Deep Packet Inspection and the Confluence of Privacy Regimes

insiderouterI learned today that I was successful in winning a Social Sciences and Human Research Council (SSHRC) award. (Edit September 2009: I’ve been upgraded to a Joseph Armand Bombardier Canada Graduate Scholarship). Given how difficult I found it to find successful research statements (save for through personal contacts) I wanted to post my own statement for others to look at (as well as download if they so choose). Since writing the below statement, some of my thoughts on DPI have become more nuanced, and I’ll be interested in reflecting on how ethics might relate to surveillance/privacy practices. Comments and ideas are, of course, welcomed.

Interrogating Internet Service Provider Surveillance:
Deep Packet Inspection and the Confluence of International Privacy Regimes

Context and Research Question

Internet Service Providers (ISPs) are ideally situated to survey data traffic because all traffic to and from the Internet must pass through their networks. Using sophisticated data traffic monitoring technologies, these companies investigate and capture the content of unencrypted digital communications (e.g. MSN messages and e-mail). Despite their role as the digital era’s gatekeepers, very little work has been done in the social sciences to examine the relationship between the surveillance technologies that ISPs use to survey data flows and the regional privacy regulations that adjudicate permissible degrees of ISP surveillance. With my seven years of employment in the field of Information Technology (the last several in network operations), and my strong background in conceptions of privacy and their empirical realization from my master’s degree in philosophy and current doctoral work in political science, I am unusually well-suited suited to investigate this relationship. I will bring this background to bear when answering the following interlinked questions in my dissertation: What are the modes and conditions of ISP surveillance in the privacy regimes of Canada, the US, and European Union (EU)? Do common policy structures across these privacy regimes engender common realizations of ISP surveillance techniques and practices, or do regional privacy regulations pertaining to DPI technologies preclude any such harmonization?

Continue reading

Shaping your Identity

It’s been a while since I’ve been updating this blog regularly – since I last wrote, I’ve completed my Master’s thesis, traveled to Brasil, sent out applications to Doctoral programs, found (temporary) full-time employment, and rested my brain a bit. Now, I feel rejuvenated, and ready to get back into the swing of things.

Setting the Stage

We are increasingly living in a hybrid world, one where our lives are being digitized. We eat food (analogue) but order it online (digital); we use our voices to talk with one another (analogue) using cell phones (digital); we read cooking recipes (analogue) from recipe websites (digital). In addition to what we actually do, what happens around us, and shapes how we are capable of interacting, often occurs within digital spaces – banking institutions are networked, government documents are send across departments by email, and major corporate executives that make (oftentimes) global decisions seem to have Blackberries surgically attached to themselves.

Continue reading