ITU sparks internet privacy fears

The International Telecommunications Union (ITU) has adopted a new deep packet inspection standard that appears to have implications for users of file sharing and instant messaging services.

ITU communications officer Toby Johnson said in the blog post that the standard will enable ISPs to "manage network traffic more efficiently and thereby heighten users' quality of service and quality of experience".

He said the standard "does not allow access to users' private information and allows measures to ensure the secrecy of correspondence", instead providing "for efficiencies in network management demanded by application and service-aware networks such as Smart Pipe, Network Intelligence Capability Enhancement (NICE), Smart Ubiquitous Networks (SUN) and Content Centric Networking (CCN)".

Despite Johnson's reassurances that the standard will not violate privacy, it contains examples of how to "identify uploading BitTorrent users" and counting instant messages via the Jabber or XMPP protocol with Spanish text.

Example II.3.4 is named "Forwarding copy right [sic] protected audio content" which is done by "checking on embedded digital watermarks in MP4 data". 

The standard also provides examples of how to detect file transfers in general with the FTP and TCP protocols, and how to block Session Initiation Protcol messages used for VoIP "with specific content types" with particular users being identified through application information.

Malware blocking is another area that the standard could be applied to.

Encrypted, compressed and transcoded data can also identified by the standard, including IPsec traffic in tunnel and transport mode, and which is authentication header protected.

Depending on the level of encryption, the availability of a local decryption key and conditions based on the coded information, DPI signatures could be applied to obfuscated traffic, the standard stated.

Although now approved, the ITU standard drew fire from Germany, which asked the European Conference of Postal and Telecommunications Administration or CEPT with 48 members to oppose the approval of Y.2770.