Point 1:

If the US Post Office (a QuaNGO) were to allow a private company to station post-card readers (or envelope readers) in its mailrooms (or remunerate Post Office Employees, net of any contrary requirement from their employer) to read and store the contents (and store the addressee, the addressor, and an imputation of the subject of the communication), for the purposes of compiling dossiers on users of the communication service, and this were to be made public, we would expect the following:

A. The PO would point out that non-encrypted public access to envelope and post-card information, while intended purely for routing purposes, is not in any way deemed private,

B. The consumer would be told this was for his benefit,

C. That controls were in place to prevent “abuses” — like P2P exchanges of copyrighted song lyrics, for example,

D. That articles would be written condemning the practice and warning of its spread if not unchecked,

E. The citizenry would be outraged by the “legalistic” justification it has commonly regarded as unthinkable and impermissible,

F. The governmental representatives would be moved to action on behalf of angry voters in prohibiting the practice (inasmuch as angry voters vote, and nascent industries don’t fund campaigns),

G. The situation would be precisely and exactly as it is now with respect to ISP’s claiming the right, the ethical justification, nay, the overarching personal and social benefit of snooping on their customer’s communications in order to sell the contents to 3rd parties (or even to amuse the bored 3rd-shift workers in the machine room).

What’s the argument? It’s not hypothetical, it’s happening just as analogized. So to fault the analogy to defend the practice seems … foolish.

And does Brett really inspect the “contents” of his user’s packets to prevent “abuses” like P2P?

Maybe RIAA really /should/ station Lyrics Interdiction Agents in the Post Office.

Sub: Election tools for your state

Message:

Your state is going to play a key role in the upcoming Presidential Election and our tools will help you in making registration to vote easy and obtaining an absentee ballot.

Please check http://www.StateDemocracy.org for more information

1)isp’s want to stop p2p

2)throttle down was secret plan,but no more,

3) dmca defense won’t work

4) risking ecpa wiretapping

what’s gameplan now?

come out , come out where ever you are!, nathan’s question needs answering,

he is concerned about your comment:

“and also to condemn the beneficial monitoring and filtering which we do carry out to prevent abuses such as P2P”

I’m a little confused:

do isp violate ecpa/wiretapping laws when they p2p filter. are we talking level 7 filter?.

what basis does a isp have to intercept any subscriber’s online commuincation, SINCE it is not in the normal course of their biz!…

SINCE it’s not a virus, spyware, etc that would allow access to intecept the transmission, what justifys inteception.

if you are pass level 1, provide me your authority,

what is being done to the subscriber that is downloading p2p? was there notice provided?

nathan wants to know!!!

my teeth are showing!

ya, what nathan said, what do u have 2 say about that!,buddy?

we talking dpi “filtering”?….how do isp’s dpi packets without dpi-ing packets?

Just one question on your generally well articulated post (04 sept 3:27).

You said “we do carry out [filtering] to prevent abuses such as P2P.”

How is P2P an abuse? It’s just straight-up network traffic like any other. If I’m subscribed for a 10 megabit line, is there a specific reason I shouldn’t expect to be able to make full use of my subscribed bandwidth (assuming the 10M is a hard cap?)

Moreover, when you say P2P are you including commercial P2P (some like to interchange commercial and legitimate, but I don’t see corporate sponsorship as necessary for legitimacy)? An example would be companies like Blizzard that use P2P to push software updates to their clients rather than hosting the files themselves. Is this also somehow ‘abuse’ of your/my network?

are you a happy person?

i have read paul’s article and will cite it within a paper i am preparing. I spend much of my time researching this area of law and that is 1 damn good paper, but you whacked him!

then you whacked poor ole me!

then you started on paul washburn, and even criticized his knowledge!

it’s ok to attack an industry, and have fun trying to prove that’s slander, but when you name a person, ie like the writer of an article, i hope he doesn’t read this post!

well, i will check back to see if anyone returns to the topic of isp privacy threats, and especially my interest, the oba’s that are associating with the isp’s

i have read paul’s article and will cite it within a paper i am preparing. I spend much of my time researching this area of law and that is 1 damn good paper, but you whacked him!

then you whacked poor ole me!

then you started on paul washburn, and even criticized his knowledge!

it’s ok to attack an industry, and have fun trying to prove that’s slander, but when you name a person, ie like the writer of an article, i hope he doesn’t read this post!

well, i will check back to see if anyone returns to the topic of isp privacy threats, and especially my interest, the oba’s that are associating with the isp’s

If the amounts in the article are accurate at all, they are much more likely to be per year, not per month. In other words, negligible.

as for what isp’s do in big states and big cities with large subscriber’s database to make it worthwhile for them!

ATM for ISPs or Spy in a Box?by Jim Thompson

[December 7, 2007]

“In return for installing the black box in their network, a bounty is paid to the ISP that varies from $2 to $4 per subscriber.”

Do you want more? I did see an article discussing $5 bucks a person, and the money made per year was incredible on a good size isp; moreover the deals also allow a % to the isp’s. That could possibly justify the total payout if $2-$4 is normal, then the % above the base could put it up to an average of $5.

HEY! LEAVE MY BUDDY ALONE!…”Also, you, like “anonymous” above, are greatly overestimating the amount that anyone would be wiling to pay for consumer data.”

“With all due respect, I believe that the lawyers should stick to drafting wills and chasing ambulances and stop meddling in a business that they know little or nothing about”…….OUCH!!!

Ok then go ahead again and let’s talk about “reasonable expectation of privacy”

that’s your area of expertise, right. privacy law for isp’s.. or is it how isp’s work,

YO BRETT: now that you are calm,we all agree your the inside go to guy here. skip trying to protect your industry. we know your a good guy and legit, but feed us info on the bad guys..

feel free to answer my previous questions, why would an isp associate with a oba to intecept the communication and allow them to sell the ads, why not do it themselves?

let’s skip a man in the middle debate, and talk about “cut out the middle man” debate.

WHO’S DOING WHAT TO WHOM?………TELL US ALL THE DIRT!..

I’m confused!…(new name)

Paul: Again, it appears that you may be unfamiliar with the way in which the Internet operates. It is, by nature, decentralized and anarchistic. And that is the whole reason why it works. You still seem to be trying to force it into the mold of the old Bell System, even though doing so would destroy it. (Not to mention the fact that overbearing regulation such as that which Washington lawyers and lobbyists are proposing would strangle independent operators, leaving consumers facing a monopoly or duopoly.) Also, you, like “anonymous” above, are greatly overestimating the amount that anyone would be wiling to pay for consumer data.

With all due respect, I believe that the lawyers should stick to drafting wills and chasing ambulances and stop meddling in a business that they know little or nothing about.

I agreed with you to the end but you threw me a curveball:

“but have never heard of a VPN or other sort of tunneling.”

ok,let’s go down another thread, away from paul’s paper about what exactly isp’s, and any associated companies are doing, to be a threat to privacy. are we chatting about law, computers, geek stuff, or a combo of all?

tell us what is happening over at the ….”5 EUR a month”..neck of the woods.

how does vpn or tunneling involve ISP’S SELLING SUBSCRIBER’S DATA FOR PROFIT?

Are we back to “privacy lost” in the cyber world since vpn’s use wi-fi; therefore isp’s are not a threat, but others not associated with ISP’s, AND NOT THE POINT OF THE PAPER, maybe be illegally intecepting communication when it’s being routed?

If you know all about isp’s, AND ESPECIALLY CPOMPANIES CREATING DPI BUSINESSES TO WORKL WITH ISP’S FOR DATA MINING, AKA, DATA SALE, tell us who is doing what to whom. I won’t tell anyone.

IF YOU DON’T WANT TO MENTION NAMES, LAYS OUT THE BLUEPRINT OF HOW ISP’S AND THESE COMPANIES ARE MAKING MONEY SELLING SUBSCRIBER DATA.

I’m all ears!

Also, I’m kind of surprised you are confident in your ability to compete with ISP’s who are perhaps receiving $1 from an advertiser and $1 from a subscriber for every $1 your subscribers pay you. After ‘drumming’ your user’s heads that “any real privacy which one can achieve on the Internet must be imposed from without (e.g. via encryption)…sending a packet on the Internet is, literally, like passing an unfolded note across a room filled with hundreds of strangers”, it’s really hard to see a savvy consumer paying your ISP a premium to not look at their packets before passing them on to the “hundreds of strangers” who will when they can use a cheap service like Relakks for 5 EUR a month that provides some guarantee of privacy.

And don’t tell me that your ISP will compete entirely through the people who are savvy enough to know AND care that their ISP is aggregating and selling their data, want to do something about it and are willing to pay a 50% premium (which seems reasonable here), but have never heard of a VPN or other sort of tunneling.

___________________

to all:, here’s my post to paul, everyone with that wants to add their thoughts, feel free. please jump in and let’s bounce this around.

{paul;

I was with you until you said:”…when a company like Phorm can legally pay another…” Let’s chat about “legally”, in refernce to nebuad, frontporch, and phorm:

1)What are the legalities of their actions?

2)What about the Isp’s actions, separate from the oba’s(online behavioral advertisers)?

Posted by: “…” ,fka “anonymous”, fka anonymous at September 6, 2008 10:22 AM}

——————–

paul: what brett is saying is that isp’s that intecept your online communication need only a search warrant from authorities to release your data, as opposed to an extensive legal process for them to wiretap to obtain the same info.

finacial argument! yeah right!!!!

isp’s are bing offerred $2.00 per person, per month for private data. I see somewhere it’s as high as $5.00 per person, per month, but with that option existing, we can be assured businesses won’t consider the proposition, wink wink…

selling privacy..what’s “dat”

death, advertising and taxes(dat)……..

Guess what!………NO ONE WANTS TO SELL THEIR PRIVATE INFORMATION. NO ONE IS INTERESTED IN RECEIVING AN ADS, BE IT CONTEXTUAL OR BEHAVIORAL. (UNLESS I KNOW THAT CONSUMERS ARE PROVIDED CASH, AT THE TIME OF THEIR SALE OF PERSONAL INFO, I DONT’T BELIEVE THE PROPAGANDA.) THOSE THAT SAY IT IS REQUESTED ARE JUSTIFYING THEIR GREED.

PEOPLE PREFER TO PAY TAXES. PEOPLE PREFER TO PAY FOR ANYTHING, RIGHT!. THE REASON WE ARE SENDING YOU ADS IS BECAUSE WE KNOW THAT IS WHAT YOU WANT, we know you want to slow down your computer and fill your webpage with items you never requested, AND THE FACT THAT OUR BUSINESS IS DERIVING SUBSTANTIAL PROFIT, OF WHICH WE COULD NOT DERIVE FROM OUR ACTUAL WORK AND PRODUCTION, IS NOT THE REASON.

WE ARE ONLY DOING THIS FOR YOU, YA RIGHT!

___________

we can agree:

ISP NEEDS TO USE DPI FOR ADMINISTRATIVE PURPOSES,OK!

COMUNICATION AFTER IT LEAVES THE ISP IS AT RISK FOR PRIVACVY VIOLATION, OK..

99% of isp’s do not sell personal data, ok

paul’s paper discusses the threat. What about if that threat has become reality. can we discuss those issues?

what if the isp is…..monetizing on subscriber’s personal private data?

what are the liabilites of the oba( online behavioral advertiser) that is assisting the isp, as opposed to the isp’s liabilites, as opposed to the concerted effort of both?

now that’s is an interesting topic!.

Paul: It appears that you are unaware of the practice known as a “mail cover” (see http://en.wikipedia.org/wiki/Mail_cover). The outsides of the mail you send — including post cards — can already be viewed by the government without a warrant. So can any mail that’s unsealed. Since all of an Internet packet is out in the open, viewing any part of it is analogous to this long accepted, constitutional practice. If you don’t want this, better “seal” it (in such a way that the government can’t open it even if it wants to) by encrypting it.

Also, we as an ISP are not particularly worried that our competitors will gain a financial advantage over us by selling information about their users. The free market will work as it should, and users who don’t want to be subject to this practice will patronize us rather than ISPs which gather and sell their data.

Users are free to sell their privacy if they want to (and it’s amazing how cheaply some will sell it), but that’s their right. The ones that do so are likely to be the same ones who will let spyware, viruses, and worms into their machines, and also to be spammed (which takes up lots of our bandwidth). So, we’ll be happy to let our competitors have those customers.

I was with you until you said:”…when a company like Phorm can legally pay another…” Let’s chat about “legally”, in refernce to nebuad, frontporch, and phorm:

1)What are the legalities of their actions?

2)What about the Isp’s actions, separate from the oba’s(online behavioral advertisers)?

I also want to comment on Brett’s characterization of privacy. The assertion that packets ‘are not “envelopes” with contents; they are analogous to postcards’ is a great example why this threat is disconcerting. It would obviously be concerning if the Post Office started copying the contents of postcards into dossiers indexed by people’s address and then sold this information to junk mail advertisers. I am sure that despite the recognition and acceptance that everything written on a postcard is right in the open, any initiative on the part of the carrier to monetize their access to that information would be interpreted as bad faith. It is not logical to claim that because ISP’s need to read header information to route packets implies that we shouldn’t worry when they start to perform DPI and data mining (on traffic we are paying them to route) not for purposes of network administration, but to sell that information to advertisers.

Furthermore, an expectation of ethical behavior (like the one we hold the Post Office to) does create a “reasonable expectation of privacy” regardless of the accessibility of the information.

But all of this misses the larger point. I think (and I am sure I am not alone in this sentiment) that it is laudable that Brett Glass’ ISP adheres to the expectation that packet inspection etc. will be undertaken only to perform the service customers are paying for. The question is how can Brett’s ISP possibly survive when a company like Phorm can legally pay another, not so ethically inclined, ISP possibly as much as it receives in subscriber fees to use its existing equipment to gather, track, and sell data relating to customer traffic?

A paper like this, far from being an ‘inflammatory posting… riding on a larger, more general trend in which bloggers and “activists” are demonizing ISPs because they’re a convenient target’, is a much needed warning to ethical ISPs large and small (because remember, ’size is not an indication of ethics’) that unless the regulatory environment changes, the ethical behavior you are so proud of *will* put your ISP at a serious competitive disadvantage.

As an introduction,I’m just a concerned citizen that appreciates their privacy,thus “anonymous by choice”.

As for defamation,I hope only to defame ISP’s, and their associated 3p’s, that violate privacy laws;therefore I do not believe all ISP’s are a threat to privacy, but only a limited few.

Glad to hear your thoughts:”The fact is that my ISP does not collect ANY data for commercial advertising purposes, and will not do so. Period.” As a rep of the isp industry,AND NOW THAT WE ARE FRIENDS, what are your thoughts about isp’s that do?

“….”