Feeds

Bell Canada chokes P2P and privacy?

'J'accuse!'

Designing a Defense for Mobile Applications

What's worse than an ISP throttling your peer-to-peer traffic? An ISP throttling your peer-to-peer traffic while stepping on your privacy.

Late last week, the Canadian Internet Policy and Public Interest Clinic (CIPPIC) fired a letter to the country's privacy czar, urging an investigation into the traffic shaping practices of mega telco Bell Canada. The University of Ottawa-affiliated law clinic suspects that Bell is not just throttling BitTorrent and other peer-to-peer traffic, but illegally monitoring the activities of millions of Canuck web surfers.

In March, Bell Canada admitted to shaping P2P traffic on its own DSL-based ISP, Sympatico, as well as third-party ISPs that piggyback on its pipes. That's right, it's curbing packets on someone else's network.

"As a service provider, we have to ensure no individual or group is negatively impacting the majority’s internet access," Bell Canada spokesman Pierre LeClerq tells us. "That was happening with some wholesale ISP customers (a very small portion), who were hogging huge amounts of bandwidth with P2P during rush hour." We think he means the internet version of the rush hour.

P2P throttling is nothing new. As we all know, American cable behemoth Comcast has blocked BitTorrents for at least a year. The difference is that Bell Canada is throttling via deep packet inspection (DPI) - the packet filtering technology made famous by anti-virus vendors. When we spoke to LeClerq, he would not admit to this, but his company has already come clean in a recent filing with the Canadian Radio-Television and Telecommunications Commission.

"Bell's internet traffic management solution uses network equipment that can perform DPI," reads the filing. "DPI is used to examine each of the protocol headers that wrap the content in order to identify the type of application package being transmitted.

"This allows Bell to balance the delivery of different types of applications over a network similar to how a postal service needs to balance the delivery of time sensitive overnight packages and high volume shipments."

With a letter (PDF) to Canada privacy commissioner Jennifer Stoddart, CIPPIC director Philippa Lawson asks if this sort of behavior violates Canadian privacy law, arguing that DPI "inspects information that can be linked to internet subscribers."

She says that DPI is "not necessary to ensure network integrity and quality of service". She points out that Bell is inspecting packets for this purpose without user consent. And she wonders what else the ISP is doing with deep packet inspection.

"The problem is we don't know exactly what they're doing," Lawson tells us. "They say it's only for network management purposes. But who knows?"

Again, Bell Canada's LeClerq wouldn't cop to DPI. But he did have this to say in response to our inquires about Lawson's letter: "Bell respects the privacy of our customers. We are in compliance with our privacy obligations. We don't look at the content customer’s access."

It's worth noting that Lawson's letter accuses Bell Canada of examining packet content, while the company's CRTC filing says it inspects only headers.

As Lawson points out, so-called behavioral ad targeting firms like Phorm and NebuAd employ deep packet inspection within ISPs as a means of tracking the online activities of net surfers. But this likely has little to do with Bell Canada's P2P throttling. We asked Bell Canada if it partners with a behavioral ad firm, but it has yet to respond.

Clearly, LeClerq didn't know whether Bell Canada is using a Phorm or a NebuAd. But he does know the company is using deep packet inspection. And yet he still refuses to say so. If nothing else, Bell Canada is guilty of keeping people in the dark. Much like Comcast. ®

Securing Web Applications Made Simple and Scalable

More from The Register

next story
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Google Nest, ARM, Samsung pull out Thread to strangle ZigBee
But there's a flaw in Google's IP-based IoT system
Orange spent weekend spamming customers with TXTs
Zero, not infinity, is the Magic Number customers want
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
NBN Co execs: No FTTN product until 2015
Faster? Not yet. Cheaper? No data
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.