Virgin Media Using Deep Packet Inspection To Spy On Your Internet Usage For Hollywood

from the how-nice dept

Last year, there were early reports that ISP Virgin Media in the UK would become a copyright cop for the entertainment industry and start kicking file sharers offline if they were accused of infringement. While Virgin later denied this, the company did send letters threatening to kick users offline anyway. And, now, reports are coming out that Virgin Media is starting to use controversial deep packet inspection technology to spy on users to see if they're sharing any copyrighted works. As the article notes: "It's the equivalent of the Royal Mail opening every parcel to see if there's a CD inside, and making a note if there isn't a receipt in there too."

While this is just a test, and the information is being aggregated in a supposedly anonymous way just to judge the extent of the problem, there are a bunch of issues with such claims. First, there is no such thing as an anonomyzed dataset. Second, there are some pretty serious privacy questions raised by this. In the US, the use of Deep Packet Inspection for looking at what users do has been frowned upon, but in the UK it's been deemed not so bad by the legal system (however, the wider EU doesn't agree with the UK on this position). No matter how you look at it, it does seem quite extreme for your ISP to carefully look at everything you do online. In the end, of course, this will only serve to drive up the demand for encryption technology.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: copyright, deep packet inspection, infringement, privacy, uk
Companies: virgin media


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    The eejit (profile), 1 Dec 2009 @ 1:53am

    Currently, deep-packet inspection is illegal in the UK under the Computer Misuse Act of 1990 (amendment 2006). Not even the police can sue it with a court order.

    I fail to see how a non-enforcement agency can possibly be on the side of legality on this.

    link to this | view in thread ]

  2. identicon
    cc, 1 Dec 2009 @ 2:14am

    I remember reading about Detica CView, the software they are using for this.

    It really is just to measure the amount of "piracy" that takes place, as it apparently offers no way to pin anything on any particular user.

    Detica said that they have no plans to ever change the software to spy on individual users.

    What will the data tell the ISP though? If 50% of their traffic comes from piracy then 50% of their money comes from piracy. Would they just agree to cut it off?? I don't see how ISPs can benefit from all this, or that it even makes business sense to keep offering internet services in the long run.

    Basically.. dear Mandy stay away from my family.

    link to this | view in thread ]

  3. icon
    PaulT (profile), 1 Dec 2009 @ 2:31am

    Beyond the privacy issues, my main objection to this kind of thing is how they tell whether or not the content is infringing, and what they do with that information. Both are extremely flawed and ripe for abuse and false positives.

    Let's say I'm downloading a movie file named "House On Haunted Hill.avi". Is this a copy of a feature film, a mislabelled file or a home video that happen to have the same title. If it's the former, is it the public domain 1950s original, or the remake that's still under copyright? How can they accurately tell?

    I have serious doubts that the correct information will be gathered every time. Combined with the proposed 3 strikes laws and the fact that this would open the floodgates for ISPs being liable for every piece of traffic (along with the pressure for them to censor said traffic), this is a dangerous path indeed, that will leave many people wrongfully penalised.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 1 Dec 2009 @ 5:08am

    Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue.

    You sort of have to get over the concept that your internet data is some how private. It passes through many different hands on the way to you, and any one of those stops could duplicate or inspect your data without notice. Using the internet is a bit like shouting across a crowded room, don't be surprised when more than a few people know what you are talking about.

    link to this | view in thread ]

  5. identicon
    abra kadabra, 1 Dec 2009 @ 5:14am

    It's frikin Magic

    Assuming that DPI can tell the difference between a movie and a text file, how do they know what is infringing ? Or do they just assume that everything is infringing ... that text file could be infringement of a book.

    link to this | view in thread ]

  6. identicon
    justasking, 1 Dec 2009 @ 5:15am

    Re:

    Did you possibly miss the point ?

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 1 Dec 2009 @ 5:29am

    Can I wrap my connection around something with DRM? As it is illegal to crack DRM.
    As it is I mask my IP to make it appear like it coming from the white house.

    link to this | view in thread ]

  8. identicon
    Amoron N. Ahurry, 1 Dec 2009 @ 5:41am

    Re:

    "Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue."

    Interestingly, the only people who think like this are RIAA puppets or morons.

    I'm just curious, which are you?

    link to this | view in thread ]

  9. identicon
    McBeese, 1 Dec 2009 @ 6:24am

    "In the end, of course, this will only serve to drive up the demand for encryption technology."

    Exactly.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 1 Dec 2009 @ 7:00am

    Re: Re:

    When did you stop hitting your wife?

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 1 Dec 2009 @ 7:43am

    Re: Re: Re:

    right after she made me a dammed sammich

    link to this | view in thread ]

  12. icon
    Hephaestus (profile), 1 Dec 2009 @ 7:44am

    Re:

    If you look at Sweden after the new copyright laws were put in place, you will see an increase in the use of VPN's Proxie servers and encryption. Basically what Virgin is doing will cause this to occur before the laws in the UK are changed. The use of FreeNet and I2P will increase, Linux use will increase, apps like Xine and Mplayer will be used to view DVD,s.

    I really see this as a good thing, it means more people concerned about privacy, more use of encryption, and less ability to track people doing file sharing.

    In the end it will make the internet and communications more robust, more private, and less likely to be abused by government and private companies.

    link to this | view in thread ]

  13. icon
    Mike Masnick (profile), 1 Dec 2009 @ 8:07am

    Re:

    Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue.

    And that's why you will allow us to scan everything you do on your computer, right? Otherwise, what are you hiding?

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 1 Dec 2009 @ 9:21am

    Re:

    "Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue."

    Ah the old, 'The doors to your home are locked, what are you hiding' mentality.

    link to this | view in thread ]

  15. icon
    Daemon_ZOGG (profile), 1 Dec 2009 @ 9:47am

    ENCRYPTION, ENCRYPTION, ENCRYPTION... ;)

    link to this | view in thread ]

  16. icon
    Andy (profile), 1 Dec 2009 @ 9:57am

    Re: Re:

    I came to read the comments just to see how many of my deluded and naively trusting countrymen would chime up with just this moronic classic.

    This is the same distorted thinking I have been hearing for years and which has led to the ubiquitous CCTV cameras, the police holding the DNA of innocent people, demands for ever more intrusive surveillance under the false pretense of being in the pursuit of terrorists and criminals.

    I despair at the utter complacency displayed in Britain today by those who would allow government and law enforcement to do precisely whatever it pleases in the foolish belief that these organizations only have citizens' best interests at heart. This is the country that tolerates the holding of public office by such characters as Peter Mandelson.

    link to this | view in thread ]

  17. icon
    harbingerofdoom (profile), 1 Dec 2009 @ 12:37pm

    Re:

    wow. you are
    A) a shill
    B) an idiot
    C) someone with absolutely no idea of what the concept of privacy is
    D) all of the above.

    ima go with D


    me posting my thoughts here calling you moronic short sighted and just plain uninformed would be like shouting across a crowded room. i know people are able to see what i post well ahead of time just like if i shout in a room i would be dumb to think that no one would hear me.

    no, this is more akin to having a private conversation in my apartment about stuff that is none of your business and you are sitting there with surveillance mics snooping on everything i say until you find something you know my landlord doesnt like then reporting that information to him so he will kick me out.

    i am not the one that needs to get used to anything... you are the one that needs to get used to the fact that my data is MINE... not anyone elses and yes... its just as private as my mail unless i choose to make it not private

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 1 Dec 2009 @ 12:38pm

    i feel sorry for england, another step to 1984

    link to this | view in thread ]

  19. icon
    The Groove Tiger (profile), 1 Dec 2009 @ 1:45pm

    Re:

    If you have nothing to hide, you have everything to fear.

    link to this | view in thread ]

  20. icon
    Richard (profile), 1 Dec 2009 @ 2:32pm

    Re:


    Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue.


    Reminds me of something....

    "First they came for the communists, and I did not speak out—because I was not a communist;
    Then they came for the trade unionists, and I did not speak out—because I was not a trade unionist;
    Then they came for the Jews, and I did not speak out—because I was not a Jew;
    Then they came for me—and there was no one left to speak out for me."
    Pastor Martin Niemöller

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 1 Dec 2009 @ 3:00pm

    Deep packet information wants to be free.

    link to this | view in thread ]

  22. icon
    Richard (profile), 1 Dec 2009 @ 3:08pm

    Re: encryptionj

    link to this | view in thread ]

  23. icon
    Richard (profile), 1 Dec 2009 @ 3:14pm

    Re: Re: encryption

    Whoops - finger trouble.
    What I meant to say was..

    The level of encryption required to defeat this technology is trivial.

    Since it has to compare against a vast database of copyrighted works it cannot really afford to do anything fancy to the input data.

    link to this | view in thread ]

  24. identicon
    Fin, 1 Dec 2009 @ 4:08pm

    Sure, encryption. But it's a slippery slope. All they need to do is order their puppets in gov to give them a law that forbids VPN services. Make it a terrorist tool or something. It sounds unthinkable, I know. Just like the camera watching you on the street, your DNA in a database, your ID card and your 10 minutes of hate.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 1 Dec 2009 @ 4:12pm

    Re:

    Currently, deep-packet inspection is illegal in the UK under the Computer Misuse Act of 1990 (amendment 2006). Not even the police can sue it with a court order.

    I fail to see how a non-enforcement agency can possibly be on the side of legality on this.


    UK Says Phorm Clickstream Tracking Is Okay...

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 1 Dec 2009 @ 4:29pm

    Re:

    Interestingly, the only people who really need to be concerned are those who are transmitting or receiving illegal content. Otherwise, it's a non-issue.

    Heh, posting anonymously against privacy. How hypocritical can one get?

    If someone in the "nothing to hide" crowd wants to be staken seriously, I think they should post with their real name and home address. Then they should unlock their home and leave a sign in the front window inviting everyone to come on in and take a look around at any time. After all, they have nothing to hide, right?

    But they're not going to do that. You know why? Because it's other people's privacy that they think has no value, not their own.

    link to this | view in thread ]

  27. icon
    The eejit (profile), 2 Dec 2009 @ 11:37am

    Oh look!

    We have someone using privacy to defend against the LOSS of privacy. What would you say if you became the victim of DPI-based infringment suits? I'd bet most of my money that you'd be pretty pissed off.

    Maybe we're catching up to you Yanks on crazy laws over here in Blighty. Also, our Business Secretary needs some sense beaten into/money beaten out of him until he understands that this will make him MORE likely to be caught out when doing unethical things.

    Or maybe he's just Mickey Mouse in disguise. :)

    link to this | view in thread ]

  28. icon
    bugmenot (profile), 8 Dec 2009 @ 11:57am

    http://torrentfreak.com/record-labels-face-60-billion-damages-for-pirating-artists-091207/
    Dec
    07
    Record Labels Face $6 Billion Damages for Pirating ArtistsWhile the major record labels were dragging file-sharers and BitTorrent sites to court for copyright infringement, they were themselves being sued by a conglomerate of artists for exactly the same offenses. Warner, Sony BMG, EMI and Universal face up to $6 billion in damages for pirating a massive 300,000 tracks.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 9 Dec 2009 @ 2:23pm

    "Nicholas Bohm | December 8th, 2009 at 15:31 UTC
    Does using CView involve interception under RIPA?

    Yes. The question of whether a human needs to see something before it counts as interception is answered in my paper on Phorm at http://www.fipr.org/080423phormlegal.pdf in paragraphs 14 to 17. No human access is necessary - machine examination of content is still interception, and unlawful unless justified.

    It remains to be seen whether a convincing case can be made for an ISP’s need to know how much of its traffic infringes copyright - is this really required for purposes connected with the provision or operation of its service?
    "

    link to this | view in thread ]

  30. identicon
    Daniel McDicken, 19 Feb 2010 @ 2:36pm

    NoDPI

    Detica's Claim

    The Detica CView™ tool meets stringent consumer security design principles to protect privacy and is powered by a fully automated, closed system which does not identify individuals or store their data.

    Which stringent security design would that be?

    Where can we the consumer download and examine the source code?

    If this technology does not identify individuals or store their Data, then how does it identify potential file sharing? I am given to understand that this may be any encrypted SOCKS stream. So people like myself using Tor for the enhancement of their on-line privacy are getting screwed and labeled as illegal file sharers then by an automated system that they freely admit they have no control over.

    link to this | view in thread ]

  31. identicon
    Ian, 8 Jun 2016 @ 5:30am

    Re: police using DPI

    It is now 2016 aand I want to know the legal position on a police force using DPI.

    Also what if the pilce force was also an ISP that had 65,000 plus IP numbers under its control. Would this allow the Police to access DPI info as ISP and then use it in the course of Police work

    I know this may sound 'odd', it is something I am working on right now.

    Thanks

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.