Feeds

Bell Canada chokes P2P and privacy?

'J'accuse!'

Combat fraud and increase customer satisfaction

What's worse than an ISP throttling your peer-to-peer traffic? An ISP throttling your peer-to-peer traffic while stepping on your privacy.

Late last week, the Canadian Internet Policy and Public Interest Clinic (CIPPIC) fired a letter to the country's privacy czar, urging an investigation into the traffic shaping practices of mega telco Bell Canada. The University of Ottawa-affiliated law clinic suspects that Bell is not just throttling BitTorrent and other peer-to-peer traffic, but illegally monitoring the activities of millions of Canuck web surfers.

In March, Bell Canada admitted to shaping P2P traffic on its own DSL-based ISP, Sympatico, as well as third-party ISPs that piggyback on its pipes. That's right, it's curbing packets on someone else's network.

"As a service provider, we have to ensure no individual or group is negatively impacting the majority’s internet access," Bell Canada spokesman Pierre LeClerq tells us. "That was happening with some wholesale ISP customers (a very small portion), who were hogging huge amounts of bandwidth with P2P during rush hour." We think he means the internet version of the rush hour.

P2P throttling is nothing new. As we all know, American cable behemoth Comcast has blocked BitTorrents for at least a year. The difference is that Bell Canada is throttling via deep packet inspection (DPI) - the packet filtering technology made famous by anti-virus vendors. When we spoke to LeClerq, he would not admit to this, but his company has already come clean in a recent filing with the Canadian Radio-Television and Telecommunications Commission.

"Bell's internet traffic management solution uses network equipment that can perform DPI," reads the filing. "DPI is used to examine each of the protocol headers that wrap the content in order to identify the type of application package being transmitted.

"This allows Bell to balance the delivery of different types of applications over a network similar to how a postal service needs to balance the delivery of time sensitive overnight packages and high volume shipments."

With a letter (PDF) to Canada privacy commissioner Jennifer Stoddart, CIPPIC director Philippa Lawson asks if this sort of behavior violates Canadian privacy law, arguing that DPI "inspects information that can be linked to internet subscribers."

She says that DPI is "not necessary to ensure network integrity and quality of service". She points out that Bell is inspecting packets for this purpose without user consent. And she wonders what else the ISP is doing with deep packet inspection.

"The problem is we don't know exactly what they're doing," Lawson tells us. "They say it's only for network management purposes. But who knows?"

Again, Bell Canada's LeClerq wouldn't cop to DPI. But he did have this to say in response to our inquires about Lawson's letter: "Bell respects the privacy of our customers. We are in compliance with our privacy obligations. We don't look at the content customer’s access."

It's worth noting that Lawson's letter accuses Bell Canada of examining packet content, while the company's CRTC filing says it inspects only headers.

As Lawson points out, so-called behavioral ad targeting firms like Phorm and NebuAd employ deep packet inspection within ISPs as a means of tracking the online activities of net surfers. But this likely has little to do with Bell Canada's P2P throttling. We asked Bell Canada if it partners with a behavioral ad firm, but it has yet to respond.

Clearly, LeClerq didn't know whether Bell Canada is using a Phorm or a NebuAd. But he does know the company is using deep packet inspection. And yet he still refuses to say so. If nothing else, Bell Canada is guilty of keeping people in the dark. Much like Comcast. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.