The University of Southampton
University of Southampton Institutional Repository

From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies

From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies
From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies
Recent coverage in the press regarding large-scale passive pervasive network monitoring by various state and government agencies has increased interest in both the legal and technical issues surrounding such operations. The monitoring may take the form of which systems (and thus potentially which people) are communicating with which other systems, commonly referred to as the metadata for a communication, or it may go further and look into the content of the traffic being exchanged over the network. In particular the monitoring may rely upon the implementation of Deep Packet Inspection (DPI) technologies. These technologies are able to make anything that happens on a network visible and recordable. While in practice the sheer volume of traffic passing through a DPI system may make it impractical to record all network data, if the system systematically records certain types of traffic, or looks for specific patterns in all traffic, the privacy concerns are highly significant. The aim of this paper is twofold: first, to show that despite the increasing public awareness in relation to the capabilities of Internet service providers (ISPs), a cross-field and comparative examination shows that DPI technologies are in fact progressively gaining legal legitimacy; second to stress the need to rethink the relationship between data protection law and the right to private life as enshrined in Article 8 of the European Convention on human rights and Article 7 of the European Charter of fundamental rights in order to adequately confine DPI practices. As a result, it will also appear that the principle of technical neutrality underlying ISP’s liability exemptions is misleading.
privacy, private life, data protection, data retention, deep packet inspection, interception, traffic data, metadata, monitoring, Internet service providers (ISPs)
2212-4748
670-686
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Papadaki, Evangelia
bbc1d862-d460-415d-9edd-dbe40927ceea
Chown, Tim
ec204b89-ace4-4cba-94a9-38e7649e9dee
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Papadaki, Evangelia
bbc1d862-d460-415d-9edd-dbe40927ceea
Chown, Tim
ec204b89-ace4-4cba-94a9-38e7649e9dee

Stalla-Bourdillon, Sophie, Papadaki, Evangelia and Chown, Tim (2014) From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies. Computer Law & Security Review, 30 (6), 670-686. (doi:10.1016/j.clsr.2014.09.006).

Record type: Article

Abstract

Recent coverage in the press regarding large-scale passive pervasive network monitoring by various state and government agencies has increased interest in both the legal and technical issues surrounding such operations. The monitoring may take the form of which systems (and thus potentially which people) are communicating with which other systems, commonly referred to as the metadata for a communication, or it may go further and look into the content of the traffic being exchanged over the network. In particular the monitoring may rely upon the implementation of Deep Packet Inspection (DPI) technologies. These technologies are able to make anything that happens on a network visible and recordable. While in practice the sheer volume of traffic passing through a DPI system may make it impractical to record all network data, if the system systematically records certain types of traffic, or looks for specific patterns in all traffic, the privacy concerns are highly significant. The aim of this paper is twofold: first, to show that despite the increasing public awareness in relation to the capabilities of Internet service providers (ISPs), a cross-field and comparative examination shows that DPI technologies are in fact progressively gaining legal legitimacy; second to stress the need to rethink the relationship between data protection law and the right to private life as enshrined in Article 8 of the European Convention on human rights and Article 7 of the European Charter of fundamental rights in order to adequately confine DPI practices. As a result, it will also appear that the principle of technical neutrality underlying ISP’s liability exemptions is misleading.

Text
SSRN-id2528186 - Accepted Manuscript
Download (456kB)

More information

Published date: 19 November 2014
Keywords: privacy, private life, data protection, data retention, deep packet inspection, interception, traffic data, metadata, monitoring, Internet service providers (ISPs)
Organisations: Faculty of Business, Law and Art

Identifiers

Local EPrints ID: 369326
URI: http://eprints.soton.ac.uk/id/eprint/369326
ISSN: 2212-4748
PURE UUID: 6f166d8e-7837-44d5-bc8a-dc2d88557d9c
ORCID for Sophie Stalla-Bourdillon: ORCID iD orcid.org/0000-0003-3715-1219
ORCID for Tim Chown: ORCID iD orcid.org/0000-0002-4726-018X

Catalogue record

Date deposited: 03 Oct 2014 14:24
Last modified: 15 Mar 2024 03:37

Export record

Altmetrics

Contributors

Author: Evangelia Papadaki
Author: Tim Chown ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×