Despite the varied backgrounds of the panelists, there was a good deal of agreement about the uses and abuses of Deep Packet Inspection during the discussion today. The overall conclusion was that the technology itself was neutral, but that specific uses could be either good or evil, and the solution to this was not to ban the technology outright, but rather to encourage openness on the part of ISPs as to how they are using DPI on their networks, as well as guidelines to its appropriate use. Whether those guidelines should be in the form of legislation or not was one of the points of contention.
When discussing the negative uses of DPI, the panel mostly focused on the actions of ISPs, who want to limit specific types of traffic in order to increase their profits. While legislation may be effective at ensuring that DPI is not used to compromise net neutrality or privacy in the US and other relatively open countries, it will do nothing to ensure that DPI is not used for bad ends in less open countries, such as Iran or China, where DPI will almost certainly become a valuable tool in their censorship and surveillance arsenal, if it isn’t already. The possible uses of DPI for overt censorship of political speech, as opposed to limiting economic competition was not directly addressed by the panel. However, Ralf Bendrath of the Delft University of Technology, brought up the issue of non-ISP actors who have an interest in using DPI to monitor traffic when he discussed recent court cases in Europe where the music industry has attempted to force ISPs to use DPI to prevent the transfer of copyrighted MP3s. He brought up the valid point that once the ISPs have put advanced DPI technology in place in order to “manage traffic” or bill users different amounts for different services, they may have trouble fending off legal requirements to use it to do more.
At the same time, there are many valid uses of Deep Packet Inspection. It is used in routers to allow for IP sharing on a home network, to assist in the transition to IPv6, and to defend against denial of service attacks and other network-breaking attempts.
What I took away from this panel is that Deep Packet Inspection is the latest in a long series of technology that is being defined in the public mind by its worst uses (see: last year’s substantial limiting of Usenet access by several major ISPs because child pornography was being traded on a couple of groups; the general demonization of P2P file sharing because it is frequently used to transfer copyrighted material, despite other more legally clear uses.) I think what we should be more concerned about is the varied actors who have a vested interest in limited our choices to serve their own desires– be they advertisers who want to invade our privacy to sell to us, governments who want to control what political views we are exposed to, or ISPs who want to prevent us from using internet services that compete with their interests. The debate over what rights we, as internet users, have, and how to keep corporations and governments from abusing those rights, regardless of what technology they use to do it, seems to be much more substantial and much deeper than just DPI.