Canada privacy commissioner rings DPI Bell
p2pnet news view | P2P | Politics:-Privacy commissioner of Canada Jennifer Stoddart (right) has filed her CRTC Review of the Internet traffic management practices of Internet service providers.
It’s an easy read and it’s aimed at the overall implications of just how far Deep Packet Inspection (DPI ) could go with Bell, et al, traffic management practices.
I recommend everyone gives it the twice-over.
The message Sotddart puts across to the CRTC is very clear in regards to DPI (traffic management techniques).
Among other things, she says»»»
18. Privacy is not just an individual right – it is a public good that reflects decisions we have made this people about how we want to live as a society. These values are reflected in privacy legislation throughout Canada, the Charter of rights and freedoms and in the policy objectives of the Telecommunications Act 1993, c. 38 T-3.4.
1. We respectfully submit that in order to advance the privacy objectives contained in the act, telecommunications policy, decisions and regulation with respect to Internet traffic management practices in general, and DPI specifically, she considered potentially invasive nature of DPI technology, and the manner in which it has been implemented by ISPs (e.g., without notice, consent, etc).
And the privacy commissioner touches on many topics of concerns, to name a few »»»
- User profiling
- Targeted advertising
- Behavioral advertizing
- A users’ entire online history
- User Tracking
- Lack of consent
- Lack of adequate opt-in and opt-out
- Age of the target (user)
- Disclosure of all this information
- Safeguarding all of this information
- Lack of user awareness to the above happening
- How profiling can lead to identifying a person even if anonymized
- Redirection of users’ communications
- In addition DPI privacy implications when used with cell and wireless/mobile devices
This is happening now in the US and the UK, applying not only to users’ internet data, but to their wireless (mobile) data as well.
Will Bell and the other major telcos be next to monetize your private use of Canadian telecommunications?
Will your 3rd party ISP data be collected so it can be sold to the highest bidding marketing and advertizing company, even though you have no dealing with Bell, et al?
Because their DPI equipment is snooping your packets RIGHT NOW.
Makes me wonder which American or other foreign advertizsing, marketing or RIAA type firm will buy the data on Canadian users.
And there’s another thought to consider: could these data and profiling be used by law enforcement?
Says the privacy commissioner »»»
6. … The CRTC has jurisdiction over privacy issues arising from the operations of telecommunication networks. The CRTC’s mandate under the telecommunications act specifically includes contributing to the protection of the privacy of persons as a matter of Canadian Telecommunications Policy.
Stoddart tells the CRTC it’s mandated to protect Canadians by way of the Telecommunications Act.
But it’s not only a message and a review. It’s a strong and powerful warning of what could come to Canada if DPI is accepted and approved across the board.
It’s a warning of how DPI is already being used around the world (US and UK) and what will come to Canada.
The commissioner concludes »»»
40. The prospective uses of DPI technology raises serious concerns about individual privacy. DPI technology has the potential to give ISPs and other entities wide ranging access to vast amounts of personal information sent over the Internet. Canadians spend a significant amount of their lives online as consumers, professionals, and citizens. They are entitled to privacy protection pursuant to Canadian elecommunications policy, as set out in the Telecommunications Act, and under privacy laws in Canada. We respectfully submit that before DPI technology is employed, careful consideration should be given to what impact it may have on individual privacy.
Be ready for more. Bell ands the others won’t stop while their US and UK counterparts are monetizing private data.
Or are they?
Who Audits them and their DPI data collections?
Ding-ding.
English version: http://www.crtc.gc.ca/public/partvii/2008/8646/c12_200815400/1027577.pdf
French version: http://www.crtc.gc.ca/public/partvii/2008/8646/c12_200815400/1027589.pdf
Ottawa Gal – p2pnet
February , 2009
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
February 23rd, 2009 at 1:18 pm
It is really too bad you have absolutely no proof that any of this is happening. None. While I agree with the sentiment that it should not happen, I have to disagree with your stance of “what if”. I have knives in my home and “could” hurt someone with them. Should the police raid my home? Remember innocent until proven guilty? Whatever happened to that?
Good intent, bad results. Sorry.
John
February 23rd, 2009 at 1:38 pm
Lets not be niaive, John.
First, I don’t think anyone said this is happening. But rather, how do we know its not?
Second, are you the indipendant Bell DPI auditor to say this isn’t happening? Nope.
Third, When Bell sends out their notice and slaps it in a persons file (notice-on-notice) is that person given a chance with Bell to say they didn’t do it? Nope.
Fourth, Are you saying the Privacy Commissioner is wrong? She put out a fluff piece?
Only bad I see here is on Bell’s side as was noted in her PDF to the CRTC.
February 23rd, 2009 at 1:42 pm
I agree john, now all we will get is the hyperbole from the conspiracy theorists once they pull the tinfoil of their head and of course our local gnome. Who jumps in to criticize Bell every time they are mentioned because he thinks they disconnected his phone on purpose so he couldn’t call 911.
February 23rd, 2009 at 1:49 pm
conspiracy?
Are you saying this monetization of user data and monitization of profiling doesn’t happen in the US and the UK?
Do you think Bell won’t try this?
Oh wait… your the same guy who bought a Bell Samsung Instinct and insists there is no problem with paying 8$ or so just to use Email on the Bell network, while others have it for no charge. Same with Bell’s GPS apps and blocked google maps… Same with IM… oh wait there is no need to worry about monetization of your private data now.
Be happy, don’t worry.
February 23rd, 2009 at 2:54 pm
Well, the shills are out today, aren’t they?!
Yes, indeed, and in classic form – making sure the terms “hyperbole”, “conspiracy theorists” and “tin foil” come into play immediately!
All I can say about that is, if they’re PAID shills, someone’s wasting their money.
And, if they’re doing it for free, they must have been sniffin’ from the same glue tube as Colin Mochrie.
Bell admitted to using DPI, and confessed to its capabilities.
But, Bell didn’t do this right away, did they? No, they completely denied doing anything that would have caused an impeded connection or download… until they could no longer maintain the lie.
Then, it was time for Bell to spin it.
The DPI technology was completely downplayed as having very little ability to do anything but “look at headers”.
Meanwhile, it was quite easy to see that BitTorrent activity was being effectively savotaged (even at the expense of VoIP functionality and other “collateral damage” at times).
Then came the “peak times” story. (A scenario that Bell has never been publicly proven to exist.)
“We need to address the issue of congestion during peak times.”
Actual times were never defined, nor was any effort ever made to return full service during said undefined times, should congestion not exist. Bell simply “enhanced the users’ experience” (oh, pul-leeeze!) for 10 HOURS PER DAY, without justifying anything, while continuing to take 100% of the users’ subscription payments!
Then came the mother of all conspiracy theories.
“5% of our users are consuming 90% of our bandwidth using P2P.”
Now, that’s what I call an “Official Story”!
I’m sure the 9/11 Commission must have had a hand in writing that one!
Talk about “conspiracy theories”!
February 23rd, 2009 at 2:57 pm
Ding-Ding
February 23rd, 2009 at 3:05 pm
Can’t finish the round if I’m deleted, but thats par for the course with your types isn’t it?
February 23rd, 2009 at 3:26 pm
How to know it’s happening?
Russian secret services like FSB are short on cash, so they are monitoring the MSK-IX hub and are selling e-mail addresses to spammers.
Otherwise how would you explain that you start getting spam after you transmit an e-mail from some-unusual-address@domain1.ru to another-unusual-address@domain2.ru (those addresses being brand new).
So, this traffic data is to be sold to the highest bidder, unless Bell is taken over by a lesser asshole.
February 23rd, 2009 at 4:35 pm
LOL
UK mobile phone firms to sell data about customer activity
http://www.mathaba.net/rss/?x=617871
“The companies have been collecting the information over the past year and will use it in an attempt to generate more advertising. News that the industry has been monitoring what users do on the mobile web is likely to infuriate privacy campaigners.
The industry’s body, the GSM Association (GSMA), believes that providing potential advertisers with better information about what people do online will help create the sort of advertising ecosystem seen on the fixed-line internet. In the current economic climate, where even online advertising growth is slowing dramatically, many in the industry fear companies will abandon mobile advertising altogether.
Advertisers, however, are only expected to get a real benefit from the data once it is integrated with demographic information which will allow them to target advertising campaigns at specific segments of society.”
===
And the privacy commissioner touches on many topics of concerns, to name a few »»»
* User profiling
* Targeted advertising
* Behavioral advertizing
* A users’ entire online history
* User Tracking
* Lack of consent
* Lack of adequate opt-in and opt-out
* Age of the target (user)
* Disclosure of all this information
* Safeguarding all of this information
* Lack of user awareness to the above happening
* How profiling can lead to identifying a person even if anonymized
* Redirection of users’ communications
* In addition DPI privacy implications when used with cell and wireless/mobile devices
Also, this is but ONE example, one link, one story.
There are many more from the US and UK.
Ding-Ding
February 23rd, 2009 at 4:55 pm
1. http://www.cippic.ca/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=357
2. http://www.cippic.ca/uploads/CIPPIC_RequestforIndGuidelines-DPI-BehTarg_25July08.pdf
3. http://www.cippic.ca/uploads/Rogers_PIPEDA_complaint_DPI_25July08.pdf
4. http://www.cippic.ca/uploads/Shaw_PIPEDA_complaint_DPI_25July08.pdf
5. http://www.cippic.ca/uploads/Eastlink_PIPEDA_complaint_DPI_25July08.pdf
Ding-Ding
February 23rd, 2009 at 5:05 pm
lol DevilsAdvocate if they’re paid shills their doing a terrible job. Good luck defending DPI and privacy concerns William. “conspiracy” is what your fellow PR are going with? really? I was expecting somebody to scream child porn and terrorism.
Damn google bot.
February 23rd, 2009 at 5:11 pm
Child porn and terrorism is what some gov lobbyists will scream in relation to the Lawful Access Act (MITA) they want to push, and which is easy to setup on the major telco’s DPI.
February 23rd, 2009 at 6:03 pm
“I was expecting somebody to scream child porn and terrorism.”
Give them time…
Give them time.
Those are the 2 universal wild cards they always end up pulling out when they see their mission failing.
In the immortal words of Dubya, September 12, 2001 (one day after)…
“Let’s not give creedence to any OUTRAGEOUS CONSPIRACY THEORIES, designed to take the attention away from THE TERRORISTS…”
To think he WAS a paid shill.
: )
February 23rd, 2009 at 6:58 pm
In my opinion, the internet should treated like a utility, like water. I can use that water to drown someone or I can use it to water plants. Same (kind of) for the internet, I can use it for emailing a friend, or I can use it to download child porn. (I know, a bit of an extreme comparisson but still, gets the point across) Why should the internet be treated any different from water in the sense that it is a utility and that it really isnt anyones buissness what you use the utlilty (be it water or the internet for)?
Im not saying child porn is good, or should be tolerated, I am jsut using it as an example
February 23rd, 2009 at 7:47 pm
“Guns don’t kill people… PEOPLE kill people!”
February 23rd, 2009 at 11:35 pm
The OPC says, “We respectfully submit that before DPI technology is employed, careful consideration should be given to what impact it may have on individual privacy.”
Its already employed!
Employed without regard to anyone, including the Office of the Privacy Commissioner (OPC).
I want to be on the committee that audits this (at Bell’s expense).
February 23rd, 2009 at 11:43 pm
“Employed without regard to anyone, including the Office of the Privacy Commissioner (OPC).”
In other words, “business as usual” for Bell.
April 7th, 2009 at 8:39 am
Folk.
A quick trawl around the web will confirm that DPI is being trialled in the UK and in the US. In fact even Canadian websites will have their Intellectual Property intercepted for revenue generation as it passes through DPI scrutiny if the site is accesses by users in the UK/US, connected through participating ISPs .
We’ve also had our fill of shills in forums, disinformation, removal of posts criticising DPI and members doing so, in forums run by British Telecom.
And yes, it is roughly equivalent to the postie opening your mail, promising not to read your bank statement, just to add “relevant” advertising flyers to your mail.
There’s some interesting reading by one Dr Richard Clayton – an acknowledged authority (Use Google or the anonymous ixquick.com to look him up) – at http://www.cl.cam.ac.uk/~rnc1/080404phorm.pdf
https://nodpi.org