What would you think if you wrote a letter and it could be opened up by a postal or a courier service before it reaches its destination? What would you think if that happened to your online communication? It’s not necessarily a hypothetical question.
Stemming from a request to the CRTC from the Canadian Association of Internet Service Providers (CAIP) to stop Bell from throttling/shaping their wholesale internet service, the CRTC reached a decision on November 20, 2008. Though CAIP’s application was denied, the CRTC noted that a number of parties raised concerns related to Internet traffic management practices that were beyond the scope of that particular procedure.
As a result, the CRTC announced that it would be holding public consultations to review the Internet management practices of Internet service providers.
In a previous blog posting we discussed the CRTC decision and this new public consultation – which calls for written submission (due by February 23, 2009) and a public consultation (planned for July 2009).
One issue that has been the focus of much debate is the use of deep packet inspection (DPI) to shape/control traffic. So, what is the privacy issue? Well, there is the potential for DPI technology to peek into an individual’s entire on-line activity, which may include sensitive personal information. When DPI is used, it is also seemingly “invisible” to individual users. It is important that we are made aware of DPI’s potential use to manage our activities on the internet.
Last year, the US Federal Communications Commission (FCC) ruled on a complaint about internet service provider Comcast Corporation’s network management practices – which included using DPI and false reset packets to manage traffic generated by peer-to peer (P2P) applications.
The FCC found that Comcast’s level of disclosure to its customers was inadequate, and that individuals would not have been able to reasonably recognize that P2P applications were being discriminated against.
Comcast’s “…practices are not minimally intrusive…but rather are invasive and have significant effects.”
The FCC also noted that Comcast was using DPI to monitor its customers and route electronic communications based on the contents of the communication and not the address.
For the CRTC consultations, a number of interested stakeholders are providing their opinions on Internet traffic management and other related matters.
As we’ve already noted, the OPC is one of those interested parties. We have provided a written submission (.pdf), contributing to the overall discussion of privacy, which can be found on the CRTC’s website.
We hope that if you do have a chance, you are able to look at the submissions from all the parties. If you would like to share your views on the submissions, we look forward to hearing your thoughts – this consultation is an excellent opportunity to promote and encourage discussion on the privacy issues related to Internet traffic management practices.