Tuesday, July 10, 2012

No, Comcast is NOT Monitoring Your Connection

Letters and emails have been sent out for P2P use for many years, but people still don’t fully understand what they are, and what they mean. This confusion is only going to get worse as the planned 6-strike deadline gets here.

Despite the proposed ‘six strikes’ measure being delayed, it’s still coming, as Verizon confirmed recently. Many who read TorrentFreak know exactly what it means and how it works, but many don’t, and there are forums of countless sites that are full of people claiming that their ISP has sent them an email because they’ve monitored a torrent in use.

The misconceptions over this have been going on for a LONG time. A quick search can find instances going back at least 4 years. The general pattern is the same: “I’ve got a letter/email from my ISP, who has told me to stop downloading something. How do I stop my ISP from monitoring me so I don’t get any more?”

The messages come from outside companies. Companies hired to identify, and send emails to the ISP’s of computers detected on P2P. All the ISP does is match the IP to the account using it at the time specified and forward the email on.

The mistake comes because the emails that grab people’s attention come from the ISP’s, and people being the suspicious buggers they are, assume the ISP knows, because the ISP has been spying on them. While it’s true that P2P and ISP’s don’t always mix, the ISP’s are blameless here. Traffic shaping, yes; monitoring and sending letters, no.

Despite pushes and ‘wishes’ that ISP’s be proactive and do that, they can’t and won’t. Despite the allusions often made to Child Pornography, and other content ISP’s actively filter, Copyright Infringement is another matter altogether.

Content such as Child Pornography is illegal or own or distribute by anyone. Thus It’s clear that not only is there no lawful reason to enable access to it, by blocking it, they’re saving customers from potential criminal charges (although some courts are now realising that access can be accidental, as content filtering is not infallible)

Copyrighted material, on the other hand is legal for anyone to own, but the ability to distribute is based entirely on private contractual arrangements. No-one except those in the position to grant these contractual agreements (the rightsholder) knows if a party is permitted to distribute. Without this knowledge, ISP’s can’t make a determination on blocking.

A lot of the time, even the rightsholders don’t even know if someone is authorised or not. This was most clearly exposed in the Viacom-Youtube case, where some of the clips Viacom were suing YouTube for were uploaded by Viacom employees for promotion, but it’s fairly common with all kinds of different media.

The other aspect is privacy. In most countries, internet users have an expectation of privacy when they go on the net (exceptions exist for places like at work on the company internet). Monitoring your connection looking at what you’re doing is criminal, and would be a breach of privacy law, and possibly wiretapping. No ISP wants to get involved with that.

Traffic shaping does not have the same level of restrictions, however, since it’s only looking at the type of traffic, and not the content. That’s why Comcast got off relatively lightly when they used Sandvine.

As for the letters themselves, they’re sent by private companies hired by rights holders, in exactly the same way as the mass bittorrent lawsuits. Indeed, the collection methods used are identical; the only difference is that instead of filing lawsuits, they’re sending emails to ISP’s. In the past, peer lists have been hovered from trackers, but that’s led to major problems with accuracy.

Instead the more usual method is to participate in the swarm themselves, and log the activity. This works for both ‘public’ and ‘private’ (and if you think they’re not on ‘private’ sites, should we remind you of EliteTorrents, Oink, and many others) and needs nothing more than a standard client, as demonstrated here.

The only thing we will be able to say for certain is that the 6-strikes program won’t solve the so-called ‘problem of piracy’. It’ll just drive a lot of people to seedboxes, and VPNs to hide their IP (as well as to ‘solutions’ that have NEVER worked, like blocklists) and nothing much will change. The industry will claim it works, and later that it no longer works, and that more intrusive methods will be needed.


One main problem with all these lawsuits and plans is technological; it’s IPV4. Because of the lack of IP addresses out there, we have a one-to-many situation. One IP address can represent many computers. It’s like the implied right of access to property (the recognised pathway onto a property where your addresses is defined, hereafter referred to as a front or garden gate). Sure there are some gates with only one person behind them, living alone. However, there are plenty of places where the front entrance has dozens (or even hundreds) behind it, such as blocks of flats, apartment buildings, dorms, hotels and offices.

If you had a crime in the real world, and attempted to prosecute a homeowner because the only evidence you have is that the alleged perpetrator walked through front gate, you’d have the case thrown out. Countless people have the ability to go in and out of front gates, without transferring legal responsibility to the homeowner.

It’s similarly the case in the digital world. Identifying the ISP connection (effectively the front gate) only tells you that the accused entered the property, without indicating who it is, or if the accused stayed there or had permission. It’s sloppy work and not based on solid evidence.

As IPV6 spreads, however, things may get easier for those companies still in business. There are so many more IPv6 addresses that it’s probable every device will have its own public address. Then instead of identifying a gateway, you will at least have a specific device to pin the blame on.


That’s in the future however. IPv6 hasn’t had a whole lot of takeup, despite the lack of available IPv4 addresses, and a few well publicised IPv6 days.
In the meantime, there’s just uncertainty. Law firms don’t want their evidence tested in court. We saw that in the UK with the Davenport Lyons and ACS:law where any defence mounted would lead to the case being shelved.

Now in the US, the cases are still shelved instead of being litigated all the way through (to the annoyance of people like my friend Blair Chintella, who has been defending some of those accused), but the judges are getting upset at the end-run being made around the courts, by the use of ex-parte discovery. Some have started reacting rather stridently, observing that it seems to be a scheme to create payments, without any litigation being carried through.

So this brings us back to the plan by the ISPs. Why did they agree to this? The simple answer is they don’t have a good enough lobby right now to counter the arguments made by the likes of the MPAA, RIAA, and BSA, even if the only fact present is the Federation Against Copyright Theft (aka FACT). This agreement gives them the appearance of doing something, but in reality they’re not doing anything they’ve not done before. They’ve just made a big noise about it.

And in getting people talking about it, perhaps they’ve done the best thing they can to start people countering it, building from the SOPA/PIPA protests. The results remain to be seen.

One thing is certain though. People will use methods to circumvent this project. VPN's and seedboxes will be more common (although be wary on the company's privacy policy) until they will inevitably be banned, because it's easier to try and tell people what to do, than fix the reason WHY. Until that is addressed, we'll just see this same cycle repeated over and over, with every-more draconian plans.


  1. Excellent summary of what will no doubt become.

  2. feckshallotshatbricksnriceWed Nov 28, 06:33:00 PM EST

    This same thing happened to me, my internet is only like < 50kbps.