Stay on Top of Enterprise Technology Trends
Get updates impacting your industry from our GigaOm Research Community
In the battle over consumer privacy, it looks like information gleaned from deep packet inspection may be under fire, according to a post on Perkins Coie’s law blog. Deep packet inspection tools can review the content of each packet of information traversing the web. The post, written by Barry Reingold, a partner with the law firm, notes that the Bureau of Consumer Protection director at the Federal Trade Commission has indicated how unhappy he is with the status of online privacy, and posits that DPI may be the next aspect of data collection that will be regulated.
This is a sentiment that’s filtered through Congress in the last year, as consumers and Capitol Hill are made aware of invasive practices such as search firms storing your search data for months and ISPs trying to sell your surfing habits to advertisers. From the post:
Although Vladeck didn’t say more on the subject (this was only his third day on the job!) his deputy, Eileen Harrington, hinted at the agency’s proposed approach. She said that Internet communication of consumer data runs along two continuums, consisting of the consumer’s (a) conscious provision of data (like using a charge card to make a purchase) versus unconscious provision (like generating click stream data), and (b) control over the dissemination and use of that data (like an email I send to a single person with a “private” designation that prevents the recipient from retransmitting it, versus my lack of control over my ISP’s deep packet inspection of my emails). Consumers need the most protection from practices that generate large amounts of information about them and use it freely.
So deep packet inspection, in her view the most dangerous form of data collection, should be the most carefully regulated.
DPI has been used as a technology to invade privacy, and now as a tool to censor protesters in Iran. While it does provide a useful way to track security threats on ISPs’ networks, filter out spam, and meet quality-of-service agreements, it looks like regulators may view DPI as a technology that causes more problems than it solves.