Another Reason For Defending Net Neutrality: NSA Surveillance

from the encryption-works dept

The net neutrality debate has been underway for many years now, but more recently it has entered the mainstream. The main arguments in favor of preserving net neutrality -- that it creates a level playing field that allows innovation, and prevents deep-pocketed incumbents from using their financial resources to relegate less well-endowed startups to the Internet slow lane -- are familiar enough. But PC World points us to a fascinating paper by Sascha D. Meinrath and Sean Vitka in the journal "Critical Studies in Media Communication" that offers a new and extremely important reason for defending net neutrality: that without it, it will be hard to fight back against blanket surveillance through the wider use of encryption (pdf). Here's the main argument:

One particularly problematic industry practice is the move by ISPs to create tiered or preferential service offerings. Plans to create tiered services have been floated for years -- enabled in part by constant pressure toward less competition in the broadband market. In fact, within mobile broadband services, tiering of various applications (e.g. voice, texting, data) are already normative. But if an ISP can't tell what sort of application is being used, it doesn't know whether to prioritize or deprioritize a specific communications stream -- which is why good encryption breaks one of the fundamental assumptions for this new business model. Since encryption can help circumvent discriminatory practices, the incentive to use it will expand with practices like tiering.
If net neutrality disappears, and tiering becomes more common, users may turn to encryption to thwart traffic analysis by ISPs. That, in its turn, is likely to lead to ISPs putting encrypted traffic in the slow lane by default -- or even trying to ban it altogether. Either would ensure that the majority of users would go back to using communications in the clear, since they would probably be unwilling to pay for their security, which is non-obvious and hard to measure, with the loss of speed -- something that is immediately all-too evident.

You might think that it is unlikely that ISPs would be able to push through changes with such serious implications for their customers' privacy -- not least because the usual worthy digital rights organizations would doubtless fight back fiercely. But as Meinrath and Vilka rightly point out, there could be an unholy alliance between industry and security services that would be hard to defeat:

It is difficult to imagine a politician standing up for privacy and free speech rights when opposition of this position, from both well-moneyed private industry and law enforcement, proclaim that encryption supports 'copyright infringement, child pornography, and terrorism' -- all at once.
That rings horribly true: the copyright industries would doubtless love to get encrypted connections banned, as would the NSA. Bringing together the perfect scaremongering trinity of copyright infringement, child pornography and terrorism could well create a winning combination. The best way to avoid this nightmare scenario is to head it off early. Save net neutrality now, and you save the one thing that we think can help us against surveillance: end-to-end encryption.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Uriel-238 (profile), Jul 22nd, 2014 @ 1:20am

    Deliberation theater.

    My impression is that the FCC is doing this for show. They want to pretend that they actually care what the people think, but Wheeler and his colleagues are already bought by big telecoms.

    They're not going to redefine ISP as a common carrier service. They're not going to keep the net neutral. They're just looking for a statement to make that sounds like they plausibly considered the arguments in favor of net neutrality and then rejected them.

    Do I have that right, or is there actual hope?

     

    reply to this | link to this | view in thread ]

  2. This comment has been flagged by the community. Click here to show it
     
    icon
    Whatever (profile), Jul 22nd, 2014 @ 1:40am

    I think that has become the rim shot line of anything online now... "...and it blocks NSA from spying!". Since we already know that they are more than willing to the extreme ends of the communication chain, it's not really going to change anything. The message is still in the clear on your computer and you are still typing characters on your keyboard...

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    That One Guy (profile), Jul 22nd, 2014 @ 2:35am

    Re:

    Blocking them entirely is likely futile, especially if they really have an interest in you, yes, however, the idea isn't so much to stop them, but to make it impractical enough that it's more effort than it's worth for them to continue with the 'Gotta grab it all!' style of spying.

    Gathering up a bunch of communications, because it's available and they can go browsing through it at their leisure 'just in case'? They've got no real reason not to, as it takes a bare minimum of effort on their part. However, if all of those communications are encrypted, and it takes some real time and resources to break into them, then suddenly they're a lot less tempting.

    With more widespread encryption, suddenly grabbing everything doesn't do them much good, as even if they've got it, they've still got to crack the encryption to read it, and as long as proper security measures have been taken on both ends, that's going to take time and effort that could have been spent elsewhere, with no guarantee that what they uncover will be of any use or importance.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 2:47am

    Re:

    Limitations of man power, and computer power, makes encryption an effective remedy against general snooping, even if it is not proof against a deliberate attempt to read a persons communications. When the likes of NSA have to gain access to individual computers to read message traffic, they have to be more targeted as to who they spy on. For most people, encryption does not have to be perfect, just good enough to make listen in on everything require more computer time that NSA can afford.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    Ninja (profile), Jul 22nd, 2014 @ 3:38am

    Re: Re:

    That. We don't have Govt cameras in every room because it would be prohibitively expensive (thank God). We should make the online world much like that by adding decentralization and reasonable encryption.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 5:01am

    Re: Re: Re:

    Not yet anyway ... soon.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Geno0wl (profile), Jul 22nd, 2014 @ 5:47am

    Re: Re: Re:

    Actually it is incredibly frickin cheap to put cameras up everywhere now.
    The expensive part is having somebody watch said cameras.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 6:33am

    This makes little sense technically at least. Placing QoS markers on traffic doesn't depend on the payload. You can mark traffic by destination/source, tcp/udp port, vlan, DOCISS channels, or any number of factors.
    While I'm assuming that the writer is talking about everyone purchasing a VPN to surf the internet, I'm highly doubtful that this will ever happen and repercussions of purposefully throttling corporate VPNs would also adversely effect their own operations in most cases.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 7:00am

    encryption does not prevent traffic analysis

    Traffic Analysis looks at the externals -- the "metadata" if you will -- of a communication. If those externals are encrypted, the communication doesn't happen. Encrypting to keep everyone but the recipient from reading the content is a good idea, but don't claim it prevents Traffic Analysis.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 7:09am

    I could see ISPs rate limiting VPNs. Some Netflix customers use VPNs to bypass Verizon's clogged interconnect ports. Using a VPN can change the route their packets take.

    I'm sure Verizon and Comcast won't like that at all. They've been working hard to make sure those interconnect ports stay nice and clogged for Netflix.

    That way residential ISPs can double dip video streaming competitors and Verizon can entice customers to use their services by not counting data usage rates against their internet plan.

    It's insidious! They just scheme this stuff up all day long. Now residential and cellular ISP's are putting their slow lane plan into motion.

    The only thing standing in their way is Tom Wheeler, former lobbyist.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Whatever (profile), Jul 22nd, 2014 @ 7:16am

    Re: Re:

    it really depends. The message, no matter what, is decrypted at two points, the sender and the receiver. Naturally, it means they will just push harder to get into the end systems rather than dealing with the middlemen.

    Further, since almost every encryption scene has been backdoored in some fashion, it's not entirely clear that encryption is so much a solution as much as a pacifier for the masses at this point.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 7:54am

    Back during the SOPA debate when people brusquely dismissed the implications by stating that VPN's and encryption were an easy workaround- I warned you that retail level encryption would soon be under attack. I can easily see the scenario playing out within the current net neutrality debate.

    The author is absolutely right, in a tiered system the ISP's will not tolerate encryption hindering their ability to manage their tiers. I'd expect that users would have to be "licensed" by ISP's to use encryption. And I'd expect the criteria used would require one to demonstrate a legitimate need- and concerns about the NSA wouldn't be one of them.

    Finally, invoking the Unholy Trinity of infringement, kiddie porn and terrorism will absolutely win the day. I can't think of a single elected official who could withstand the withering barrage of criticism that would come from opposing this. Any privacy concerns will be "addressed" through promises of better oversight and/or legislation, thus boxing out any real criticism. If they're smart, copyright interests won't be on front street, even though they'd be the biggest beneficiaries. They'd be better served funding the other two prongs of the spear.

    It will be interesting to see how it develops.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 8:25am

    Re: Re:

    Remember that Whatever is an NSA supporter. He wants it to be easier to spy on people because he's an exhibitionist that way.

    Any day now he's going to surrender himself to the NSA because he uses TOR, the naughty terrorist.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    John Fenderson (profile), Jul 22nd, 2014 @ 10:34am

    Re: Re: Re:

    "since almost every encryption scene has been backdoored in some fashion"

    This is news to me. Do you have support for this assertion?

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 11:53am

    Never happen. Banning encryption would require banning all https links, which would mean totally insecure logins. Also far too many large corporations that otherwise could give a fuck less about net neutrality use VPNs to secure their data. Together these companies are far larger than the ISPs. The ISPs would find themselves destroyed in a heartbeat if they tried to ban all encryption.

    Secondly, the ISPs don't care about the type of traffic, they care about the source and destination of traffic. They want to make sure internet companies have paid their protection money. They don't care what the type of traffic is to and from these companies.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 1:56pm

    "That rings horribly true: the copyright industries would doubtless love to get encrypted connections banned, as would the NSA. "
    The copyright-dependent industries have spent the past 30 years PUSHING for encrypted connections (DRM). They just want to be the ones to control the encryption.

    Interestingly, as US copyright and the DMCA apply to ALL works (including this message), attempting to circumvent my https connection used to post this to this website would be illegal in the US. This means any deep packet inspection attempts on https traffic would be criminal offenses (to which the NSA may or may not be excluded, depending on the instance).

    While the arguments sound reasonable, if the government actually swallowed them, the fighting between factions would start pretty quickly, and everyone would discover they were getting a worse deal than net neutrality would provide. Hopefully some of the interested parties are reading this and think it through some more.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Jul 22nd, 2014 @ 2:42pm

    Re:

    Not banning; licensing and regulating encryption. Retail level encryption will pretty much disappear.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Justin, Jul 23rd, 2014 @ 2:23am

    I'm getting sick and tired of hearing government say they must do this, or that; to protect me!! Keep your nose out of my business and I will protect myself!!! How about that???? Do you want your favorite TV shows to be slowed down unless you pay more to your cable company? http://goo.gl/wDcRLt

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    Mike Masnick (profile), Jul 23rd, 2014 @ 5:54am

    Re: Re:

    Not banning; licensing and regulating encryption. Retail level encryption will pretty much disappear.


    Yes, you've been claiming this for a while. As we explained to you last time:

    lbh unir ab vqrn jung lbh'er gnyxvat nobhg vs lbh guvax vg'f rira erzbgryl cbffvoyr gb "yvprafr" rapelcgvba, orpnhfr gurer ner na vasvavgr ahzore bs rapelcgvba fpurzrf, naq lbh ernpu n cbvag jurer vg'f vzcbffvoyr gb gryy jung'f rapelcgvba gung arrqf gb or "yvprafrq" be whfg fbzrbar fcrnxvat va tvoorevfu.

    Orfvqrf, gur irel onfvf bs arneyl nyy vagrearg pbzzrepr -- vapyhqvat gung hfrq ol raq hfref, vf rapelcgvba. Yvprafvat vg jbhyq qrfgebl rpbzzrepr naq vs lbh gubhtug gur fbcn svtug jnf ovt, lbh unira'g frra nalguvat.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.