CIPPIC Files Privacy Complaint Over DPI

dj_yaz writes "A group of University Of Ottawa law students who deal with online privacy issues last week filed a complaint with Canada's Privacy Commissioner about Bell Canada's use of Deep Packet Inspection (DPI) to monitor internet subscribers' online activities without their knowledge or consent."

Related links

[sm62704]

Related Links
Compare prices on YRO Products
Compare prices on Internet Products
Compare prices on Legal Related Items
Compare prices on Privacy Software
filed a complaint with Canada's Privacy Commissioner
More The Internet stories
More Privacy stories
More The Courts stories
More Your Rights Online stories

Damn, in a YRO article there's advertising that pretends to be on-topic. Seems ironic to me, although I'm sure the mods will disagree.

Packets please

[esocid]

I'd be interested to find out what clandestine DPI is going on in the states, since apparently both the UK and Canada have problems with ISP snooping. I know the govt does a little bit on its own, but what about our ethernet overlords.

Re:

[TheRealMindChild]

See, I think that this has been going on all along... since the days when you were connecting to the interwebs on your 9600 baud modem, using Netscape 1.1, your ISP has been looking at what you were doing. But the difference is, back then they didn't know what to do with it. No one ever even thought about it, let alone giving it a second thought, because they weren't doing anything with it.

Now they want to put ads in your data streams. Now they want to sell your surfing information to anyone who will buy i

Re:Packets please

[mr_mischief]

As a veteran of the ISP business from the days of 14.4kbps up through ISDN, DSL, and tower-to-home wireless, let me assure you the little players didn't have the funds to do DPI on everyone.

For the places I worked, if we suspected one or two particular customers were into kiddie porn or trying to break our network, we could divert that user's packets through a path with a fairly high level of scrutiny. That was a really rare thing, and we were usually too busy keeping the servers and networking equipment running to bother even when we had suspicions.

We never, at any company I worked for, turned over information on which customer was on an IP address at a given time without a subpoena unless we had proof internally of either kiddie porn or attacking our networks. Any other crime, and the cops had to get their court order. One company I worked for even put up challenges to some subpoenas.

I'm pretty sure the upstream providers for those small to medium ISPs could carry on vastly more streams of packet inspection, but not enough to snoop on everyone. They might've done random sampling or investigated on a suspicion-led basis as we did. The tech to do DPI on everyone I think is just now becoming economically feasible. Although it probably could have been done with the tech of five years ago, I doubt anyone would have paid the cost.

Re:

[Tenebrousedge]

Everything is an arms race. Or a Red Queens' race, either way. Probably it could be considered part of the definition of competition. Which would make this--inevitable. Pointing out that this system exhibits this behavior is kind of obvious, really. The question is whether or not the "BFG" exists---whether there is an element that will end the competition.

We need an "AlterNet"

[denis-The-menace]

I think we need to start planing for an Alternate Network other than the Internet.

It would have to be WiMax-based (or better) to handle the traffic.

I could see some neighborhoods setting these up just for local traffic to limit the effect of ISPs' Traffic shaping and DPI.

Re:

[indy_Muad'Dib]

but i dont want to watch my neighbors hardcore pronography.

they are in their 70s and hearing it is bad enough.

Re:

[gstoddart]

I think we need to start planing for an Alternate Network other than the Internet.

It would have to be WiMax-based (or better) to handle the traffic.

But, ultimately, all of those packets have to travel over one of the backbones.

I fail to see how having a separate front-end access point could eliminate this problem. Surely you aren't proposing a completely separate networking infrastructure which would never travel over the same fibers as they do now -- that would likely be a very difficult thing to do, woul

Re:

[countSudoku()]

A completely separate network would be awesome, expect for the lack of content. Building a new backbone would be the hard part, but then it could be connected via VPN, as long as you don't mind the very low bandwidth and can keep people from routing back to Internet v1.

Re:

[denis-The-menace]

Having a separate front-end access point could eliminate the need to use precious bandwidth from the real ISP.

It wouldn't need to be perfect. I'm thinking ad hoc networks like the ones used with the OLPC.

Think about it: The ISPs of today will be the RIAAs/MPAAs of tomorrow.

Re:

[kalirion]

"AlterNet"? You mean one that alters the packet contents midway? Comcast already does that.

Re:We need an "AlterNet"

[pla]

I think we need to start planing for an Alternate Network other than the Internet.

We already have one, just with really high latency: Large external HDDs.

And I don't mean that as a joke. It takes way too much time (after, for example, a major crash) to redownload hundreds of gigs of music, (*cough*porn*cough*), and movies. Easy solution? Give your friends a copy now, and pay them a visit when you need to "restore from backup" later.


Incidentally, for all their bluster about P2P, what I just described really terrifies the **AA... Not only do they have no ability to track it, but you can copy their entire catalog in a few hours (or less). Compared to that threat, a few low-quality leaks of Madonna's latest cry for attention pales in comparison.

Re:

[Nuitari The Wiz]

Anyone remember old time dial up BBS?
Where you could get files from the other side of the world in less then a week.

How Relevant

[QuantumRiff]

I use charter.net for cable internet, and just saw this today. [charter.com] (kudos to Consumerist.com and DSL reports for the scoop!) Looks like Charter is using DPI, and your browsing habits to "replace" adds on the websites you visit with their own ads that are "more relevant". You can opt out by filling out your personal info on a non-secured website, but you must re-opt out anytime you delete your cookies. Not to mention the copyright ramifications. I would be pissed if I was a webmaster, and lost revenue becuase the ISP's replaced my ads.

Re:

[Amouth]

ok that is just scary sad.. i reallllly hope they get dragged into court and hit hard for that one.

I know if i had charter right this min i would be working to find their little stunt in action and get proof that they are changing the content.. then contact the site owner they are doing it to and see if they would like to file a joint suit aginst them.

that is completely wrong

Re:

[ItsColdOverHere]

Okay, so if they implement this opt-out stuff via cookies I wonder how hard it would be to figure out how the cookies are generated and make a little proggy or FF addon to auto-generate those cookies.
Seems to me that since they require you to re-opt out every time you clear your cookies there is no info being stored on their servers, otherwise they could just tie the opt out to your user account.
Whats more, if lots of people start making their own cookies maybe they would start to tie the opt out to user

DPI?

[MatrixManiac]

And here I thought somebody was suing over Dots Per Inch. But I see this acronym has been hijacked..

Re:

[knorthern knight]

>> And here I thought somebody was suing over Dots Per Inch.

> Better to write that as "dots/in.", anyway. ^_-

In Slashdot ???