interweb freedom

(formerly Stop Usage Based Billing)

Posts Tagged ‘DPI’

Anti-Counterfeiting Trade Agreement (ACTA) Highlights

Posted by Laurel L. Russwurm on February 8, 2011

ACTA logo

by Sharon Polsky
President and CEO — AM¡NAcorp.ca
National Chair — CAPAPA

ACTA is an international agreement hammered out by a handful of countries (led by the US, including Canada) that requires signatories to create civil and criminal law to give force and effect to ACTA.

ACTA is intended as a global standard to ‘protect’ against intellectual property and counterfeit products, containing very specific discussion about digital information.

The negotiating parties did NOT include:

  • India,
  • Brazil,
  • China,
  • Russia
  • or any countries known as the greatest sources of counterfeit goods.

Nor did it include any:

  • consumer rights groups,
  • human rights groups, or the
  • Information and Privacy Commissioner of Canada.

The intent to negotiate a deal was announced in late 2007. Because there’s an economic impact component to it, the US declared the draft ACTA text to be confidential as a matter of national security. A draft was circulated amongst rights-holder lobbyists (generally from the recording and motion picture industries). After three years of negotiations, the text was leaked in April of 2010. The Government of Canada released a copy of the draft in October 2010. The final text was issued in November 2010.

An unprecedented degree of secrecy for a set of copyright protection rules.

Once ACTA is approved, its member countries are expected to put pressure on their trading partners to have them join the treaty — of course, after ACTA is finalized.

The final text includes a provision for amending the agreement, and that’s viewed as a back door to get acceptance of the three strikes provision that was rejected during negotiations.

Three strikes law describes the penalty: after three allegations of inappropriate Internet use, service will be suspended for 12 months.

heavily stacked in favor of “rightsholders” at the expense of consumer human rights

Under ACTA, prosecution, remedies and penalties are acted upon based on allegations advanced by the rights holder, and all can be decided by judicial or ‘administrative’ authorities. ACTA sets out the items that can be included in calculating restitution. For instance, an alleged infringer can be ordered to reimburse the rights holder for the retail price and “lost profits” (as calculated by the rights holder), legal and court costs, etc etc. Allegedly counterfeit products must be destroyed, at the expense of the alleged infringer. If it’s ultimately found that there was no infringement, the alleged infringer can ask for damages, but no process or formula is articulated.

ACTA puts individuals in jeopardy since border officials will be compelled to carry out the injunctions obtained in other countries, even if the activity is legal in the border official’s country. Thus, ACTA empowers officials to seize medicines that are off patent in the country of production and in the countries where they are being exported to, if a company holds a patent to that medicine in any member country.

Similarly, ACTA’s border enforcement provisions empower member countries to seize and destroy exports while in transit to other countries. ACTA provides that “parties MAY exclude small quantities of goods of a non-commercial nature contained in travelers’ personal luggage”, so it still leaves it to countries to seize and inspect personal devices to determine if and how much pirated material is there; and the individual will have to bear the cost of inspection, storage, and destruction. So anyone who rips music from the CD they bought and transfers that ripped music onto their iPhone or Blackberry, and then tries to carry it through the border might not get very far. Imagine what it could do at airport screening lineups!

ACTA offers many privacy-invasive provisions, including requiring the release of information necessary to identify an alleged infringer, and any party who might be associated with that alleged infringer.

ACTA puts third parties (i.e., distributors, NGOs, public health authorities) at risk of injunctions, provisional measures, and even criminal penalties, including imprisonment and severe economic losses. This could implicate, for example, suppliers of active pharmaceutical ingredients used for producing generic medicines; distributors and retailers who stock generic medicines; NGOs who provide treatment; funders who support health programs; and drug regulatory authorities who examine medicines. The potential repercussions are expected to serve as a deterrent to being involved — directly or indirectly — in the research, production, sale and distribution of affordable generic medicines. Ascertaining the third party involvement will require inspecting digital records; and ACTA compels disclosure and international sharing of that information.

Deep Packet Inspection

Deep packet inspection of online activity will be used to identify alleged infringements. ISPs will be required to shut down alleged infringers’ Internet connections, and publicize the identity of the alleged offender amongst other ISPs.

DPI is also expected to cause ‘collateral damage’ when blameless sites at the same IP address get shut down along with the accused. DPI was approved for use by ISPs and telcos when, in August 2009, Canada’s Privacy Commissioner ruled on the Bell/Sympatico case (Case Summary #2009-010). The only limit was a recommendation Bell Canada inform customers about Deep Packet Inspection.

The Commissioner did note that “It is relatively easy to paint a picture of a network where DPI, unchecked, could be used to monitor the activities of its users.”

In January 2010, President Nicolas Sarkozy gave a speech to members of the French music and publishing industries and said that “authorities should experiment with filtering in order to automatically remove all forms of piracy from the Internet.”

France

government approved SPYware text and magnifying glass

Liberté, égalité, fraternité?

France recently passed its HADOPI “three strikes” law that targets alleged illegal Internet file-swappers. There is no no presumption of innocence in HADOPI. After a rights holder advances an allegation of infringement and gets administrative approval, the alleged infringer receives two warnings, and then gets cut off the Internet.

And there is no judicial recourse.

Under the terms of HADOPI, Internet access is only restored after the “offender” allows spyware to be installed on his/her computer, monitoring every single thing that happens on said computer, and that could also reach to the entire network (personal or corporate) that the computer is attached to.

HADOPI has been sending out notices. Initially, it sent out about 10,000 per day, with plans to ramp up to 50,000 per day. ISPs must hand over information to the government about those accused within eight days. If they don’t, hey could get fined 1,500 euros per day per IP address.

USA

A few weeks after Thanksgiving weekend in November 2010, the US Homeland Security’s Immigration and Customs Enforcement (ICE) department seized and shut down 82 domain names during “Operation In Our Sites II” without prior notice. Not all of these domains contained counterfeit products.

The web sites included a search engine and some well-known music blogs.The released partial affidavit and seizure warrant show that that the decision to seize the domains was almost exclusively dependent on what the Motion Picture Association of America said were the facts, and the MPAA’s numbers about the economic importance of the movie industry and MPAA testimony about how piracy hurts its income.

The MPAA and the Recording Industry Association of America were two of the 42 individuals and groups in the US that were given access to the draft text early on.

Canada and the International Sacrifice of Personal Privacy

Canada’s Anti Terrorism Act and the Proceeds of Crime (Money Laundering) and Terrorist Financing Act in conjunction with other legislation allows governments to trade and swap Canadians’ information with around the world without our knowledge.

The PATRIOT Act does the same in the US. The UK Home Office recently resurrected the so-called ‘Super Snooper Bill’ that will allow the police and security services to track the British public’s email, text, Internet and mobile phone details. And the “Server in the Sky” global biometric database will tie it all together.

Vertical Canadian Flag

Canada’s Bill C‑52 — referred to as the “Investigating and Preventing Criminal Electronic Communications Act” — is intended “to ensure that telecommunications service providers have the capability to enable national security and law enforcement agencies to exercise their authority to intercept communications and to require telecommunications service providers to provide subscriber and other information” upon request.

No warrant necessary in Canada.

C-52 also requires the telcos and ISPs to provide the transmissions in an unencrypted form and to “comply with any prescribed confidentiality or security measures“. A gag order, in other words.

And the information to be provided is quite specific and broad: It is “any information in the service provider’s possession or control respecting the name, address, telephone number and electronic mail address of any subscriber to any of the service provider’s telecommunications services and the Internet protocol address,
mobile identification number, electronic serial number, local service provider identifier, international mobile equipment identity number, international mobile subscriber identity number and subscriber identity module card number that are associated with the subscriber’s service and equipment”.

C52 compels ISPs to spy on their customers

Under C-52, Telcos are required to have and bear the cost of the equipment necessary to comply; and the equipment can be specified by the government or enforcement agencies.

Between ACTA and other international agreements and multilateral treaties to share information it’s easy enough to circumvent the provisions of Section 8 of Canada’s Charter of Rights and Freedoms by having an agency outside of Canada do the work, and then share the results back into Canada. Canada and the US have been known to do that on occasion, typically to protect ‘national security’ or guard again ‘terrorism’.

ACTA is based on allegations and assurances of the rights holder.



Guest blogger Sharon Polsky is the President & CEO of AM¡NAcorp.ca as well as the
National Chair — CAPAPA, the Canadian Association of Professional Access and Privacy Administrators. This article provides the necessary background for the Sharon’s article “The Hidden Rationale for Usage Based Billing” scheduled to be published here in the Stop Usage Based Billing blog February 10th.

Post Script:
Internet Service Providers are in the business of providing Internet Service, and ‘deputizing’ them to spy on citizen customers is an atrocious breach of net neutrality, which I wrote about a year ago in Nutshell Net Neutrality

Looking over my blogs, I was surprised to see just how much I have actually written about ACTA shared both in this blog:

as well as on my Oh! Canada political blog:

Posted in Changing the World | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | 5 Comments »

Internet Security Tip #1 spam

Posted by Laurel L. Russwurm on September 12, 2010

red circle with a strike through over the word SPAMWe all know spam is out there. We all get it. The only real way to stop spam is for no one to ever ever answer it.
Mark it as spam and delete it. But so long as one person somewhere in the world clicks ‘reply’ or ‘buy’, it will never go away.

But there are things we can do.

don’t make it easy for spammers

I can’t tell you how many times I’ve passed along this advice, because it is a simple thing that we can all do.

When sending email to many people it is much better to select “BCC” than “CC”.

  • CC = stands for ‘carbon copy’
  • BCC = stands for ‘blind carbon copy’

When you use “CC” every recipient gets access to every email address.

This is important because if even a single copy of your email goes astray and falls into the hands of a spam harvester, they get the bonanza of a whole pile of email addresses to send spam to or to sell to other spammers to send spam to. Spammers aren’t going away any time soon so we should at least try to make it tough for them.

BCC means that the recipients can only see your email address, their own, and the addressee if there is one. Sending them all BCC would mean that only 2 email addresses appear in the email.

Always use BCC

And no, I’m not saying that you can’t trust the people you sending email to.

The thing to realize is that email travels across the Internet. DPI is the equivalent of unsealing our email.

But in Canada, the CRTC allows Bell Canada to use Deep Packet Inspection (DPI) to look inside Internet traffic– which includes email. DPI is illegal in Europe due to privacy concerns. It just takes one unscrupulous person with access and spammers have our email addresses.

history lesson: the origin of the carbon copy

Antique typewriter

Before computers, people in the 20th Century had typewriters. Typewriters were machines used for writing. Pressing down on a typewriter key worked the typewriter machine by striking the corresponding letter shaped metal die onto an inked ribbon against paper rolled into the machine.

When using a typewriter, it was possible to make an exact copy by sandwiching a piece of carbon paper between two sheets of typing paper and rolling them both into the typewriting machine. The force applied to the key would first transfer the ink to the paper and then through the flimsy carbon paper transferring the carbon onto the second piece of paper in the shape of the typed character.

The drawback was that the second copy was not crisp. The advantage that every keystroke was reproduced. This second copy was called a carbon copy. It was considered good form for the typist to type “cc” followed by the name of the person who would receive the second copy. In this way, bot copies indicate who received the letter.

A duplicate made without indicating a second recipient was called a “blind carbon copy” or “bcc” since the original recipient is not privvy to either the fact of it’s existence or information about it’s disposition. Often a file copy would be made in this fashion so that the sender retained a copy of his side of the correspondence.


image Credits:
“No Spam” image by laurelrusswurm under a Creative Commons CC0 License

Underwood 11 Typewriter photo by alexkerhead under a Creative Commons Attribution License (cc by)

Posted in Changing the World | Tagged: , , , , , , , , , , , , , , , , , | 1 Comment »

Usage Based Billing: A Glossary

Posted by Laurel L. Russwurm on August 22, 2009

No Usage Based Billing

No Usage Based Billing

The Usage Based Billing Issue will have a huge impact on all Canadians.

But it can be difficult for those of us who are not technically minded to follow the raging debate because we don’t know the jargon. So I’ve put together a Glossary. I’m not an expert, and in fact I’ve only learned what many of these things mean myself in the last week, but no one else is likely to do this, because:

  • The Big Three don’t want us to understand what’s happening because it is much easier to get away with stuff in a democracy if the populace doesn’t understand what is happening.
  • At the same time most of the technical people who are trying to fight this have been living and breathing this issue so long that it doesn’t even occur to them that most ordinary Canadians only understand about half of what they’re saying.

As always, if I get anything wrong, let me know so I can correct it.

Most of the jargon is too new to be in a dictionary, and although some of this is explained in wikipedia, not everything is. GAS, for example. That’s actually what convinced me this glossary was necessary. Because when learning about UBB I couldn’t figure out what gas had to do with the internet.

Although variations on these issues are being faced in other countries, at this time I am dealing exclusively with the Canadian version. I posted some of these definitions in the comments section of CBC ONLINE: Petition spurs CRTC debate yesterday.

UBB: A Glossary

bandwidth

Bandwidth provides a classic example of why regular people have a hard time understanding a lot of this, because it describes two very different rates of transfer.

Bandwidth is the measurement of download speed, measured in how many bits per second you can download.
Bandwidth has also come to refer to the transfer cap being placed on Canadian internet users, which is measured in gigabytes.

Put another way, bandwidth is a data transfer measurement of
(a) how fast you can go at any given time – your rate of speed, or
(b) how how far you can go in any given month – your allowed capacity.

Bell Canada

Looking at the Bell Canada homepage tells us that this corporation provides these services:

  • Mobile (aka cel phone service – Bell Mobility)
  • Internet (aka ISP – Sympatico)
  • TV (aka television broadcasting – express vue TV)
  • Home Phone

From its humble beginning as a crown corporation intended to string telephone wires across Canada, Bell Canada no longer simply provides telephone service. Instead we find Bell Canada firmly in the position of providing both the medium and the message. And apparently this is not enough. (Perhaps it’s time to look at dismantling this telecommunications giant.)

Big Three

Sometimes called the New Big 3, these are the three big Canadian telecommunication players, Telus, Bell Canada and Rogers Cable.

Canada

The Arrogant Worms sing that Canada Is Really Big and they’re right. The fact that Canada is physically the largest country in North America is one compelling reason why internet access is so important for Canadians. Like the railroad before it, the internet helps to connect Canadians to Canadians.

When telephone service first became viable in the early 20th century, no independent company would have had the resources to string the phone wires from coast to coast. The sheer size of Canada is also the reason why most of the Canadian telephone cable infrastructure was paid for by Canadian tax dollars. And why Bell Canada is forced to share this infrastructure with independent ISPs. Bell Canada is only the custodian of the Canadian telephone infrastructure, not the owner of it.

CanCon

A quota system established by the CRTC which is supposed to ensure that Canadian Broadcasters play a percentage of Canadian Content. The terms and definitions of this quota have varied over the years.

Carrier

The corporation controlling the wires. (aka The Big Three)

CRTC

Canadian Radio-television and Telecommunications Commission or CRTC is supposed to be an independent public organization that regulates and supervises the Canadian broadcasting and telecommunications systems.

“The CRTC’s mandate is to ensure that both the broadcasting and telecommunications systems serve the Canadian public. The CRTC uses the objectives in the Broadcasting Act and the Telecommunications Act to guide its policy decisions.”
from Canadian Radio-television and Telecommunications Commission: Mandate

Deep Packet Inspection (or DPI)

Deep Packet Inspection allows Bell Canada the internet equivalent of opening your mail. The CRTC allowed them to look at anything you do online without having to go to the trouble of getting a warrant. How many people send encrypted email?

Deregulation

In the context of the CRTC and UBB, Degulation would be the removal of governmental control by rules or restrictions on the Canadian telecommunications industry.
Many Canadians believe that the CRTC is corrupt but that replacing the CRTC with an alternative regulatory body would simply create new corruption, and want no regulation of the Canadian telecommunications industry.

Dissolve the CRTC

Dissolve the CRTC is both a website and an online petition. Actually, I guess I’d have to call it a rallying cry as well.

Many Canadians believe that the CRTC is corrupt but that it would be possible to replace the CRTC with an alternative regulatory body which would act in the best interest of Canadians. Because many Canadians believe that good regulation of the Canadian telecommunications industry would be the best for Canada.

dsl

Internet connectivity provided over the wires of a telephone network is called a Digital Subscriber Line or dsl.

GAS

GAS, or the Gateway Access Service is how Bell Canada allows Independent ISPs access to their hardware.

Independent ISP

An Independent Internet Service Provider (ISP) purchases Gateway Access to the infrastructure (the wires) from the carrier, which they then break down into smaller packages which they sell directly to their customers.

ISP

An Internet Service Provider (ISP) is a corporate entity which delivers internet connectivity directly to the public.

In Canada this includes:

  • Independent ISPs who sell internet service directly to the public, as well as the
  • Carriers who also compete directly with the Independent ISPs by selling internet service directly to the public.

Net Neutrality

Net Neutrality is the idea that the internet should be allowed to be free of restrictions so that it can be an unshaped resource. The particular Canadian issues is the Canadian consumer desire to stop the telcoms from controlling internet content or throttle the users.

From the CBC ONLINE: Petition spurs CRTC debate comments
The Sjarv wrote:
“If you want to compare internet usage to products like electricity or water, you must first provide modems that can access the internet unshaped with maximum speed allowed, let the personal computers regulate the speed, then you can charge for the amount consumed. Similar to facets and breaker boxes.”

Regulation

In the context of the CRTC and UBB, Regulation is the governmental control by rules or restrictions on the Canadian telecommunications industry. The rationale is to to control market entries, prices and standards for the benefit of Canada and Canadian consumers.

Rogers

Rogers Communications

  • Mobile (aka cel phone service)
  • Internet (aka ISP)
  • TV (aka television broadcasting)
  • Home Phone

Like Bell Canada, Rogers Communications now provides both the medium and the message. Perhaps it’s time to look at dismantling this telecommunications giant as well.

Telcoms

Telecommunication Companies

Telus

Telus is the third member of the Big Three. Funny, they also provide

  • Mobile (aka cel phone service)
  • Internet (aka ISP)
  • TV (aka television broadcasting)
  • Home Phone

providing both the medium and the message, like Bell Canada and Rogers Communications. Dismantling may be a good idea here too.

Throttling

By doing a deep packet inspection Bell Canada can identify bittorrent traffic and discard a packet you have sent with a request , so you never get a reply, which forces you to resend it.

This increases the amount of packets you have to send and it takes far longer for your packets to get through. When the internet carrier drops a percentage of your packets it slows down your transfer speed. But although the packets the carrier throttles don’t go anywhere, you are still charged for them. This pads your bandwidth usage. So when you send or receive a 5 gigabyte file you might be charged for a 7gigabyte transfer.

Transfer Cap

The maximum amount of internet use you will be allowed before the plug is pulled.

Usage Based Billing

In addition to the rates already being paid by internet subscribers, CRTC is allowing the carrier Bell Canada to charge all internet subscribers for the amount of bandwidth they supposedly use. (Even those of us who are not even their customers.) If this is actually implemented Rogers won;t be far behind.

The so-called “Usage Based Billing” will at best be based on inaccurate measure of supposed bandwidth use– as determined by Bell Canada.

VoiP

Voice Over Internet Protocol are Internet services which allow internet users to speat to one another using the internet rather than their telephone, provided by services like Skype, Yahoo and Rogers.


A few more links from CBC ONLINE: Petition spurs CRTC debate comments

The full Usage Based Billing that the CRTC has tentatively agreed to (excepting the “uncorrelated usage charge”) can be found here”
Usage Based Billing Zip File Thanks to btimmins

Over 6000 Canadian comments urging the CRTC to turn down the UBB application can be found at CRTC’s web site — Thanx to Abattoir6


I was just sent this link to an excellent April 14th Vaxination Informatique letter sent to the CRTC (or view the Google html version

This letter clearly identifies a plethora of problems stemming from Usage Based Billing. Thanx Bob.

Petition Update: as of time of writing, the Dissolve the CRTC petition is up to 4537 signatures!

Posted in Changing the World | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | 9 Comments »