Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deep Packet Inspection Technology and Censorship Deep Packet Inspection Technology and Censorship Rob Frieden, Pioneers Chair and Professor of Telecommunications.

Published byKristin Allison Modified over 8 years ago

Similar presentations

Presentation on theme: "Deep Packet Inspection Technology and Censorship Deep Packet Inspection Technology and Censorship Rob Frieden, Pioneers Chair and Professor of Telecommunications."— Presentation transcript:

1 Deep Packet Inspection Technology and Censorship Deep Packet Inspection Technology and Censorship Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law Penn State University email: rmf5@psu.edu; web site: http://www.personal.psu.edu/faculty/r/m/rmf5rmf5@psu.eduhttp://www.personal.psu.edu/faculty/r/m/rmf5 blog site: http://telefrieden.blogspot.com/http://telefrieden.blogspot.com/ A Presentation at A Digital Rights Roundtable The Ryerson Law Research Centre Toronto, Ontario Canada June 18, 2010

2 2 Main Points Improvements in traffic management technology, including Deep Packet Inspection (“DPI”), make it efficient and economical for Internet Service Providers (“ISPs”) to operate non-neutral networks offering “better than best efforts” traffic routing, variable quality of service, Digital Rights Management, and all kinds of “traffic shaping.” Improvements in traffic management technology, including Deep Packet Inspection (“DPI”), make it efficient and economical for Internet Service Providers (“ISPs”) to operate non-neutral networks offering “better than best efforts” traffic routing, variable quality of service, Digital Rights Management, and all kinds of “traffic shaping.” DPI offers censorship on a chip or via software. DPI offers censorship on a chip or via software. DPI censors, blocks and drops packets before any administrative or judicial review. This changes the balance of power between carrier and subscriber, because heretofore in most instances users get access to content and only after the fact may have to justify such use. DPI censors, blocks and drops packets before any administrative or judicial review. This changes the balance of power between carrier and subscriber, because heretofore in most instances users get access to content and only after the fact may have to justify such use. DPI can restrict or eliminate lawful access to content depending on programmed parameters; overzealous Penn State programmers blocked my emails to some Penn State network users based on a signature containing the word Blogspot. DPI can restrict or eliminate lawful access to content depending on programmed parameters; overzealous Penn State programmers blocked my emails to some Penn State network users based on a signature containing the word Blogspot.

3 3 Main Points (cont.) In the U.S. ISPs enjoy “safe harbor” exemption from liability for copyright infringement, acting as a good samaritan to protect children and serving as a conduit for transmission of other harmful content. In the U.S. ISPs enjoy “safe harbor” exemption from liability for copyright infringement, acting as a good samaritan to protect children and serving as a conduit for transmission of other harmful content. ISPs oppose any limitation on their options for tiering and diversifying services that can accrue financial, operational and consumer benefits, but also achieve anticompetitive goals. ISPs oppose any limitation on their options for tiering and diversifying services that can accrue financial, operational and consumer benefits, but also achieve anticompetitive goals. When ISPs elect to operate non-neutral networks through cheap and effective traffic management technology, they challenge the presumption that ISPs can only operate as neutral conduits. When ISPs elect to operate non-neutral networks through cheap and effective traffic management technology, they challenge the presumption that ISPs can only operate as neutral conduits.

4 4 Packet Sniffing Explained ISPs use packet switching to subdivide traffic for routing over any available network. ISPs use packet switching to subdivide traffic for routing over any available network. Each packet contains a header that provides routers with needed information about the source and destination of traffic using addressing and management protocols such as TCP/IP. Payloads in packets contain content. Each packet contains a header that provides routers with needed information about the source and destination of traffic using addressing and management protocols such as TCP/IP. Payloads in packets contain content. Improvements in router technology make it possible for ISPs to secure more information from headers for purposes of tiering and prioritizing traffic based on the nature of the content, e.g., streaming content needing instantaneous (“real time”) delivery and high quality of service versus store and forward content such as email not requiring immediate processing particularly during network congestion. Improvements in router technology make it possible for ISPs to secure more information from headers for purposes of tiering and prioritizing traffic based on the nature of the content, e.g., streaming content needing instantaneous (“real time”) delivery and high quality of service versus store and forward content such as email not requiring immediate processing particularly during network congestion. Routers also can interrogate (“sniff”) headers for instructions on Digital Rights Management, possibly including a go/no go determination whether the intended recipient has the requisite “rights” to receive a specific stream of packets. Routers also can interrogate (“sniff”) headers for instructions on Digital Rights Management, possibly including a go/no go determination whether the intended recipient has the requisite “rights” to receive a specific stream of packets.

5 TCP Packet Header 4500XXXX XXXX XXXX 4b Ver4b H dL n ToSToS Length in Bytes IP ID 0D FM F M F 13- bit Fra g. Off set TTLTTL ProtocolHeader Checksum Source IP Address XXXX XX Destination IP Address So urc e Por t Destination PortSequence NumberAck Number XXXX XX source: Michael McDonnell and Winterstorm Solutions, Inc. available at: http://winterstorm.ca/download/packets.pdf.

6 6 An Easier Analogy

7 7 How Might ISPs Lose the §512 Safe Harbor Exemption? §512 of the DMCA balances ISPs’ obligations not to induce or contribute to copyright infringement with the national interest in promoting Internet commerce. §512 of the DMCA balances ISPs’ obligations not to induce or contribute to copyright infringement with the national interest in promoting Internet commerce. The DMCA establishes 4 safe harbor exemptions when “online service providers” operate as a neutral, transitory conduit for content, temporarily cache content, store content at the direction of a user and provide search tools for linking to content created by others. The DMCA establishes 4 safe harbor exemptions when “online service providers” operate as a neutral, transitory conduit for content, temporarily cache content, store content at the direction of a user and provide search tools for linking to content created by others. ISPs lose an exemption by not responding to requests to take down infringing content and arguably when they know about infringement and have the right and ability to control such conduct. ISPs lose an exemption by not responding to requests to take down infringing content and arguably when they know about infringement and have the right and ability to control such conduct.

8 8 Recalculating the Cost of Deep Packet Inspection ISPs characterize network neutrality as creating disincentives to invest in next generation infrastructure and the (re)imposition of “confiscatory” common carrier regulation. ISPs characterize network neutrality as creating disincentives to invest in next generation infrastructure and the (re)imposition of “confiscatory” common carrier regulation. Ironically ISPs have financially benefited from the presumption that they operate as neutral conduits. Ironically ISPs have financially benefited from the presumption that they operate as neutral conduits. When an ISP decides to use packet sniffing to differentiate service it cannot readily ignore the DRM instructions also contained in the header. When an ISP decides to use packet sniffing to differentiate service it cannot readily ignore the DRM instructions also contained in the header. Arguably ISPs can act on DRM flags using ISP routers as opposed to sending the traffic onward to its final destination where end user equipment might process the flag if lawfully required to do so (see ALA v. FCC, 406 F.3d 689 (D.C. Cir. 2005). Arguably ISPs can act on DRM flags using ISP routers as opposed to sending the traffic onward to its final destination where end user equipment might process the flag if lawfully required to do so (see ALA v. FCC, 406 F.3d 689 (D.C. Cir. 2005). The potential loss of the DMCA Sec. 512 safe harbor may change the cost/benefit analysis in non-neutral network operation. The potential loss of the DMCA Sec. 512 safe harbor may change the cost/benefit analysis in non-neutral network operation.

9 9 Conclusions ISPs do not have an affirmative duty to monitor their traffic streams to detect IP infringement. ISPs do not have an affirmative duty to monitor their traffic streams to detect IP infringement. However technological innovations in routers and packet inspection create opportunities for ISPs to generate more revenue by operating non-neutral networks. However technological innovations in routers and packet inspection create opportunities for ISPs to generate more revenue by operating non-neutral networks. When making the affirmative decision to use packet sniffing for service tiering, ISPs no longer remain passive conduits. When making the affirmative decision to use packet sniffing for service tiering, ISPs no longer remain passive conduits.

10 10 Conclusions (cont.) Having decided not to operate as non-neutral conduits, ISPs cannot readily ignore DRM formatting standards that could insert header information about whether ISPs should continue to route traffic in light of possible piracy. Having decided not to operate as non-neutral conduits, ISPs cannot readily ignore DRM formatting standards that could insert header information about whether ISPs should continue to route traffic in light of possible piracy. DPI may provide some degree of contemporaneous DRM that ISPs may not ignore if they want to retain safe harbor exemption from secondary liability. DPI may provide some degree of contemporaneous DRM that ISPs may not ignore if they want to retain safe harbor exemption from secondary liability. If ISPs comply with DRM instructions creating a go/no go decision regarding traffic routing, software and hardware will have preempted end users from accessing content on fair use grounds. If ISPs comply with DRM instructions creating a go/no go decision regarding traffic routing, software and hardware will have preempted end users from accessing content on fair use grounds.

Download ppt "Deep Packet Inspection Technology and Censorship Deep Packet Inspection Technology and Censorship Rob Frieden, Pioneers Chair and Professor of Telecommunications."

Similar presentations

Ethernet Switch Features Important to EtherNet/IP

Ethernet Switch Features Important to EtherNet/IP
Delivery and Forwarding of

Delivery and Forwarding of
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.

1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.
Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.

Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.
Chapter 20 Network Layer: Internet Protocol Stephen Kim 20.1.

Chapter 20 Network Layer: Internet Protocol Stephen Kim 20.1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
UDP - User Datagram Protocol UDP – User Datagram Protocol Author : Nir Shafrir Reference The TCP/IP Guide - (http://www.TCPIPGuide.com) Version 3.0 - Version.

UDP - User Datagram Protocol UDP – User Datagram Protocol Author : Nir Shafrir Reference The TCP/IP Guide - ( Version Version.
OSI Model.

OSI Model.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
A Guide to major network components

A Guide to major network components
Internet 3.0: Assessing the Scope of a Non-Neutral and Tiered Web Internet 3.0: Assessing the Scope of a Non-Neutral and Tiered Web Rob Frieden, Pioneers.

Internet 3.0: Assessing the Scope of a Non-Neutral and Tiered Web Internet 3.0: Assessing the Scope of a Non-Neutral and Tiered Web Rob Frieden, Pioneers.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
1. What is the DMCA? Digital Millennium Copyright Act. Signed into law in 1998. Provides the legal framework for copyright holders to claim copyright.

1. What is the DMCA? Digital Millennium Copyright Act. Signed into law in Provides the legal framework for copyright holders to claim copyright.
Chapter 2 The Infrastructure. Copyright © 2003, Addison Wesley Understand the structure & elements As a business student, it is important that you understand.

Chapter 2 The Infrastructure. Copyright © 2003, Addison Wesley Understand the structure & elements As a business student, it is important that you understand.
Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.

Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering

Similar presentations

Ads by Google