ISPs Will All Spy on Their Customers, Professor Warns - Via Threat Level:

If there's a candidate for the worst future violator of your privacy, look no further than the company you pay for broadband.

So says University of Colorado law professor and former federal prosecutor Paul Ohm, who argues in a new article that ISPs have the means, motive and opportunity to kill your online privacy.

Nothing in society poses as grave a threat to privacy as the Internet Service Provider (ISP). ISPs carry their users’ conversations, secrets, relationships, acts, and omissions. Until the very recent past, they had left most of these alone because they had lacked the tools to spy invasively, but with recent advances in eavesdropping  technology, they can now spy on people in unprecedented ways. Meanwhile, advertisers and copyright owners have been tempting them to put their users’ secrets up for sale, and judging from a recent flurry of reports, ISPs are giving in to the temptation and experimenting with new forms of spying. This is only the leading edge of a coming storm of unprecedented and invasive ISP surveillance.

But is that true?

Ohm argues technological and economic forces virtually guarantee that ISPs will begin finding ways to make money by monitoring, categorizing and even storing everything their users do on their networks.

Those are indisputable facts.

But Ohm's argument comes right as powerful lawmakers have all but forced U.S. ISPs to abandon their dalliance with NebuAd, a Silicon Valley startup that wants to pay ISPs to let eavesdrop on their users in order to serve targeted advertisements.

This week NebuAd's CEO and founder took a new job, while a similar venture in England called Phorm is facing scrutiny as well for its secret tests.

Meanwhile, Comcast is being forced to abandon its throttling of peer-to-peer file sharing traffic after a torrent of bad press and a order (now being contested)  from the Federal Communication Commission telling Comcast to cut it out.

Despite these moves by the feds, Ohm's The Rise and Fall of Invasive ISP Surveillance predicts ISPs will continue to rush to profile customers in order to get at a slice of the online advertising pie, unless the government takes strong steps to ban certain kinds of deep packet inspection.

ISPs, faced with changes in technology, extraordinary pressures to innovate, and murky ethical rules, will continue aggressively to expand network monitoring.  The AT&T, Comcast, Charter, NebuAd and Phorm examples will prove to be not outliers but the first steps in a steady expansion of industry practices.  Unless some force—regulatory or non-regulatory—intervenes, the inevitable result will be ISPs conducting full-packet capture of everything their users do, supposedly with their users’ consent.

ISPs will and do use so-called deep-packet inspection equipment to look at many layers of an internet packet -- maybe including the content -- to make their service better by giving priority to time-sensitive packets or stop internet attacks. even to attempt to stop the sharing of copyrighted material as AT&T has proposed.

From there it is an easy step to finding ways to profile customers.

The solution, according to Ohm: Apply the current wiretapping laws to what ISPs want to do on their networks -- including ways to manage traffic flows -- and add some exceptions designated by a neutral government body like NIST.

That's a fine notion -- using privacy as the way to enforce a largely neutral internet, while still allowing ISP engineers to do their jobs.

Unfortunately, neither Congress nor the courts seem particularly interested in wiretapping laws, except to find ways to expand exceptions for the government. or excuse self-issued ones.

Will Congress as a whole prove itself to feel differently about ISPs spying on Americans, than the nation's spooks?

You can also read more from Ohm over at Concurring Opinions, where he's blogging about the topic and responding in the comment section.

Photo: Paul Ohm/Paulohm.com

See Also:

• Former Prosecutor: ISP Content Filtering Might be a 'Five Year Felony'
• Feds Deny Report Of Widespread Spying
• ISP Web Tracking Dead As Net Eavesdropping CEO Resigns
• Report: NebuAd Forges Packets, Violates Net Standards
• Lawmakers Target Second ISP for Web-Tracking Tech
• Comcast Appealing FCC Throttling Order
• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering

(Read Original Article - Via Threat Level.)