Technology

This is a general catch-all category for all topics that relate to technology.

DPI and Canadians’ Reasonable Expectations of Privacy

/ Christopher Parsons / 2 Comments

canadasupremecourt[Note – I preface this with the following: I am not a lawyer, and what follows is a non-lawyer’s ruminations of how the Supreme Court’s thoughts on reasonable expectations to privacy intersect with what deep packet inspection (DPI) can potentially do. This is not meant to be a detailed examination of particular network appliances with particular characteristics, but much, much more general in nature.]

Whereas Kyllo v. United States saw the US Supreme Court assert  that thermal-imaging devices, when directed towards citizens’ homes, did constitute an invasion of citizens’ privacy, the corresponding Canadian case (R. v. Tessling) saw the Supreme Court assert that RCMP thermal imaging devices did not violate Canadians’ Section 8 Chart rights (“Everyone has the right to be secure against unreasonable search or seizure”). The Court’s conclusions emphasized information privacy interests at the expense of normative expectations – thermal information, on its own, was practically ‘meaningless’ – which has led Ian Kerr and Jena McGill to worry that informational understandings of privacy invoke:

Continue reading

Byte-Based Billing and Smart Pipes

/ Christopher Parsons

cyberspacemapThere are worries that Internet Service Providers (ISPs) may inject intelligence into their networks to try and unfairly differentiate their services from competitors’. Time Warner’s recently reformed End User Licensing Agreement (EULA) may be the most recent demonstration of this kind of differentiation. The EULA recognizes a difference between third-party video streaming, and streaming content from Time Warner’s own network spaces, and authorizes Time Warner to:

…monitor my bandwidth usage patterns to facilitate the provision of the HSD Service and to ensure my compliance with the Terms of Use and to efficiently manage their networks and their provision of services. TWC or ISP may take such steps as each may determine appropriate in the event my usage of the HSD Service does not comply with the Terms of Use. I acknowledge that HSD Service does not include other services managed by TWC and delivered over TWC’s shared infrastructure, including Video Service and Digital Phone Service. (Source)

Continue reading

UK Government Responds to Phorm Petition

/ Christopher Parsons

ignoretextThe UK is in a bit of a bad row. According the BBC news site, today the Speaker of the Commons has stepped down, there is an Irish child abuse report coming due, and violence is rife in a failing prison. What hasn’t made BBC headlines, is that the Prime Minister’s office has made it clear that it will not look into British ISPs’ business arrangements with Phorm. After noting that the government is interested in shielding citizens’ privacy, the Prime Minister’s office notes,

ICO is an independent body, and it would not be appropriate for the Government to second guess its decisions.  However, ICO has been clear that it will be monitoring closely all progress on this issue, and in particular any future use of Phorm’s technology.  They will ensure that any such future use is done in a lawful, appropriate and transparent manner, and that consumers’ rights are fully protected (Source).

The Prime Minister’s office is unwilling to ‘second guess’ the ICO, and instead refers petitioners (there were about 21,000) to the ICO’s public statement about Phorm. In that publication (dated April 8, 2009), the ICO stated that that:

Indeed, Phorm assert that their system has been designed specifically to allow the appropriate targeting of adverts whilst rigorously protecting the privacy of web users. They clearly recognise the need to address the concerns raised by a number of individuals and organisations including the Open Rights Group (Source).

Continue reading

Deep Packet Inspection and the Confluence of Privacy Regimes

/ Christopher Parsons / 12 Comments

insiderouterI learned today that I was successful in winning a Social Sciences and Human Research Council (SSHRC) award. (Edit September 2009: I’ve been upgraded to a Joseph Armand Bombardier Canada Graduate Scholarship). Given how difficult I found it to find successful research statements (save for through personal contacts) I wanted to post my own statement for others to look at (as well as download if they so choose). Since writing the below statement, some of my thoughts on DPI have become more nuanced, and I’ll be interested in reflecting on how ethics might relate to surveillance/privacy practices. Comments and ideas are, of course, welcomed.

Interrogating Internet Service Provider Surveillance:
Deep Packet Inspection and the Confluence of International Privacy Regimes

Context and Research Question

Internet Service Providers (ISPs) are ideally situated to survey data traffic because all traffic to and from the Internet must pass through their networks. Using sophisticated data traffic monitoring technologies, these companies investigate and capture the content of unencrypted digital communications (e.g. MSN messages and e-mail). Despite their role as the digital era’s gatekeepers, very little work has been done in the social sciences to examine the relationship between the surveillance technologies that ISPs use to survey data flows and the regional privacy regulations that adjudicate permissible degrees of ISP surveillance. With my seven years of employment in the field of Information Technology (the last several in network operations), and my strong background in conceptions of privacy and their empirical realization from my master’s degree in philosophy and current doctoral work in political science, I am unusually well-suited suited to investigate this relationship. I will bring this background to bear when answering the following interlinked questions in my dissertation: What are the modes and conditions of ISP surveillance in the privacy regimes of Canada, the US, and European Union (EU)? Do common policy structures across these privacy regimes engender common realizations of ISP surveillance techniques and practices, or do regional privacy regulations pertaining to DPI technologies preclude any such harmonization?

Continue reading

Draft – Who Gives a ‘Tweet’ About Privacy?

/ Christopher Parsons / 4 Comments

twittercapacityThis is a full draft of the paper on Twitter and privacy that I’ve been developing over the past few weeks, entitled ‘Who Gives a ‘Tweet’ About Privacy?’ It uses academic privacy literature to examine Twitter and the notion of reasonable expectations of privacy in public, and is written to help nuance privacy discussions surrounding the discourse occuring on Twitter (and, implicitly, similar social networking and blogging sites). The paper focuses on concepts of privacy and, as such, avoids deep empirical analyses of how the term ‘privacy’ is used by particular members of the social networking environment. Further, the paper avoids delving into the web of legal cases that could be drawn on to inform this discussion. Instead, it is theoretically oriented around the following questions:

  1. Do Twitter’s users have reasonable expectations to privacy when tweeting, even though these tweets are the rough equivalent of making statements in public?
  2. If Twitter’s user base should hold expectations to privacy, what might condition these expectations?

The paper ultimately suggests that Daniel Solove’s taxonomy of privacy, most  recently articulated in Understanding Privacy, offers the best framework to respond to these question. Users of Twitter do have reasonable expectations to privacy, but such expectations are conditioned by juridical understandings of what is and is not reasonable. In light of this, I conclude by noting that Solove’s use of law to recognize norms is contestable. Thus, while privacy theorists may adopt his method (a focus on privacy problems to categorize types of privacy infractions), they might profitably condition how and why privacy norms are established – court rulings and dissenting opinions may not be the best foundation upon which to rest our privacy claims – by turning to non-legal understandings of norm development, degeneration, and mutation.

Paper can be downloaded here.

Twitter and Privacy in Social Context

/ Christopher Parsons

antitwitter

[Note: this is an early draft of the third section of a paper I’m working on titled ‘Who Gives a Tweet about Privacy’ and builds from an earlier posted sections titled ‘Privacy, Dignity, Copyright and Twitter‘ and ‘Twitter and Statutory Notions of Privacy‘. The final sections will be posted as I draft them.]

Simitis recognizes privacy as an issue concerning all of society. As a consequence, his position on the topic is differentiated from those of Westin, Warren, and Brandeis by asserting that privacy is essential for establishing and maintaining constitutional infrastructures. In this section, we take up the ‘social’ element of privacy, exploring it in more depth and to consider its role in establishing citizen-solidarity. In addition, we consider privacy as a contextualized norm that attaches different expectations of privacy to particular situations and encounters. While social-contextual accounts establish reasonable expectations to privacy in public, our hopefulness surrounding these accounts wears thin because the selected scholars exhibit an under theorized conceptualization of how socio-contextual norms are established. Effectively, without an account of how socio-contextual norms are developed in pluralistic environments we are left with little understanding of how to read privacy norms in public spaces like Twitter. Thus, while understanding privacy as contextual integrity does establish reasonable expectations (note the plural) of privacy, the multiplicity of such instantiations renders such understandings of limited usefulness for juridical application in contemporary pluralistic nation-states. Continue reading