waplog

ITU agrees deep-packet inspection of internet traffic


The International Telecommunications Union (ITU), which has unilaterally assumed control of the governance of the internet, has agreed in sessions held behind closed doors on a new standard covering deep-packet inspection, the Computing reported.

Deep-packet inspection examines the data part (and possibly also the header) of a packet as it passes an inspection point, such as a firewall. The agreement paves the way for national governments to assert their rights to analyse all internet traffic passing over networks in their jurisdictions, including encrypted traffic. The agreement was revealed by ITU's media relations spokesperson, Toby Johnson.

However Johnson, a former freelance journalist, said that adoption of the agreement would improve quality of service, enabling internet service providers (ISPs) to prioritise particular traffic, such as voice or data from users paying a premium for a better quality service.

"These buy-side advantages are mirrored by advantages on the supply side, in that ISPs are granted another tool to curb their capex [capital expenditure] and opex [operational expenditure] costs as the demand for network infrastructure expansion continues to grow," he wrote in a blog post today publicising the decision.

The standard, which goes by the codename Y.2770 and is entitled, "Requirements for deep-packet inspection in next generation networks", did contain privacy safeguards, he asserted.

"The standard deals with the identification of the application used rather than the inspection of users' content. The standard does not allow access to users' private information and allows measures to ensure the secrecy of correspondence," wrote Johnson.

The posting suggests that the ITU will pitch the decision as helping the internet to become more pervasive in the third world, enabling it to reach the two-thirds of the planet's population that don't currently have internet access. "ISPs have, in the past, used 'over provisioning' of bandwidth to meet the requirements of network applications. However, as new high-bandwidth internet applications emerge, over-provisioning has been detrimental to sustainable network evolution. Deep-packet inspection thus presents a fine-grained, long-term traffic management solution to aid ISPs in contending with volumes of traffic rising at an exponential rate," he added.

Privacy campaigners, though, have not been mollified, believing that it represents the thin end of a highly illiberal wedge. "[It] could give governments and companies the ability to sift through all of an internet user's traffic – including emails, banking transactions, and voice calls – without adequate privacy safeguards. The move suggests that some governments hope for a world where even encrypted communications may not be safe from prying eyes," wrote the US-based Center for Democracy & Technology in response.

Techdirt, a privacy and online rights campaigning website, claimed that contrary to Johnson's assertion, the standard contained little that actually prevented national governments from spying on the contents of internet communications. "The document optionally requires DPI [deep-packet inspection] systems to support inspection of encrypted traffic 'in case of a local availability of the used encryption keys'. It's not entirely clear under what circumstances ISPs might have access to such keys, but in any event the very notion of decrypting the users' traffic (quite possibly against their will) is antithetical to most norms, policies and laws concerning privacy of communications," wrote Glynn Moody.

The standard, he added, was negotiated and agreed among representatives of national governments in secret following a meeting in Dubai in November – prior to this week's World Congress on Information Technology, which is meeting to thrash out a new global telecommunications agreement.

The last global agreement was arrived at in 1988 and the ITU has been campaigning and politicking for the past 15 years for the internet to be placed in similar control under its authority.

MTCHT
ICT
TECHNOLOGICAL INNOVATIONS
POST
ABOUT US
NEWS
INTERESTING
INTERVIEW
ANALYSIS
ONLAIN LESSONS