The politics of Deep-Packet-Inspections


Formal Metadata

The politics of Deep-Packet-Inspections
Alternative Title
The politics of deep packet inspections
Title of Series
Part Number
Number of Parts
Bendrath, Ralf
Bogk, Andreas
CC Attribution - ShareAlike 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
An overview of different Use-Cases for DPI, the various methods of regulation and several associated political campaigns for the future of the internet.
Web page Voting Meeting/Interview Natural number Internetworking Bit Wireless LAN Router (computing) Computer
Computer animation Visualization (computer graphics) Internetworking Scientific modelling Closed set Visualization (computer graphics) Virtual machine Point cloud Bit Line (geometry) Communications protocol Connected space
Asynchronous Transfer Mode Scientific modelling View (database) Streaming media Student's t-test Weight Expected value Data model Internetworking String (computer science) UDP <Protokoll> Conditional-access module Address space Standard deviation Physicalism Bit Line (geometry) Cartesian coordinate system System call File Transfer Protocol Frame problem Connected space Hierarchy Computer animation Personal digital assistant Computer network Universe (mathematics) Vertex (graph theory) Transmissionskoeffizient Right angle Referenzmodell Communications protocol Abstraction
Web page Point (geometry) Email Slide rule Service (economics) Transportation theory (mathematics) Decision theory Streaming media Disk read-and-write head Computer In-System-Programmierung Address space Gateway (telecommunications) Inheritance (object-oriented programming) Variance Instance (computer science) Line (geometry) Cartesian coordinate system Demoscene Connected space Radical (chemistry) Computer animation Personal digital assistant Vertex (graph theory) Data type Abstraction
Complex (psychology) Computer virus Algorithm Internettelefonie State of matter Field programmable gate array Core dump Denial-of-service attack Set (mathematics) Infinity Mereology Cartesian coordinate system Rule of inference IP address Area Independence (probability theory) Computer animation String (computer science) Software testing OSI model Data conversion Chi-squared distribution
Computer virus Implementation Game controller Algorithm State of matter Multiplication sign Infinity Quality of service Rule of inference Quantum state Area Independence (probability theory) Meeting/Interview Internetworking String (computer science) Intrusion detection system Extension (kinesiology) Subtraction Units of measurement Algorithm Multiplication Computer virus Mapping State of matter Field programmable gate array Core dump Set (mathematics) Cartesian coordinate system Table (information) Control engineering Antivirus software Computer animation String (computer science) Pattern language Finite-state machine Data type Surjective function
Decision tree learning Line (geometry) Multiplication sign Line (geometry) Arithmetic mean Computer animation Internet forum Telecommunication Internet service provider Gotcha <Informatik> Right angle Identical particles Data type Subtraction Social class
Maxima and minima Group action Game controller Code Decision theory Projective plane Physical law Code Multilateration Control flow Process (computing) Envelope (mathematics) Internetworking Computer network Computer network Freeware Mathematical optimization Mathematical optimization Writing Surjective function
Context awareness Model theory Scientific modelling Real-time operating system Quality of service Information privacy Perspective (visual) Computer network Information security HTTP cookie Exception handling Speech synthesis Musical ensemble Theory of relativity Regulator gene Decision theory Shared memory Principal ideal domain Bit Überlastkontrolle Control flow Digital rights management Content (media) Data storage device Internet service provider Telecommunication Order (biology) Computer file Disintegration Auto mechanic Business model Authorization Energy level Digital rights management Routing Neighbourhood (graph theory) Content (media) Volume (thermodynamics) Ultraviolet photoelectron spectroscopy Line (geometry) Cartesian coordinate system Local Group Word Personal digital assistant Device driver Transportschicht Film editing Mathematical optimization Musical ensemble Differential (mechanical device) Multiplication sign Decision theory Boom (sailing) IP address Uniform resource locator Moving average Area Electric generator Real number Moment (mathematics) Transport Layer Security Internet service provider Connected space Maxima and minima Band matrix Internetworking Network topology Direct numerical simulation Website Self-organization Block (periodic table) Information security Data management Identical particles Sinc function Fundamental theorem of algebra Filter <Stochastik> Game controller Server (computing) Service (economics) Tube (container) Virtual machine Volume (thermodynamics) Device driver Internetworking Natural number Subtraction Mobile Web Inheritance (object-oriented programming) Internettelefonie Ripping Information privacy Peer-to-peer Computer animation Web service Computer network Videoconferencing Communications protocol Local ring
Musical ensemble Transportation theory (mathematics) Decision theory Multiplication sign 1 (number) Chaos (cosmogony) Client (computing) Information privacy Weight Logic synthesis Direct numerical simulation Type theory Computer network Physical law Bounded variation Information security Position operator Social class Physical system Injektivität Spacetime Regulator gene Moment (mathematics) Feedback Electronic mailing list Bit Group theory Connected space Position operator Arithmetic mean Internetworking Network topology Addressing mode Telecommunication Information security Data type Data management Bounded variation Onlinecommunity Divisor Virtual machine Rule of inference Declarative programming Number Revision control Goodness of fit Latent heat Causality Internetworking Band matrix Utility software Data structure Digital rights management Subtraction Tunis Dialect Forcing (mathematics) Projective plane Physical law Expression Content (media) Expert system Weight Line (geometry) Set (mathematics) Sphere Shape (magazine) Local Group Information privacy Word Summation Computer animation Personal digital assistant Computer network
Point (geometry) Web page Musical ensemble Pixel Service (economics) Decision theory Multiplication sign Direction (geometry) 1 (number) Hierarchy Real-time operating system Complete metric space Drop (liquid) Quality of service Mereology Information privacy Disk read-and-write head Data transmission Inclusion map Latent heat Meeting/Interview Term (mathematics) Bayesian network Business model Software testing Subtraction Position operator Hydraulic jump Form (programming) Physical system Injektivität Area Information Physical law Electronic mailing list Content (media) Mathematical analysis Denial-of-service attack 10 (number) Word Personal digital assistant Addressing mode Order (biology) Data management
Information Computer file Meeting/Interview Lecture/Conference File format Sampling (statistics) Bit Pattern language Data structure Communications protocol Data transmission
the put on this test OK but I think we won't get too many more people in the audience so you can actually move a bit closer what the OK we once again after lunch know again yeah OK and my name's unbiased walk on together stage today with my friend about and and you can have a look at deep packet inspection then I'm going to do with the technical aspect and by this molecule to the political aspect personal net introducing this legislation etc. etc. and so I'm going to start here then what is the packet inspection and why do you need it or why do you maybe don't 1 habits then that's how all about yet many people perceive the internet you know you see you have new iPad and your wireless router and that's connected to the Internet and then the Internet on the other hand is connected to computer which serves your that pages or the you vote of Warcraft is running or whatever reality is a little more complex than that so I guess that's nature
visualization of what the internet looks like and and because that's a bit too complicated and and then
explain its on little model so that's model of on all the different 1st we have some thank you it just 1 2 OK them yet here again they're out Delilah's rather which we've seen and then
you probably have a DSL line connected to adduce land that shows in close to you and that's aligned to erode you and that rotor got a connection to a rotor somewhere else like in London or and front foot and from there another line goes to another order and that eventually is connected to the machine and the other side so that's were roughly how the Internet works um I'm I'm gonna let them closer look at a protocol so but what's important
to remember that in this to this that's am I have an end to end to connection right I'm starting year and I'm ending there and there must be raised to transport my data so there must be aid to transport that's across might use aligned and the must be made to talk to the device on the other end of the DSL line and then there must be they to tell them the uh grows on the other of my line uh where to send the packet so it's ends up at the right server and in the end what I have this sending packets from here all the connections to their and from there back here and I've layer which completely abstracts that this happens so I I open a connection and I get back to a verb in connection and then speak like HDP on top of that or um wrote a for-profit protocol or voice of IP or TV or whatever so the and the usual model that you get to the top and school all this works is the year always I reference model with 7 layers starts alter year and physical layer and then the data layer and transport layer etc etc etc. that's a little bit more complex than um what actually happens all their a TCP-IP because TCP IP was a bunch of friends students at university inventing it all almost and that the other is a committee stand and to the Committee standards don't work so the is basically an a foreign layouts in the in the real verdant the first one is the network access layer that's and Nolde if you even at and it encodes hallways zeros and funds are and transmitter toys and packets then the next 1 on top of that as an the the IP layer which as I can send packets and then top of that is the transport layer the 3rd layer and that takes multiple packets and assembles them into a stream of I want to which is TCP or a doesn't in case of GDP so basically the transport layer is providing me the end to end connections and on top of that is the expectation layer that's the the application and running patient he were a for profit or whatever the so and again those 4 layers translated and names that might be more familiar to you we have don't year and that's even at FDI 80 and you have do you l everything that wireless network which often doesn't work and on top of that year IP packets so if you remember that the picture I shown with all the nodes and connections in between and this layer roughly handles hold the nodes communicate the layer on top of that the IP layer handles and sending packets from 1 end of the network all the way to the other end of the network then on top of that I have on the transport layer uh which gives me a string connection although the packets and then useful stuff on top of so that's roughly all the Internet works so again another view
on the same topic it is and the actual buys that gets and also and if you see a net for packet all the while I could use a line or even at line and consists of a frame where the spilled these addresses the other end of the line then inside of that as an IP no packet which says what's my and destination will to reach for the network that inside that there's a TCP or UDP or whatever had which says that's a 26 packets of I'm transporting in the stream and divides its getting the 24th before the 22nd pick it and to reorient etcetera etcetera and then in the end you the actual application data the again I think you can form a picture of a call routing in the and actually works
from that that's an this is my computer again that's a computer on the other side I open that page so it says all I need HGP I make connection to curate best and Annex to pieces I need to open a TCP connection at the TCP connection consists of IP packets and that IP packets get sent might use 0 so now it goes to might use them
and so did desired termination point and variances decoded it looks at the IP packet looks at the destination address of the IP packet and older goes again on the next slide early and only the the other node at the end actually cares about the transport layer and the application layer get reascending might make into a is the stream and to denote passing the GET request funding although I want to see point and certainly the point OK so that's nitty-gritty details of what's inside a TCP IP packet that's an IP had a appear the TCP header the parents eventually data this transporter for the application so an ordinary world thing all the intermediate nodes can the scene only look at this the IP destination address so I I Sinopec it it looks at the destination address in Northbrook whether to send that to the left or to the right side and forwards the packet the and of story but no deep packet inspection comes in what does that mean that means that 1 not only uh and reducing the 7 all the latest on to form and that also means completely forgetting about all that abstraction Borchert and actually looking at all the other data and the picket again and for making routing decisions and the stuff we can look at is for instance the type of service and are the TCP destination TC if I want to talk to TCP port 80 it's probably going to be H key and if you if it's something else than maybe I don't want to for what the traffic the same way that I do in this case and these a deep packet inspection goes as far as not only looking at all the head as it goes as far as looking as the actual data and transmitting so that means that I could do stuff like rotting the HTTP requests on the left line and rotting and
other tests on the right line or and giving priority to certain traffic so that's what people are actually doing that's what they and using DPI for for and establishing quality-of-service part does like giving priority to was of IP so the that was conversations that keep on working and in the question is how
efficient as there's no bacon detected in the days the only looked at the destination IP address that's 4 bytes and that was pretty fast to find all at that instant than expected to but now imagine you have a complex set of rules which say and if there is UDP traffic the voice of IP uh give it a higher priority if it's a torrent on to give it to low-priority and if it contains evil packets so and containing a denial of service attack drop them completely so and it's also the 1st place like it would be very difficult to build a rotor that actually looks at all the details of all the bytes new packets right down into the application layer protocol
but it turns out that it's pretty easy to do and that's where all the arity Pickens inspection stuff is coming from and from the virus scanners there is a need algorithm called of local radical that's the compiled so that many many different strings you search for it to run big state machine we don't know how many people have heard about state machines that sound basically constant that says I have a state map status 3 that I look at the next byte coming in the table which says if I am in state of the in the next byte coming in this 5 manic state is 8 and finally it stays next state is 0 and please drop the picked has got it is possible to compile all your rules you have um it doesn't matter how many there are into such a state machine and it's very very efficient to execute such as that she and it's is essentially 1 axis into a table provides coming in so it has impossible for quite some time now think the oldest implementation state vector 10 years or more 2 and do that and bias the as far as Internet gets it's possible to do D. Pickett inspection onto and the whole research has been coming from the Securities articles and is a set of virus engines have been using that tolerance for other and people have uh start researching into uh intrusion-detection systems no detecting patterns of attacks on unit require and that's very deep deep packet inspection as originally coming from and at some time and people realize that if I can distinguish between different types of traffic I can do
quality of service on on the traffic and Perot T to a certain type of traffic so the application of some deep packet inspection tool traffic engineering as it is a newer 1 and 2 maybe 5 or 6 years old and it as a set and it runs in bias the diffusion FPGA or a hard wired to chip I've looked up some of the devices is essentially every big manufacturer these days has such a device that's a Cisco Service control engine does multiple gigabytes per 2nd and controls is grotto so that's an extension to rotors and other
people like forced and they have that as a built in CART fora for the artists all that's attending to give it even at interphase covered with that already comes with built-in depicted inspection capabilities and finally that's the
fastest I could find and that's the center line depicted inspection engines does uh 60 giga bps and and if you class certain stars as being a 60 give that 2nd the and that means at the end that as a telecommunications provider you have these days the technological means to on the right on your backbone distinguish between different types of traffic and to treat them differently than which of course is the political implications and and I think the had cut some discussions about that entity today already and at that time passing all 12 and so maybe can beckon conclusion to a discussion this
and and but
the OK but so I'm not a technician and the political scientist the 1 I think I understand the technology of this is what I'm talking about knowledge so based on a research project effort involved in at the University of Technology in Delft the Netherlands onto last August's and and then I moved somewhere some action or work in the European Parliament but this is related to my previous job so as the sound so I think and as hopefully for everybody makes pretty clear that there's something big going on here I'm looking for that the of the end then I found this very nice quote from Larry Lessig's from 1999 already the more than 10 years ago and Code and other Laws of Cyberspace we set the the good old internet is basically like a daydreaming posted workers who just sort you let us look at the envelope and adverse sense that their all their and doesn't care about the content and that he also set this minimalism and design is intentional because it reflects both the political decision about disabling control and the technological decision about optimal network design and then and then later become writings he also said in this actually most also good in an economic way in his later writings on on free culture and so on and and these assumptions are actually challenged novel by this new technology
and it basically is a technology of control you could say it changes the network designed it enables political control and it also promises new business models so together I could a disruptive technology the what is a potentially disruptive potential across the tree depends on the context it works in so political control and what it basically does is integrating a couple of other technologies that have been there before and for no exception for intersection for example the things if you wanted to analyze some Internet traffic you needed to block divided into a file and then on analyze it later now with DPI it's possible to analyze it in real time but in for filtering and censorship purposes normally and and you today they are mostly based on Indian S manipulation of my P. filters and to now was PID you can actually look into the content and and food out content dangerous words whatever but no matter how and where they come from the from which IP address they come from and so on but and of course the the boom copyright industry the content industry is also pretty interested in this room they have tried to control of the the of intellectual property of but the digital restrictions management technologies by watermarking fires and stuff like that and now they're out at the some of them also pushing for them the packet inspection to basically force the highest piece to food out and we or stuff like that the but then there's also the couple of people nowadays who think this is actually better network design if you use DPI it's better for band was management you know them in the old times when when the pipe was congested know in the in the tubes were for in TCP hasn't bitten in congestion mechanism but so that basically treats every packet equally sold them as unfair said if you want to have a low latency for voice over IP but and you can't really do that you can try to do what was the quality of service protocols but they're not really owned working because basically every application can save I'll have want to have higher priority and then of course you end up in the same situation now is the PI you can do some application based routing so you can really say this application needs more speed this application it's not so long time demanding sold you distinguish between the the drivers for that of course our last mile oversubscription and then the at the something that's a peer-to-peer traffic and of a lot of traffic that also the new traffic nowadays clocks the tubes then some ice please use it for subscriber management and mostly as far as I know in the mobile internet business them but you have to pay by me and that kind of pay by avoiding known and always DPI you can actually say you don't just paper gigabytes you use on your phone or prolonged minute or whatever you can even say OK with my mobile Internet pack for 30 years and once you get these and these in these steps websites or services or whatever for free and 4 the others you will have to pay extra for you only have no 1 did not bite for months or something like that and that of course so of course may actually be a good idea if if I compare my internet use with that of my parents of tree my parents don't have internal into shipped it but then that generation and there's different demands and and different ways of using it and if you just want to click at some websites every once in a while and since immunize and don't want to do we have the sharing or other things why shouldn't they say of OK I paid much less to my eyes and so in exchange I can't use but which I wouldn't use anyway the nonetheless and the onset of I network security of course is a big driver of them has been a big driver for DPI signaled have to go into that in detail and then also the enables new business models but it enables vertical integration that means my own internet provider can also allow more far video-on-demand or other things that come in and the old times in a way it was used to it was done by tying so you if you had of only 1 and that provided in your local neighborhood for example which is in the case in a couple of areas in the United States to do today the they could basically say you have to go and get my connection and you also have to buy an overview on demand if you want to have that or you have to buy a phone line if you want to have infinite then now they can just say OK I don't care I don't know if you Internet connectivity and I just off for you to also by video-on-demand on top of that you don't have to buy it but they can learn from the down competing video-on-demand services
and yet the same for telecommunication services surmising T-Mobile is still blocking Skype on the iPhone's correct in the it that is the Netherlands OK we and that's of course but in in their perspective understandable because if people can use them guide on the iPhone they don't use telephone minutes was the mole bias so to mobile users money and in order to to identify sky you also need PPI it and of course this old these different drivers away and and different actors of interest and the guy that cause some problems the economically but as I said vertical integration and control of your on-demand and so on by the highest piece that distorts the market for content providers so that it's not the open Internet where anybody can set set up a server or anywhere in the world and of our any content and and develop a business model on that and if i is peace now start start from this the differentiating between different content providers of there may be a problem same for telecommunications systems and services set and just as you have a problem with and you only have the 1 I speed in a specific neighborhood then you actually need regulation in order to make sure that that I as he doesn't abuse this local monopoly so lies these is basically have to make a decision if they earn 1 to cut costs the which basically means cut traffic or if they want to invest that's that's basically from the the fundamental decision for for many eyes piece at the moment to they don't because of of of oversubscription because of the more demanding applications and with the rise of peer-to-peer traffic and so on so that these have to decide if they want to do customer surveillance and use DPI and to discriminate different them applications and protocols or if they what they also could do just invest into in more bandwidth so there's enough was for all applications at the same time but I'm not really sure yet how the customer deal was that I think the the of the and consumer protection groups and and related groups and institutions are only slowly picking up this whole debate around that tragedy and PPI and so on but so it maybe I think medicine Germany and natural but other countries and it may be that people are just used to flat now they don't want to pay them per hour minute or Perl volume anymore but but I'm also not sure if they want to pay per application that use all per of websites there is it appropriate and so was the use the yeah and then there's also another thing that's of interestingly has been mainly used in the UK so fond of them for a short while in the in the US but where I is peace have started to monitor all the websites of the customers a visiting the school is also doing with Google Analytics and so on but not every website has Google Analytics in but my eyes P of course can track every website I visited so they know pretty well what I'm interested in and what not and based on that knowledge they have started to inject the advertisements into websites and and that's also based on deep packet inspection technology and then of course a couple of and consumer organizations and and privacy organizations and so on and that this is not really cool if we don't want all eyes piece to spy on us and of course leads to the would debate about privacy and you could say this is a breach of telecommunications privacy in some it's not really key here yet because they have no will have been no I'm Supreme Court decisions or something like that yet them if it actually is the case for data protection I've talked to the Dutch data protection authorities for example when I was researching there and they were pretty impressive pretty concerned about the PPI but they said OK if the ice please just look into the traffic in real time and distinguish between different protocols and and slow them down or all them somewhere as a level but then right away forget about this afterwards so they don't store any data about their customers How is the data protection issues they they weren't really sure how to do with that a the In general the but sometimes a bit hard to explain but some if you try to compare with street traffic so what DPI does is basically the if you could go to the streets and you drive down the street with your car and then somebody in real time by you pass some model X-ray machine whatever the naked scanner comic it's gonna but why you passed by that scanner and the scanner looks into your
car and checks how many people are in there what kind of goods through a transporter have daughters you for example or whatever know my youth smoking in your column not stuff like that and then automatically to something was your car with the engine which you can't control and slow you down or put you on the slow lane or the fast lane or tell you all you know have to take it because we have to keep this free I know people who speak cost to pay more so and that's of course not really cool meaning of people normally understand that this is not hold street traffic work so should work the so I think there is a rising concern also not of not just among experts but also in the general Internet community about DPI and things like that amino network neutrality debate is related to this but but of course it's hard to say DPI is just even it has a good omen purposes it has been used against my will and spam and and for security purposes of for ages so you can just Bennett so they have to make sure how to use it no 1 thing for for their eyes piece of causes if they install this technology and potentially have the knowledge theoretically have the knowledge of all the content of their customers are transporting then what happens to the liability should I have to go German no this this kind of stuff if you suddenly end up in a position as an iced tea to know what your customers are doing on the internet you may have to legally you do something about it if you for example I have have the capabilities knowledge will find find ch iconography or other you want and for example the yeah I think I don't have to go into the filtering discussion in too much detail uh so far as i said it's of filtering and internet censorship as basic them mainly been done with the DNS and IP manipulations but and I see a danger if DPI is installed for other purposes for band was management for advertising injections or for whatever and that then can also be used for censorship on top of that you know synthesis chip is just another policy but the machines of there I in and then that's maybe interesting that so what I try to look at in the research project edited TUDelft from it's not just that you have to be I use put it somewhere in the network and then stuff happens but there's also variation so what I found was variation across different use cases of DPI of I try to do a little topology here the network security for example is not contested at all people are just doing people run words just use DPI for security purposes and that's fine nobody really chaos it's it's not politicized so they can just would because it would be in their own network and that's fine but it becomes more interesting and more different actors interact for example if you have piece sulam operate in a market for end users and some of them some of what she thought Internet connectivity but then men manipulator traffickers DPI them and the customers who find out about this may say OK I don't like that I go to analyze the sum and actually there have been some initiatives for example in the arts alleles keep but which is linked to 1 of the BitTorrent clients but some people have actually collected the whole would be list of IUs peace and how they would been block or slow down or whatever and manipulate BitTorrent traffic so there is actually some kind of market transparency via the evening crowdsourced them so that that becomes interesting when when it's not just somebody who mentions his own network but moment people to compete on the market and then of course it depends on market regulation to market structure and things like that so then you have to move things so in situations that according to shared agreement that's basically when the ice peas are not really actually in favor of using DPI for a specific purpose but other actors are the want them to do that but that's mainly the cases of copyright filtering and and of course of filtering and censoring illegal content like type along the ice please don't have a business interest in doing that but other factors like the copyright industry or the government's come to them and say but you really must do this and if you don't really hear them will enact law so you have to do it anyway or you morally should do would otherwise we do a public campaign against you or whatever but then what you normally find some kind of negotiated agreement the dies these have a pretty strong position position here because they but they are the ones who have to convince you have to be convinced to do this and that depends on what kind of 2 was the other last of the other actors have if they have been millions of forcing the ice please if you just have a publicity means or of things like that there's a couple of different interesting cases on that on on copyright filtering cases in Ireland and Belgium for example and of course on the child porn filtering and so on and then you have to go classical hierarchical decision making the government tells eyes piece you have to do this for stop that was for example the case after 9 11 when the the National Security Agency went to the peak in that provide us and just kept all the lines even domestic lines in the US them on the time is left of motion OK so and so yeah variation across the use cases of a set of different use cases of I have different strategic constellations among the actors and therefore was a different outcomes sometimes in these cases PPI is not done because size piece can
just stop filtering censorship for example and then you also find variation across countries for the same use cases that might just pick 1 example here bend was management that was basically a bit tolerant and blocking orbital and a swaddling but which has been done by a couple of eyes piece in the US and Canada to countries which are neighbors and really pretty close but but the strategic and also institutional the situation was different so with outcome also differed in Canada you have a pretty active learning privacy movement lot of professional privacy groups and you have a privacy law and the Privacy Commissioner dialects of Commissioners here in Europe with legal policy and so on there was actually oversight over the private sector so when people found out that some some of the highest piece of blocking the bit traffic from the privacy groups became involved and and on but we got some activities with the Privacy Commissioner so the whole debate around DPI inevitability in Canada has been framed as a privacy problem and in the US but the situation was different there was a strong that neutrality movement of FIL of course also some pretty active privacy groups but the United States don't have a privacy law for the private sector or only for for very few specific sectors like the health sector what but not for the Internet and telecommunications so in the US is this whole thing was not a privacy issue but it was that 20 issue and yet the Federal Communications Commission which has oversight over the internet were just right at this that's contested now some US court has set recently a few days ago or something that the FCC doesn't have oversight over the internet anymore but I think the result that old and so in the end the the FCC in this case defined internet freedoms and things like that some this kind of metal chirality and declaration by that's to see but they didn't mention privacy at all and that's not really a big issue in in the US debates Along PPI west the the Canadian Privacy Commissioner Privacy Commissioner as that of a whole that side and collected a number of essays from expert and other people on DPI and we has trained as a privacy thing so my preliminary conclusions in that project and there were some of you have variation across use cases and and that more less explained by the policy implications of the specific PPI usage which basically boils down to if the highest he has a interest in using DPI for a specific purpose they normally can just go ahead and do and then if other factors don't want them to do this so the conflict starts and there may be some kind of compromise in the end of something that if others want the highest paid to use DPI to filter to block to whatever and then I spheres have a pretty strong to position here and then only can only be false if if they are legal sweats or something like that at OK land finishing anyway so we can have feedback on that them and variation across countries of course for the same DPI use cases so in this space on mainly on the institutional settings and on the legally some background at the end of class on but bone the the actual constellation if you have a privacy movement in the country or if you have an extra 20 movement or if you have organized consumer groups were interested DPI things like that OK that's my part and in all there was already the 1st interventions I think was the sorry for being so noisy this was not what what I wanted but I I think this the true because what you don't have to situation and nowhere in in the western world that the ideas P has a retail a position against the government if the government wants you to monitor law by deep packet inspection or whatever they force you and it is a sorry this absolute and true that is something which has to do with negotiation we have had this situation in Germany that's true that and and companies like Photophone started to negotiate in a certain in a specific type of the ruling bits and hold tunes was laughing out with that the government but that's not the usual situation usual situation is that the government in saudi arabia access to you a local or international high-speed speed that day you want them to do that that and that so sometimes you do it for themselves by a government agency like the and you say all the force the ice speed that if he has to fulfill some kind of rules so I can see and and the 2nd thing is which i i have the whole problem or if I have this whole day with the net utilities to do everything that you chose to discussion is that I think we should do more um uh will be cautious about but we be combined the American the American discussion about net utility which has something to do with the economics of the net in the US which is totally different off the a whole system we have in Germany and we combine it with a with our fight for the freedom of expression and I think it's it's it's dangerous that we do that we should do that because the the American situation doesn't really fit to the US at the American discussion doesn't really fit to the German and European and I think
we should be more more except about it because if we don't do that then we lose the 2nd fight the if I can just click here at the sun and I was trying to say exactly exactly that we we can compare our American and Canadian and German and whatever debates on DPI and that will 20 in order to understand the differences that was my point was but I don't think we should just ignore them from on the 1st point of course if the government enacts a law which says i speeds have to do this and that filtering censorship whatever then they just have to do with but it's not always that easy in a couple of countries in Germany the police for example or other institutions like the Internet Watch Foundation I just providing these filtering this and then the eyes peas are not exactly legally required to use them but it's like OK now we have this list and you know you will use them and that's a good hint for this as well from from Denmark and other countries that that's how it works there so its exactly really clear who's liable in the end for the the something this is over blocked if it's the police who provides this list and then not was the eyes peaceful it and then of course in in cases like copyright filtering there were some some cases and and Benjamin island and so on whether the content industry went to court and tried to force the highest fees to block them but use DPI for for detecting them copyrighted and for example and then them OK could say court decisions are not negotiated but that actually in the pages of Bayesian case of the eyes the head is pretty strong position because he was there was able to convince the court that but this technology was not working in the way the content industry was presenting it and so on so I think it's not always just government hierarchical decision and that's implement and that's it some of the questions that you said that of the from the ticket inspection the technology is not 100 per cent and their good wishes to go but I think erm isn't it some the only you know so well working infrastructure censorship infrastructure that we can imagine today from and so it is the I don't know the English words the pixel of the bundle of deep deviated um en ts isn't that so that we I strongly you have to try to come uh to to to to to make a law that's no 1 can ever um so when use this technology have perhaps for privacy issues like the of beef governments or something that the thing is that and DPI actually is very useful in certain areas on this and everything that's got to do with quality of service and that's all topic because there are new kinds of services based on IP that need real-time transmission like telephone year and TV etc. etc. and so people need that you can't say um be complete drop the technology and because that means you also key goal to a lot of the quality of service stuff and the other issue over and that's very important technologies and protection against denial-of-service attacks you have disability not of service take them with tens of gigabytes of traffic coming in from a bigger than a DPI is your only chance to keep uh ever commit resources to complete inclusion to this that you could be able to prevent a nice piece from deploying the technology at but the technology is and it is still true there DPI it's is not the same as in all piloting at Trinity or or or censorship it's it's so the tool that can be used for both of that but it can also be used it must be used and and you need to have that for working at work for a for for traffic management purposes which can also be policy for the you focus that were mentioned a band with uh and and to the content filtering this stuff and mentioned advertising only yeah mentioned only when there has been some uh um problems in or or criticism in Britain with the form uh thing uh which of 2 lists system which provides C M and at the advertising based on on the other things in uses that look at so m men and basically this was also a privacy issue which is is it possible to do a content advertising with DPI without or with you in and and and also a protect the privacy of the user you know the the case of form was interesting because that's what I was looking at and in my research were compared to the American debate on at injection was the UK debate and in the UK and the US but when people found out that the eyes please look into their sigh traffic and and inject advertise ones based on that some people were furious and the thing rheumatoid general of Michigan sent a letter to the 4th Amendment sized pieces chart over I think Charter Communications said that up to them threatened leaders activities and a couple of Congress uh work became pretty active and that was a public outcry and after that of the US-based companies and its them at injection basically of went out of business the market postat them in the UK and the of where there was especially strong resistance from the of for the part of foundation for for you definition for Information Policy Research I think that it some really good so some analysis of the form system legal and technical and a big campaign by by privacy activists and so on but the British Information Commissioner who was also the Data Protection Commissioner he just said all yeah maybe it wasn't so nice next time here you do what you should do it based on an opt in and so the customers can opt in before they surveyed but this was only a few tests so I don't even know you and even if to pay any damages or something but which basically meant that the U. S so at injection was dead and in the UK was still alive and kicking but then how interesting in the European Union jump on that the and then Information Commissioner Viviane Reding was no justice commissioner the term started at the end In its English term for toxin that since the farm but the her so that she she basically you threaten to take the UK it to the European Court of Justice because of they don't really implement the European privacy directive and now actually form has stopped its activities in the UK I think there's still active in Japan and Korea are something but it was an interesting case of new business models and demise peace now can make some extra money you know there always complaining that we make all the money and they don't so they were able to make some extra money and the yeah some of them actually did it but then based on on public protests and so on and and some legal threats of this specific use case of DPI at this in the western world is that now
that um
and if you make a great thing because he yeah RecLig
of and do this just detecting question Bisceglie can probably answer em up as far as I
am so this is mostly working on had data of the uh the information that is transmitted and not actually looking into the the actual data I mean like if you if you transfer an M P 3 5 sample you get the information about the file type and and what it is but or is it actually comparing the bit structure of the
file against the bit pattern that has been you you can go as far as looking for specific patterns and the data the traffic and at analyzing protocols and looking for a certain features and certain protocols used certain data transfer it's all possible OK OK then thanks for your attention and yeah but and
the and you have you can the we use the word in the middle of the the other thing that we do and that


  729 ms - page object


AV-Portal 3.11.0 (be3ed8ed057d0e90118571ff94e9ca84ad5a2265)