Throughout the 2009 Canadian Telecommunications Summit presenter after presenter, and session after session, spoke to the Canadian situation concerning growth in mobile data. In essence, there is a worry that the wireless infrastructure cannot cope with the high volumes of data that are expected to accompany increasing uses and penetrations of mobile technologies. Such worries persist, even though we’ve recently seen the launch of another high-speed wireless network that was jointly invested in by Bell and Telus, and despite the fact that new wireless competitors are promising to enter the national market as well.

The result of the wireless competition in Canada is this: Canadians actually enjoy pretty fast wireless networks. We can certainly complain about the high costs of such networks, about the conditions under which wireless spectrum was purchased and is used, and so forth, but the fact is that pretty impressive wireless networks exist…for Canadians with cash. As any network operator knows, however, speed is only part of the equation; it’s just as important to have sufficient data provisioning so your user base can genuinely take advantage of the network. It’s partially on the grounds of data provisioning that we’re seeing vendors develop and offer deep packet inspection (DPI) appliances for the mobile environment.

I think that provisioning is the trojan horse, however, and that DPI is really being presented by vendors as a solution to a pair of ‘authentic’ issues: first, the need to improve customer billing, and second, to efficiently participate in the advertising and marketing ecosystem. I would suggest that ‘congestion management’, right now, is more of a spectre-like issue than an authentic concern (and get into defending that claim, in just a moment). Before diving into this issue, however, I want to be up front with you: much of what I’m going to be referencing in this post is from last year (2009) because I’ve had a pile of stuff I’ve meant to write about but haven’t had the time until recently.[1] I don’t think that this invalidates what I’m writing, but think that you deserve to know ‘when’ quite a few of the links will lead to.

Let’s begin with the issue of mobile ‘data hogs’. Last December, AT&T started making noises that iPhone users were ‘data hogs’ and some kind of extended monetization strategy was required. An economic solution was preferred on the basis that (a) it would generate revenue for AT&T; (b) economics are typically seen as a stellar way of dissuading popular use of expensive new and emerging technologies. In AT&T’s specific case, of course, there were questions about the degree of actual mobile 3G investment but, more significantly, the question of whether ‘data hogs’ were actually the problem.

You see, contemporary smart phones, such as the iPhone, iterations of Android, and Palm Pre, have been designed to maximize their battery life. Unfortunately, this life creates enormous problems for cellular towers. From Ars Technica, we find that:

… the iPhone uses more power saving features than previous smartphone designs. Most devices that use data do so in short bursts—a couple e-mails here, a tweet there, downloading a voicemail message, etc. Normally, devices that access the data network use an idling state that maintains the open data channel between the device and the network. However, to squeeze even more battery life from the iPhone, Apple configured the radio to simply drop the data connection as soon as any requested data is received. When the iPhone needs more data, it has to set up a new data connection.

The result is more efficient use of the battery, but it can cause problems with the signaling channels used to set up connections between a device and a cell node. Cell nodes use signaling channels to set up the data connection, as well as signaling phone calls, SMS messages, voicemails, and more. When enough iPhones are in a particular area, these signaling channels can become overloaded—there simply aren’t enough to handle all the data requests along with all the calls and messages.

In essence, the issue of congestion at cellular towards may not be a result of ‘data hogs’ but a consequence of how smart phones are being engineered; the backhaul networks are in fine shape, but the particular towers are being overwhelmed. (We might have a discussion/debate on the condition of middle-mile backhaul, but I’m less familiar with those stats so I’m leaving them out.) In the US, let’s not forget that areas with high penetration of smart phones like the Eastern and Western seaboard cities are also home to (a) expensive real-estate; (b) people who oppose the development of large cellular towers in their neighbourhoods (often out of fear of depreciating that expensive real-estate). The first condition means that there is an economic challenge to building towers, and the latter focuses on civil resistance to development that could better balance the ’smart phone load’. In what I’ve read about deep packet inspection in the mobile market, DPI doesn’t alleviate this kind of problem – it doesn’t ‘correct’ of battery-saving engineering – but where the appliances can be installed under the guise of data hogs they could subsequently be used for (vendor stated) purposes of billing and service differentiation/provision.

At last year’s Canadian Telecom Summit, various vendors and sessions discussed the need to have better customer transparency to ‘improve the customer-service provider relationship’. In essence, they were really describing a desire to develop ‘insight’ into what customers do on mobile and wireline networks to better monetize those relationships, and in almost all cases the same vendors and speakers acknowledged the need to deal with the ‘creepy feeling’ that comes with using DPI and related surveillance architecture for pico-marketing purposes. Few had clear solutions to this, what is arguably the most significant PR issue that limits ISPs’ expansive uses of DPI for profit generation in the wireline and wireless environments.

It’s significant that the only really pressing statement about needing to efficiently manage bandwidth and spectrum came from RIM’s Mike Lazaridis. He was very concerned with actual mobile data usage, and at no point was traffic shaping or monitoring a ’solution’: improved data compression techniques were the focus of his talk. Here, we had a smartphone vendor focusing on data efficiency itself instead of advocating for traffic shaping and analysis innovation. This strikes me as being very ‘forward thinking’, insofar as it tries to address the underlying issue of data growth instead of trying to find (what I see as) a bandage solution to limit and subsequently monetize this growth. Don’t stop people from using wireless, but learn how to transmit and receive it in a very efficient manner to deliver a solution that customers actually want!

However, it’s important that we not lose sight of the fact that DPI isn’t exclusively intended for traffic management but also to extend vision into the data stream – a data stream, I might add, that unless encrypted is almost entirely public facing. The drive to this transparency is confirmed by Allot Communications’ Cam Cullen, who last year noted that,

[t]he stats and visibility that DPI provides at the access and applications layer lets mobile operators build better service plans for congestion control and feed that data into mobile billing systems to support things like roaming and advice of charge.

To begin: data transparency can facilitate improved service offerings and let network providers more intelligently expand and develop their networks. You can learn what parties you might want to approach about setting up content delivery networks, what the trends in data usage are, and so forth. All of this can be invaluable in making the hard decisions of what to invest in, where, and why.

It is the potentialities of price, service, and customer discrimination that worry both PIAC and doctoral student Fenwick McKelvey. Having spoken with representatives of PIAC, the worry is that any such discrimination will generate inefficient economic situations for customers – they’ll pay higher costs, for less – and McKelvey similarly questions the fairness of any such differentiations. As I’ve understood McKelvey’s position, DPI facilitates an artificial differentiation based on economics rather than efficiency: you charge more for streaming video because it’s profitable, not because the economics of charging for streaming video improve the network situation.

I would suggest that it is a combination of DPI’s bad press, and the kinds of stories that would be generated if telecommunications providers stated they were using DPI for billing reasons, that billing isn’t a public-facing explanation ISPs present for introducing DPI into the mobile environment. I would, however, assert that billing and advertising are key motivating factors: the former allegation based on vendor statements and the latter based on less-public vendor statements and ISP discussions I’ve been privy to.

Even after all of this, there is a question of ’so what?’

Where DPI and other traffic management solutions are publicly deployed to attend to a particular area of the telecommunications companies’ business (e.g. bandwidth management, customer billing, tiering service) it strikes me as dishonest to subtly extend them into other areas of the business without first, very publicly, alerting both customers and appropriate regulatory bodies. In the case of advertising, Canadian ISPs are expected to report to the OPC and CRTC if they ever decide to use DPI for advertising or discrete user-history analysis, but the same ISPs arguably have to meet a low bar to meet the OPC’s disclosure requirements concerning their actual uses of DPI.

Far more significantly, whereas the CRTC has maintained a hands-off approach to regulating wireless – and thus implicitly permitted discrimination in the wireless environment – that might be changing. In the forthcoming hearings in October and November entitled “Proceeding to review access to basic telecommunications services and other matters” we might see the beginning of an anti-discrimination regulatory framework that would address the economics of cellular service. The CRTC has been dropping ‘wireless’ into more regulatory hearing documents recently, which may suggest a transition away from their general forbearance approach and, if so, I expect that the work performed by PIAC and others will be leveraged to try and establish a policy of non-discrimination in the Canadian mobile market. Any such regulation will likely have a very real impact on the permissibility and conditions of deploying DPI appliances in mobile networks, as well as publicly lay bare whether any Canadian ISPs are interested in, or already moving to implement, mobile traffic management facilitated by DPI appliances. If last year was the year of wireline network management/neutrality in Canada, we might get lucky and see this one as the transition year that leads to a public discussion about Canadian telecommunications companies’ wireless network management/neutrality practices, with discrimination as the focal topic.

*********

[1] For the past eight or nine months I’ve been preparing for and writing doctoral candidacy exams. The last exam was recently concluded, leaving me with the new title of ‘Doctoral Candidate’ and time to get back to what I love: network analysis, surveillance, and digital privacy!

Other posts you might be interested in:

1. Background to North American Politics of Deep Packet Inspection
2. Draft: What’s Driving Deep Packet Inspection in Canada?
3. Deep Packet Inspection and the Discourses of Censorship and Regulation

There is an increasing urgency to transition to a new infrastructure for addressing space on the Internet, and in this space all individuals and their devices could be uniquely identifiable by their Internet Protocol (IP) address(es). It is in light of this surveillant future that France’s recent ruling that IP addresses are not personally identifiable information is so serious. Further, it is with this longer temporal viewpoint (i.e. not just the here and now) that has more generally worried technologists about governmental rulings concerning binary ‘yes/no IP addresses are private information’.

Before I go any further, let me break down what an IP address is, the distinctions between versions 4 (IPv4) and 6 (IPv6), and then get to the heart of the privacy-related issues concerning the transition to IPv6. The technical infrastructure of the ‘net tends to be seen as dreadfully boring but, as is evidenced by the (possible) computer failures of Toyota vehicles, what goes on ‘under the hood’ of the ‘net is of critical importance to understand and think about. It’s my hope that you’ll browse away with concerns and thoughts about the future of privacy in an increasingly connected biodigital world.

An IP address is a number that is assigned to devices that participate in a computer network that uses the Internet Protocol (often as part of the TCP/IP protocol suite) to exchange data between members of the network. Each device on a network is assigned a unique number, which can be metaphorically thought of as the equivalent of a housing address – your IP address is where digital packets of information arrive, and where your own packages originate from. In the contemporary networking environment a house, or business, or particular government department might be assigned a single IP address that has to be shared amongst hosts of computers. In my home alone, there are at least 10 Internet-enabled devices that connect to my wireless and wired network, to say nothing of the dozens, hundreds, or thousands of devices that businesses and government find in their networks. To share that single IP address, routers that assign separate IP addresses to each member of those local area networks (LANs) have been developed. This means that in the local environment (i.e. the home, business, government agency) each computer has a unique number given to it by the router but that, once the data has passed beyond the local environment, data traffic is correlated with the single IP address assigned to the home, business, or agency. Practically all contemporary routers enable this sharing of IP addresses.[1]

It’s in light of this widespread ’sharing’ of IP addresses that the present IP addressing system has remained operable. I won’t bore you with the details, but there is a finite number of overall addresses that can be assigned to homes, businesses, and agencies, and we’re rapidly running out of those addresses. The absolute, precise, date of when the present, IPv4, system will run out of IP addresses is subject to debate: if I link to anything, then the various technical folk who read this will immediately write to me telling me I’m off by X days/months/years. In lieu of linking to a specific number, I’m going to say that in the next few years the IPv4 addressing spacing is likely to have been used up. Think of this as the equivalent of a real estate developer always extending beyond the city core, always extending the suburbs, until eventually the various cities’ suburbs start running into each other. Efforts to ‘build upwards’ are the rough equivalent of building apartment buildings and other high rises, where such building projects correlate with the deployment of LANs that see the mass sharing of particular IP addresses.

What does it mean to shift from the present addressing system (IPv4) to the ‘new’ system (IPv6)? To begin, it means that there is a lot more of IP real-estate; whereas IPv4 offers roughly 4.3 billion addresses, IPv6 provides 340 trillion trillion trillion (!) unique addresses. One can quickly appreciate the numerical difference. More significantly, it means that the system of LANs that we have today will no longer be required because of IP address scarcity. Each of the Internet-enabled devices  in my home could have its own IPv6 address – there is no real need to route all the data through a single IP address that is provided by my ISP.

In a situation where all Internet enabled devices have a constant address, the regular refrain “we don’t know who’s IP address we’re monitoring; it is possible that a set of users are sharing the same address!” is quickly disabused. With a persistent IP address, depending on the degree of algorithmic surveillance, it is possible to develop very, very good understandings of who is presumably the agent ‘using’ the IP address. Similar to how marketers can figure out who you are with very little information, advertising companies such as Doubleclick are in a comparable situation to develop very detailed, very personal, accounts of the individuals that regularly use Internet enabled devices.[2] In a situation where all devices have unique IP addresses, this could facilitate more accurate advertising (read: better targeted and more invasive), and that government agencies and ISPs alike could more accurately identify and track particular users online.

If this sounds like a kind of ‘privacy Chernobyl’ that puts issues like Facebook’s Beacon and Google’s Buzz to shame, you would be in good (?) company: journalists have been warning of the dangers of IPv6 since Bill Frezza’s 1999 piece “Where’s All the Outrage about IPv6 Privacy?”

Fortunately, the good engineers that develop Internet Protocols were aware of the potentially devastating consequences that static IP addresses for each device would have on anonymity online and, as a result, privacy. The Internet Protocol next generation (IPng) working group crafted a solution that involved creating;

pseudorandom interface identifiers and temporary addresses using an algorithm … The temporary address would not derive from a completely random generation process, which might result in two computers generating the same number, but instead would produce a temporary pseudo-random sequence dependent on both the globally unique serial number and a random component. The number would be globally unique because it would derive from the interface identifier and from the history of previously generated addresses, but would be difficult for an external node to reverse engineer to determine the source computer. [3]

In layman’s terms, this means that the engineers responsible for IPv6 were mindful of the surveillance capacities of the new Internet Protocol, and built privacy into a system that would otherwise lend itself to surveillance and authoritarian tendencies. The catch, however, is that is requires the parties responsible for assigning IP addresses to participate in the pseudo-anonymization process itself: it’s possible for ISPs to forcibly assign particular address to each and every device on their network.

(Before advancing any further I should note that I don’t know that ISPs have any such intentions: the following is ‘academic’, or theoretical, work.)

One might ask: “Chris, why would my ISP want to assign particular IP addresses to each device, instead of permitting for pseudo-anonymization? Are ISP’s privacy-haters?” No, person that I’m pretending to respond to, I’m not suggesting that ISP’s hate privacy, but instead that ISPs are in love with following the law.

In Canada, we’re looking at the re-re-re-introduction of lawful access legislation and associated electronic surveillance legislation. Presently, law enforcement claims they regularly run into challenges with monitoring presumed-criminals’ digital communications. In a domain where all devices are IP-enabled and have unique IP-addresses that are assigned by an IP provisioning body, such as an ISP, a license to wiretap a particular address would let law enforcement monitor when a particular device was engaged in the exchange of digital packets, regardless of whether the packets themselves were encrypted. The distinction between the IPv4 and IPv6 world: in an IPv4 world you can’t distinguish between users that share a common IP address (or so claims are made) as precisely as a judge might demand. IPv6 remedies this ‘worry’.

It’s a combination of the possibility to forcibly assign an IP address alongside the strong (governmental) security initiatives to ‘protect and secure’ the Internet that makes me claim that IP addresses could soon be very, very important from a privacy and security position. While the next generation protocol has reasonable privacy protections built in, various academic scholars (and, unofficially, several of Canada’s privacy commissioners) suggest that the ’security institutions’ are better at dissolving privacy protections than the privacy community is at enshrining privacy in law. Especially worrying in the case noted at the top of this post is that France – a member of the EU – is arguing that an IP addresses shouldn’t be considered personally identifiable information. The EU is recognized as imposing privacy protections on the rest of the world, and thus if France’s decision is upheld then the EU would be seen as ‘pushing’ the position that IP addresses are not personally identifiable information. While this position might be tenable in an IPv4 world, in an IPv6 world that sees security lobbies advocate for relatively static IP addresses the privacy of individuals would be significantly put at risk.

Maybe this is just doomsday talk – perhaps the security lobbies will avoid pushing for assigned IPv6 addresses, and demand that the full privacy protections of the IPv6 protocol are implemented. Unfortunately, as witnessed in Newman’s Protectors of Privacy and Ross’ 2009 piece “Privacy in the Digital Age: States, Private Actors, and Hybrid Arrangement,” the digital era’s privacy provisions are being rapidly eroded in a post-9/11 world. Unless there is a substantial change, unless privacy protections are genuinely entrenched in law with a strong civic commitment to privacy, unless IP addresses are recognized as always potentially personally identifiable information (at a minimum), then IP addresses are going to matter a whole lot more to security and marketing groups than they already do. And when marketers are interested in particular information, you can be sure that it’s not curiosity, but because they can leverage it to invade our minds and track our actions.

************

[1] Yes, businesses and government agencies may have multiple IP addresses assigned to them. I’ve intentionally simplified things for the purposes of analytic and metaphoric clarity.

[2] Phillips and Curry have a particularly good piece, titled “Privacy and the phenetic urge: geodemographics and the changing spatiality of local practice” in Surveillance as Social Sorting that outlines marketers’ capacity to draw detailed temporal-geographic patterns of mobilities.

[3] from  Laura Denardis’ Protocol Politics: The Globalization of Internet Governance

Other posts you might be interested in:

1. Deep Packet Inspection and the Confluence of Privacy Regimes
2. The Geek, Restraining Orders, and Theories of Privacy
3. Privacy Advocates and Deep Packet Inspection: Vendors, ISPs, and Third-Parties

I’ve had an Apple Time Capsule in my house for over 18 months, and I love the little thing. It’s reasonably fast, let’s me backup my data every hour to it’s internal hard drive, and isn’t terribly loud. Unfortunately, my first Time Capsule just…died…on December 24, 2009. There wasn’t a flash, or a bang, or a screech. Like a loved pet (or relative…) we just went to bed and, in the morning, it was dead. We’ve memorialized it appropriately.

I’ve had some issues with the Capsule before. When I purchased it, there were some formatting issues that needed to be worked out and problems in finding the Time Capsule using the Airport Utility. Hoping that the Capsule wasn’t dead, I tested each ethernet port, swapped out the power cable, and so forth. Nothing worked, so I scheduled a Dec. 26th call with Apple support.

Something that (seemingly) few people are aware of: if you have a Macbook, Macbook Pro, iMac, or Mac Pro that is under warranty then your Apple routers are also under warranty. From Apple’s Applecare website, we read that:

The AppleCare Protection Plan provides global repair coverage, both parts and labor, from Apple-authorized technicians around the world. Apple hardware coverage includes:

• Your Mac computer
• Included accessories such as the power adapter
• Apple memory (RAM)
• AirPort Express Base Station, AirPort Extreme Base Station, or Time Capsule²
• MacBook Air SuperDrive (for MacBook Air and Mac mini with Snow Leopard Server only)
• Apple display purchased with your Mac

2 – The AirPort device or Time Capsule must be purchased up to two years before your Mac purchase or during the term of your AppleCare Protection Plan coverage.

It’s important to note that my Time Capsule was 18 months old – well out of the ’standard’ warranty period for the device on its lonesome – and so I was covered under the original, non-extended, Applecare that is included with ALL mac purchases. The Applecare extension, which brings the support period from one to three years, is not required to receive service on your Apple Time Capsule so long as you are claiming warranty support on the device during that one-year support period. In my case, the first tech I spoke to understood this, and the warranty process was quick and painless. A few days later, my replacement Time Capsule arrived.

Unfortunately, it was a dud.

The replacement (henceforth ‘Time Capsule 2′) turned on, and the wireless worked. Unfortunately, it didn’t back up data properly. It would begin to back it up, and then after anywhere from 200MB – 4GB of data having been backed up it would emit a ’screeching’ sound and the backup would hang. This backup failure happened regardless of whether I tried a wireless or wired backup. Obviously this was a problem, and is where the warranty situation got a little bit dicey.

I called Apple, to request instructions on how to proceed, and the support tech that I spoke to was insistent that Time Capsule 2 wasn’t covered under warranty, and that in fact I shouldn’t have been able to receive the ‘replacement’ given that I was out of the warranty period. I was forced to insist to the tech that I was correct, that the Applecare extension was not required for Time Capsule support, and asked him to speak with a supervisor to confirm this. After being put on hold for while, he came back and said that I would need to take Time Capsule 2 to a registered Apple support technician so that the support technician could confirm that the backups could not be completed. Assuming that the support tech could replicate my problem, I would be covered under my Macbook Pro’s Applecare. I thanked the Apple tech, and went in search of a support technician.

When I brought Time Capsule 2 to the support technician, they took a record of my complaints, ran tests, and called me with the results a few days later. Initially, they found no problems with the device – it had always began but never completed a backup cycle, and they were just testing that it began backups – but after I had some direct talk-time with the support technician they agreed to try a full backup of one of their machines. A few hours later I heard back, and indeed they could replicate the problem. The support technician, however, also was under the mistaken impression that my Macbook Pro’s default, one-year warranty, didn’t cover the Time Capsule. They checked with an Apple supervisor and got the go-ahead to initiate another warranty replacement, this time to replace Time Capsule 2. (Interestingly, Apple doesn’t really have a support mechanism for replacing a refurb when it’s not fully operational on arrival; the only way to perform this warranty replacement was to claim that the device was dead on arrival.)

Shortly after the warranty claim on Time Capsule 2 was initiated, Time Capsule 3 arrived. Number three has been wonderful! Whereas numbers one and two were both first generation models of the Time Capsule, three is a second generation version. This means that I can have both 802.11g and 802.11n running simultaneously, as well as a guest network for visitors (which means that guests can be firewalled from the rest of the network when they come over). We’ve always needed legacy wireless G support for the iPod Touches and iPhone that’s in the house, and now these devices are supported while the three macs in the house can take advantage of wireless N speeds!

Ultimately, Apple support was fast to respond once they realized I was covered under the Apple warranty, but it took some doing in 2/3 cases to get them to help me under that warranty. In those 2/3 cases, I was told upfront that I needed to just purchase a new device or buy the Applecare extension on my Macbook Pro to get the Time Capsule serviced. I don’t think that this was an attempt at an ‘upsell’, but that the service staff weren’t trained in this element of the Applecare warranty. I wasn’t disappointed by the actual service I ultimately received, but would advise owners of Macs and Apple products more broadly to actually read their warranty before going in to get their devices repaired: it could save you a lot of money in unnecessary product and warranty purchases.

Other posts you might be interested in:

1. Solved: Apple Time Capsule Not Found in Airport Utility
2. Solved: Apple SATA II 1.7 Firmware Problems
3. It Just Works (Sometimes)!

Something that you learn if you (a) read agenda-setting and policy laundering books; (b) have ever worked in a bureacratic environment, is that it’s practically criminal to waste a good crisis. When a crisis comes along various policy windows tend to open up unexpectedly, and if you have the right policies waiting in the wings you can ram through proposals that would otherwise be rejected out of hand. An example: the Patriot Act wasn’t written in just a few days; it was presumably resting in someone’s desk, just waiting to be dusted off and implemented. 9/11 was the crisis that opened the policy windows required to ram that particular policy through the American legislative system. Moreover, the ‘iPatriot’ Act, it’s digital equivalent, is already written and just waiting in a drawer for a similar crisis. With the rhetoric ramping up about Google’s recent proclamations that they were hacked by the Chinese government (or agents of that government), we’re seeing bad old ideas surfacing once again: advocates of ‘Internet Identity Cards’ (IICs) are checking if these cards’ requisite policy window is opening.

The concept of IICs is not new: in 2001 (!) the Institute of Public Policy Research suggested that children should take ‘proficiency tests’ at age 11 to let them ‘ride freer’ on the ‘net. Prior to passing this ‘test’ children would have restrictions on their browsing abilities, based (presumably) on some sort of identification system. The IIC, obviously, didn’t take off – children aren’t required to ‘license up’ – but the recession of the IIC into the background of the Western cyberenvironment hasn’t meant that either research and design or infrastructure deployment for these cards has gone away. Who might we identify as a national leader of the IIC movement, and why are such surveillance mechanisms likely incapable of meeting stated national policy objectives but nevertheless inevitable?

I would suggest that, in the Western hemisphere, Spain has been incredibly ‘forward thinking’ about Internet authentication. The Spanish identity card was initially deployed by Franco to starve out rebels – during the guerrilla war rations were only provided to identity card holders – and gradually expanded into all reaches of Spanish society. Buying gas? Show the card. Subscribing to a magazine? Offer up your card. Unlike in the UK, US, or Australia, Spanish citizens accept the identity card as just another part of daily life, which has made Spain a delightful testing ground for the various companies involved in updating the card for the 21st century. Significantly, this receptiveness to the identity card meant that the transition to an electronic card was remarkably simple: the electronic national identity card (the DNIe) was introduced as a mere policy update to the existing card. There was no parliamentary debate or civil resistance over the shift to digital surveillance.*

The DNIe is designed with Internet authentication in mind. It interfaces with hardware dongles** to authenticate the holder with Spain’s national identity architecture. Using this authenticated system, authorities can monitor where Spaniards travel online, and the authentication facilitates ’secure and convient’ engagement with Spanish e-government services. In 2005, Vice President Maria Teresa Fernandez de la Vega noted that the DNIe was a “tool for guaranteeing the security, confidentiality, and integrity of citizens using the Internet”, in 2006 the government maintained that the DNIe was “key to solving the security-privacy binomial”, and by 2008 it was recognized that a key objective of the DNIe was to “bring the digital world into the old processes of identification and signature” (Source, p. 50). Spain is a leader in the discussions of interoperable identity card standards in Europe, has already exported its technology and standards to areas of Italy, and is aggressively marketing the card technology in Latin America. A substantial military-industrial complex backs the DNIe, and the complex is leveraging their political, symbolic, and monetary capital to push for a European-wide identity card, where each sovereign nation would possess an interoperable card, and each citizen required to carry their card to operate online.

The aim of identity cards – to provide security, identification, and signatures – is doomed to fail, but this prognosis is unlikely to prevent their ultimate spread throughout many ‘modern’ democracies. Bruce Schneier notes that for such identification mechanisms to succeed “we’d need agencies — real-world organizations — to provide Internet identity credentials based on other identification systems: passports, national identity cards, driver’s licenses, whatever”. Obviously, Spain has this infrastructure, though in establishing it identity theft becomes that much more profitable.***

Without some sort of a biometric check at the level of the card itself there isn’t anything that stops one citizen from using another citizen’s card….save for conventional societal norms and law. Lawrence Lessig recognizes that regulation of digital environments are dependent on architecture, markets, law, and norms. In including a biometric ‘check’ on the cards that is mandated by law, it is possible to regulate the card along the lines of architecture, markets, and law. Where Spain, in particular, has a social-normative expectation that cards are required for personal identification, the normative conditions for effective (rather than perfect) regulation are set.

‘Effective’ regulation, of course, doesn’t necessarily resolve either the ’security-privacy’ binomial or signature and identification demands of an identity card. A friend or colleague could log you in, should you forget your card at home, and few biometrics are nearly as effective as suggested by vendors or their media shills. Facial recognition is demonstrably terrible when put to empirical tests, cheap digital-fingerprint systems are easily foiled, and even many iris recognition systems are subverted with photographs of eyes. In essence: biometrics are vulnerable to considerable failure and the number of false positive and negatives render their value questionable as identifiers or signatures (Anderson, p457-82). Accompanying the surrender of authentication processes to government bodies (as in Spain) are considerable worries that the information suffer function and security creep (privacy protection tend  to get clawed back with each new ‘crisis’). The security-privacy binomial is not, and likely cannot, be met using the equivalent of the DNIe, nor can the signature and identification requirements. Even should some of these issues be minimally dealt with, it only increases effective regulation. Teens, criminals, and hackers will all subvert any identity authentication system – never underestimate the motivation to engage in underage drinking, commit larceny, or just tinker.

Now, you might be asking at this point: who is trying to push this policy again? It’s probably a politician, someone who sees identity systems as a great way of gaining political capital with the security-ignorant public, right? Wrong. It’s Marcus Ranum, the CSO of Tenable Network Security, who is well known for his contributions to the security field. At the same time, Microsoft is (again) backing the idea that some sort of authentication mechanism be built onto the ‘net to avoid a ‘cyberwar’ or ‘cybercatastrophe’, this time at the UN level. In Ranum’s case, he argues that anonymity has a temporal value in a few cases – Deepthroat needed anonymity at the time to prevent backlash, but after his death anonymity held no value – and in Microsoft’s opinion a license should be required to ensure that a computer and/or user is ‘fit to surf’.

Obviously, attempts to terminate anonymity and expand online surveillance are not new, nor are the efforts to technologically resist such terminations. If we dispose of the notion that governments are actually aiming to secure citizen’s lives, and instead better ‘embrace’ them for bureaucratic purposes, then the adoption of some sort of IIC makes good sense: it contributes to security theatre (therefore gaining, or at least not losing, votes), could theoretically centralize citizen information (imagine tying the IIC to census data on the backend of the system), and its potentials are only restricted by privacy advocates, ombudsmen, and law. The first tend to be poorly funded, the second often lacking teeth, and the last maleable. If we accept the proposition that modernity’s institutions are accompanied by identity and surveillance systems to more strategically ‘embrace’ citizens and non-citizens as they move through institutional webs (as suggested by Lyon, Torpey, Giddens, amongst many others) then there is considerable paradigmatic force behind instituting an online identity system.****

For the state to ‘embrace’ those passing through its digital conduits perfect compliance may be desired, but isn’t necessary: law, architecture, norms, and markets can propel mass adoption of any such card or system. Spain is incredibly optimistic that it can teach identity card policy and techniques to Europe, and one would expect various members of international copyright cartels to jump at the opportunity for enhanced surveillance that advances along a non-deep packet inspection (DPI) route (on the basis that DPI has, somewhat surprisingly, garnered incredibly high degrees of public resistance). Informally, I’ve been told that cartel members regularly meet with government leaders in Europe to advance the idea of identity cards to fight copyright infringement.

Given the possibility of law to mandate basic architecture, market, and legal conditions for regulating the digital, it is on the social-norms front that governments genuinely have to win the ‘hearts and minds’ of citizens. A key question is whether crises of digital security, and the electronic economy more widely, will be sufficient to soften up Western populations and make them receptive to yet more intrusive, yet modernizing, surveillance systems that embrace national citizenries.

Will an electronic equivalent of Chernobyl lead to a twisted, long-term, combination of the American iPatriot Act and Spanish identity card expertise? Is it only a matter of when, rather than if, IICs or their equivalent are commonplace in the West? I expect that ongoing paradigmatic forces of modernity almost (though not quite) necessitate the eventual attempts (and, ideally, failures) to banish anonymity and introduce IICs or their equivalents. Where do you, my readers, stand?

—————

* Information about Spain is derived from Pablo Ouziel’s unpublished (but digitally accessible) Master’s thesis, The Spanish Identity Card: Historical Legacies and Contemporary Surveillance.

** It should be noted that, as of 2009, there were substantial incompatibility problems between the dongles and computers. The infrastructure is being laid: it isn’t yet in operation.

*** That the central databases for the card are located in a police bunker, amongst a police force that has never truly ‘democratized’ following the transition to democracy raises its own concerns.

**** For more on this notion of nations ‘embracing’ their citizens, turn to Torpey’s The Invention of the Passport: Surveillance, Citizenship, and the State.

Other posts you might be interested in:

1. Identification, Identity Systems, and the REAL ID Act
2. Update: Mobiles and Your Identity
3. Technology – Questions of Digitizing Identity

Mozilla is throwing their hat into the ‘privacy commons‘ ring. Inspired by Aza Rankin’s ‘Making Privacy Policies Not Suck‘, Mozilla is trying to think through a series of icons intended to educate users about websites’ privacy policies. This is inspirational, insofar as a large corporation is actually taking up the challenge of the privacy commons, but at the same time we’ve heard that a uniform privacy analysis system is coming before….in 1998. A working draft for the Platform for Privacy Preferences (P3P) was released May 19, 1998 during the still heady-times of people thinking that Privacy Enhancing Technologies (PETs) could secure people’s online privacy or, at least, make them aware of privacy dangers. The P3P initiative failed.

Part of the reason behind P3P’s failure was the length of its documentation (it was over 150% the length of Alice in Wonderland) and the general challenge of ‘properly’ checking for privacy compliance. Perhaps most importantly, when the P3P working group disbanded in 2007 they noted that a key reason behind their failure was “insufficient support for curent Browser implementors”. Perhaps with Mozilla behind the project, privacy increasingly being seen as space of product competition and differentiation, and a fresh set of eyes that can learn from the successes of the creative commons and other privacy initiatives, something progressive will emerge from Mozilla’s effort.

As is noted by CNET, a core problem behind the P3P movement was the massive explosion of privacy categories: they grew from three to seventeen (!). One can imagine that, were the creative commons much more complicated than their current instantiation, we’d still be focusing almost exclusively on GPL and similar licensing regimes. (Note: this isn’t a elbow jab at non-creative commons models, but a gentle suggestion/reminder that creative commons has generally been more successful than other licensing models in getting the attention of non-technical end-users than other licenses. User interface and marketing matters!)

To be sure, it helps that Lessig marshalled interest in the creative commons, leading to the support for the project in the form of academic articles, public books, and major celebrity endorsements. The RIAA’s carpet-lawsuit campaigns presumably also had a major effect on spreading public awareness of the creative commons. I imagine that without the RIAA going to war with consumers that the creative commons would have been far less likely to have succeeded – there wouldn’t have been the same drive to learn about copyright, and copyright alternatives – and I don’t know that a similar visceral reaction towards the management of privacy currently driving a move towards a privacy commons.

Privacy commons models have been trialled in Canada, with the notable case where Canadian researchers launched a Firefox extension called ‘PIPWatch‘ to try to raise surfers’ awareness of how compliant websites were with Canadian privacy laws. The extension is described as,

the first privacy technology designed specifically for Canadian Internet users. Built as a toolbar extension for the Firefox web browser, PIPWatch gives real-time feedback on the privacy practices websites visited by Canadian users, in particular whether a site’s owners respect Canadian privacy laws.

Something that was unique about their approach was that when the extension’s users got to a site that was (1) described non-compliant with Canadian privacy law; (2) was not part of the PIPWatch database, the users could send a message to the identified privacy officer of the website. Unfortunately, this entailed some ‘heavy lifting’ by the first visitor of a website not in the database: first vistors had to track down the information needed to send that first message so that subsequent visitors could send their own messages with a click of button. This model was inefficient, terribly time-consuming (especially where it was unclear who was responsible for corporate/web privacy issues), and without a large number of users using the extension it failed to generate the adoption-rates required for it to truly be effective (effective in the sense that corporations and websites themselves would self-contribute to the database) on a wide-scale. It is notable that Facebook was proactive, years before their roundabout with the Office of the Privacy Commissioner of Canada, in working with PIPWatch so that it displayed the correct ‘privacy warning’ for visitors to that site.

PIPWatch, admittedly, didn’t have the support of a large and (comparatively) well-resourced group like Mozilla. The researchers behind the project adopted a ‘community-centric’ model to privacy policies, in variance with P3P. I’ve previously suggested a set of icon-categories for the privacy commons and noted the difficulties in building them out. Specifically, in relation to this latter point I wrote that:

… the benefits of a machine-readable privacy commons are high….but only if substantial market penetration can be achieved. Ideas of a commons aren’t new – they’ve been swimming through academic literature in various iterations for the past decade and a half or so – and whenever there has been an effort to impose a machine-readable privacy system uptake is the key issue. Copyright doesn’t face the same issue, insofar as most people would (probably) be happy with a ‘regular’ copyright. Further, copyright has been around long enough that most people at last can imagine what their permissions might include where they don’t see a creative commons licensing icon. Privacy, however, isn’t as well defined in legal statutes, has deep variations around the world, and (perhaps most importantly) lacks an international advocacy group that is composed of businesses who see advancing privacy as essential to their business interests. Google fought to add the very term ‘privacy’ on their homepage, and they’re a web-savvy company. Facebook suffered through an extended investigation to have their privacy policy changed. How reasonable is it to expect large fortune 500 companies to adopt any kind of privacy commons position?

Thinking about implementation, perhaps what is required is a middle-ground between PIPWatch and P3P. Such a model could support an API so that companies and individuals can leave generic information about how data is/isn’t collected and used, but also enable visitors of websites to either contact Mozilla when a website not participating in the privacy commons is discovered (so that Mozilla can notify the site owner about the privacy commons) or offer a direct ‘click here to send a generic message to site owner’ option.

Whereas the creative commons has the “advantage” of copyright being a high-profile issue in light of punishing lawsuits in the US, I think that any Privacy Commons effort needs to assist individuals in contacting companies about the individuals’ concerns about privacy, as well as building out an API for classifying sites’ policies. Ideally, messages to site owners would include not just a question about joining the privacy commons but also basic information about how to integrate the API into the web environment, as well as a resource to contact at Mozilla for more information. As we’ve seen to date, relying exclusively on either an API or notification has been unsuccessful; let’s start investigating the value of ‘hybrid’ approaches, backed with institutional resources and end-user feedback, and see if a privacy commons movement can genuinely be started and sustained.

Other posts you might be interested in:

1. Thinking About a ‘Privacy Commons’
2. Context, Privacy, and (Attempted) Blogger Anonymity
3. Education, Web 2.0, and Privacy

Like most people who are active online, I read a lot off the web, and there isn’t any way for me to analyze and critique much of what I’m reading on this site; I touch on items here and there, but I can’t be systematic on many topics. For some time I’ve used delicious to tag articles, and all of those tags are available to anyone who’s interested in using them to comb through my bookmarks. This said, it was recently pointed out that I have a foolish number of tags (they’re there so that *I* can cull articles based on tag-based query) which makes navigating my delicious stream…unpleasant.

Given my own temporal limitations and the critique of my tagging system, I’ve added an RSS feed titled ‘Worth Reading‘ to the right-hand side of the site, over beside the blogroll. The feed just follows the ‘ttt‘ tag from my delicious stream (ttt=Technology, Thoughts, and Trinkets) and will provide subscribers with articles, blog posts, news pieces, and academic papers that relate to topics often written about here (i.e. security, copyright, deep packet inspection, p2p, social networking, etc) as well as articles on the academy that are useful and/or thought provoking. I’m not digging through my archive to identify items for this feed – time constraints and sanity preclude this – but will be tagging anything relevant to this space so it’ll show up in the RSS.

Hope it’s useful and/or interesting. Feedback is always welcome!

Other posts you might be interested in:

1. Reading, Reviewing, and Recording
2. Transparency and *My* Click-Stream
3. Administrative Note: Changes Implemented

While I haven’t posted much this month, it isn’t because I’m not writing: it’s because what I’m writing just doesn’t seem to pull together very well and so I have 4 or 5 items held in ‘draft’. See, I’ve been trying to integrate thoughts on accessible versus technically correct understandings of technology as it relates to privacy, and to issues on public relations and the use of FUD by privacy activists, and what I think of the idea of ‘anonymity’ in digital environments that are increasingly geared to map, track, and trace people’s action. Given that it’s the data privacy day, I thought that I should try to pull some of thoughts together, and so today I’m going to draw on some of those aforementioned ideas and, in particular, start thinking about anonymity in our present digitally networked world.

To take the ‘effort’ to try and remain anonymous requires some kind of motivation, and in North America that motivation is sorely lacking. North America isn’t Iran or China or North Korea; Canadians, in particular, have a somewhat envious position where even with the government prorogued – a situation that, were it to happen in Afghanistan would have pundits and politicians worrying about possibilities of tyranny and violence – there isn’t a perception that Canadians ought to be fearful that proroguement heralds the beginning of a Canadian authoritarian state, or the stripping of Charter rights and freedoms. This said, I think that people in the West are realizing that, as their worlds are increasingly digitized, their ‘analogue’ expectations of privacy are not, and have not for some time, been precisely mirrored in the digital realm. This awareness is causing worry and consternation, but is not yet (and may never be) sufficient for wide-scale adoption of anonymization technologies. Instead, we have worry without (much) action.

But let me back up, just a bit. What motivated the creation of a digital architecture that can be used for limiting anonymity online? What sense of anonymity am I referring to?

To the latter question, I’m referring to the ability to be anonymous at the hardware level of the Internet – I’m interested in remaining ‘anonymous’ in the face of client-server transactions. I’m not calling into question the ability to ‘game’ the web as perceived on Facebook, Yahoo!, Yelp.*  Instead, I’m referring to particular individuals’ abilities to mask their presence or identity on a computer network.

What has driven the limitations upon online anonymity? To begin we need to acknowledge that the ‘net is, contrary to the early Internet Utopians, a perfect domain of control. With immense possibilities for control come opportunities of surveillance, surveillance that can deanonymize individuals and their actions. It isn’t that a particularly nefarious cabal has sought to do this: network engineers and administrators have deployed networking hubs and associated software-driven security appliances to better analyze data traffic and identify sources and destinations of data traffic for a long time to facilitate a fast, efficient Internet. We have witnessed incredible booms in the amount of traffic that is flowing across networks, with an increasing amount of that traffic is harmful to networks and individuals (e.g. DDOS attacks, email spam, phishing). To deal with these, along with other authentication, security, and traffic analysis challenges, network engineers and administrators have made network nodes ‘more intelligent’; intrusion detection systems operate at borders, email analysis often precedes mail hitting your inbox, and multiple levels of authentication and firewalls surround intranets. It’s important to note that networks have grown more intelligent, rather than recently become intelligent; network appliances have always had some ‘intelligence’ to them.** We might say that carapaces have slowly grown around networks as the nature of the network environment itself has evolved.

Given the technical element to data routing, network security, and data usage tracking, networking staff have implemented some technologies that, in the right hands, are as benign/beneficial as a scalpel in an experienced surgeon’s hands but, alternately, are as dangerous as the same scalpel in a psychopath’s grasp. Deep packet inspection (DPI) is one (of many!) such technologies. Last year, Sandvine noted that 160 ISPs purchase their equipment, with 90% of those ISPs using the equipment for some kind of traffic management purposes. This traffic management can extend to modifying the traffic speeds of particular applications, such as those used for P2P file-sharing, to discriminating between different tiers of service. Further, discrimination might mean impeding on some traffic – such as ’suspicious’ traffic as identified by network administrators – or applying an ‘economic’ management system that is dependent on tracking customer data use and charging for bandwidth use. As is obvious, some of the uses I just identified are clearly ‘acceptable’ – if network equipment generally can detect and limit/isolate computers operating in a botnet, that’s a plus as I read it – whereas others – behavioural advertising and carriers delaying competing services – are far less acceptable.

It is critical to identify what is seen as acceptable versus unacceptable uses of any particular networking technology. Targeting use is important, given that there is a lot that goes on behind the scenes that consumers and end-users are largely ignorant of and, to date, have had no issues remaining ignorant of. ‘Computer geeks’ have done their thing, the email has flowed, and everyone has been happy (save, perhaps, for the admins responsible for keeping things running at those moments when an attack overwhelms the network defences…). Because of a general lack of technical training, incredibly poor relationships between large telecommunications companies and end users, and increasing uses of network technologies for surveying and modifying traffic in obstrusive ways, the public is only now getting interested in how our digital networks operate. They’re a few decades late, and their late arrival is generating challenges for all involved. Citizens expect perfect (or, at least largely similar) correspondence between ‘analogue’ and ‘digital’ expectations of privacy, consumers want efficiency and speed, and administrators want secure networks. This is to say nothing of the corporations running the networks, who want to earn a reasonable rate of return on their investment. These concerns don’t necessarily fall into ‘either/or’ categories, but require a common language and commonly understood implementation strategy that is respected by all involved. Developing this language and consensus is, obviously, a daunting task.

Public interest in telecommunication networks is not inherently bad, and in fact is probably a good thing – more people should be involved in making technology increasingly democratic – but participation, at this point, requires that either incredibly good metaphors and analogies need to be deployed, or interested people need to learn something about the technologies in question. Arguably, the line should be drawn somewhere between those two alternatives.

It is even more important that the privacy advocates who are dealing with networking technologies develop an appreciation both for the real challenges faced by network administrators as well as the technical structures underpinning networks themselves. They need to realize that while they defend civil rights, they need to find ways of bringing consumer groups (and, ideally, network operators themselves) onside, as opposed to alienating the consumer and network operator to protect the citizen. We live in market societies: this means consumers have to be placated, or at least feel like they’re being placated. Such placations may often be symbolic, but the effort to recognize the bridge between these multiple agentic points of view must be recognized and, ideally, exploited by privacy advocates.

Further, it is key that privacy advocates possess the technical knowledge to parse what a well-meaning administrator tells them, so that they can subsequently craft their concerns, complaints, and issues in a language that can be accessible to the public and sensitive to the technical realities of the contemporary networked world. In the case of DPI, there are various ways that the technology can be used, and not all of them are harmful. The stance that any analysis of data packets, however transitory, constitutes a privacy infringement would require the abandoning of many incredibly valuable perimeter defences that most end-users are entirely ignorant of. We needn’t toss out the baby with the bathwater! Effectively, without appreciating the particularities of each device and its particular uses, advocates cannot precisely target their complaints for maximum effect: rather than targeting all cars, environmentalists often target vehicles below particular standards; they draw distinctions within a large category and frame solutions for both citizens, the environment, and consumers. Privacy advocates can learn a great deal about how to position issues from surrounding groups, and in many cases already have.

Networking technologies can often be designed to analyze and identify unique users. In many environments this is required for anything from law enforcement (e.g. CALEA), to billing, to traffic analysis purposes. The question is whether or not such analysis and identification, when performed by your Internet Service Provider (ISP), is appropriate or not. In the EU, there are questions over whether any use of DPI or DPI-like technologies constitute a privacy infringement. An element of such questions surrounds whether or not temporary analysis of data traffic constitutes wiretapping (I have doubts) and, implicitly, an element is about what kind of anonymity Internet users can expect. Should our ISP analyze traffic to identify dominant applications used and bandwidth those applications, in aggregate, are generating? Should our ISP be theoretically capable of revealing what particular users do with their Internet connections if law enforcement makes a legitimate request? Should our ISP identify the lowball percentage of data traffic that constitutes copyright infringing material?

It is, of course, when we get to these more precise questions that question of ‘what anonymity are we referring to?’ comes to the fore again, alongside the question ‘what conditions warrant deanonymization?’

The Information and Privacy Commissioner/Ontario maintains that pseudo-anonymity, rather than full blown anonymity, should be the expected and perceived norm of Ontarians in digital environments. By this, an individual can maintain anonymity until they perform some action that crosses the boundary of the law – at that point, it is imperative for a service provider to identify who that individual is so that the arm of the law can reach out and touch them. In effect, IPC/O’s position is that operating in the digital era does not mean that the state’s coercive powers ought to be diminished: the benefits of free, anonymous speech and association can be had, so long as this is done within the confines of the law.

At a broad, principled level the IPC/O’s position on anonymity raises concerns: what if we applied this same set of rules to an authoritarian environment, such as in China or Iran? However, if we move from ‘high-level’ theorizing and generalizations to ‘mid-level’ theorization and better contextualized generalizations the conditions of inquiry change; does the pseudo-anonymity offered in Ontario, which is (generally) an orderly and lawful province in an orderly and lawful nation, meet the expected freedom and association rights of Ontarians without detoothing the provinces and/or nation-state’s coercive power? Clearly this latter question is better contextualized than one would expect from a philosophical treatise on anonymity, and more likely to resonate both with (in this case) Ontarians and Canadians than a ‘high-level’ theory that has to apply universal statements to particular situations without becoming logically or practically incoherent.

Note that I’m not suggesting that we must avoid ‘high theoretical’ approaches to privacy and anonymity – I’m regularly involved in such discussions, and think that the principled position needs to be stated loudly because the speaker is often alone in the room – but that there is a danger in always assuming a ‘principled’ position that refuses compromise and reflective consideration in advocacy. Advocacy is not, as I’m regularly reminded, the same as scholarship. Are networking technologies like DPI likely to be ‘banned’ in the West? Unlikely – were an attempt made, network operators would point out to the public just how ingrained these technologies are in daily operations, and instead (continue to) focus on uses of the technology. If advocates adopt a nuanced and contextualized and principled position, from which they can insist that particular uses of the technology be banned, and frame the benefits of such bans to reach out to consumers and citizens alike, then I think that that advocates will have a stronger foot to stand on.

Concluding, and returning to anonymity more closely, I think that we need to distinguish various ways to ‘approach’ the topic of anonymity. We need to recognize different levels of theorizing about ‘what anonymity means’, analytically distinguish between the domains of expected anonymity (e.g. Internet versus Web versus particular sites on the Web), and collect empirical data that outlines the present practices that would anonymize and deanonymize individuals in each of these domains. After intensively investigating these practices, advocates and citizens alike can proceed to launch complaints, concerns, and raise issues in a highly contextualized, high targeted way that is likely to have superior results than broadly framed worries lacking analytic precision.*** These worries are not just ‘academic’: launching ill-formed complaints can lead to setting precedent that runs counter to privacy-protection, that undermines the instantiation of privacy principles in society and jurisprudence, and potentially waters down constitutional rights. Badly formed complaints don’t just run the risk of being ineffective: they run the greater risk of jeopardizing the principles that privacy advocates defend, principles that often includes anonymity in ‘public’ spaces like the Internet.

———

* I’ve begun differentiating between ‘first’ (hardware) and ’second’ (web-level) presence to mark off this distinction between spaces of anonymization.

** At some point, probably after my February exams, I’m hoping to write something on the use of the term ‘intelligence’ to refer to networks. I find the term incredibly offsetting and awkward.

*** As a note, I recognize that this is ‘ideal’ – often groups suspected of infringing individuals’ privacy are not forthcoming with information. In these cases, advocates should get as much of the best data that they can together and launch the complaint. I’m not suggesting that, where information to create one of these hyper-targeted complaints is unavailable that advocates shouldn’t complain, but that when the information is available the advocate ought to engage with all the available data in a charitable fashion. At the very least, they should try to seek out the information in a rigorous fashion before submitting the complaint.

Other posts you might be interested in:

1. Context, Privacy, and (Attempted) Blogger Anonymity
2. Privacy Advocates and Deep Packet Inspection: Vendors, ISPs, and Third-Parties
3. IPv6 and the Future of Privacy

I’m in the middle of a large project (for one person), and as part of it I wanted to host some CRTC documents on the project’s web server to link into. You see, if you’ve ever been involved in one of the CRTC’s public notices you’ll know that there are literal deluges of documents, many of which are zipped together. For the purposes of disseminating documents over email this works well – it puts all of the documents from say, Bell, into a single zipped file – but makes a user-unfriendly structure of linking to: expecting casual reader to link to zip archives is unreasonable. Given that as part of this project I do want to facilitate ease of access to resources it’s important that users can link to the documents themselves, and not zip archives.

While I pay attention to copyright developments in Canada and abroad, and have strong stances on how academics and the Canadian government should licence their publications, I’m not a lawyer. I do, however, know that government documents in Canada are governed by Crown Copyright – unlike in the US, the Canadian government maintains copyright over its publications – and thus I wanted to check with the CRTC if there were any problems hosting documents from their site, including those presumably under a Crown copyright such as the CRTC’s decision.

Today I spoke with someone at the CRTC and received word that I could rehost the documents, without any problems. They were ‘in the public domain’ and so I could do with them what I wanted. I was pleased to hear this, as I wasn’t sure if the Reproduction of Federal Law Order would apply to the filings of private companies – it should apply to the CRTC’s decision itself, but as the order is written it’s ambiguous (to me) where and how private filings ‘fit’. In any case, I’ll take the CRTC’s word and be pleased that their public notice filings, including the filings by private corporations, are ‘public domain’ works and not governed by crown copyright. In case someone is wondering why I even bothered checking with the CRTC, given that my intended uses of the works arguably fall under under the research and review criteria of Canada’s fair dealing provisions, I expected that my use was legitimate but wanted to check with some lawyers that I was actually in the clear. I didn’t want to have a project go live, only to receive lawyer-grams from the CRTC or private companies! The CRTC has lawyers, and I thought it’d be a decent idea to draw on their expertise. Had I gotten a baffling response (e.g. no, for copyright reasons you cannot host anywhere else!) I’d have gotten a second opinion.

So, that’s fine and good: I can use the documents. It was the rest of the conversation that was particularly interesting, and more than a little disturbing.

I learned that the CRTC occasionally removes documents included in public filings and, far more significantly, sometimes changes the actual documents themselves without notifying anyone, not ever parties who were involved in the public notice. Such changes are made to correct misstatements of fact, to redact content already on the record or make available incorrectly redacted content, and so forth. This has far-reaching implications: closed public notices can have documented modified, where such modifications could potentially have affected public awareness of the notice as it was ongoing. In the case of some ‘corrections’, this could be incredibly important: what if in PN 2008-19 (and this is entirely hypothetical and meant as an example: I have ABSOLUTELY NO REASON TO BELIEVE THIS IS THE CASE) it turned out that one of TELUS’ redacted sentence was made available to the public, and it stated that TELUS was in early consideration stages of using Deep Packet Inspection in their networks? Such a ‘correction’ would have substantial effects on the arguments put forward by various civil advocates, and would render someone who was not involved with the public notice as it was ongoing very confused about the apparently contradictory filing between (in this example) TELUS and public advocacy groups. Thus, not only do these secretive changes risk contaminating later research, but it could also undermine public confidence in the public notice process itself.

The other very interesting copyright-related item that I learned was that, while hosting the documents isn’t a problem, were I to scrape and do a check-sum between what I have hosted and what the CRTC hosts that would be considered a copyright infringement. The gentleman I spoke with professed not understanding how that would be a copyright issue, and was just passing on the message from the lawyers, but it’s incredibly bizarre. In effect, it states (to me) that I can host but cannot check to guarantee that what I’m hosting is ‘the most accurate/recent version’ unless I want to eyeball the documents and look for ‘corrections’ that may or may not be announced anywhere in the document or public notice website itself. From a government transparency point of view, this is deeply concerning: members of the public, if aware of the potential for relatively secretive changes to public filings, cannot automate any system to watch for such changes without running afoul of lawyers. The resources thus required to ‘check up’ on the CRTC would be enormous for the poorly funded civil advocacy groups and members of the public (neither eyeballs or time are in abundant supply!). Moreover (and again, I am not a lawyer!) in my reading a check-sum or something like it is required to actually comply with Canadian copyright law. The law,

authorizes anyone, unless otherwise specified, to copy federal legislation, statutes, regulations, court decisions and tribunal decisions without the usual restrictions that govern Crown copyright materials, provided that one is careful to ensure the accuracy of the materials reproduced and that the reproduction is not represented as an official version. (emphasis added)

Given that I’ll be hosting documents, to ‘carefully ensure the accuracy of the materials reproduced’ aren’t I required to set up some automated system, given that the CRTC can potentially just change or remove documents without any public notification or transparency? Does this mean that compliance requires me to manually check on a daily/weekly/monthly basis that all the files on the CRTC’s webpage are exactly as they were when I first copied them?

Admittedly, these changes to documents in public notices are supposed to happen ‘fairly rarely’ and there isn’t any reason to expect that the filings for PN 2008-19 (which is what I’m interested in for this project, right now) are going to change. It’s possible that there was miscommunication as a result of interjecting an intermediary between myself and the CRTC’s lawyers. I’m very happy that I can host the filings for PN 2008-19 and that all of the items in that filing (including the CRTC decision) are apparently ‘public domain’ and thus outside of crown copyright. Those are all great things and I appreciate that the CRTC was fairly quick in getting back to me (it took about 4 business days). I’m far less impressed with secretive changes happening to public filings, and am disturbed by the position that scraping for check-sum purposes would somehow violate copyright.

I’m not a lawyer, and I’ll be following this up with the CRTC to try and get additional transparency into what’s going on. Hopefully there was just a miscommunication; I would understand if regular scraping was a problem because it could bog down their servers, and that on that basis they could drum up DDOS charge or something, but to construe server access to guarantee I’m hosting the most up-to-date documents with a copyright violation is mind boggling, and screams of misuse of copyright to this non-lawyer.

Other posts you might be interested in:

1. Update: CRTC PN 2008-19 Filings
2. Update: CRTC PN 2008-19 ISP Filing Summary Document
3. Summary: CRTC PN 2008-19; ISP Traffic Managment in Canada

Since the election of incumbent president Mahmoud Ahmadinejad, the world has witnessed considerable political tension in Iran. Protests over the questionable electoral results, beatings and deaths of political protestors, recurring protests by Iranians associated with the Green Revolution, and transmissions of information amongst civil- and global-actors have been broadcast using contemporary communications systems. Twitter, blogs, Facebook, and mobile phone video has enabled Iranians to coordinate, broadcast, and receive information. The existence of Web 2.0 infrastructure has set the conditions under which the Green Revolution operates.

The Iranian government quickly recognized the power of cheap social coordination technologies and, in response, drastically reduced the capacity of national Internet links – the government, in effect, closed the nation’s Internet faucet, which greatly reduced how quickly data could be transmitted to, and received from, the ‘net as a whole. This claim is substantiated by Arbor Networks’ (Internet) border reports, which demonstrate how, immediately after the presidential election, there was a plummet in the data traffic entering and exiting the nation. (It should be noted that Arbor is a prominent supplier of Deep Packet Inspection equipment.)

Prior to trying to dispel the Fear, Uncertainty, and Doubt (FUD) surrounding the contemporary Iranian ISP-surveillance system that is regularly propagated by the media, I need to give a bit of context on the telecommunications structure in Iran.

The Composition of Iranian Telecommunications

As in Western nation-states, there are a series of ISPs that Iranians can select to receive Internet. The catch is that all data traffic has to pass through the state controlled infrastructure of the Telecommunications Company of Iran (TCI). Household connections have a data-transfer ceiling: in the 2006 Ministry of Communications and Information Technology (MCIT) issued an order that forbade ISPs from providing Internet connectivity to households and public access points that exceeded 128 kilobytes/second. To put this in perspective for Canadians (and others in North America), Bell Canada’s slowest service plan is for up to 256 kilobytes/second (i.e. a 2 Mbps connection). Universities and private businesses in Iran can obtain high-speed access, though as a result of capping residential speeds there has been a substantial reduction in fibre-deployment (and increases in broadband speed), which was rapidly expanding from 2005 – 2007.

The limitation of bandwidth speeds was likely meant to hinder (as opposed to prevent) access to rich-format alternate media sources available on the ‘net (e.g. YouTube, media-heavy websites, etc); when it takes ten minutes to load a BBC broadcast, you go somewhere else to get news instead. The benefit of this strategy is that the government could escape claims that they were censoring content:  it was just delayed, and who minds waiting another few minutes for something they really care about?

Fear, Uncertainty, and Doubt and Iranian Digital Surveillance

The Wall Street Journal (WSJ) ran a piece last summer that accused Iranian officials of using Deep Packet Inspection (DPI) equipment purchased from Nokia-Siemens to survey and censor content. The Journal’s assertions were subsequently picked up by major media sources, and the blogosphere along with reputable journalism sites continue to reinforce the position of the WSJ. The problem, of course, is that that to date there has been little to no reputable reinforcement of the WSJ’s initial claim, and Nokia-Siemens has openly refuted the allegations.

The WSJ asserted that, “[e]very digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds. In Iran’s case, this is done for the entire country at a single choke point, according to networking engineers familiar with the country’s system.” Moreover,  ”Iran is “now drilling into what the population is trying to say,” said Bradley Anstis, director of technical strategy with Marshal8e6 Inc., an Internet security company in Orange, Calif. He and other experts interviewed have examined Internet traffic flows in and out of Iran that show characteristics of content inspection, among other measures.”

After the WSJ piece ran David Isenberg, Mark Hopkins, myself separately found fault with various elements of the story as reported. In summary, we argued that:

• tests for detecting DPI, presently, do not exist;
• Marshal8e6 is a spam/phishing company; there is no reason why they would have any particular insight into DPI, and a look at their website shows that their core business competencies are not in DPI-related activities;
• there is no evidence that the Iranian system uses DPI – all we really have is a lone, anonymous, engineer saying that everything is examined for keywords. Keep this point in mind, as we’ll be getting back to it;
• the WSJ’s primary source, Ben Roome over at Nokia-Siemens, maintains that the company sold only mobile technology capable of lawful access and did not sell DPI equipment. Further, Nokia-Siemens has actually exited the intelligence market, as recognized in the WSJ article.
• it is, quite simply, easier to leverage existing infrastructure rather than import and embed DPI appliances in an already functioning surveillance environment

It’s key to note before getting into the next section that neither myself nor Isenberg are making the claim that DPI isn’t in use, but instead that there is no clear reason to assume that Iranian authorities have incorporated DPI into their arsenal of surveillance technologies (Hopkins is making the full move to state DPI isn’t being used). DPI is expensive to install, and massive inspection comes with a substantial computational and other technical overheads – it’s for this reason that most DPI devices inspect elements of packet streams rather than streams in their entirety when they must be inspected in real-time. To use DPI for full-stream analysis when there are better tools for the job that already are built and running would be mind numbingly stupid, and we have no reason to believe that Iranian IT admins are stupid people.

The Composition of ISP Surveillance in Iran

A very good report on the status of Internet surveillance in Iran was released by ICTRC in 2005, and it’s nicely supplemented by the OpenNet Initiative’s (ONI) report on Iran. From these, we learn that the Iranian government  uses a series of techniques to filter and censor the ‘net. They include:

• the use of SmartFilter (which blocks particular websites and content) by all ISPs. The Telecommunications Company of Iran (TCI) itself has reassumed the role of centralized filtering from the ISPs, according to ONI, though some Iranians still see the old ‘access denied’ images that are branded by their ISP. ONI’s findings suggest that the technical difficulties of centralized filtering, identified in the ICTRC report, have likely been overcome.
• New ‘block sites’ are added to the ever-expanding list of blocked websites, many of which are aimed at countering ‘immoral’ inclinations or limiting dissident political communication.
• Internet ports are regularly closed by ISPs in accordance with government edicts. These ports are used to access proxy servers, such as TOR, which give Iranians access to the uncensored Internet.
• Prior to data exiting the Iranian telecom environment and entering the global Internet, all requests are passed through proxy servers that permit keyword filtering. Web searches containing particular words may be blocked, and because content is passing through proxy servers there is the possibility of monitoring all unencrypted  traffic, including chat conversations, email, and web browsing.

In the WSJ article an anonymous engineer stated that “We didn’t know they could do this much … Now we know they have powerful things that let them do very complex tracking on the network.” While the WSJ alleges that this is a reference to DPI, I would suggest that the engineer is probably referring to the Iranian government having backtracked on stated uses of their proxy-based surveillance architecture. You see, in 2006 the Communication and Information Technology Ministry announced that their surveillance apparatus:

…would block access to unauthorized websites, identify Internet users, and keep a record of the sites they visit. The system administrator would have access to this information.

The ministry subsequently denied that the filtering facility could identify users and track their browsing habits, and it stressed that it only wants to block access to pornography. There also were acknowledgements that the previous methodology was imperfect, and a “filtering databank” would be more precise and make fewer mistakes.

Given this broader context, from 2006, engineer’s statement – that they hadn’t thought the government’s apparatus was designed to massively identify users and record visited sites – makes quite a bit of sense; he didn’t know that the government had adjusted how they were using infrastructure already known to exist. If you recall, the engineer had made a reference ‘keyword filtering’, and it only requires a proxy to analyze text. DPI is not required. Further, when Marshal8e6 Inc. referred to content analysis having been performed, the corporation might have been referring to the proxy-based keyword analysis and not DPI surveillance. Given that an already impressive surveillance infrastructure utilizing proxy-based servers has existed for several years now, and is capable of the filtering being witnessed today, it’s unclear how the present monitoring of digital communications requires, or indicates the use of, DPI appliances. On the basis that sources for the article can easily be read as referring to already known t0 exist surveillance systems their statements shouldn’t be used to support the WSJ’s claim that Iran is using DPI, but that the proxy-system is more impressive than previously thought. The latter is an entirely reasonable claim; the former outlandish and requiring substantial reporting to guarantee accuracy.

Intelligence Through Social Networks

Given the supposition that DPI isn’t being used for surveillance purposes in Iran right now one might ask: how is it, then, that seemingly cautious protestors and organizers who practice ’safe computing’ (i.e. encrypt their data traffic) get caught? In response, I would suggest that rather than focusing on ‘how they broke the encryption’ there needs to be a focus on ‘where they find, and how did they exploit, weak links in the network?’

If just one person transmitted unencrypted data and compromised organizers’ names, then the authorities would have a place to start their investigations. Alternately, if someone in Iran routinely encrypts most of their data traffic they likely rise to the attention of network administrators. Administrators could very easily be under orders to pay attention to any non-encrypted data traffic that such persons of attention transmit to the ‘net, in the hopes of gaining content-based insight into what the encryption-user might be doing, saying, or who they are speaking with online. Moreover, even if you’re sending encrypted email to protect yourself against proxy-based traffic analysis, if your email is stored on an Iranian ISP’s server then the messages are unlikely to be secure when ‘at rest’ on the server itself. Protecting the data in transit isn’t sufficient when you can’t trust your ISP. Finally, there are reports of officer’s seizing people’s laptops, but occasionally leaving the people themselves alone, again negating the value of encrypted data transmissions if data at rest on the computers isn’t similarly secured.

There is often far more to gain in developing social profiles of people and their related associates than on combing through all the data collected of every person; the situation with the Christmas Day bomber last year demonstrates that an excess of particular information, and failure to develop a comprehensive network intelligence system that identifies key threats, is a critical limitation. Without a system that identifies possible ‘persons of interest’ agencies are limited in their abilities to target the ‘right’ person. In developing relationships of people, it is possible to create profiles and map out who is who in vast networks. With the potential to use social demographics to identify ‘key’ figures in any social organization the ‘danger’ in broadcasting oneself through Twitter, Facebook, or other social media environment arises from facilitating network-level intelligence: Who are the key broadcasters and rebroadcasters of messages? Who generates ideas that are rapidly disseminated through the population? Who are the (largely) passive listeners? The last group is probably non-deserving of immediate persecution, but they will be motivated to identify and listen to the first two groups. Thus, if you just watch to see who the ‘passives’ are almost all listening to, you can pick out ‘key’ members of any revolution that target them, weakening or extinguishing the winds of change. The weakest link in a revolution need not be the leaders, but can come from nuanced social profiling, and the Web 2.0 world arguably facilitates such social profiling in ways beyond even that Stasi’s wildest dreams.

Does this mean that even more advanced systems of digital analysis and aggregation won’t be deployed to identify particular patterns of communication in Iran? No. Does what I (or anyone else, for that matter) have definitely written prove that DPI technologies aren’t being used in Iran? No. What I have done, however, is suggest that existing proxy-based surveillance infrastructure can be leveraged in a manner that explains present censorship and content-blocking practices in Iran, and that traditional intelligence gathering processes are likely just being modernized for the social media world. Neither the preexisting surveillance and censorship, nor the intelligence gathering, requires DPI. In light of the evidence and argumentation I have offered, we ought to leverage Occam’s razor to conclude that proxy-based analysis, not DPI-facilitated surveillance, should be the focus of responsible attention to Iranian ISP surveillance practices.

Other posts you might be interested in:

1. Iran, Traffic Analysis, and Deep Packet Inspection
2. Virgin Media to Monitor Copyright Infringement
3. Beyond Fear and Deep Packet Inspection

I tend to (almost exclusively) access key websites related to my research and personal interests through RSS feeds. As a result of using Google Reader to collate new content, I rarely actually see the blogrolls and suggested links that are provided by those key websites that I grab content from on a daily basis. Given that I’m sure many people read this site almost exclusively through RSS, I wanted to prepare a short piece that highlights just some of the key blogs and websites that I turn to on a regular basis in the hopes that readers might find some cool and interesting new sources of information they’d otherwise never come across. As a hat tip, this post is largely inspired by Rebecca Bollwitt’s “The Missing Link” that considers (as of 2008) the changing characters of link lists and blogrolls.

AR.m-ato.me

Aya Walraven is a digital media and internet enthusiast who primarily works in video, web, and emerging technologies. A self-appointed internet-culture historian and archivist, she studies and documents mobile technologies and online behavior, particularly in Japanese youth and anonymous communities.

Her blog name is a combination of AR (Augmented Reality) and Matome, the latter being a romanization of the Japanese term まとめ which means round-up, collect, mass, or summary. Her blog is a round up of news, findings, commentary and links related to Augmented Reality and the technological, economic and social landscape in which it develops.

Ars Technica

Ars is the tech site that you need to be visiting if you (a) speak English; (b) have diverse tech-related interests; (c) like actual, critical, reporting. Ars’ writers regularly break new ground with the work they produce – Nate Anderson’s work on DPI inspired me to dedicate a fair chunk of time to the privacy and surveillance implications of Deep Packet Inspection – and write in accessible formats that makes their articles useful to the geeks and non-geeks alike.

Bruce Schneier’s blog

Bruce is often heralded as the ‘rockstar of security’, and it’s a well deserved title. He writes in a very accessible format, while striking to the heart of security and security technology issues. If you’re doing work in the security field, he’s required reading, even if you disagree with him.

Geeks and Global Justice

Kate recently received her PhD from SFU, and worked with Andrew Feenberg during her studies into how activists in the global justice movement appropriate technology to achieve their social justice goals. She sees tech activism as having (at least) three simultaneous outcomes: it democratizes technology, it develops democratic practice and it produces an alternative vision of society.

Her blog is meant to be a space for documenting the history and accomplishments of tech activism. In the spirit of the free software movement, it is an experiment in open scholarship, and all tech activists are encouraged to participate through contributing to the project, as well as questioning, editing and correcting information found here.

iPoque Executive Blog

While there are several DPI vendors who’s work I follow, I’ve often found iPoque’s to be the most transparent. While their executive blog isn’t updated terribly often, when updates are released they tend to be very interesting for those of us focused on DPI, network neutrality, and copyright. Given that there is a lot of attention on the North American DPI vendors, I think that it’s important to pay attention to those that operate a bit differently across the Atlantic – iPoque is one of the largest vendors in the EU and Africa, and thus justly deserves consideration by North American and European scholars alike.

Lawrence Lessig

While Lessig is often the target of popular and academic criticism (if not outright derision) one is forced to admit that his work has been seminal in the network neutrality, copyright, and free culture debates. His blog is on a hiatus at the moment, but the archives are filled with incredibly thought-provoking content. Love or hate him, he’s effectively required reading (if only so you know WHY you love or hate him *grin*) when studying contemporary digital issues.

Light Blue Touchpaper

A group of computer and security researchers at Cambridge University regularly contribute content to their Light Blue Touchpaper blog. I tend to follow Richard Clayton, in particular, but the researchers’ contributions in general are delightfully accessible and technically oriented. It’s rare that you run into security researchers who can communicate with the public, but it would seem that Cambridge houses a whole lot of them!

Perceptric

The Perceptric Blog is where business partners in Perceptric Pty Limited, Chris Gilbey and Tom Koltai post thoughts, ideas, and links to stimulate thought and accelerate the transfer of ideas with a particular focus on P2P. Tom, in particular, has a strong background in running ISPs, and so his writings about P2P technologies and their disruptive impacts is commonly insightful. This said, while the Cambridge scholars are almost always accessible reads, it might take some background to catch many of the nuances in Tom’s and Chris’ work. Good reading if you’re interested in P2P and its impact on ISPs’ core services.

Privacy Lives

Privacy lives is ‘monitors the pulse of privacy’. It regularly engages with privacy matters that arise from technology, government, corporate, and academic fields. Melissa Ngo, the site’s author, is a Privacy and Information Policy Consultant and has testified about privacy and civil liberties before legislators and government agencies, and she discusses such issues at academic, policy, and trade conferences. Prior to publishing Privacy Lives, Ngo was Senior Counsel and Director of the Identification and Surveillance Project at the Electronic Privacy Information Center, a non-profit research education center in Washington, DC.

Melissa is often at the forefront of the critical commentators who engage with contemporary privacy-related matters. Highly related if privacy is foregrounded in your research/reading interests.

Ralf Bendrath

Ralf’s blog is self-described as presenting ‘thoughts and observations of a privacy, security, and Internet researcher and activist.’ While his schedule prevents him from updating regularly, his posts constitute ‘deep content’ – it’s well thought out, researched, and immediately useful. He’s presented some good work on DPI, and is well regarded amongst the circle of privacy academics I increasingly find myself amongst.

Search Engine

Jesse Brown is one of the very few competent, critical, technology-oriented journalists in Canada. Search Engine was previously with the CBC, but is now with TVO. He has weekly podcasts that touch on all things social and tech – don’t read him expecting updates on the latest iPod, but instead on how DRM, copyright, and the Canadian government intersect (as an example). He’s one of the most public (and loudest!) voices speaking about copyright in Canada. I wait up most Monday nights to listen to his podcast fresh off iTunes, and so should you!

Short Packet

Likely abandoned, Kriss Andsten’s blog on DPI was great because it gave actual insights into the technology from a person inside the industry. His work comes across as authentic and is helpful for trying to figure out how ‘the industry’ might talk about DPI in a bar, as opposed to on a PR stage.

Slight Paranoia

Christopher Soghoian has been described as an activist, muckraker, and general pain in the ass. I like to think of him as a model of what academics can, and should, become; he rigorously pursues his research interests while drawing on them to try and transform the social landscape he operates within. Christopher does great work investigating the modes of surveillance that are deployed by corporate and government agents alike, and has regularly embarrassed both sets of actors in publishing information they’d rather just stayed private.

Susan Crawford Blog

Susan does amazing work at the forefront of American telecommunciations and network policy. If ICANN, network neutrality, ISP competition, and related issues spark your interest, then start reading her work if you’re not already.

Telecom Trends

Mark Goldberg is a key figure in the Canadian telecommunication community. A noted consultant and key organizer for the Canadian Telecommunications Summit, his work is widely read and his opinions often drawn on to form public and private opinion on various telecom-related matters. If you’re interested in Canadian telecommunications, then his work is required reading.

Tuesday Night

Ian Glazer et al. write some really provocative thoughts on social networking and social media. If you are doing anything related to Facebook and privacy, you are required to know and think about Glazer’s Privacy Mirror application, which renders transparent the actual capacities of Facebook’s privacy settings.

The Future of the Internet

Jonathan Zittrain’s blog is intended to accompany the concepts and principles found in ‘The Future of the Internet – And How To Stop It’ and apply them to the issues of the day. While updates are somewhat sporatic, and seemingly produced (largely) by his assistants/RAs with comments from Zittrain, the issues that are raised and modes of engaging with them are often provocative. If you liked his book, or were at least interested in elements of it, his website may be of use for your ongoing engagement with the text.

Notes from the Ubiquitous Surveillance Society

A blog maintained by David Murakami Wood, Canada Research Chair in Surveillance Studies at Queen’s University and Managing Editor of Surveillance and Society, readers will regularly be delighted by critical, engaging, of often sarcastic comments about pressing surveillance and privacy-related matters. David will likely be cutting back on his almost-daily publishing schedule with a recent addition to his family, but we can nevertheless continue to expect the same high-quality, attention grabbing, information and commentary that we’ve come to expect over the past several years.

Given that many of you know that my research interests surround DPI, copyright, network policy, privacy, surveillance, and technology, what less-known blogs and websites would you recommend I start reading for the new year?

Other posts you might be interested in:

1. Tracing the Network, Tracing the NSA