Anna Eshoo used to be my Congressional representative, so I paid particular attention to her remarks in the recent Markey Committee hearing on Internet privacy. Frankly, she’s an embarrassment. She started her remarks by jumping all over Scott Cleland for being a shill of the broadband industry, which would be funny if it weren’t so pathetic. Scott started his remarks by disclosing who pays him, and I didn’t hear any disclosure from Rep. Eshoo about who’s paying her (see: Open Secrets for details of Google employee contributions to Eshoo and for Google PAC bucks. This Congresswoman has raised $3 million from PACs.)
She carried Google’s water, essentially saying: “Google is entitled to rape and pillage personal information for their own purposes, but nobody else better mess with it in the slightest way.” You can see the video of the hearing here, warts and all. Eshoo, like her colleague Zoe Lofgren (D, Google) has a place in these hearings, but it’s at the table with all the other lobbyists, not on the dias.
Aside from Eshoo, it wasn’t a totally bad hearing. Markey likes to simplify issues to the point that they’re all so black-and-white that you can’t see why they warrant discussion, but the witnesses were (with one exception) pretty clear on the fact that DPI is simply a technology, and as such has no moral significance. What matters, obviously, is how it’s used.
After all the hand-wringing, it should be clear that DPI isn’t a privacy issue in its own right because it’s simply a tool for harvesting information out of network packets. The privacy issues are solely in the realm of the information itself: who provides it and under what terms, who processes it, and who retains it. And these same issues have to be addressed for all personal information, on the Internet or off it, in the packets or on the web site.
But the pattern here is something that’s all too common in Congress: this technology has a scary name, so it must be bad. The focus on the technology with the scary name then takes up the time that should be spent on the important issue, privacy.
But privacy isn’t black-and-white, so we better not talk about it; it might be bad for Google.
Technorati Tags: privacy Internet Google Eshoo
Not only is “deep packet inspection” a “scary” name — it is a misleading one. Packets on the Internet are one-dimensional; they have no “depth.” And one does not need to “dig deeper” to see any part of the packet; it’s all of a piece. While the alarmists who — for various selfish reasons — claim that packets are like letters in envelopes, in fact they are more like postcards. The addressing information (which all routers must see) and the header information (which must be altered at each hop the packet takes) is no more visible than the payload, or data. Any device that can see one can see the rest.
It’s ironic, too, that Google would be let off the hook when it not only scans packets but parses your e-mail looking for keywords that will be used to select advertising. If anything is invasive, this practice is; checking the packets to see if they are VoIP and prioritizing them appropriately is nothing by comparison.
Most of my network engineering work has been with layer two networks such as Token Ring, Ethernet, and W-Fi, and from that perspective IP is simply payload. In fact, you have to do “deep packet inspection” on an Ethernet frame to find an IP address. So yeah, there is no depth, just payloads within payloads.