privacy as one of, if not the, key issues (while, other than hopefully curing whatever is making us ill!). In this light, we wonder about the security of databases, the willingness of healthcare providers to limit access to records, and so forth. People in Canada are worried enough about privacy that, on the Ontario Government’s eHealth Ontario site, ‘Privacy and Security‘ are front and center as a main link on their homepage. When we turn to British Columbia’s October 23, 2009 Heath Sector Information Management/Information Technology Strategy and search for ‘privacy’ we see that the term appears on 18 of the report’s 55 pages. Moving over to the Ontario Information and Privacy Commissioner’s May 2, 2006 presentation on health information and electronic health records we, again, see emphases on the privacy and security concerns that must be posed alongside any movement to massively digitize the healthcare infrastructure.

What we see less of in the eHealth debate are the prevalent dangers accompanying threats to cut citizens off of the ‘net as a consequence of copyright infringement. It’s this issue that I want to briefly dwell on today, in part to start ramping up some thoughts on the wide-ranging effects of three-strikes laws that are starting to be adopted and/or seriously discussed in various jurisdictions around the world.

Continue reading

Aggregating Information About CView

cryingcopyrightOver the past little while there has been considerable attention focused on Virgin Media’s decision to trial Detica’s CView copyright monitoring system. This system uses Deep Packet Inspection (DPI) technology to identify data protocols and likely files that are being transferred in order to generate a Copyright Infringement Index (i.e. a ‘Piracy Index’). As outlined by Detica, CView will let ISPs work with content creators to determine whether ISPs providing content through their portals lead to reductions in ‘infringing’ transfers of content through P2P file sharing.

The story about Detica’s involvement really broke with Chris Williams’ piece over at the Register entitled, “Virgin Media to trial filesharing monitoring system.” In the piece, he recognized that the trial will encompass roughly 40% of Virgin’s customers, that the aim is to measure overall levels of filesharing rather than identify individual customers, and (at least initially) will focus on music. After I read the piece, I send some questions off to Detica and posted them (“Virgin to Use DPI to ID Copyright Infringement“) based on my reading of Williams’ piece and Detica’s consultation paper, and shortly thereafter followed up with Detica’s responses and thoughts on CView and privacy infringements (“Update to Virgin Media and Copyright DPI“). Between the posting of my questions, and the response from Detica, Richard Clayton had a meeting with representatives from Detica and posted the information they released to him over at Light Blue Touchpaper in a posting “What does Detica Detect?” The Register was also able to get face time with people working at Detica, leading Williams to produce his second piece “Spook firm readies Virgin Media filesharing probes.”

In the rest of this post, I want to pull together the information that has come to light so that we can get a better picture of what is known about CView. As such, this is very much a summary rather than an analytic post; hopefully I’ll have time to delve the information more critically in the near future.

Continue reading

Copyright and the Blank Media Levy

mediaplayer2I’ve been watching with some interest the new Artist 2 Fan 2 Artist project, recently started up by Jon Newton and Billy Bragg. The intent of the site is to bring artists and fans together and encourage these parties to speak directly with one another, without needing to pass through intermediaries such as producers, labels, public relations groups, managers, and so on. It will be interesting to see how the dialogue develops.

One of the key elements of the site that interest me the discussion of paying artists (and other content creators); how can we avoid demonizing P2P users while at the same time allocating funds to artists/copyright owners in a responsible manner. On October 5th, this topic was broached under the posting ‘In Favour of a Music Tax‘, and I wanted to bring some of my own comments surrounding the idea of a music tax to the forefront of my own writing space, and the audience here.

I think that an ISP-focused levy system is inappropriate for several reasons: it puts too much authority and control over content analysis than carriers need, puts carriers at risk when they misidentify content, and would make carriers (for-profit content delivery corporations) in charge of monitoring content without demanding consumers that pay ‘full value’ for content moving through their networks. This last point indicates that an ISP-based levy puts ISPs in a conflict of interest (at least in the case of the dominant ISPs in Canada). Another solution is required.

Continue reading

The Business of Infringing Content

CreepycopyrightinfringementWhen people are about to download content from the ‘net that is copywritten, many often ask ‘will I get caught doing this?’ For many, the response is ‘no’ and then continue to download that episode of Seinfeld or whatever. Given that there are so many people downloading, and that record companies in the US have claimed to have abandoned filing new lawsuits against individuals, then things (in North America) appear to be getting better.

At issue, however, is that filing lawsuits is big money, and in Europe especially it looks like Digiprotect has moved in to assume first-mover advantage. Digiprotect gets “the legal rights from the companies to distribute these movies to stores, and with these rights we can sue illegal downloaders. Then we take legal action in every country possible, concentrating on the places where such action will be profitable” (Source). They avoid demanding too much money from infringers, on the basis that few judges like the idea of imposing million dollar fines on individuals – usually opting for suits demanding in the vicinity of 500 Euros. This amount of money ‘teaches’ individuals and provides enough money to keep the employees paid. No staff member has a fixed salary – they are paid according to the ‘cases’ that are won. The actual method of determining the financial burdens are based on the business expenses, profit, and money to be distributed to artists. In effect, the company sets up a honeypot and then sues whomever it is profitable to sue.

Continue reading