Politics

Deep Packet Inspection and the Confluence of Privacy Regimes

/ Christopher Parsons / 12 Comments

insiderouterI learned today that I was successful in winning a Social Sciences and Human Research Council (SSHRC) award. (Edit September 2009: I’ve been upgraded to a Joseph Armand Bombardier Canada Graduate Scholarship). Given how difficult I found it to find successful research statements (save for through personal contacts) I wanted to post my own statement for others to look at (as well as download if they so choose). Since writing the below statement, some of my thoughts on DPI have become more nuanced, and I’ll be interested in reflecting on how ethics might relate to surveillance/privacy practices. Comments and ideas are, of course, welcomed.

Interrogating Internet Service Provider Surveillance:
Deep Packet Inspection and the Confluence of International Privacy Regimes

Context and Research Question

Internet Service Providers (ISPs) are ideally situated to survey data traffic because all traffic to and from the Internet must pass through their networks. Using sophisticated data traffic monitoring technologies, these companies investigate and capture the content of unencrypted digital communications (e.g. MSN messages and e-mail). Despite their role as the digital era’s gatekeepers, very little work has been done in the social sciences to examine the relationship between the surveillance technologies that ISPs use to survey data flows and the regional privacy regulations that adjudicate permissible degrees of ISP surveillance. With my seven years of employment in the field of Information Technology (the last several in network operations), and my strong background in conceptions of privacy and their empirical realization from my master’s degree in philosophy and current doctoral work in political science, I am unusually well-suited suited to investigate this relationship. I will bring this background to bear when answering the following interlinked questions in my dissertation: What are the modes and conditions of ISP surveillance in the privacy regimes of Canada, the US, and European Union (EU)? Do common policy structures across these privacy regimes engender common realizations of ISP surveillance techniques and practices, or do regional privacy regulations pertaining to DPI technologies preclude any such harmonization?

Continue reading

Newspapers: Effects of Closing their Content Ecosystem?

/ Christopher Parsons

whoownsknowledgeI rely on other people to produce content for me to consume, and I reciprocate by providing my own content (via this blog, government submissions, submissions to alternative news sites, interviews on radio, etc.) to the public. I see this as a reciprocal relationship, insofar as anyone can come here and use my content so long as they abide by my creative commons license. Unfortunately, most advocates for newspapers would see what I do (i.e. blog, think publicly) as unequal to their own work. I’m just an amateur, and they’re the professionals.

One of my colleagues recently linked me to a statement that David Simon presented to Congress about the life or death of newspapers. His argument is (roughly) that bloggers and other ‘amateurs’ cannot be expected or trusted to perform the high quality journalism that these ‘amateurs’ then talk about online (Note from Chris: clear case in point, the critical analysis by journalists of the Bush administration and Iraq compared to bloggers. Oh…wait…). You need dedicated professionals who are professionally trained to generate consistently high quality and accurate content. At the same time, the for-profit model of newspapers has led them to cannibalize their operations for profit. Newspapers will perish if capitalism and the market are seen as ‘solutions’ to the demise of newspapers, just as amateur culture and their appropriation of media will destroy content producers. Something must be done.

Continue reading

EU: Judicial Review Central to Telecom Disconnects

/ Christopher Parsons

elpalaciodejusticiaI’m perhaps a bit idealistic, but I think that there are clear contemporary demonstrations of democracy ‘working’. Today’s example comes to us from Europe, where the European Parliament has voted to restore a graduated response to copyright infringement that pertains to when and how individuals can be disconnected from the Internet. Disconnecting individuals from the ‘net, given its important role in citizens’ daily lives, can only be done with judicial oversight; copyright holders and ISPs alone cannot conspire to remove file sharers. This suggests that any three-strike policy in the EU will require judicial oversight, and threatens to radically reform how the copyright industry can influence ISPs.

What might this mean for North America? If policy learning occurs, will we see imports of an EU-style law on this matter? Do we want our policy actors to adopt an EU-model, which could be used to implement a three-strike rule that just includes judicial review at the third strike? In Canada, with the tariffs that we pay, there are already permissible conditions for file sharing – do we really want to see strong American or WIPO copyright legally enforced on our soil?

Continue reading

Three-Strikes to Banish Europeans and Americans from the ‘net?

/ Christopher Parsons

200903281552.jpgThroughout the Global North there are discussions on the table for introducing what are called ‘three-strikes’ rules that are designed to cut or, or hinder, people’s access to the Internet should they be caught infringing on copyright. In the EU, the big content cartel is trying to get ISPs to inspect consumer data flows and, when copywritten content is identified, ‘punish’ the individual in some fashion. Fortunately, it is looking that at least the EU Parliament is against imposing such rules on the basis that disconnecting individuals from the Internet would infringe on EU citizens’ basic rights. In an era where we are increasingly digitizing our records and basic communications infrastructure, it’s delightful to see a body in a major world power recognize the incredibly detrimental and over-reactionary behavior that the copyright cartel is calling for. Copyright infringement does not trump basic civil liberties.

Now, I expect that many readers would say something along this line: I don’t live in the EU, and the EU Parliament has incredibly limited powers. Who cares, this: (a) doesn’t affect me; (b) is unlikely to have a real impact on EU policy.

Continue reading

Update: EDLs in Saskatchewan

/ Christopher Parsons

200903121823.jpgSome interesting news coming out of Saskatchewan: the government is looking to put the brakes on Enhanced Drivers License (EDLs). While headlines are saying that this is dominantly because of privacy concerns, I think that cost is probably a deeper reason for turning away these licenses. Crown Corporations Minister Ken Cheveldayoff is on record saying:

The criteria from homeland security has been changing. The costs have been increasing and if they go to a point where it just doesn’t make sense anymore then we’re not going to move forward. (Source)

It seems as though costs have risen from $50 – $80 dollars, without a clear sign of that stopping. Cost (financial and political) really seems to be the force keeping these licenses out of the hands of the public.

This being said, I should be fair and point out that the Privacy Commissioner of Saskatchewan hasn’t received the Privacy Impact Assessment from Sask. Government Insurance (Source). The Commissioner wasn’t outright opposed to the EDLs, and is instead suggesting that the province look to its neighbors for ways of tweaking the Bill 72 legislation.To me, this suggests looking to BC and Ontario. I don’t know exactly what the consequences of this kind of ‘tweaking’ would be, especially given how limited those governments incorporated suggested privacy protections, but it would be nice to see documents that really put the Commissioner’s cards (and desired changes) on the table. Seems like a FOI moment….

Review: The Privacy Advocates

/ Christopher Parsons

I’ll start this by being very forthright: Colin is my supervisor for my doctoral work. This said, the review that I offer is my own, and has not been influenced by Colin in any way. He has not read this review (or even made aware that I was preparing a review!) prior to my posting it.

The Privacy Advocates: Resisting the Spread of Surveillance is an interesting book, because it is the first of its kind where the agents who are on the ground fighting the fight for privacy are examined. Given Bennett’s extensive relationships with various data authorities and advocates, we get a very revealing glimpse into the lives, histories, and motivations of the major players in Canada, the US, and a handful of international advocacy groups. Bennett’s critical thrust in the book, which we get to in its last chapter, is this: “Should we understand privacy advocates as transforming their work into a movement, such as the environmental movement, and is such a transformation necessary for them to successfully engage privacy-infringing bodies in the future?”

To set the frame for his response to this question, Bennett identifies the history that has led privacy advocates to spring from the various areas of civil society that they emerge out of. He talks about how computers led to a perception that there is a greater potential for mass surveillance, but then rapidly turns to look at the groups who are actually engaging with issues of surveillance and privacy. He establishes a tripartite categorization of the groups that are involved in privacy and privacy-related issues:

Continue reading