Another Reason For Defending Net Neutrality: NSA Surveillance

from the encryption-works dept

Tue, Jul 22nd 2014 12:43am — Glyn Moody

The net neutrality debate has been underway for many years now, but more recently it has entered the mainstream. The main arguments in favor of preserving net neutrality -- that it creates a level playing field that allows innovation, and prevents deep-pocketed incumbents from using their financial resources to relegate less well-endowed startups to the Internet slow lane -- are familiar enough. But PC World points us to a fascinating paper by Sascha D. Meinrath and Sean Vitka in the journal "Critical Studies in Media Communication" that offers a new and extremely important reason for defending net neutrality: that without it, it will be hard to fight back against blanket surveillance through the wider use of encryption (pdf). Here's the main argument:

One particularly problematic industry practice is the move by ISPs to create tiered or preferential service offerings. Plans to create tiered services have been floated for years -- enabled in part by constant pressure toward less competition in the broadband market. In fact, within mobile broadband services, tiering of various applications (e.g. voice, texting, data) are already normative. But if an ISP can't tell what sort of application is being used, it doesn't know whether to prioritize or deprioritize a specific communications stream -- which is why good encryption breaks one of the fundamental assumptions for this new business model. Since encryption can help circumvent discriminatory practices, the incentive to use it will expand with practices like tiering.

If net neutrality disappears, and tiering becomes more common, users may turn to encryption to thwart traffic analysis by ISPs. That, in its turn, is likely to lead to ISPs putting encrypted traffic in the slow lane by default -- or even trying to ban it altogether. Either would ensure that the majority of users would go back to using communications in the clear, since they would probably be unwilling to pay for their security, which is non-obvious and hard to measure, with the loss of speed -- something that is immediately all-too evident.

You might think that it is unlikely that ISPs would be able to push through changes with such serious implications for their customers' privacy -- not least because the usual worthy digital rights organizations would doubtless fight back fiercely. But as Meinrath and Vilka rightly point out, there could be an unholy alliance between industry and security services that would be hard to defeat:

It is difficult to imagine a politician standing up for privacy and free speech rights when opposition of this position, from both well-moneyed private industry and law enforcement, proclaim that encryption supports 'copyright infringement, child pornography, and terrorism' -- all at once.

That rings horribly true: the copyright industries would doubtless love to get encrypted connections banned, as would the NSA. Bringing together the perfect scaremongering trinity of copyright infringement, child pornography and terrorism could well create a winning combination. The best way to avoid this nightmare scenario is to head it off early. Save net neutrality now, and you save the one thing that we think can help us against surveillance: end-to-end encryption.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, net neutrality, sascha meinrath, sean vitka, surveillance

19 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Uriel-238 (profile), 22 Jul 2014 @ 1:20am

Deliberation theater.
My impression is that the FCC is doing this for show. They want to pretend that they actually care what the people think, but Wheeler and his colleagues are already bought by big telecoms.

They're not going to redefine ISP as a common carrier service. They're not going to keep the net neutral. They're just looking for a statement to make that sounds like they plausibly considered the arguments in favor of net neutrality and then rejected them.

Do I have that right, or is there actual hope?
[ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

Whatever (profile), 22 Jul 2014 @ 1:40am

I think that has become the rim shot line of anything online now... "...and it blocks NSA from spying!". Since we already know that they are more than willing to the extreme ends of the communication chain, it's not really going to change anything. The message is still in the clear on your computer and you are still typing characters on your keyboard...
[ link to this | view in chronology ]
- That One Guy (profile), 22 Jul 2014 @ 2:35am
  
  Re:
  Blocking them entirely is likely futile, especially if they really have an interest in you, yes, however, the idea isn't so much to stop them, but to make it impractical enough that it's more effort than it's worth for them to continue with the 'Gotta grab it all!' style of spying.
  
  Gathering up a bunch of communications, because it's available and they can go browsing through it at their leisure 'just in case'? They've got no real reason not to, as it takes a bare minimum of effort on their part. However, if all of those communications are encrypted, and it takes some real time and resources to break into them, then suddenly they're a lot less tempting.
  
  With more widespread encryption, suddenly grabbing everything doesn't do them much good, as even if they've got it, they've still got to crack the encryption to read it, and as long as proper security measures have been taken on both ends, that's going to take time and effort that could have been spent elsewhere, with no guarantee that what they uncover will be of any use or importance.
  [ link to this | view in chronology ]
  - Ninja (profile), 22 Jul 2014 @ 3:38am
    
    Re: Re:
    That. We don't have Govt cameras in every room because it would be prohibitively expensive (thank God). We should make the online world much like that by adding decentralization and reasonable encryption.
    [ link to this | view in chronology ]
    - Anonymous Coward, 22 Jul 2014 @ 5:01am
      
      Re: Re: Re:
      Not yet anyway ... soon.
      [ link to this | view in chronology ]
    - Geno0wl (profile), 22 Jul 2014 @ 5:47am
      
      Re: Re: Re:
      Actually it is incredibly frickin cheap to put cameras up everywhere now.
      The expensive part is having somebody watch said cameras.
      [ link to this | view in chronology ]
  - Whatever (profile), 22 Jul 2014 @ 7:16am
    
    Re: Re:
    it really depends. The message, no matter what, is decrypted at two points, the sender and the receiver. Naturally, it means they will just push harder to get into the end systems rather than dealing with the middlemen.
    
    Further, since almost every encryption scene has been backdoored in some fashion, it's not entirely clear that encryption is so much a solution as much as a pacifier for the masses at this point.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 22 Jul 2014 @ 10:34am
      
      Re: Re: Re:
      "since almost every encryption scene has been backdoored in some fashion"
      
      This is news to me. Do you have support for this assertion?
      [ link to this | view in chronology ]
  - Anonymous Coward, 22 Jul 2014 @ 8:25am
    
    Re: Re:
    Remember that Whatever is an NSA supporter. He wants it to be easier to spy on people because he's an exhibitionist that way.
    
    Any day now he's going to surrender himself to the NSA because he uses TOR, the naughty terrorist.
    [ link to this | view in chronology ]
- Anonymous Coward, 22 Jul 2014 @ 2:47am
  
  Re:
  Limitations of man power, and computer power, makes encryption an effective remedy against general snooping, even if it is not proof against a deliberate attempt to read a persons communications. When the likes of NSA have to gain access to individual computers to read message traffic, they have to be more targeted as to who they spy on. For most people, encryption does not have to be perfect, just good enough to make listen in on everything require more computer time that NSA can afford.
  [ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 6:33am

This makes little sense technically at least. Placing QoS markers on traffic doesn't depend on the payload. You can mark traffic by destination/source, tcp/udp port, vlan, DOCISS channels, or any number of factors.
While I'm assuming that the writer is talking about everyone purchasing a VPN to surf the internet, I'm highly doubtful that this will ever happen and repercussions of purposefully throttling corporate VPNs would also adversely effect their own operations in most cases.
[ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 7:00am

encryption does not prevent traffic analysis
Traffic Analysis looks at the externals -- the "metadata" if you will -- of a communication. If those externals are encrypted, the communication doesn't happen. Encrypting to keep everyone but the recipient from reading the content is a good idea, but don't claim it prevents Traffic Analysis.
[ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 7:09am

I could see ISPs rate limiting VPNs. Some Netflix customers use VPNs to bypass Verizon's clogged interconnect ports. Using a VPN can change the route their packets take.

I'm sure Verizon and Comcast won't like that at all. They've been working hard to make sure those interconnect ports stay nice and clogged for Netflix.

That way residential ISPs can double dip video streaming competitors and Verizon can entice customers to use their services by not counting data usage rates against their internet plan.

It's insidious! They just scheme this stuff up all day long. Now residential and cellular ISP's are putting their slow lane plan into motion.

The only thing standing in their way is Tom Wheeler, former lobbyist.
[ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 7:54am

Back during the SOPA debate when people brusquely dismissed the implications by stating that VPN's and encryption were an easy workaround- I warned you that retail level encryption would soon be under attack. I can easily see the scenario playing out within the current net neutrality debate.

The author is absolutely right, in a tiered system the ISP's will not tolerate encryption hindering their ability to manage their tiers. I'd expect that users would have to be "licensed" by ISP's to use encryption. And I'd expect the criteria used would require one to demonstrate a legitimate need- and concerns about the NSA wouldn't be one of them.

Finally, invoking the Unholy Trinity of infringement, kiddie porn and terrorism will absolutely win the day. I can't think of a single elected official who could withstand the withering barrage of criticism that would come from opposing this. Any privacy concerns will be "addressed" through promises of better oversight and/or legislation, thus boxing out any real criticism. If they're smart, copyright interests won't be on front street, even though they'd be the biggest beneficiaries. They'd be better served funding the other two prongs of the spear.

It will be interesting to see how it develops.
[ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 11:53am

Never happen. Banning encryption would require banning all https links, which would mean totally insecure logins. Also far too many large corporations that otherwise could give a fuck less about net neutrality use VPNs to secure their data. Together these companies are far larger than the ISPs. The ISPs would find themselves destroyed in a heartbeat if they tried to ban all encryption.

Secondly, the ISPs don't care about the type of traffic, they care about the source and destination of traffic. They want to make sure internet companies have paid their protection money. They don't care what the type of traffic is to and from these companies.
[ link to this | view in chronology ]
- Anonymous Coward, 22 Jul 2014 @ 2:42pm
  
  Re:
  Not banning; licensing and regulating encryption. Retail level encryption will pretty much disappear.
  [ link to this | view in chronology ]
  - Mike Masnick (profile), 23 Jul 2014 @ 5:54am
    
    Re: Re:
    Not banning; licensing and regulating encryption. Retail level encryption will pretty much disappear.
    
    Yes, you've been claiming this for a while. As we explained to you last time:
    
    lbh unir ab vqrn jung lbh'er gnyxvat nobhg vs lbh guvax vg'f rira erzbgryl cbffvoyr gb "yvprafr" rapelcgvba, orpnhfr gurer ner na vasvavgr ahzore bs rapelcgvba fpurzrf, naq lbh ernpu n cbvag jurer vg'f vzcbffvoyr gb gryy jung'f rapelcgvba gung arrqf gb or "yvprafrq" be whfg fbzrbar fcrnxvat va tvoorevfu.
    
    Orfvqrf, gur irel onfvf bs arneyl nyy vagrearg pbzzrepr -- vapyhqvat gung hfrq ol raq hfref, vf rapelcgvba. Yvprafvat vg jbhyq qrfgebl rpbzzrepr naq vs lbh gubhtug gur fbcn svtug jnf ovt, lbh unira'g frra nalguvat.
    [ link to this | view in chronology ]
Anonymous Coward, 22 Jul 2014 @ 1:56pm

"That rings horribly true: the copyright industries would doubtless love to get encrypted connections banned, as would the NSA. "
The copyright-dependent industries have spent the past 30 years PUSHING for encrypted connections (DRM). They just want to be the ones to control the encryption.

Interestingly, as US copyright and the DMCA apply to ALL works (including this message), attempting to circumvent my https connection used to post this to this website would be illegal in the US. This means any deep packet inspection attempts on https traffic would be criminal offenses (to which the NSA may or may not be excluded, depending on the instance).

While the arguments sound reasonable, if the government actually swallowed them, the fighting between factions would start pretty quickly, and everyone would discover they were getting a worse deal than net neutrality would provide. Hopefully some of the interested parties are reading this and think it through some more.
[ link to this | view in chronology ]
Justin, 23 Jul 2014 @ 2:23am

I'm getting sick and tired of hearing government say they must do this, or that; to protect me!! Keep your nose out of my business and I will protect myself!!! How about that???? Do you want your favorite TV shows to be slowed down unless you pay more to your cable company? http://goo.gl/wDcRLt
[ link to this | view in chronology ]