From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies
From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies
Recent coverage in the press regarding large-scale passive pervasive network monitoring by various state and government agencies has increased interest in both the legal and technical issues surrounding such operations. The monitoring may take the form of which systems (and thus potentially which people) are communicating with which other systems, commonly referred to as the metadata for a communication, or it may go further and look into the content of the traffic being exchanged over the network. In particular the monitoring may rely upon the implementation of Deep Packet Inspection (DPI) technologies. These technologies are able to make anything that happens on a network visible and recordable. While in practice the sheer volume of traffic passing through a DPI system may make it impractical to record all network data, if the system systematically records certain types of traffic, or looks for specific patterns in all traffic, the privacy concerns are highly significant. The aim of this paper is twofold: first, to show that despite the increasing public awareness in relation to the capabilities of Internet service providers (ISPs), a cross-field and comparative examination shows that DPI technologies are in fact progressively gaining legal legitimacy; second to stress the need to rethink the relationship between data protection law and the right to private life as enshrined in Article 8 of the European Convention on human rights and Article 7 of the European Charter of fundamental rights in order to adequately confine DPI practices. As a result, it will also appear that the principle of technical neutrality underlying ISP’s liability exemptions is misleading.
privacy, private life, data protection, data retention, deep packet inspection, interception, traffic data, metadata, monitoring, Internet service providers (ISPs)
670-686
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Papadaki, Evangelia
bbc1d862-d460-415d-9edd-dbe40927ceea
Chown, Tim
ec204b89-ace4-4cba-94a9-38e7649e9dee
19 November 2014
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Papadaki, Evangelia
bbc1d862-d460-415d-9edd-dbe40927ceea
Chown, Tim
ec204b89-ace4-4cba-94a9-38e7649e9dee
Stalla-Bourdillon, Sophie, Papadaki, Evangelia and Chown, Tim
(2014)
From porn to cybersecurity passing by copyright: how mass surveillance technologies are gaining legitimacy… the case of Deep Packet inspection technologies.
Computer Law & Security Review, 30 (6), .
(doi:10.1016/j.clsr.2014.09.006).
Abstract
Recent coverage in the press regarding large-scale passive pervasive network monitoring by various state and government agencies has increased interest in both the legal and technical issues surrounding such operations. The monitoring may take the form of which systems (and thus potentially which people) are communicating with which other systems, commonly referred to as the metadata for a communication, or it may go further and look into the content of the traffic being exchanged over the network. In particular the monitoring may rely upon the implementation of Deep Packet Inspection (DPI) technologies. These technologies are able to make anything that happens on a network visible and recordable. While in practice the sheer volume of traffic passing through a DPI system may make it impractical to record all network data, if the system systematically records certain types of traffic, or looks for specific patterns in all traffic, the privacy concerns are highly significant. The aim of this paper is twofold: first, to show that despite the increasing public awareness in relation to the capabilities of Internet service providers (ISPs), a cross-field and comparative examination shows that DPI technologies are in fact progressively gaining legal legitimacy; second to stress the need to rethink the relationship between data protection law and the right to private life as enshrined in Article 8 of the European Convention on human rights and Article 7 of the European Charter of fundamental rights in order to adequately confine DPI practices. As a result, it will also appear that the principle of technical neutrality underlying ISP’s liability exemptions is misleading.
Text
SSRN-id2528186
- Accepted Manuscript
More information
Published date: 19 November 2014
Keywords:
privacy, private life, data protection, data retention, deep packet inspection, interception, traffic data, metadata, monitoring, Internet service providers (ISPs)
Organisations:
Faculty of Business, Law and Art
Identifiers
Local EPrints ID: 369326
URI: http://eprints.soton.ac.uk/id/eprint/369326
ISSN: 2212-4748
PURE UUID: 6f166d8e-7837-44d5-bc8a-dc2d88557d9c
Catalogue record
Date deposited: 03 Oct 2014 14:24
Last modified: 15 Mar 2024 03:37
Export record
Altmetrics
Contributors
Author:
Evangelia Papadaki
Author:
Tim Chown
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics