Dutch Provider KPN Under Fire Over DPI

An anonymous reader writes "After Dutch internet/mobile provider KPN announced they were going to blatantly do away with the idea of net-neutrality by charging their customers for using text message replacements (such as WhatsApp) to make up for diminishing use of traditional text-messaging, it has now been revealed that they have apparently employed deep packet inspection (DPI) to monitor customers' use of WhatsApp (and also VoIP services) — which happens to be illegal in the Netherlands. Many national news outlets are now finally reporting on the issue. Some doubts exists on whether it was actually DPI that was used to measure WhatsApp use (and not just IP/TCP header inspection), while some KPN insiders suggested it is actually an outsourced operation run by Alcatel-Lucent." Update: 05/13 20:26 GMT by S : The Dutch equivalent of the EFF has recommended that users report this to the police, and explained how to go about doing so (Google translation of Dutch original).

Simple

[M0j0_j0j0]

Switch provider, next case.

Re:

[ControlFreal]

Nah, it does became apparent that the second provider (Vodafone) also does DPI ( http://tweakers.net/nieuws/74441/ook-vodafone-geeft-gebruik-dpi-toe.html [tweakers.net] - Dutch). There are 2 other providers, which have basically not been caught using DPI yet, I am afraid.

Re:

[paziek]

After they break into your house, you also operate by this simple advice of yours and switch homes?

Re:

[Betaemacs]

You seem to have trouble with the concept so I'll help out. Paziek was using the scenario of a physical invasion of privacy to illustrate the problem with letting providers invade the privacy of online communications. I will assume you have a problem with the stark symbolism that paziek used as that is the only reason I can see for your personal attack. However some people online seem to have a problem understanding abstract concepts and it is often safer to use very strong examples to avoid confusion. Ple

Re:

[IgnoramusMaximus]

While "switching homes" is a bit off, this would be like "taking a short 150 mile detour to work" because a toll-road owner of the only geographically feasible bridge in the area decided that you have to undergo anal probes each time you cross their bridge, for an extra fee! Which of course happens to be the only convenient way to get to your work, other "alternatives" shortening your day by 6 hours. So you are being advised by all sorts of market-freediot fundamentalists to put yourself at the tender merci

Re:

[IgnoramusMaximus]

Login and I will reply. ACs do not get that privilege.

Re:

[Dunega]

Except when you reply to them.

Re:

[IgnoramusMaximus]

That wasn't what I would term an actual reply. More like a placeholder for one.

But yes, while I try to stick to my policy, I am only human. We all have our moments of weakness now and again.

Re:

[Pseudonym Authority]

Stop being an elitist prick (I didn't make that post BTW). Refusing to make a rebuttal because it is AC is akin to categorically modding down a user based on the name.

Re:

[IgnoramusMaximus]

Sure, I will stop as soon as people will stop logging out, down-modding the posts they don't like and then replying to them as ACs for the extra kick...

There is a reason why you can't moderate the discussion in which you participate and its a good one. ACs have a right to their opinion but I also have a right to ignore them.

Re:

[h4rr4r]

So you are going to be paying the cancelation fee for them?

Re:

[JaredOfEuropa]

As I understand the case, DPI might not actually be illegal per se, but you can't do it without the customer's consent. And there's nothing about DPI in the current agreement. So, to continue to use this they will have to offer new terms to their customers, who then have the option to accept them or cancel without fees or penalties (or the company can offer to keep the old terms until the end of your contract, which they often do in case of contracts with subsidized handsets).

Re:

[h4rr4r]

Why do you need customer consent?
They normally reserve the right to manage their network as they see fit. You would need to prove this was a material change. If you were in the USA you would probably be stuck in arbitration.

Re:

[sosume]

Right. So you wouldn't mind the post office to open and read all your mail if they say it is used to optimise logistics?

Re:

[h4rr4r]

I sure would, but they don't make me sign one of those agreements to get service. I don't like with the practice, just pointing out that short of regulation you really can't do anything about it.

Re:

[M0j0_j0j0]

When your terms of contract change, you can cancel it.

Re:

[Bucky24]

Bear in mind this is the Netherlands, not the USA. The terms under which contracts work may not be the same.

Re:

[nosferatu1001]

It's the same. in fact, knowing the state of US consumer "protection" legislation, it's undoubtedly stronger than US laws.

Summary.

[grub]

KPN are thieving cunts.

Drop & Encrypt

[Anonymous Coward]

Do the Dutch not have as many choices as everyone else? My first instinct would be to drop them and go with another company. When they ask why specify exactly why. Suing them to stop the ordeal just feeds money to the lawyers, who will continue to advise them ahead of time that its a Good Idea

Secondly, communications apps really need to start taking encryption seriously. The fact that any intermediate party knows anything about your communications other than where they need to route it always resorts to pr

Re:

[Meph0]

There are three physical networks in the Netherlands. KPN, Vodafone and T-Mobile. The first two have admitted to using DPI (or SPI), some form of PI at least. Then there's the 50 operators who use those three networks to offer their servers, but it's unclear whether KPN uses DPI on their traffic as well (it's their network of course). Another problem: KPN and Vodafone have a good network (speed and coverage), while T-Mobile's sucks. So it's either sucky coverage or DPI as it stands now. In a few weeks, DPI

I'm old.

[MarkvW]

I read DPI and thought dots per inch.

Re:

[Captain.Abrecan]

Don't feel bad, I am 23 and I thought the same thing. I next assumed KPN was a 'dutch provider' of publishing services for magazines.

Re:

[Lodewijk]

I'm 31, Dutch, and when I read KPN, I think of Khan Process Networks. KPN should have gone bankrupt about ten years ago. They are the old state telecommunications company, and twenty years after privatization they still rank among the most evil ISP's, and they seem to get worse every week.

I remember them blocking all incoming and outgoing traffic to port 25 without prior notice, even on business DSL lines. I remember them illegaly refusing colocation to competing ISP's on their state-built infrastructure, e

Re:

[Maximus633]

I am just as old... I saw that and was like why is a provider in trouble over dots per inch...

Re:

[Anonymous Coward]

I'm the AC that submitted the story, and I apologize for the confusion, I just couldnt think up a better subject that would fit. But hey at least I tricked you into reading the summary, yay :)

Re:

[Betaemacs]

You know that companies are using astroturfing bots right? So I assume they sometimes get mod points too :-)

actually, the new acronym for DPI is TPM

[Chirs]

The equipment vendors are aware that "deep packet inspection" has negative connotations, and at least some of them are now using the term "traffic and policy management" or TPM.

Doesn't that sound nice and innocuous?

Why can't they come up with a unique acronym?

[name_already_taken]

The equipment vendors are aware that "deep packet inspection" has negative connotations, and at least some of them are now using the term "traffic and policy management" or TPM.

Doesn't that sound nice and innocuous?

Great. Nobody would ever confuse it with the other TPM [wikipedia.org].

You'd hope these acronym buffoons would eventually try Googling their three-letter combinations to see if they've already been used in the computing field.

Re:

[StripedCow]

They should call it DPV, or "deep packet voyeurism".

Re:

[shutdown -p now]

I prefer Real-time Automated Policy Enforcement.

Re:

[e9th]

The difference is that in DPI issues relating to printers/displays, you know the resolution in advance.

Re:

[Anonymous Coward]

Excuse me, but since when is using WhatsApp and Skype illegal? They have deminishing profits from text messaging, so they want to charge for specific kinds of data traffic.

Re:

[maxume]

Could you explain what was illegal about not using text messages?

(If you are reading it from the summary, the 'illegal' in the summary refers to the use of deep packet inspection.)

Re:

[maxume]

The summary isn't particularly ambiguous, the part "it has now been revealed that they have apparently employed deep packet inspection (DPI) to monitor customers' use of WhatsApp (and also VoIP services) â" which happens to be illegal in the Netherlands." is quite clear and it takes quite a lot of squinting to think the 'illegal' is somehow referring further back into the sentence.

And then there is the part where your assumed illegality of not using text messages somehow automatically justified the dee

Re:

[Jumperalex]

Actually, rereading it ... it *is* ambiguous. What "happens to be illegal"? DPI or WhatsApp? In fact, assuming, from that sentance, that DPI is the illegal activity would likely be the wrong conclusion. Most geeks just assumed DPI was the subject illegal activity because we are trained to thikn that way. It would have been more clear had the sentance read:

"it has now been revealed that they have apparently employed deep packet inspection (DPI), which happens to be illegal in the Netherlands, to monitor

Re:

[maxume]

"they have apparently employed deep packet inspection (DPI) to monitor customers' use of WhatsApp (and also VoIP services)" is a noun phrase. It isn't ambiguous.

The complexity of the surrounding sentence certainly invites poor reading.

Re:

[Jumperalex]

Not to mention failing to adhere to the EULA is NOT ILLEGAL!!! It is a breach of contract, but it is not illegal. If it were illegal then it wouldn't need to be in the EULA since .. .well ... its already illegal.

Yes I'm being trite ... but in this war of words it is important that we don't let the various MAFIAA's (I consider an ISP like this part of the same group), twist the narrative so that people think using a new technlogy that they *don't like* is the same as doing something illegal.

Re:

[s73v3r]

Read the Fine Summary. It is illegal in the Netherlands.

And I take issue with your idea that banning DPI for the purposes of violating Net Neutrality is bad for consumers. I think it's great for consumers, as it greatly increases competition for those services. Without it, the ISP knows that you can only really use their SMS and VoIP solutions, so there's no incentive to price them competitively or to keep innovating them.

Re:I love hating as much as the next guy...

[gstoddart]

...but in this case KPN is actually fully authorized to do that (unless DPI is illegal in the Netherlands). After all, the customers who are hit with the extra costs are actually doing something illegal, and they could just as well be brought to court or otherwise penalized in some much worse way.

Ummm ... what exactly are the people doing that is 'illegal'??

Reading the linked articles, it would seem that people are using their data plan to provide an IM alternative to SMS, as well as to provide VoIP ... are either of these things illegal? Or just not making profit for the company? (Boo hoo, you used our network bandwidth we sold to you for something we'd normally charge you for ... so we're going to charge you anyway.)

If you're selling me access to the internet, you don't get to decide which sites I visit. You certainly (so far) don't get to decide to charge me $5/month for Slashdot or Google.

What, exactly are the users doing that is 'illegal' ... I'm not getting that from any of the articles. The only thing that I see that is illegal is that it might be a violation of Dutch law for KPN to use DPI ... which is precisely what the articles say.

It isn't the customers of KPN who are breaking the law.

All together now . . .

[colinrichardday]

Commenting before you RTFA should be illegal.

You must be new here, and now just because you have a seven-digit ID.

Re:

[Dr_Barnowl]

It's a badly phrased summary - it makes is ambiguous about what is illegal here.

Using text messaging apps and VoIP isn't illegal in the Netherlands, by the way. It's the Deep Packet Inspection that's illegal, in the opinion of a lobbyist quoted in one of the linked stories.

Re:

[rrossman2]

That's like saying since I use Google Talk to send messages to my friends instead of texting, I should be charged more. Bullshit. I'm paying for the data plan, I should be able to send messages over it as I see fit. That's the whole point of HAVING a data plan. What if the next step is to charge you for every facebook update/message because it's causing people to text less? Obviously, (at least in the US) the insane fees the carriers charge for texting is no longer as viable as what they use to be able to

Re:

[Anonymous Coward]

You got it wrong - DPI is illegal, using the text message replacement is perfectly legal. So KPN is breaking the law to charge more (which is legal, unless net neutrality were signed into law) to people who obey the law, but circumvent the regular text-messaging service.

Why was text message use dropping?

[Missing.Matter]

I don't know how expensive a text is in the Netherlands, but if it's anything like in America I can't blame them for wanting to text less. Or was it that this alternative offered better features? Either way, the correct response from the provider is to respond to demands of the customers; if demand goes down, price should reflect that.

Re:

[WorBlux]

Yes, charging 100 or a thousand times over cost for data that you have to send and receive anyways is a ripoff, plain and simple.Of course you're going to get undercut by the competition.

Re:

[gl4ss]

text messages originated as a ridiculously good deal on the operators on year zero, so they're clinging on to it. so much cash for so few bits.

ridiculous though how they didn't think that doing _this_ was idiotic. how the fuck would they explain to anyone how they added a charge to their bill without admitting to having sniffed their traffic? they should fire the bozos responsible and use the money to buy faster lines to their cells and expand their cell density - because that's the only way they can compe

Dutch government mandates DPI from all ISPs

[Anonymous Coward]

All Dutch (and European?) ISPs are required by law to retain e-mail headers and URLs accessed for a number of years (anti-terrorism, anti-pedophiles, the usual reasons), which I think is only possible with DPI, so I suppose all Dutch ISPs are doing DPI, in a far more intrusive way than KPN and Vodafone are using it for their own interests. I'm sad that it is only now that people are suddenly outraged, but I guess its better than nothing at all. I'm far more concerned about KPN trying to make a profit from other people's services (WhatsApp) just because people are realizing traditional text-messaging sucks balls.

Re:

[Dr_Barnowl]

The URLs are possible to retain if you run a transparent proxy (which most ISPs seem to do these days). The email headers, that probably refers to headers on mails transmitted via their SMTP relays. Neither of these requires DPI, and it would be a more expensive way of acquiring this data.

Re:

[Betaemacs]

There is a huge difference between retaining headers and urls which simply requires storing a copy and mining the traffic for data. While both are pretty stupid, they are not the same.

Re:

[moonbender]

The same law exists in Germany, although it's currently suspended. I doubt they're required to retain email headers from mail servers other than their own. I assume most people use SSL one way or another when talking to their mail provider, DPI won't do jack squat in that case. As for storing URLs, maybe it's enough to store IP addresses? You could do that without DPI.

Finally Proper coverage

[Bob the Super Hamste]

As one of the sources for this is the Wall Street Journal [wsj.com] maybe net neutrality issues are finally getting proper coverage, instead of the Rush Limbaugh style of this is the "fairness doctrine" coverage it has gotten in the past.

Re:

[vm146j2]

Yeah, or maybe baby Murdoch is worried that his stuff is next. Have to buy some service providers then.

Re:

[Bob the Super Hamste]

Possibly. I forgot that he bought WSJ.

Internet Protocl over Transmission Control Protocl

[The O Rly Factor]

What?

Illegal? Maybe not. But it's not just KPN...

[Anonymous Coward]

Actually, all three network providers (KPN, Vodafone NL, T-Mobile NL) in the Netherlands have admitted to using DPI. Since IAMNAL I am not sure if this is actually illegal. On another site, someone pointed out that there actually is a provision in the law that a measure like this may be legal if used to keep the network running properly. How far that provision can be stretched is another matter. As to what they actually use the data for and how they handle the data is an interesting matter as well. KPN appa

Not just KPN

[ecotax]

On the 20:00 TV news, they just announced that Vodafone does the same.
This is getting a lot of media coverage here.

Re:

[geobaker]

Is it a sad commentary on the US that the general press in NL carry this as a hot/lead story, while over here it would be blip on the general press radar? Perhaps that's my age showing that I 'remember when...' this would have been a big deal in general in the US; now I think it would only be in certain interested groups.

(and I'm with MarkvW on DPI. damn i'm old... :)

No surprise

[FridayBob]

KPN is a typical old-school telecom monopolist that, over the last two decades, has had to watch its market share and profits shrink. A few years ago their DSL network suffered a terrible outage that lasted for several weeks. The problem was their old ATM network equipment that just couldn't cope with the scale at which it was being used. Back in the end of the 90s, they had been warned by network experts that ATM was would eventually do this to them, but they didn't care. It was more important that it was

Re:

[Betaemacs]

The question is do they pay well?

Citation Needed on DPI

[BlueScreenO'Life]

Can anybody please provide a source for the claim that DPI is illegal? Not saying I don't believe it, I just haven't been able to find a source.

I don't know about KPN's contract terms (never dealt with them), but does it state anything about VoIP? Like I said I am not familiar with KPN but I did use mobile data with Vodafone Netherlands and they clearly stated you were not allowed to tether or do VoIP. I occasionally did both, and worked flawlessly - what they did once do, and that was evil, was to eat my

Service-Aware Charging and Control (SACC)

[dj-nix]

This is most Likely done with SACC. It's a built in function of the GGSN...