ISPs and full packet inspection

Jason Hellenthal jhellenthal at dataix.net
Fri May 25 02:03:33 UTC 2012



On Thu, May 24, 2012 at 08:37:52PM -0500, Jimmy Hess wrote:
> On 5/24/12, not common <notcommonmistakes at gmail.com> wrote:
> [snip
> > I am looking for some guidance on full packet inspection at the ISP level.
> Aside from any legal issue;  there is a  "respectable practices"
> issue. Even if there is no regulation that prohibits something does
> not mean it is OK.  Your customers' deserve to be made aware of any
> full packet capture practices that may impact traffic to/from network
> they own/manage,  before packet capture occurs,  especially when there
> is data retention, or human examination/analysis based on contents of
> large numbers of packets;  otherwise there is a risk you will be in
> trouble, for some definition of "in trouble" that depends on the
> circumstances.
> 
> Because your packet interception can put your user at risk;
> proprietary information can be disclosed.    And most ISP customers
> intend to purchase network connectivity service,  not   "record all my
> traffic without telling me"  service ..

If you need a call center to handle this just let me know... :) since
your call volume is going to spike through the roof.

> 
> 
> 
> Are you prepared to explicitly explain to your customers,  both
> existing, and new ones,
> before they are allowed to buy or continue service from you --   under
> what circumstances
> you intercept full packets, whose packets do you capture,  what
> packets do you capture, how many packets / how long will you capture
> their packets,   what do you do with their contents after you capture
> them,  how long do you keep  data,  what security controls do you have
> in place  to prevent unauthorized   access to their packets  and
> ensure timely destruction of sensitive data?
> 
> 
> If the answer is NO,   that you   have poor planning,  or your privacy
> practices are not solid enough to reveal to your customers  with
> confidence,  then  save the money on consulting lawyers,  by choosing
> NOT   to   implement   interception and capture of  full packets.
> 
> 
> > Is there any regulations that prohibit or provide guidance on this?
> -- 
> -JH

-- 

 - (2^(N-1))




More information about the NANOG mailing list