Some of Europe & # 39; s largest ISP & # 39; s and mobile operators are accused of using Deep Packet Inspection (DPI) technology to quietly undermine net neutrality rules and user privacy.
News of the troubling allegation reached the public domain earlier this year in an analysis of the German organization epicenter.works. It was claimed that it had discovered 186 products offered by suppliers aimed at applying DPI to their customers' traffic. Deep packet inspection filters network traffic by looking at the contents of data packets.
Mark Still from Naked Security explains:
Traditional network filtering is like driving road traffic based on the type of vehicle. DPI is like looking at who is driving and what is in the trunk.
Now a group of academics and advocates of digital rights led by European Digital Rights (EDRi) has sent an open letter to the EU authorities, citing the implications of this. The EDRi letter states:
Several of these products are confirmed by mobile operators with large market shares that they rely on DPI because their products allow application or service providers to identify their traffic through criteria such as domain names, SNI, URL & # 39; s or DNS snooping .
EU regulations prohibit DPI for anything other than basic traffic management, but it seems that providers in many countries have found a gray area that allows them to bend – and increasingly circumvent – those rules.
The front line of this is & # 39; zero rating & # 39 ;, where mobile operators attract subscribers by offering free access to a specific application – a streaming service is an example – without this counting for their data control.
Due to its nature, this is at the expense of larger providers of applications, which undermines the principle of net neutrality that all applications and services must be given equal priority on different networks.
DPI is the technology that makes this possible because:
DPI allows IAS providers to identify and differentiate traffic in their networks to identify traffic from specific applications or services for the purpose, such as otherwise restricting or prioritizing billing over other traffic.
DPI has Phorm
DPI is a technology that has existed for years in the corporate LAN / WAN networks and has many uses, including easy viewing of package-level traffic to ensure that important applications are given a higher priority.
ISPs can also use it to detect traffic that they consider to be in violation of the terms and conditions – as sent by a small number of users to sites for torrent and file sharing.
It is inevitable that the technology is open to abuse, as it turned out to be in the UK when a number of UK internet providers registered with an advertising targeting company called Phorm in 2008.
The system worked with DPI to scan user traffic and keyword searches and use this data to show users individualized advertisements. Worse, the platform was used in surveys without explaining the privacy implications to subscribers.
The storm that broke out around Phorm (and eventually killed) made DPI a technology with a bad reputation that has since stuck in some countries.
Ten years later, mobile providers are the major players and rather resemble early broadband networks according to rules that relentlessly store, measure and prioritize data capacity.
It is the basis on which they do what EDRi objects to. His letter to the EU paints a picture of a slow shift to DPI and thus the end of true net neutrality. At the point that it claims that user privacy will be in a deep package problem.
A difference in today's battle with DPI is the emergence of standards and technologies that users can use to fight back. These include widespread HTTPS and new standards that secure DNS traffic, such as DNS over HTTPS and encrypted server name identification (SNI).
Alternatively, VPN & # 39; s are an even easier way to prevent DPI monitoring, because all the traffic that traverses the ISP network is encrypted. Undoubtedly, that's a blob. Not all VPNs have a reliable reputation, and those that are are often expensive and far from seamless to set up. There is also the possibility of DNS leaks.
If a newer generation of privacy-focused VPNs, such as Cloudflare's proposed 220.127.116.11 Warp service is no way out for users, it is up to the EU to tighten the rules. Mobile companies will not struggle without a struggle because DPI is built into their business models and cannot be easily eradicated.
DPI has the potential to turn into a decisive battle for decades.
. (tagsToTranslate) privacy (t) deep packet inspection (dpi) (t) dns-over-https (t) isp (t) mobile network (t) phorm (t) sni (t) vpn