Deep Packet Inspection and the Discourses of Censorship and Regulation

boredomIn the current CRTC hearings over Canadian ISPs’ use of Deep Packet Inspection (DPI) to manage bandwidth, I see two ‘win situations’ for the dominant carriers:

  1. They can continue to throttle ‘problem’ applications in the future;
  2. The CRTC decides to leave the wireless market alone right now.

I want to talk about the effects of throttling problem applications, and how people talking about DPI should focus on the negative consequences of regulation (something that is, admittedly, often done). In thinking about this, however, I want to first attend to the issues of censorship models to render transparent the difficulties in relying on censorship-based arguments to oppose uses of DPI. Following this, I’ll consider some of the effects of regulating access to content through protocol throttling. The aim is to suggest that individuals and groups who are opposed to the throttling of particular application-protocols should focus on the effects of regulation, given that it is a more productive space of analysis and argumentation, instead of focusing on DPI as an instrument for censorship.

Let’s first touch on the language of censorship itself. We typically understand this action in terms of a juridico-discursive model, or a model that relies on rules to permit or negate discourse. There are three common elements to this model-type:

Continue reading

Background to North American Politics of Deep Packet Inspection

crtc566The CRTC is listening to oral presentations concerning Canadian ISPs’ use of Deep Packet Inspection (DPI) appliances to throttle Canadians’ Internet traffic. Rather than talk about these presentations in any length, I thought that I’d step back a bit and try to outline some of the attention that DPI has received over the past few years. This should give people who are newly interested in the technology an appreciation for why DPI has become the focus of so much attention and provide paths to learn about the politics of DPI. This post is meant to be a fast overview, and only attends to the North American situation given that it’s what I’m most familiar with.

Massive surveillance of digital networks took off as an issue in 2005, when the New York Times published their first article on the NSA’s warrantless wiretapping operations. The concern about such surveillance brewed for years, but (in my eyes) really exploded as the public started to learn about the capacities of DPI technologies as potential tools for mass surveillance.

DPI has been garnering headlines in a major way in 2007, which has really been the result of Nate Anderson’s piece, “Deep packet inspection meets ‘Net neutrality, CALEA.” Anderson’s article is typically recognized as the popular news article that put DPI on the scene, and the American public’s interest in this technology was reinforced by Comcast’s use of TCP RST packets, which was made possible using Sandvine equipment. These packets (which appear to have been first discussed in 1981) were used by Comcast to convince P2P clients that the other client(s) in the P2P session didn’t want to communicate with Comcast subscriber’s P2P application, which led to the termination of the data transmission. Things continued to heat up in the US, as the behavioural advertising company NebuAd began partnering with ISPs to deliver targeted ads to ISPs’ customers using DPI equipment. The Free Press hired Robert Topolski to perform a technical analysis of what NebuAd was doing, and found that NebuAd was (in effect) performing a man-in-the-middle attack to alter packets as they coursed through ISP network hubs. This report, prepared for Congressional hearings into the surveillance of Americans’ data transfers, was key to driving American ISPs away from NebuAd in the face of political and customer revolt over targeted advertising practices. NebuAd has since shut its doors. In the US there is now talk of shifting towards agnostic throttling, rather than throttling that targets particular applications. Discrimination is equally applied now, instead of honing in on specific groups.

In Canada, there haven’t been (many) accusations of ISPs using DPI for advertising purposes, but throttling has been at the center of our discussions of how Canadian ISPs use DPI to delay P2P applications’ data transfers. Continue reading

Update: Associating Canadian ISPs with Anonymized Data Traffic Submissions

200902142238.jpgI’ve just posted a document that draws together the CRTC’s February 4, 11, and 12 filings for PN 2008-19. The document ties ISPs with categories of anonymous data for easy reference, and is also meant to contextualize each data set by reproducing the questions that led ISPs to develop these data sets in the first place.

Items of note:

  • Responses to question 1 (a) show that, save for a single ISP, ISPs’ annual percentage growth of total traffic volume has decreased. ISPs required to anonymously submit data: Barrett, Bell Canada et al., Cogeco, MTS Allstream, QMI (Videotron), Rogers, Sasktel, Shaw, Telus.
  • Responses to question 1 (b) show that the percentage of HTTP/Streaming traffic has increased, two companies report that the percentage of P2P traffic has increased and two report it has decreased slightly, UDP traffic has increased slightly, and the “Other” category now accounts for a smaller percentage of total traffic than in the first months measured. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Rogers, and Shaw.
  • Responses to 2 (a) reveal the annual percentage growth of monthly average usage per end-user. We find that growth is occurring on company networks, and that this growth has been uneven (e.g. Company A experienced 16% growth one year, 47% the next, and 13% in the final year). This suggests, to me, that developing an accurate forecast of expected bandwidth growth would be challenging. Without knowing what companies are associated with each data set, it is challenging for analysts to determine if Network Management Technologies might be responsible for the changes in growth rates. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
  • Responses to 2 (b) discuss the percentage growth for ISPs’ top 5% and 10% users. Data for the top 5% shows that two companies experienced negative growth in 2007-2008, one only 2% growth in 2007-2008, and the last a 25% growth. Data for the top 10% shows that two companies experienced negative growth in 2007-2008, one 1% growth, and the last a 25% growth. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
  • Responses to 2 (c) identify how much of the total traffic that top 5% and 10% users account for. Top 5% account for 37%-56% of total traffic. The top 10% account for 52%-74%. These are fairly damning numbers, given that they clearly demonstrate that massive proportions of the network are being used by a relatively small minority of users. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Cogeco, MTS Allstream, Primus, QMI (Videotron), Rogers, Shaw, and Telus.
  • Responses to 2 (d) break down the application usage numbers for the top 5% and 10% of ISPs’ users. For the top 5% of users, HTTP/Streaming has remained relatively constant, P2P use decreased for only one company, UDP traffic is up, and “Other” traffic has decreased for two of three companies. For the top 10% of users, HTTP/Streaming traffic makes up a higher percentage of total traffic, in all but one case P2P traffic represents a larger percentage of total traffic, UDP is up, and “Other” is down for two of three companies. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Bragg, and Shaw.

Update: CRTC PN 2008-19 ISP Filing Summary Document

200902132334.jpgI’ve updated my initial ISP Filing Summary document with the information that ISPs provided on February 9, 2008 per the CRTC’s February 4, 2009 request. Updates to the document are made in blue. The updates to not include Videotron’s response to 1 (c).

I would maintain that the most interesting parts of was was released have been summarized in a post from two days ago, which was entitled “Update: CRTC PN 2008-19 Filings“. Tomorrow, I should be posting a document that correlates data the CRTC aggregated and anonymized with the ISPs who were required to release anonymized data. My hope is that this will make it a bit clearer who data might be associated with.

Summary: CRTC PN 2008-19; ISP Traffic Managment in Canada

As someone who is academically invested in how the ‘net is being regulated in Canada, I’ve been following the recent CRTC investigation into Internet management practices and regulation with considerable interest. Given that few people are likely to dig though the hundreds of pages that were in the first filing, I’ve summarized the responses from ISPs (save for Videotron’s submissions; I don’t read French) to a more manageable 50 pages. Enjoy!

Update: Thanks to Eric Samson and Daniel for translating Videotron’s filings – you guys rock!