THE INTERNATIONAL TELECOMMUNICATIONS UNION (ITU) has approved a deep packet inspection standard that if implemented could severely impact internet users' privacy.
The ITU, which are mostly telecom operators, is meeting behind closed doors in Dubai in what has been billed as a conference to claim control of the internet. That the first act by the ITU members at this meeting was to approve the Y.2770 standard entitled "Requirements for deep packet inspection in next generation networks" should send a shiver through every internet user who is concerned about their privacy.
Although the ITU's new standard has yet to be implemented, the make-up of the ITU suggests that many major telecom operators, including some backed by governments, support the idea of snooping on their customers. Because the ITU is meeting behind closed doors, to the dismay of a number of firms including Google and Mozilla and even the European Union, there is very little information available about how the members voted and whether there were any objections.
Deep packet inspection is the practice of looking into each packet's payload rather than just the header. It is standard procedure to route packets based on their headers, after all it is the part of the packet that contains information on the packet's intended destination, but by inspecting the contents of each packet ISPs, governments and anyone else can look at sensitive data. While users can mitigate risks by encrypting data, given enough resources encryption can be foiled.
The ITU's website was down at press time, ironically for an organisation that is trying to win control of the internet. However civil rights group the Center for Democracy and Technology has posted deep concerns regarding the standard, saying it "could give governments and companies the ability to sift through all of an Internet user's traffic - including emails, banking transactions, and voice calls - without adequate privacy safeguards". µ