Deep Packet Inspection Technology and Censorship

A Presentation at A Digital Rights Roundtable The Ryerson Law Research Centre Toronto, Ontario Canada June 18, 2010 Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law Penn State University email: [email protected]

; web site: http://www.personal.psu.edu/faculty/r/m/rmf5 blog site: http://telefrieden.blogspot.com/

Main Points

 Improvements in traffic management technology, including Deep Packet Inspection (“DPI”), make it efficient and economical for Internet Service Providers (“ISPs”) to operate non-neutral networks offering “better than best efforts” traffic routing, variable quality of service, Digital Rights Management, and all kinds of “traffic shaping.”  DPI offers censorship on a chip or via software.

 DPI censors, blocks and drops packets before any administrative or judicial review. This changes the balance of power between carrier and subscriber, because heretofore in most instances users get access to content and only after the fact may have to justify such use.  DPI can restrict or eliminate lawful access to content depending on programmed parameters; overzealous Penn State programmers blocked my emails to some Penn State network users based on a signature containing the word Blogspot.

2

Main Points (cont.)

 In the U.S. ISPs enjoy “safe harbor” exemption from liability for copyright infringement, acting as a good samaritan to protect children and serving as a conduit for transmission of other harmful content.

 ISPs oppose any limitation on their options for tiering and diversifying services that can accrue financial, operational and consumer benefits, but also achieve anticompetitive goals.

 When ISPs elect to operate non-neutral networks through cheap and effective traffic management technology, they challenge the presumption that ISPs can

only

operate as neutral conduits.

3

Packet Sniffing Explained

 ISPs use packet switching to subdivide traffic for routing over any available network.  Each packet contains a header that provides routers with needed information about the source and destination of traffic using addressing and management protocols such as TCP/IP. Payloads in packets contain content.  Improvements in router technology make it possible for ISPs to secure more information from headers for purposes of tiering and prioritizing traffic based on the nature of the content, e.g., streaming content needing instantaneous (“real time”) delivery and high quality of service versus store and forward content such as email not requiring immediate processing particularly during network congestion.

 Routers also can interrogate (“sniff”) headers for instructions on Digital Rights Management, possibly including a go/no go determination whether the intended recipient has the requisite “rights” to receive a specific stream of packets. 4

TCP Packet Header

4500 4b Ver 4b H dL n XXXX T o S X X X X Length in Bytes XXXX IP ID 0 XXXX D F M F 13 bit Fra g. Off set XXXX T T L Protocol XXXX XXXX Header Checksum Source IP Address XXXX XXXX Destination IP Address XX XX So urc e Por t XXXX Destination Port XXXX XXXX Sequence Number XXXX XXXX Ack Number XXXX XXXX XX XX XXXX source: Michael McDonnell and Winterstorm Solutions, Inc.

available at: http://winterstorm.ca/download/packets.pdf.

An Easier Analogy

6

How Might ISPs Lose the §512 Safe Harbor Exemption?

   §512 of the DMCA balances ISPs’ obligations not to induce or contribute to copyright infringement with the national interest in promoting Internet commerce.

The DMCA establishes 4 safe harbor exemptions when “online service providers” operate as a neutral, transitory conduit for content, temporarily cache content, store content at the direction of a user and provide search tools for linking to content created by others.

ISPs lose an exemption by not responding to requests to take down infringing content and arguably when they know about infringement and have the right and ability to control such conduct.

7

Recalculating the Cost of Deep Packet Inspection

 ISPs characterize network neutrality as creating disincentives to invest in next generation infrastructure and the (re)imposition of “confiscatory” common carrier regulation.

 Ironically ISPs have financially benefited from the presumption that they operate as neutral conduits.

 When an ISP decides to use packet sniffing to differentiate service it cannot readily ignore the DRM instructions also contained in the header.  Arguably ISPs can act on DRM flags using ISP routers as opposed to sending the traffic onward to its final destination where end user equipment might process the flag if lawfully required to do so (see ALA v. FCC, 406 F.3d 689 (D.C. Cir. 2005).  The potential loss of the DMCA Sec. 512 safe harbor may change the cost/benefit analysis in non-neutral network operation.

8

Conclusions

 ISPs do not have an affirmative duty to monitor their traffic streams to detect IP infringement.  However technological innovations in routers and packet inspection create opportunities for ISPs to generate more revenue by operating non-neutral networks.  When making the affirmative decision to use packet sniffing for service tiering, ISPs no longer remain passive conduits.

9

Conclusions (cont.)

 Having decided not to operate as non-neutral conduits, ISPs cannot readily ignore DRM formatting standards that could insert header information about whether ISPs should continue to route traffic in light of possible piracy.  DPI may provide some degree of contemporaneous DRM that ISPs may not ignore if they want to retain safe harbor exemption from secondary liability.  If ISPs comply with DRM instructions creating a go/no go decision regarding traffic routing, software and hardware will have preempted end users from accessing content on fair use grounds. 10