Transcript Ryerson Law Centre Presentation - Personal.psu.edu

Deep Packet Inspection Technology and Censorship
A Presentation at
A Digital Rights Roundtable
The Ryerson Law Research Centre
Toronto, Ontario Canada
June 18, 2010
Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law
Penn State University
email: [email protected]; web site: http://www.personal.psu.edu/faculty/r/m/rmf5
blog site: http://telefrieden.blogspot.com/
Main Points

Improvements in traffic management technology, including Deep
Packet Inspection (“DPI”), make it efficient and economical for
Internet Service Providers (“ISPs”) to operate non-neutral networks
offering “better than best efforts” traffic routing, variable quality of
service, Digital Rights Management, and all kinds of “traffic shaping.”

DPI offers censorship on a chip or via software.

DPI censors, blocks and drops packets before any administrative or
judicial review. This changes the balance of power between carrier and
subscriber, because heretofore in most instances users get access to
content and only after the fact may have to justify such use.

DPI can restrict or eliminate lawful access to content depending on
programmed parameters; overzealous Penn State programmers blocked
my emails to some Penn State network users based on a signature
containing the word Blogspot.
2
Main Points (cont.)

In the U.S. ISPs enjoy “safe harbor” exemption from liability
for copyright infringement, acting as a good samaritan to
protect children and serving as a conduit for transmission of
other harmful content.

ISPs oppose any limitation on their options for tiering and
diversifying services that can accrue financial, operational and
consumer benefits, but also achieve anticompetitive goals.

When ISPs elect to operate non-neutral networks through
cheap and effective traffic management technology, they
challenge the presumption that ISPs can only operate as
neutral conduits.
3
Packet Sniffing Explained

ISPs use packet switching to subdivide traffic for routing over any available
network.

Each packet contains a header that provides routers with needed information about
the source and destination of traffic using addressing and management protocols
such as TCP/IP. Payloads in packets contain content.

Improvements in router technology make it possible for ISPs to secure more
information from headers for purposes of tiering and prioritizing traffic based on
the nature of the content, e.g., streaming content needing instantaneous (“real
time”) delivery and high quality of service versus store and forward content such as
email not requiring immediate processing particularly during network congestion.

Routers also can interrogate (“sniff”) headers for instructions on Digital Rights
Management, possibly including a go/no go determination whether the intended
recipient has the requisite “rights” to receive a specific stream of packets.
4
TCP Packet Header
4500
4b Ver
XXXX
XXXX
4b
H
dL
n
T
o
S
XXXX
Destination IP
Address
XXXX
XXXX
X
X
X
X
Length in
Bytes
XX
XX
So
urc
e
Por
t
XX
XX
XXXX
IP
ID
0
XXXX
XXXX
DF
T
T
L
XXXX
Destination Port
M 13bit
F Fra
g.
Off
set
XXXX
XXXX
Protocol
XXXX
XXXX
Header
Checksum
XXXX
Sequence Number
XXXX
source: Michael McDonnell and Winterstorm Solutions, Inc.
available at: http://winterstorm.ca/download/packets.pdf.
Source IP
Address
XXXX
Ack Number
An Easier Analogy
6
How Might ISPs Lose the §512 Safe
Harbor Exemption?



§512 of the DMCA balances ISPs’ obligations not to induce
or contribute to copyright infringement with the national
interest in promoting Internet commerce.
The DMCA establishes 4 safe harbor exemptions when
“online service providers” operate as a neutral, transitory
conduit for content, temporarily cache content, store content at
the direction of a user and provide search tools for linking to
content created by others.
ISPs lose an exemption by not responding to requests to take
down infringing content and arguably when they know about
infringement and have the right and ability to control such
conduct.
7
Recalculating the Cost of Deep
Packet Inspection

ISPs characterize network neutrality as creating disincentives to invest in next
generation infrastructure and the (re)imposition of “confiscatory” common carrier
regulation.

Ironically ISPs have financially benefited from the presumption that they operate as
neutral conduits.

When an ISP decides to use packet sniffing to differentiate service it cannot readily
ignore the DRM instructions also contained in the header.

Arguably ISPs can act on DRM flags using ISP routers as opposed to sending the
traffic onward to its final destination where end user equipment might process the
flag if lawfully required to do so (see ALA v. FCC, 406 F.3d 689 (D.C. Cir. 2005).

The potential loss of the DMCA Sec. 512 safe harbor may change the cost/benefit
analysis in non-neutral network operation.
8
Conclusions

ISPs do not have an affirmative duty to monitor their traffic
streams to detect IP infringement.

However technological innovations in routers and packet
inspection create opportunities for ISPs to generate more
revenue by operating non-neutral networks.

When making the affirmative decision to use packet sniffing
for service tiering, ISPs no longer remain passive conduits.
9
Conclusions (cont.)

Having decided not to operate as non-neutral conduits, ISPs
cannot readily ignore DRM formatting standards that could
insert header information about whether ISPs should continue
to route traffic in light of possible piracy.

DPI may provide some degree of contemporaneous DRM that
ISPs may not ignore if they want to retain safe harbor
exemption from secondary liability.

If ISPs comply with DRM instructions creating a go/no go
decision regarding traffic routing, software and hardware will
have preempted end users from accessing content on fair use
grounds.
10