packet inspection and privacy

• Previous message (by thread): packet inspection and privacy
• Next message (by thread): packet inspection and privacy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 09:31 6/24/02 -0700, you wrote:

>I recently claimed that, in the USA, there is a law that prohibits an
>ISP from inspecting packets in a telecommunications network for
>anything other than traffic statistics or debugging.
>
>Was I correct?

I would imagine privacy laws prohibit disclosure of this type of 
information in some places like Europe, but privacy protection is nil in 
the US. How else could all this spy-ware be legal to jam down people's throats?



>I'ld also like to get opinions on privacy policies for network
>operators.

We operate much like the FCC rules on radio eavesdropping. If we hear/see 
something, we do not tell anyone else about it, nor ever use it for 
financial gain. (One of my major gripes about spyware)

>It has been suggested that we should adopt a policy that
>says that we'll notify customers if:
>1) we inspect traffic,

If youre a good network operator, you will always have occasions to do this 
for performance and security issues that only you can determine the 
validity of. No need to scare the customer. The customer deserves their 
privacy to the extent you can facilitate it. By taking their money, they 
should expect their email and web viewing habits will remain private. You 
might include a line in your TOS that you might inspect traffic for 
operational purposes, but anything seen will remain confidential and never 
used for financial gain. (I'm not a lawyer, so I highly suggest you consult 
one on this aspect).

>2) we're aware that an upstream is inspecting traffic

Thats a touchy subject, while we expect our feeds will always be doing 
similar maintenance/security testing, blowing them in and causing customer 
angst might get you sued or disconnected.

>3) we're required to inspect traffic (by anyone).

Since the police-state/anti-privacy measures rammed down our throats post 
9.11 they might haul you off to the gulag for doing this. Or worse, declare 
you an "enemy of the state", strip your citizenship and lock you away forever.


>Point 3) is just about the same as 1), but it does imply
>a slightly different motivation behind the inspection.

I know informing a suspect of a phone tap, in the telecom business will get 
you hard time. SO again, check with your law people...a lot's changed since 
9.11 and the police state is doing things that havent been ruled legal or 
illegal by the USSC. So beware and get competent legal council before 
implementing anything.

These are offered only as opinions...

• Previous message (by thread): packet inspection and privacy
• Next message (by thread): packet inspection and privacy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]