Cayman Internet users face privacy threat

Discussion invited on Deep Packet Inspection

While members of the Cayman public might assume the information they send over the Internet is for the most part free from prying eyes, a new proposal has major privacy implications for both residents and businesses.

A press release states the Information and Communications Technology Authority, an independent statutory authority responsible for the regulation and licensing of telecommunications, has launched a public consultation on the use Deep Packet Inspection and similar technologies by Internet service providers.

The Technology

Although the term deep packet inspections may sound like merely a technical issue, it in fact has real-world implications for Internet users in the Cayman Islands.

All traffic being sent over the Internet, whether it is a web page, a data file, or credit card information, is split up into one or more packets of information. Each packet consists of a header followed by data (sometimes called the body or payload).

Packet headers are inspected by service providers for a variety of reasons, including optimization of packet routing, detection of network abuse, and statistical analysis. Such inspection gives providers access to basic information about Internet traffic, but does not disclose the contents of users’ email or web surfing.

In contrast, deep packet inspection provides service providers with the ability to access to the content of all unencrypted Internet traffic that customers send or receive, including web surfing data, email, and peer-to-peer downloads.

Owing to the volume of traffic on most networks, deep packet inspection is usually automated and performed by software based on criteria set by the network operator.

After inspecting the contents of users’ packets, service providers can use deep packet inspection to perform activities based on filter criteria. It can be used, for example, to:

• build profiles of consumers for marketing purposes;

• intercept communications at the request of law enforcement;

• restrict access to selected sites or types of information;

• enforce copyright laws;

• prioritize the transmission of some packets over others; and

• identify computer viruses and spam.

The Potential Benefits

The use of deep packet inspection is potentially beneficial to consumers and to the telecommunications industry. It enables the industry to guarantee different levels of service by associating particular application-types with particular usage-plans or priority levels, potentially helping to prevent network congestion and thus improve an service provider’s service to customers.

Further, information gained from deep packet inspection can assist providers with network design and their plans for network expansion, network security and the delivery of new and enhanced services.

Companies marketing deep packet inspection have proposed that service providers can also enhance their revenue streams by providing targeted advertising and by charging content providers fees to ensure that customers have priority access to their services.

The Potential Concerns

In addition to the question of whether or not the use of deep packet inspections is legal under the present provisions of Information and Communications Technology Authority Law, use of deep packet inspection technology raises two issues that have proved to be controversial in other jurisdictions: personal privacy and ‘Net Neutrality’ or traffic shaping.

Some advocacy groups consider that the use of deep packet inspection represents an unacceptable invasion of individual privacy as it gives the service provider the ability to access the content of all unencrypted Internet traffic, including web surfing data, email, and peer-to-peer downloads. They believe that the alleged benefits of the inspections are either of no benefit to the end-user or that similar results can be achieved using less invasive methods.

The ‘Net Neutrality’ debate centres around whether or not network operators should be permitted to vary the bandwidth being provided to customers based upon the protocols or applications that the customer is using (e.g. to throttle bandwidth for peer-to-peer and/or according priority to VoIP applications.)

Network operators in other jurisdictions argue this action is appropriate in order to avoid network congestion. Those in favour of Net Neutrality argue that customers purchase a ‘pipe’ from the providers and it should not matter what they pass down that pipe.

The Consultation

To assist with its consideration of this issue, the Authority invites all stakeholders to provide their views. Copies of the posted consultation document may be obtained by accessing the ICTA web site at www.icta.ky or by calling the ICTA offices at 946-ICTA (4282). Comments on the Public Consultation are to be submitted to the ICTA by 31 August 2009. Submissions may be sent by e-mail to: [email protected] ; OR delivered to the ICTA at Alissta Tower, Third Floor, OR mailed to P.O. Box 2502 GT, Grand Cayman, OR sent by fax to 945-8284.

In addition to the question of whether or not the use of deep packet inspections is legal under the present provisions of Information and Communications Technology Authority Law, use of deep packet inspection technology raises two issues that have proved to be controversial in other jurisdictions: personal privacy and ‘Net Neutrality’ or traffic shaping.

0
0

NO COMMENTS