Probably the most scary document I have ever read.   

It’s a technical document written for engineers. Its aim is to translate the customer requirements, as passed to them by their commercial colleagues, in order to set a standard for the industry, so that all of the equipment from different manufacturers will work together. Customers – the ISPs and network providers -  will have the choice of competitive product offers, safe in the knowledge that they don’t have to change out all of their equipment.

 What makes this one special is that it gives life to the fears of all those concerned about how networks and governments could control not just the Internet, but us.

 Ever since I first heard about deep packet inspection, in about 2008, I tried to understand what it is, and what it can do. Way back then, I discovered that it had been logged for standards work within the so-called Next generation network or NGA. The NGA  is what engineers call the development of new broadband  Internet infrastructure equipment – the routers and management systems that comprise the physical network.  

 I figured out just how much of yours and mine network traffic can be visible to the ISPs if they have the right system  tools. A little later, I learned about the industry product road map, still an engineering level, to build DPI into every network system. ( See Traffic management - how deep packet engines will shape the Internet slow lane ).

 DPI is like the heavy armour. Or to use a different analogy, it is like rolling out tanks down every street. Only they will be tanks with infra-red periscopes, able to spot your tiniest move, around any corner,  by day or night. And they will be able to control where you can and can’t go.

 This document confirms my findings. What is it? It is document number Y.2770, entitled Requirements for deep packet inspection in Next Generation Networks.  It sets out recommendations for a technical standard  for deep packet inspection. It was adopted at the end of last month by  a special group within the ITU, known as the World Telecommunication Standardization Assembly (WTSA-12), which met prior to this month’s World Congress (WCIT-12).

 That means it is an official document for people working in the telecoms industry, and it will be used by those developing DPI equipment.

 Its author appears to be Chinese, and is working with the Telecommunications Technology Association. This is a Korean-based telecoms standards body, that appears to be a joint venture between the Koreans, Chinese and Japanese.

 The Y.2770 document outlines a suite of requirements that will make authoritarian governments and the copyright industries, very happy. For example, DPI systems will have to be capable of detecting Bittorrent, eDonkey, multi-channel media, video, file transfer, voice telephony. They must be capable of detecting and blocking computer games traffic.

 Under Y.2770, DPI systems will shape applications traffic, executed on a per packet basis. They will police peer-to-peer traffic and other applications. They will mark specific packet types. They will detect ‘abnormal’ traffic – which of course, could be for genuine security applications, but might not be.

 Y.2770 DPI will block packets carrying data attachments of pre-determined sizes. They will use statistical analysis where traffic is encrypted.

 Do you want me to go on, or is that enough?

 Deep packet inspection systems, designed to Y.2770, will take action on an application-dependent basis, using built-in rules. DPI will look for audio content that is copyright protected and where stipulated, delete the audio.

 This can be done by country, right down to the individual. They can even detect who your employer is, and take pre-determined actions if a rule is given.

 One aspect that particularly worries me is the inclusion of FTP in the Y.2770 specification. This means that networks will be monitoring everyone who runs a website, and potentially could be asked to block you from uploading content.

 This Y.2770 document  is controlled by the Chinese. Far from being just an engineer’s technical specification, it has major political ramifications, and should not be permitted to go any further until there has been democratic debate. (See EU asks: should we regulate deep packet inspection? )

The  list of functions is a censor’s  dream. That why, for me, this document is a nightmare.

  This is an original article from If you refer to it or to its content,  you should cite my name as the  author, and provide a link back to  Media and Academics – please cite as Monica Horten, The ITU’s DPI standard –  that’s something to be afraid of !   in,  6 December  2012 . Commercial users - please contact me.






The Copyright Enforcement Enigma 'accurate and absorbing account of the story of the Telecoms Package' -Journal of International Commercial Law and Technology

'...a must read for those interested in knowing in depth about copyright enforcement and Internet.' -Journal of Intellectual Property Rights.  

Read more  

Copyright Enforcement Enigma launch, March 2012

European Parliament launch for Copyright Enforcement Enigma

Don't miss Iptegrity!  RSS/ Bookmark is the website of Dr Monica Horten. She is  a trainer & consultant on Internet governance policy, published author& Visiting Fellow at the London School of Economics & Political Science. She served as an independent expert on the Council of Europe Committee on  Internet freedom. She has worked on CoE, EU and UNDP funded projects in eastern Europe and beyond.  She was shortlisted for The Guardian Open Internet Poll 2012. Iptegrity  offers expert insights into Internet policy (and now Brexit). Iptegrity has a core readership in the Brussels policy community, and has been cited in the media. Please acknowledge Iptegrity when you cite or link.  For more, see IP politics with integrity is made available free of charge for  non-commercial use, Please link-back & attribute Monica Horten. Thank you for respecting this.

Contact  me to use  iptegrity content for commercial purposes