Probing Net Privacy

What kind of info should ISPs, telcos, and Web portals be allowed to collect about users, and what should they be allowed to do with it?

April 22, 2009

4 Min Read
Probing Net Privacy

What kind of information should Internet service providers (ISPs), telcos, and Web portals be allowed to collect about users, and what should they be allowed to do with it?

At our recent Light Reading Live event at the CTIA show, Policy Control, DPI & the Mobile Broadband Revolution, a day of debates highlighted the political nature of many of the issues at stake. Should ISPs be allowed to pass subscriber data on to third parties, and on what terms? Should ISPs be allowed to use that information themselves, for example, to target commercial information or advertising at customers? And are they entitled to block or throttle applications that they consider to be violating "fair use" principles?

On all of these issues and many others, it was clear in Las Vegas that there is no settled view. One reason is that modern deep packet inspection (DPI) and policy tools can be used for a widening range of tasks, including all of the above, and are continually evolving. Indeed, the technology vendors at our event argued that these improvements mean that network neutrality and other issues raised are red herrings. Modern policy servers and DPI gear are highly adaptable, they suggested, and could be used in ways that are much more sensitive to end users, while still enabling ISPs, both to handle traffic more intelligently, and to add value to subscriber packages (for instance, via customers opting in to the use of personal data).

Perhaps U.S. legislators are listening to those vendors' views, since there is no sign currently that the Federal Communications Commission (FCC) or Congress are about to begin drafting rules that force ISPs to observe net neutrality principles, despite stirring calls for action before the election.

Yet the issues raised here are far from dead, and have so wide a range of ramifications that they are likely to shadow the evolution of the Web and the Internet for as far out as we can see.

In Canada, for instance, a lively debate is currently underway on the Website of the Canadian Radio-television and Telecommunications Commission (CRTC) about Internet traffic management, prompted in part by public concern about what local ISPs are up to. The CRTC's eConsultation has attracted hundreds of comments and replies, most of them hostile to the idea of traffic management.

In the European Union, meanwhile, several debates are running in parallel. In a speech on March 31, the European Commissioner for Consumer Affairs, Meglena Kuneva, seemed strongly predisposed to impose strict limits on what ISPs can do with personal data, arguing that "consumer rights must adapt to technology, not be crushed by it.

"The current situation with regard to privacy, profiling, and targeting is not satisfactory," she said.

The Commission began legal action last week against the British government for not properly protecting users against those companies – specifically, BT Group plc (NYSE: BT; London: BTA) and Phorm Inc. – that had not sought "clear consent" from users for use of Web tracking tools.

The issues here are momentous: it was clear from Kuneva's speech that her targets also include companies like Google (Nasdaq: GOOG) and the various social networking sites that are operating with implied consent from users: Avoiding tracking is currently technically difficult, if not impossible, she said.

Meanwhile, another debate rages around the European Commission's efforts to revamp its enormous telecom reform package: Net neutrality supporters say that the revised legislation could legitimize the use of a range of control techniques by ISPs, and with decisions imminent, much is at stake here.

And all the while, technology itself will continue to throw up new solutions and new challenges. Just recently, German DPI vendor ipoque GmbH published an analysis of Internet traffic that shows just what is running over BitTorrent Inc. networks in certain countries; and Ipoque has developed the means for its ISP customers and other parties (such as academic institutions) to "white-list" non-illegal P2P downloads, while preventing others.

As with most essentially political issues, there are no clear right and wrong answers here. Industry participants in the debate will need to continue to work hard to explain to legislators, regulators, and end users the positive side of their technology story. ISPs and telcos will need to be highly attuned to Internet users' justified sensitivity about the use of personal data. And legislators will need to balance the need to keep the information highways open, in order to encourage maximum creativity, against the need to protect consumers from both corporate predation and abusive or piratical users. In this highly complex and evolving situation, the only certainty is that the debate will continue.

— Graham Finnie, Chief Analyst, Heavy Reading

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like