Deep Packet Inspection as a Service

Deep packet inspection is an advanced method used, among other things, for monitoring data traffic. A strength of this technique is that it enables secret monitoring, since it operates at the network level. In a nutshell, a network operator grabs each packet of data sent, does what it wants with it and then sends it along on its way. To the intended recipient it looks exactly like a normal transfer.

TeliaSonera is the largest telecom operator in Sweden and Finland. The company was created by merging two former state monopolies and is now notorious for providing surveillance technology to foreign states with dictatorial regimes. The company has a page on its website about "Freedom and expression and privacy" where we find these rather vague sentences about customer privacy:

Much of the business of our sector in general is built upon the collection of data about individuals and their communication. [...] In this context, there are technological trends that pose challenges to all kinds of players in the field of ICT, including TeliaSonera. [...] These trends are such as; virtual networks and software available remotely for access by users (the ‘cloud’), behavioral advertising, examination of a data of a computer’s network enabling for instance, network management, security and data mining (‘deep packet inspection’), location awareness and the risk that seemingly anonymous data can be re-identified. [...] We are committed to protect and safeguard our customer’s privacy.

Did you notice the words "deep packet inspection"? Did you interpret that as a commitment from TeliaSonera to protect their customers from this type of monitoring? Think again. Deep packet inspection is actually a service being sold by TeliaSonera to their ISP customers. It is an optional feature that an ISP can buy to increase their control over what traffic is allowed to the end customer.

If you have been following recent events, this should not surprise you. But perhaps it would interest you to see an example of how TeliaSonera markets this technology to their corporate customers. Of course, as always when new methods of Internet control is rolled out, it is sanctified in the name of protecting children. When it comes down to it, what they are selling is, in the exact words of TeliaSonera:

a technical solution combining intelligent routing with deep packet inspection in order to deny access to URLs

 Here is the original document: