ISPs and full packet inspection
mysidia at gmail.com
Fri May 25 01:37:52 UTC 2012
On 5/24/12, not common <notcommonmistakes at gmail.com> wrote:
> I am looking for some guidance on full packet inspection at the ISP level.
Aside from any legal issue; there is a "respectable practices"
issue. Even if there is no regulation that prohibits something does
not mean it is OK. Your customers' deserve to be made aware of any
full packet capture practices that may impact traffic to/from network
they own/manage, before packet capture occurs, especially when there
is data retention, or human examination/analysis based on contents of
large numbers of packets; otherwise there is a risk you will be in
trouble, for some definition of "in trouble" that depends on the
Because your packet interception can put your user at risk;
proprietary information can be disclosed. And most ISP customers
intend to purchase network connectivity service, not "record all my
traffic without telling me" service ..
Are you prepared to explicitly explain to your customers, both
existing, and new ones,
before they are allowed to buy or continue service from you -- under
you intercept full packets, whose packets do you capture, what
packets do you capture, how many packets / how long will you capture
their packets, what do you do with their contents after you capture
them, how long do you keep data, what security controls do you have
in place to prevent unauthorized access to their packets and
ensure timely destruction of sensitive data?
If the answer is NO, that you have poor planning, or your privacy
practices are not solid enough to reveal to your customers with
confidence, then save the money on consulting lawyers, by choosing
NOT to implement interception and capture of full packets.
> Is there any regulations that prohibit or provide guidance on this?
More information about the NANOG