Deep Packet Inspection and the Loss of Privacy and Security on the Internet
For my first session of the day on Tuesday of the TRISC 2009 conference I attended a presentation by Andrew MacFarlane from Data Foundry, Inc. on "Deep Packet Inspection and the Loss of Privacy and Security on the Internet". While the concept of DPI is nothing new to me and I remember first hearing about it around the FBI's Carnivore project, this particular use case was something that I hadn't heard about. Apparently pretty much every Tier 1 ISP has hopped onboard the DPI bandwagon and is now using the technology for everything from traffic prioritization to targeted advertising. To make matters worse, you automatically agree to this type of monitoring by accepting your ISP's terms of service. Data Foundry has been one of the few ISP's who have spoken out against this practice, but unless more people (especially end-users) lobby their congressmen to remove this waiver of privacy rights as part of our terms of service acceptance, the future of privacy and security on the internet is awfully bleak. My notes from the session are below: