Will ISPs Be Driven To Spy On Their Customers? 133
bs0d3 writes "In regards to the new 'voluntary' graduated response deal (where no one really knows how ISPs will track and accuse customers of copyright infringement), according to CNN, it may be the ISP directly spying on their customers. 'But now that they're free from individual blame, there's also the strong possibility that the ISPs will be doing the data monitoring directly. That's a much bigger deal. So instead of reaching out to the Internet to track down illegally flowing bits of their movies, the studios will sit back while ISP's "sniff" the packets of data coming to and from their customers' computers.' This could be a problem for people who use U.S.-based internet services. If the U.S. wants to be an internet savvy country, they still need the competition in the marketplace that's always been missing, and a digital bill of rights that isn't a sneaky anti-piracy measure."
short answer (Score:5, Informative)
yes
Why? (Score:3, Informative)
Short answer: No (the correct answer) (Score:5, Informative)
Fact:
First, there is no law requiring any action on the part of any ISP.
Disclosure: I participate in running an ISP, but not one of the ones involved in this.
Fact:
Some large national carriers have agreed to do some things. "Agreed" and "partnership" have no legal meaning. "An agreement is yet to be signed." is in the OP's link and that gives us an idea that in the future there MAY be an agreement. For now, should it happen, it's voluntary.
Fact:
No law of any jurisdiction in the United States currently requires any ISP to provide any content monitoring. The only requirements close to that are to allow Law Enforcement access should they have the right to it -- CALEA [askcalea.net].
Opinion:
It would be counter to the AOL decision [aol.com] (Zeran v AOL) that an ISP is responsible for either monitoring content, taking action based on content, or being liable for content or failing to take action based on content. That's a fourth-circuit decision that makes it likely that any ISP that doesn't want to join the "partnership" with the MPAA/RIAA can easily not opt-in to their program. Note that I didn't say "opt-out" because that would beg the question of whether there's a requirement to join.
Looking forward, I can guess that our "friends" in the MPAA/RIAA will continue their program to CHANGE THE LAW through spending lots of money, lobbying, using the influence of former senator Dodd, etc. If they can get the law to require ISPs to do so, and thereby trump the 4th circuit's AOL decision, then there will be a concern.
However, as Sonic.net's CEO Dane Jasper said [tinyurl.com] ISPs should keep as little logs as possible, preferably under two weeks. That would make it difficult unless they are doing real-time DPI, analysis, investigation, and sending out C&D letters for any of this to have meaning.
While the resources necessary for ISPs to provide access under CALEA are minimal ("Here's your Ethernet port, have a nice day, Feds") the requirement to do DPI for hundreds of gigabits-per-second of data is beyond onerous -- if even achievable. Consider -- it's not just that an ISP has to monitor their "upstream" pipes, but also customer-to-customer. The amount of bandwidth inside each ISP's core is immense.
Sorry to be long-winded, but having read the other responses, I see a lot of D&G and nay-saying. I agree that the landscape is pretty harsh, and the earth is getting scorched. I see hope because I see that we have defeated SOPA, PIPA, ACTA, (and yes I know the TPP is still alive) and we can likely continue to teach our congressional non-representatives that when the majority of the country doesn't want something ... it's likely not something they should support in our name.
Ehud
Re:Just use SSL for everything (Score:3, Informative)
CALEA DOES apply to ISPs and Internet Comm. (Score:5, Informative)
CALEA applies to Internet communication.
Pen/Trace - asking for email headers and IP headers but not content.
Full detail - asking for actual dump of bidirectional communication from a specific IP address or address-range.
See ISPs can be requested to forward all traffic... [harvard.edu]
or a company that helps ISPs comply... [netequalizer.com]
or this has been a law since 2007... [dslreports.com]
To find these things check out this link [tinyurl.com].
Fact: I appreciate your copying my style. However, when doing so, please ensure that after the word "Fact:" comes a fact.
Ehud