Technology

This is a general catch-all category for all topics that relate to technology.

Deep Packet Inspection: The Good, the Bad, and the Ugly

/ Christopher Parsons

goodbaduglyIn this post, I want to try to lay out where I see some of the Deep Packet Inspection (DPI) discussions. This is to clarify things in my head that I’ve been thinking through for the past couple of days and to lay out for readers some of the ‘bigger picture’ elements of the DPI discussion (as I read them). If you’ve been fervently following developments surrounding this technology, then a lot of what is below is just rehashing what you know – hopefully the summary is useful – but if you’re relatively unfamiliar with what’s been going on this might help to orient what’s been, and is being, said.

Participants and Themes

The uses of DPI appliances are regularly under fire by network neutrality advocates, privacy advocates, and people who are generally concerned about communication infrastructure. DPI lets network operators ‘penetrate’ data packets that are routed through their networks and this practice is ‘new’, insofar as prior networking appliances were generally prevented from inspecting the actual payload, or content, of the data packets that are shuttled across the ‘net. To make this a bit clearer, when you send email it is broken into a host of little packets that are reassembled at the destination; earlier networking appliances could determine the destination, the kind of file being transmitted (e.g. a .mov or .jpeg), and so forth but they couldn’t accurately identify what content was in the packet (e.g. the characters of an email message held within a packet). Using DPI, network operators can now (in theory) configure their DPI appliances to capture the actions that users perform online and ‘see’ what they are doing in real time.

Continue reading

EDL ‘Oopsies’ Around Canada

/ Christopher Parsons

stuckinsnowBoth Ontario and Manitoba have  declared their interest in EDLs. Both are running into problems.

In Ontario’s case, it appears as though there is some confusion about whether or not the province can actually deploy the licenses in time to meet the June 1, 2009 Western Hemisphere Travel Initiative (WHTI) deadline – after this date, Canadians will need to use either an EDL or passport to cross a land border into the US. While the Sun is reporting that the deadline won’t be met by the Ontario provincial government, and the Star is saying that Minister Bradley thinks that only “some” applicants will get the licenses in time, CTV is noting that Bradley insists that the licenses will be available in time to meet the WHTI deadline. No one totally agrees on what is going on in Ontario concerning the EDL roll-out. They can all agree, however, that EDLs are terribly expensive: whereas a passport will cost $87, and Ontario EDL will run you $115. An affordable ‘solution’ to border travel indeed…

In Manitoba, it was expected that around 100,000 Manitobans would want to get their hands on EDLs. Unfortunately, it seems like the government slightly overestimated the demand: since February 2, 2009 less than 1,500 people have applied. 24,000 have applied for passports in Manitoba. Oops.

Continue reading

Thoughts: P2P, PET+, and Privacy Literature

/ Christopher Parsons

p2pwindowPeer-to-peer (P2P) technologies are not new and are unlikely to disappear anytime soon. While I’m tempted to talk about the Pirate’s Bay, or ‘the Pirate Google‘ in the context of P2P and privacy, other people have discussed these topics exceptionally well, and at length. No, I want to talk (in a limited sense) about the code of P2P and how these technologies are (accidentally) used to reflect on what privacy literature might offer to the debate concerning the regulation of P2P programs.

I’ll begin with code and P2P. In the US there have been sporadic discussions in Congress that P2P companies need to alter their UIs and make it more evident what individuals are, and are not, sharing on the ‘net when they run these programs. Mathew Lasar at Ars Technica has noted that Congress is interested in cutting down on what is termed ‘inadvertent sharing’ – effectively, members of Congress recognize that individuals have accidentally shared sensitive information using P2P applications, and want P2P vendors to design their programs in a way that will limit accidental sharing of personal/private information. Somewhat damningly, the United States Patent and Trademark Office declared in 2006 that P2P applications were “uniquely dangerous,” and capable of causing users “to share inadvertently not only infringing files, but also sensitive personal files like tax returns, financial records, and documents containing private or even classified data” (Source).

Continue reading

Facial Blurring = Securing Individual Privacy?

/ Christopher Parsons

Google map privacy?The above image was taken by a Google Streetcar. As is evident, all of the faces in the picture have been blurred in accordance with Google’s anonymization policy. I think that the image nicely works as a lightning rod to capture some of the criticisms and questions that have been arisen around Streetview:

  1. Does the Streetview image-taking process itself, generally, constitute a privacy violation of some sort?
  2. Are individuals’ privacy secured by just blurring faces?
  3. Is this woman’s privacy being violated/infringed upon in so way as a result of having her photo taken?

Google’s response is, no doubt, that individuals who feel that an image is inappropriate can contact the company and they will take the image offline. The problem is that this puts the onus on individuals, though we  might be willing to affirm that Google recognizes photographic privacy as a social value, insofar as any member of society who sees this as a privacy infringement/violation can also ask Google to remove the image. Still, even in the latter case this ‘outsources’ privacy to the community and is a reactive, rather than a proactive, way to limit privacy invasions (if, in fact, the image above constitutes an ‘invasion’). Regardless of whether we want to see privacy as an individual or social value (or, better, as valuable both for individuals and society) we can perhaps more simply ponder whether blurring the face alone is enough to secure individuals’ privacy. Is anonymization the same as securing privacy?

Continue reading

Update: EDLs Live in BC

/ Christopher Parsons

victoriaparliamentThis is almost a week old (things have been busy *grin*), but in case you missed it British Columbians can now apply for Enhanced Drivers Licenses (EDLs) for land and sea entry into the US. Enhanced Identity Documents (EIDs) will be made available for individuals who cannot, or do not wish to, carry a drivers license.

Something that is interesting: To get an EDL in BC will cost you $110 ($75 for a regular 5-year license plus an addition $35 fee); at that price, a passport ($87/92) is cheaper! It seems to me that getting and EDL at that price is just foolish; you still need a passport to fly into the US, and a passport is cheaper if you will both be driving and flying. EDLs (again) come off as a half-assed idea that don’t really accommodate Canadians, but are meant as a passport substitute for Americans who are far less likely to widely travel abroad than Canadians.

Draft: Code-Bodies and Algorithmic Voyeurism

/ Christopher Parsons

Surveillance_timestampsI’ve recently been reading some of David Lyon’s work, and his idea of developing an ethic of voyeurism has managed to intrigue me. I don’t think that I necessarily agree with his position in its entirety, but I think that it’s an interesting position. This paper, entitled “Code-Bodies and Algorithmic Surveillance: Examining the impacts of encryption, rights of publicity, and code-specters,” is an effort to think through how voyeurism might be understood in the context of Deep Packet Inspection using the theoretical lenses of Kant and Derrida. This paper is certainly more ‘theoretical’ than the working paper that I’ve previously put together on DPI, but builds on that paper’s technical discussion of DPI to think about surveillance, voyeurism, and privacy.

As always, I welcome positive, negative, and ambivalent comments on the draft. Elements of it will be adopted for a paper that I’ll be presenting at a Critical Digital Studies workshop in a month or two – this is your chance to get me to reform positions to align with your own! *grin*