Argentina's Department of Justice recently sent a notice out to all ISPs operating in the country -- including several American firms -- ordering that they cut off domestic traffic to bwin.com.ar, a gambling site which has been found guilty of operating without a license.
No big deal. Just have the ISPs block the site's IP address, right?
Wrong. In this case, the request proved to be difficult for one of the American ISPs. It's not just the fact that bwin.com.ar may change its IP address to evade the block. Another issue, says a source at the ISP, is its network architecture also encompasses a neighboring country in South America. Some users outside of Argentina would be impacted, even though they are outside of the jurisdiction of Argentina's legal system.
So what to do? The source, who requested anonymity and asked that the ISP's name not be printed, tells The Industry Standard that legal and technical staff began to work out the best way of handling the Argentinean order. Someone floated an alternative: DPI.
DPI stands for Deep Packet Inspection, a controversial technology that looks for specific characteristics among the contents of individual network packets carrying Internet traffic. If an inspected packet meets a certain criteria, rules can then be applied to decrease its priority or take some other action. In this situation, DPI could look for packets whose HTTP GET requests contain the Argentinean gambling domain and block them.
The DPI approach would be troubling on a number of levels. First, any ISP using DPI is going beyond a government mandate to simply block traffic to a particular site. The ISPs would actually be peering inside their customers' Web traffic without their knowledge.
Second, DPI can be used to defeat Net Neutrality, which, in theory, is supposed to give equal treatment to all Internet traffic, no matter the source or contents involved. In the United States, Net Neutrality is a hot-button issue among surfers who fear the erosion of the relatively free and equal browsing they enjoy today. ISPs could use DPI or some other scheme to deny their customers access to certain types of content or even specific files, or charging them more to access them.
The staff at the American ISP who received the Argentinean order are well aware of these issues. However, DPI will not be implemented in this case -- it requires a significant hardware investment that the ISP is not willing to make.
Still, our source says some of the ISP's engineers who support Net Neutrality are uncomfortable with the DPI discussion. Even though DPI won't be used this time, it will probably be considered in the future as a way to take offensive or illegal sites offline. These engineers suspect that a DPI implementation on the ISP's network may very well come about as the result of a foreign court order or some other overseas need. This could potentially pave the way for an American rollout, depending on how Washington acts on the Net Neutrality debate. Says the source, "This is one of those technologies that makes it possible to turn Net Neutrality on its head."
More news, commentary, and predictions from The Industry Standard:
- Analysis: Chavez, China, and the coming startup squeeze
- Analysis: Online currencies: Will e-gold's competitors abandon the U.S. market?
- Special Feature: The iPhone naysayers, one year later
Comments
DPI because setting up another dns server for your customers in this country with a zone record for the domain pointing to some page saying something to the effect of "you can't go here" is just to easy ... .
if i happen to know the IP address of that gambling site, i could just type it in and DPI can't block it, right?
damonkool, DPI inspects the information in the packets you send out. It doesn't matter if you try to browse the site from google or you type it in directly. The ISP will look at the information contained in the packets looking for specific things and will block based on that.
Post new comment