UN deep packet inspection standard leaked

By on
UN deep packet inspection standard leaked

But UN approval no green light to censorship.

The United Nations has approved a standard for deep packet inspection (DPI) technology in next generation networks that has some privacy pundits up in arms.

The draft document (pdf), obtained by SC from Melbourne online advocate Asher Wolf and available only to members of the International Telecommunications Union (ITU), described the Y.2770 standard into the uses of DPI which was approved by the UN body yesterday. 

 

Examples given include using the technology on next-gen networks to monitor for traffic like BitTorrent, instant messaging and Session Initiated Protocol (SIP), widely used for voice and video.

While it does not go further than describe the technology, the document nonethless has caused a stir.  Many fear the approval brings state internet surveillance a step closer.

"Germany holds the belief that the ITU-T should in principle not standardise any technical means that would increase the exercise of control over telecommunications content, could be used to empower any censorship of content, or could impede the free flow of information and ideas," reads a statement on the CEPT website. The CEPT is a group of European telcos and postal organisations.

"The ITU-T shall rather focus its resources and programmes on … facilitating peaceful relations, international cooperation among peoples and economic and social development by telecommunications services."

The approval of the standard does not give a green light to the use of DPI on national networks, which as local telco security boffins point out to SC would be difficult to operate and need legal go-ahead in most western states.

But as some privacy pundits including Petter Ericson of Sweden's Academic Computer Club University point out, the standards could make it easier for governments to outsource DPI within internet providers.

"It is a very technical document for the most part, and does not really deal with all the implications of DPI. Thankfully, it also does nothing to mandate this kind of equipment in any way," Ericson wrote on a mailing list.

"However, thinking further, I could definitely see how later standards could refer to Y.2770 to mandate a DPI functional entity at some specific point, or, even more likely, that governments could ... hire some large telco to run networks and mandate use of Y.2770 compatible DPI equipment.

"That, I think, is the main danger posed by this document."

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
deep dpi inspection data international telecommunication union itu packet privacy security
In Partnership With

Most Read Articles

Musk's leaked email shows Tesla to make record deliveries

Musk's leaked email shows Tesla to make record deliveries
NAB switches on Apple Pay

NAB switches on Apple Pay
Game and shame: Internet providers called out again on NBN speed claims

Game and shame: Internet providers called out again on NBN speed claims
The techies who ran for office in the 2019 federal election

The techies who ran for office in the 2019 federal election
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

How to drive revenue and increase loyalty through customer experience in retail
How to drive revenue and increase loyalty through customer experience in retail
Stop Parasites on your Network with Sophos
Stop Parasites on your Network with Sophos
Stop your Oracle database slowing down your business
Stop your Oracle database slowing down your business
How Macquarie University has prepared for fire and flood
How Macquarie University has prepared for fire and flood
Guide to Fully-Composable Software-Defined Private Cloud
Guide to Fully-Composable Software-Defined Private Cloud

Events

Log In

Username / Email:
Password:
  |  Forgot your password?