Rogers Communications modified their packet inspection systems last year, and ever since customers have experienced degraded download speeds. It’s not that random users happen to be complaining about an (effectively) non-problem: Rogers’ own outreach staff has confirmed that the modifications took place and that these changes have negatively impacted peer to peer (P2P) and non-P2P applications alike. Since then, a Rogers Communications senior-vice president, Ken Englehart, has suggested that any problems customers have run into are resultant of P2P applications themselves; no mention is made of whether or how Rogers’ throttling systems have affected non-P2P traffic.
In this brief post, I want to quickly refresh readers on the changes that Rogers Communications made to their systems last year, and also note some of the problems that have subsequently arisen. Following this, I take up what Mr. Englehart recently stated in the media about Rogers’ throttling mechanisms. I conclude by noting that Rogers is likely in compliance with the CRTC’s transparency requirements (or at least soon will be), but that such requirements are ill suited to inform the typical consumer.
Last week I was a participant at the COUNTER: Counterfeit and Piracy Research Conference in Manchester, UK. I was invited to be part of a panel on deep packet inspection by Joseph Savirimuthu, as well as enjoy the conference more generally. It was, without a doubt, one of the best conferences that I have attended – it was thought-provoking and (at points) anger-inducing, good food and accommodations were provided, and excellent discussions were had. What I want to talk about are some of the resonating themes that coursed through the conference and try to situate a few of the positions and participants to give an insight into what was talked about.
The COUNTER project is a European research project exploring the consumption of counterfeit and pirated leisure goods. It has a series of primary research domains, including: (1) frequency and distribution of counterfeits; (2) consumer attitudes to counterfeit and pirated goods; (3) legal and ethical frameworks for intellectual property; (4) policy options for engaging with consumers of counterfeit; (5) the use of copyrighted goods for the creation of new cultural artifacts; (6) impacts of counterfeiting and control of intellectual property.
[Note: this is an early draft of the first section of a paper I’m working on, presently loosely titled “Mash-up Meets Deep Packet Inspection: Culture, solutions, and the demand for transparency”. Other sections will follow as I draft them. I’ve adopted this format based on positive reactions to my similar drafting process last year on ‘Who Gives a Tweet About Privacy?‘ Comments welcome. I’ve excluded full bibliographic information, but retained enough that you can find my sources. Text has been copied and pasted from a word processing document; this may result in some links being broken *cough* footnotes links *cough*]
I’m composing the beginning of this article to the sounds of Girl Talk’s ‘Like This’ from his Feed the Animals album. His artistic technique is to take very short samples from a variety of artists – twenty-nine samples are taken in the three minutes and twenty-one seconds of ‘Like This’ – and remix the work to create entirely new songs.[i] He isn’t a DJ but a self-described musician of the digital era, and when his work was presented to Marybeth Peters of the US Registrar of Copyrights she recognized that his music was amazing. She also recognized it was likely illegal, and the fact that his own creativity clearly imbued his creations offered no defense against copyright infringement: “You can’t argue your creativity when it’s based on other people’s stuff.”[ii] This position is mirrored by Barry Slotnick, head of the intellectual property litigation group at Loeb & Loeb, who has stated that “[w]hat you can’t do is substitute someone else’s creativity for your own.”[iii] Girl Talk’s work is recognized as amazing and creative, even by defenders and advocates of the present copyright regime, but is still questionably legal (at best). Feed the Animals is a popular album that pulls together anthems of pop culture, and its artist has been used as a defender of copyright reform movements,[iv] but it is only one item in a rapidly developing and emerging ‘mash-up’ culture that draws together existing cultural artifacts to in the creation of a recombinant digital culture.
When people are about to download content from the ‘net that is copywritten, many often ask ‘will I get caught doing this?’ For many, the response is ‘no’ and then continue to download that episode of Seinfeld or whatever. Given that there are so many people downloading, and that record companies in the US have claimed to have abandoned filing new lawsuits against individuals, then things (in North America) appear to be getting better.
At issue, however, is that filing lawsuits is big money, and in Europe especially it looks like Digiprotect has moved in to assume first-mover advantage. Digiprotect gets “the legal rights from the companies to distribute these movies to stores, and with these rights we can sue illegal downloaders. Then we take legal action in every country possible, concentrating on the places where such action will be profitable” (Source). They avoid demanding too much money from infringers, on the basis that few judges like the idea of imposing million dollar fines on individuals – usually opting for suits demanding in the vicinity of 500 Euros. This amount of money ‘teaches’ individuals and provides enough money to keep the employees paid. No staff member has a fixed salary – they are paid according to the ‘cases’ that are won. The actual method of determining the financial burdens are based on the business expenses, profit, and money to be distributed to artists. In effect, the company sets up a honeypot and then sues whomever it is profitable to sue.
Over the past few days I’ve been able to attend to non-essential reading, which has given me the opportunity to start chewing through Bruce Schneier’s Beyond Fear. The book, in general, is an effort on Bruce’s part to get people thinking critically about security measures. It’s incredibly accessible and easy to read – I’d highly recommend it.
Early on in the text, Schneier provides a set of questions that ought to be asked before deploying a security system. I want to very briefly think through those questions as they relate to Deep Packet Inspection (DPI) in Canada to begin narrowing a security-derived understanding of the technology in Canada. My hope is that through critically engaging with this technology that a model to capture concerns and worries can start to emerge.
Question 1: What assets are you trying to protect?
- Network infrastructure from being overwhelmed by data traffic.
Question 2: What are the risks to these assets?
- Synchronous bandwidth-heavy applications running 24/7 that generate congestion and thus broadly degrade consumer experiences.
Question 3: How well does security mitigate those risks?