Deep Packet Inspection

The Office of the Privacy Commissioner of Canada has a splendid project available online on the practice of deep packet inspection, or DPI (not to be confused with “dots per inch”). Essentially, DPI involves the examination of a message sent over the internet at the deepest level, a level ordinarily assumed to be private, and is usually done by governments concerned about security or law-breaking or by internet service providers seeking to extract (or introduce) marketable information. DPI is the basis upon which, for example, service providers might “throttle” some flows in favour of others that are, typically, more lucrative.

The core of the the OPC’s project is a collection of fourteen essays, commissioned from industry experts, explaining and analysing DPI in terms that, for the most part, you and I can understand. Interested readers might also take a look at the recent piece on Ars Technica.

The implications of DPI transcend “throttling,” although net neutrality is very important, just as the implications of the post office’s reading your mail would be larger than whether or not you got slower delivery for some items than for others. What these implications might be specifically for the legal profession are not yet clear — apart, of course, from the money to be made by some defending the practices of their corporate clients. It would seem that unless DPI is brought under clear and trustworthy regulation, there is likely to be a general increase in the use of encryption — by everyone, including lawyers seeking to protect confidentiality — though whether this would be useful to protect all information vulnerable to DPI, I can’t yet say: I have to finish reading the OPC essays.

Comments are closed.