Will AT&T Start Filtering Your Connection?

We have another essay from Bennett Haselton for you to peruse. "Last week's coverage of AT&T's newly announced "anti-piracy initiative" mostly downplayed the key part of AT&T's proposal, which is filtering what their end users can access in the first place, not finding pirates or suing them after the fact. Friday's Associated Press article, which was reprinted on many news sites with headlines like "AT&T to Help Hollywood Track Down Internet Pirates" and "AT&T to ID Offshore Web Pirates", actually said only that "the effort is primarily aimed at pirates who set up operations in other countries" -- and since you can't really "aim" at pirates in Russia and China with anything except missiles, the statement suggests not identifying pirates or tracking them down, but pre-emptively blocking people from connecting to their servers. Only the Red Herring nailed it with their article title, "AT&T to Block Pirated Content"." Follow the magical URL to read the rest of Bennett's words on the matter.

I think this is a crucial distinction, because efforts to filter end users' connections (as opposed to making them pay consequences for their actions after the fact) have always been controversial, even when the content is illegal. The Center for Democracy and Technology successfully overturned a Pennsylvania law that required ISPs to block overseas child pornography sites, partly on the grounds that the filtering included many third-party Web sites as collateral damage. I've argued that a similar private-sector initiative called Canada Cleanfeed, where Canadian ISPs attempt to block child pornography Web sites, would do more harm than good. On the other hand, nobody's fighting very hard for the cause of child pornography downloaders who were caught and arrested. Web sites get sued and shut down all the time, but it was bigger news when Canadian ISP Telus blocked the Web site of a Telus labor union for three days. So it's a big deal whether we're talking about "pre-emptive" filtering, or fighting piracy "reactively" by going after violators.

AT&T Senior VP James Cicconi said in e-mail that "discussion about what the technology will or won't do is premature until we can invent it", but most of the hints so far have been that the anti-piracy technology will be "pre-emptive", i.e. filtering users' connections. Cicconi said on a conference panel that AT&T has to spend billions on network maintenance to carry illegal pirated traffic -- which they probably couldn't recoup by suing people, so the only way to prevent that would be to block it. And Cicconi has referred to the technology several times as a "network-based solution" -- but what else could that mean, except filtering?

So let's assume that's what's on the horizon. Interestingly, Cicconi said that AT&T did not plan to block actual Web sites. However, he said in e-mail, "If one could, with a high degree of certainty, spot and isolate illegal traffic from an offshore site, would you not think the copyright holders would have a reasonable argument for a court order to block that traffic (as opposed to the site itself)?" Presumably this could refer to a Web page with an index of links to BitTorrent files -- so they'd be willing to block the BitTorrent links, but not the Web page? But from that point of view, why not just block Web sites too? If an overseas webpage has a list of links to pirated content, and that content is served over http from the same Web server, wouldn't they want to block it?

But I doubt this would stem much piracy in the long run, because connection filtering to fight piracy became more commonplace, then the next generation of p2p file-trading programs would all just have circumvention capabilities built into them, that let you route your connection through a friend at an unfiltered ISP. You're on AT&T, you upload a file to your friend on Verizon which earns you some "credits" with his node in the p2p network, and instead of redeeming those credits to download a file from him, you use his node as a proxy to download a file indirectly from a site in Russia that AT&T is blocking you from accessing. Advanced users can do this already with tools like Virtual Private Networks and Tor, and some tweaks in a p2p program would just bring it within the range of the casual user.

On the other hand, if AT&T starts filtering traffic, it could set a bad precedent that any time a party in a legal proceeding wants a site declared "illegal", they can demand that AT&T (or other ISPs) block the site. It could be a site libeling a person, or a site hosting a decryption tool that breaks some company's poorly-designed code, or pretty much anything that some powerful person wanted to go away. Meanwhile, if an AT&T customer did get accused of downloading pirated content, now they could invoke the "AT&T didn't stop me" defense -- they thought that AT&T was filtering illegal content, and if they could get to it, then that meant it was legal! In both cases the problem comes from someone using the argument that once AT&T started doing any filtering at all, they should have gone further.

So I would watch the situation closely, even if you're not an AT&T user, and don't assume the situation will take care of itself. Cicconi said, "If a company like ours does dumb things and upsets our customers, we will lose them to someone else," which is something I'm skeptical of whenever I hear it used to defend various draconian anti-spam measures, but in this case I think it's even less applicable. When you're talking about spam filters, at least they always bring some benefit to the user (less spam), and the question is whether the free market weighs those benefits properly against the costs (more lost mail). On the other hand, if an ISP filters the user's connection, that brings no benefit to the user, and in a truly efficient market, all customers of such an ISP would just switch to an unfiltered one -- if that doesn't happen, it simply means the market in that case is not efficient. Is your ISP filtering your connection right now? Probably not, but how could you tell if they were? Right now we assume that ISPs don't filter connections because generally it's "just not done" (except when it is). In a few years we might not be so sure.

Simple answer:

Yes

Re:Simple answer:

in the idea that the net "fix it's self"

i am hopeing that AT&T is dumb enought to do this - that atleast their techs are not completely evil.

an example would be.. they don't want traffic from say a specific ip block coming accross their network..

if they do it right and just remove the route than any isp that goes to their network will get a route error and will defualt to the next route and the net will route arround them - allowing AT&T to only effect it's network and the rest of the world is happy

on the other hand - if they jsut decied to drop the packets and not issue a routeing error for the subnet then routers will keep sending traffic that way and AT&T will effectivly black hole that block for all of AT&T and the other ip's that happen to route through them

black holeing is very very very very bad .. and i have this odd feeling that they are jsut evil enough to do it.

FP!

I had the first post, but those ATT bastards filtered it!

These are MY letters!
I didn't copy them!
Damn it...

Glad someone is sorting this stuff out

Now, when I download something, I know it must be fully legal to download thanks to my ever so helpful AT&T DSL connection filtering out all those nasty pirates! Thanks guys! I'll be sure to forward any legal notices I receive on to you!

Re:Glad someone is sorting this stuff out

At what point does AT&T lose it's Safe Harbor exemption?
It's one thing to provide client side filtering, but if they're doing it, they're responsible for what slips through.

I really wished the essay addressed that issue.

Re:Glad someone is sorting this stuff out

At what point does AT&T lose it's Safe Harbor exemption?

When the pirates launch a mass attack and storm the port?

Never

I'm sure they make enough political contributions that they have nothing to worry about.

Dumb question...

If AT&T does any filtering of the content (even if it is simply to block ports), haven't they then lost their common carrier status? Could they then be liable for content transferred on their network, including illegal materials?

Of course not

I'm sure they have a few senators in their back pocket. Rules like that don't apply to huge corporations.

Re:Of course not

Ahh, but thats a catch-22. That rule was pushed into the DMCA BY big corporations FOR big corporations. And so far, I've seen it used extensively by big corporations as a defense (see Viacom vs. YouTube).

To say that rules like this don't apply to big corporations is simply not accurate. And while it sometimes seems like big corporations are terribly evil and can get away with anything... the laws often *DO* prevail. They can't pick and choose which laws apply to them no matter how many senators they have in their pockets. This debate is *very* public, so its not like it can slip through the cracks. AT&T will have to duke this one out on their own I suspect.

Re:Dumb question...

AT&T, the ISP, is not a common carrier, they are an "information service."

AT&T, the phone company, is a common carrier.

Re:Dumb question...

haven't they then lost their common carrier status?

They don't have common carrier status for the internet service they provide over DSL. They do, however still have third-party immunity from copyright violations, due to the DMCA.

Filtering by type

My guess is that they will use type of traffic, destination and statistics (filenames, sizes, media types) to catch excessive users. This is similar to how most spamblockers seem to work, or even, Slashdot's moderation system. While in theory I'm against it, in reality, it means that AT&T spends less effort to support the 5% of users who are heavy users of illegal traffic. It's a smart business decision. I for one will take my service provider dollars elsewhere however.

And when the pirate havens are blocked...

We may get our ability to legally backup and/or convert movies and music back...

Crucial correction

You will watch what they want, when they want, how they want, and you will like it, plebe

You will watch what they want, when they want, how they want, and you will pay for it every single time, plebe

A /. Message from the Future

Headline - "AT&T has Turned on Its Anti-Pirating Program blocking webpages"

Headline (30 mins laters) - "Hackers have found a way to circumvent AT&T's Multi-million dollar anti-pirating program"

And it isn't really incorrect, either.

Misread it as "anti-privacy initiative".

Resolution of Filter

Curious how finely tuned such a filter would be. Does it go by files size? I upload 30-50gigs of data a month to my website to share with other people in the chess community. The 6men egtb dataset is 1.5 TB, so I distribute pieces at a time via my site.

Will I be filtered because it sees a 700meg file being transfered? What about ISO's? Will it assume and iso is a pirated CD, when in reality it's a Linux distro?

Definitely a complex problem.

Cheap DSL at what price

I guess that $9.95/mo. DSL does have some strings attached to it...

Compensated

"jams the network in ways we're not compensated for. He said AT&T is spending about $18 billion on network maintenance, a significant chunk of which is required just to keep up with tremendous growth of traffic on its backbone."

They were compensated.

The $200 Billion Broadband Scandal

New investigative ebook offers micro-history of Verizon, SBC, Qwest, and BellSouth's (the Bell companies) fiber optic broadband promises and the consequence harms to America's economic growth because they never delivered and kept most of the money, about $200 billion.

This is one of the largest scandals in American history. America is 16th in the world in broadband and the US DSL current offerings are 100 times slower than other countries such has Japan and Korea. How did we go from Number 1 in the web to 16th in broadband and falling?

Starting in the early 1990's, with a push from the Clinton-Gore Administration's "Information Superhighway", every Bell company -- SBC, Verizon, BellSouth and Qwest -- made commitments to rewire America, state by state. Fiber optic wires would replace the 100-year old copper wiring. The push caused techno-frenzy of major proportions. By 2006, 86 million households should have had a service capable of 45 Mbps in both directions, (to and from the customer) could handle over 500 channels of high quality video and be deployed in rural, urban and suburban areas equally. And these networks were open to ALL competition.

In order to pay for these upgrades, in state after state, the public service commissions and state legislatures acquiesced to the Bells' promises by removing the constraints on the Bells' profits as well as gave other financial perks. They were able to print money -- billions of dollars per state -- all collected in the form of higher phone rates and tax perks. (Note: each state is different.)

* ADSL is not what was promised and paid for. It goes over the old copper wiring, can't achieve the speed, has problems in rural areas and is mostly one-way.
* 0% of the Bell companies' customers have 45 Mbps residential services.

The fiber optic infrastructure you paid for was never delivered.

http://www.muniwireless.com/article/articleview/50 11 [muniwireless.com]

What the hell?

"that AT&T has to spend billions on network maintenance to carry illegal pirated traffic -- which they probably couldn't recoup by suing people"

Yeah and you also have to spend billions maintaining a network so that morons can blather on about inanities! That's what being a telco with common carrier status is all about! You're supposed to recap your expenses with a user fee structure, while being completely disinterested in the nature of the transmitted content, you dumbass! If you don't know that then obviously you're the wrong man for the job!

Trained monkeys

This is because the press has been turned into a pack of trained monkeys who repeat whatever pablum the corporations inject into the wire services without engaging in any critical analysis. In government matters, they have just been converted into an outsourced extension of Minitrue.

Re:Trained monkeys

Makes sense, doesn't it?

The masses want cheap newspapers. They usually don't care about content, they care about their funnies not costing more than 50 cents. And that's quite possible, with companies paying insane amounts of cash for ads.

Here, it is already very blatantly so that companies (banks and car manufacturers, usually), "buy" newspapers. Indirectly. By buying double page ads, often twice or thrice per paper. I once had the chance to ask a higher up at a local bank why the heck they do that. I mean, there can't be any advertising value in doing a double-full page ad twice in the same newspaper.

Answer: "Well, we got a security breach and they know about it, and we don't want them to report it".

He didn't even try to hide it! I mean, here I am, some tech goon and he just says that as if it's normal everyday business to bribe newspapers to suppress some news. I was rather ... stunned.

And soon working somewhere else.

Today "pirated" content, tomorrow dissidence

It works that way. I know, i live in turkey. so smarten up and act before its too late.

Try your best AT&T!

But my iPhone let's me browse all I want and you can't do anything about it because my plan is through... crap.

AT&T upset about bandwidth useage.

That's a shock. They've been crying for years that people don't use their internet connections in the same manner as the telephone. Pay us a bunch of money and then barely use the service so we can over sell our capacity, which won't become apparrent until there is an natural disaster and the networks get clogged.

"Somebody running a server in their basement on our network and uploading illegal copies movies raises the costs for everybody else and jams the network in ways we're not compensated for,"

Uhh bullshit. We pay for the connection, we get to use the connection. If you don't like that quit selling us "Unlimited" Service and then crying when we actually use it as such.

It would be funny to have an national protest by uploading, legal things of course, all over the world just to see how badly we could cripple the internet. Say you entire photo library to your favorite photo site, or a nice modest ten gig transfer through chat programs such as Skype, or a few hundred emails with a files attached to them to everyone you know. Just for 24 hours or so and watch all this "unlimited" bandwidth grind the system to a hault.

As a follow up trick start up few hundred class-action lawsuits for fraudulent buisness practices and false advertisment.

How the hell is this redundant?

Did someone try to apply "overrated" to my comment, and miss?

One of many WTF lines from a linked FA...

"Somebody running a server in their basement on our network and uploading illegal copies movies raises the costs for everybody else and jams the network in ways we're not compensated for," said Mr. Cicconi..."

Right, because pirate bytes are... bigger? I guess they're all wearing hats and carrying parrots or something.

l7-filter

To the posters wondering how they can do it, look at l7-filter for iptables [sourceforge.net]. Now, this is what you can do - fairly effectively people are reporting - to filter p2p with a Linux router. (There's also ipp2p [ipp2p.org] for Linux, but that's judged only partially effective.) You can bet that what open source can do, AT&T's Ciscos can do too. Doing that level of inspection is going to add quite a computational load, on the one hand. On the other hand, blocking the p2p stuff will take a huge load off of the pipes.

Is the l7-filter's approach something that p2p software's next generation can get around? Maybe, but it won't be as simple as port hopping. There will always be ways to get a few files though, but the question is whether large-scale p2p operations will remain viable in a context of widespread packet filtering.

Encrypted Content??

So -

1) If I share an illegal copy of a movie using an encrypted p2p service
2) AT&T somehow busts me (i.e. they decrypt and analyze my shit at layer 7)
3) I can sue their asses for violating DMCA or whatever right?