Helping Iran Target Iranians
What more can be said about the Internet's role in the popular uprising that has shaken the Iranian regime since its widely contested election?
The power of open social networks is undisputed. The Internet's three favorite offspring -- Twitter, Facebook and YouTube -- have been heralded by mainstream media as flag-bearers for a new era of citizen journalism and activism.
But the open Internet's power cuts both ways: The tools that connect, organize and empower people can also be used to hunt them down. The companies that profit from sales of this technology need to be held to a higher standard.
Of particular concern is the use -- and easy abuse -- of Deep Packet Inspection. DPI is a content-filtering technology that allows network managers to inspect, track and target content from users of the Internet and mobile phones, as it passes through routers on the information superhighway.
'Lawful Intercepts' in Lawless Regimes
European and North American companies are selling DPI to enable their business customers "to see, manage and monetize individual flows to individual subscribers." But this "Internet-enhancing" technology has been sought out by regimes in Iran, China and Burma for more brutal purposes.
 Basij forces target computers during a June 14 midnight raid on Tehran University |
Nokia Siemens' attempts to dodge responsibility for Iran's reported abuse of their technology is typical corporate hand-washing.
"If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them," a Nokia Siemens spokesman told the Wall Street Journal. He added that the company "does have a choice about whether to do business in any country."
A Growth Industry
Had Nokia Siemens chosen not to sell spying technology to Iran, another global competitor likely would have taken its place. This list of DPI providers includes Zeugma Systems (Canada), Camiant (USA), Openet (Ireland), Procera Networks (USA), Allot (Israel), Ixia (USA), AdvancedIO (Canada), Arbor Networks (USA) and Sandvine (Canada), among others.
These companies typically partner with Internet Service Providers to insert DPI along the main arteries of the Web. (Sandvine, for example, just announced a "global distribution agreement" with -- you guessed it -- Nokia Siemens Network.) All Net traffic in and out of Iran travels through one portal -- the Telecommunications Company of Iran -- easing the use of DPI.
Yankee Group analysts assert that U.S. ISPs are currently deploying advanced DPI equipment, although many do not disclose it publicly. Through these secret arrangements both in the United States and abroad, the DPI industry is experiencing remarkable growth.
The Nature of the Beast
"A company has a nature. Its nature is to produce economic values and wealth for its shareholders," Professor Larry Lessig often says in lectures about corporate ethics and government corruption. "A tiger has a nature, and that nature is not one you trust with your child."
And naturally, the public shouldn't expect corporations to look out for our best interests. Public policy is designed for that role -- to make it profitable for corporations to behave in ways that don't harm the rest of us.
Similarly, the tech and communications companies that are selling content-sniffing tools to governments can't be trusted to safeguard against the horrific state crimes we've witnessed in Iran.
When network operators use Deep Packet Inspection, the privacy of Internet users is compromised. But in government hands, invasion of privacy can lead to human rights violations.
Setting the Bar High for DPI
"Internet Censorship is a real challenge, and not one any particular industry -- much less any single company -- can tackle on its own, " Rep. Mary Bono Mack wrote on Wednesday in a letter to Rep. Henry Waxman, chair of the House Commerce Committee. "Efforts to promote freedom of expression and to limit the impact of censorship require both private and public sector engagement."
Rep. Bono Mack's letter echoes Free Press' call on June 22 for a congressional inquiry into the issue. But this is just a start.
Before DPI becomes more widely deployed around the world and at home, the U.S. government ought to establish legitimate criteria for authorizing the use such control and surveillance technologies.
The harm to privacy and the power to control the Internet are so disturbing that the threshold for using DPI must be very high.
The use of DPI for commercial purposes would need to meet this high bar. But it is not clear that there is any commercial purpose that outweighs the potential harm to consumers and democracy.
Follow Timothy Karr on Twitter: www.twitter.com/TimKarr
Loading comments…
Want to reply to a comment? Hint: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to
Thank you for this analysis. It's a messy issue at the intersection of market economics, international policy, political repression and technology. The events in Iran make the consequences clear.
I read that tech savvy repressive regimes (ghastly description) have the programmers and IT systems necessary to create & implement monitoring applications like DPI, They don't necessarily have to purchase software from external sources. If so, it may be too late for international agreements to have much effect
Was the Iranaina election a widespread fraud as most of commenters claim? No one is sure
Usually an analytically minded examiner raises relevant questions on the question at hand, then from guessing the answers, tries to find the appropriate “links”...
Does Iran have very powerful and immensely resourceful enemies?
Do these enemies fiercely despise the Iranian Islamic regime and in particular Ahmadinejad who “accurately” accuses the West as politically and economically harassing and abusing the Middle Eastern people?...
Do these anti-Iran bodies spend lots of fund to gather statistical, scientific data on Iran?.
Did they know quantitatively that there is a vast emphatic dissatisfaction among educated Iranians in regard to the type of mediaeval backward Islamic government?
And...in the last decade, were there many Color Revolutions organized by the Western establishments causing major disturbances or toppling of the adversary governments ?
The answer to above questions, with very high probability (90 to 99.9%) is a resounding YES.
Furthermore, the core question: In the case of the recent Iranian election, having access to all the required data, was the West was a neutral observer? The evidences are indicating the opposite.
To investigate more start with.
http://www
the young man was despondent, he had spent five hours queue at the iranian embassy in London to cast his vote the day before, but he said it was now it was clear to him that the election was rigged, and that the riots and murders by Iranian police had begun. He said he realised that he was safe for 4 yearsin London, the length of hisvisa, but that hsi sister was not safe, in Iran
Another iranian in Britain told me that he has waited for legitimate status for ten years, his phone calls to familymonitored, because Iran's regime is so afraid of people knowing the truth& wanting democracy with opportunities for wealth,freedom etc.
It occurred to me that by accusing Britain of agitating Iran politics, Britain might retaliate by refusing to grant status to the thousands of Iranians who have been witing for years without recourse to any benefits and sometimes without legal work permission, to confirm their safe and resident status in the UK...sendi
But I did meet Kurdish people, who although enjoying freedom in britain, felt the need to brnig their agitative attitude to Britain...
www.josieg
not politically active, just observing.
"Ought to". Ironic indeed since the US government uses DPI on us through our friendly telecoms. The Obama administration has continued the Bush policies of watching us and has resisted any restraints in court. Holding the Iranian government to account means nothing until we do the same for our own government.
This is absolutely correct!
Riveting read, Timothy! Thank you for this most relevant info, rightly invoking the specter of potentially brutal human rights violations as reminder that we *(AND CORPORATIONS) have a much higher civic standard to bear than just padding the pockets of so many shareholders and CEO's. We are entering a new era of goverment/ corporate to consumer / citizen relations and they would be wise to grow a heart. (Or at least APPEAR to -- you know, to grow the numbers.) This warning should be widely circulated among them, along with a YOUTUBE playlist chosen by Nico Pitney.
I find the comments challenging you on this thread equally enlightening. When you cut through all the "fact checking" accusations, their argument seems to boil down to: "No one has proof that we're doing anything wrong...YE
Nice try, but we're not stupid (anymore) fellas. That's hack. It's the "go to" defense for any potential wrong-doing these days and we're onto you.
Gonna tweet the hell out of this post.
Once a technology exists it is impossible to control it...maybe delay implementation a little.
Allot of Israel may seel this type of software, but you don;t think that Iran would buy anything from israel, do you?
If it makes them money, they certainly would. Just as they sold military technology we supplied them with to the chinese. They might not do it publicly, but if Iran met their price they would sell it to them. It would just be done as a brokered deal through middle men not telling them the real end user.
If anything has been made clear in this debacle largely contrived by US-Gov/Media, is that propagandising US-citizens by individuals within agencies or organizations especially established to misinform American citizens, should definately be held to "higher" standards. Perhaps at the end of a rope after proven involved.
Anyone who assists this fascist regime in Iran with "security" should be boycotted off the face of the earth, which should be easy enough to doin a depression. The last thing anyone who believes in democracy would want is to increase the security of the present rulers of Iran. Just the opposite, their ever-increasing insecurity should be the main goal, until they are out of power completely.
It's interesting to see the myth that Nokia Siemens Networks provided DPI in Iran still being perpetuated, two weeks after the Wall Street Journal clarified its original report and almost three weeks after we published a statement on the issue.
The original Wall Street Journal article actually stated: "It couldn't be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection
We then clarified our business in Iran on June 22. http://www
Is this clarification - that we have not provided any Internet technology, let alone DPI to Iran - what the author is referring to when he states we have attempted to dodge responsibility for Iran's reported abuse of DPI technology?
The facts are that we expanded a mobile communications network in the second half of 2008 that, as in every other country too, required the capability to monitor domestic voice calls. However, contrary to media reports, data and internet monitoring is not provided at all.
Ben Roome
Nokia Siemens Networks
See Timothy Karr's Profile
Ben,
I cite NSN comments above, and link to your explanation of the circumstances of its sale to Iran.
It's not just the WSJ that has reported the ways this technology can be abused. Wired Magazine and other outlets have investigated NSN and your sale of "intercept" technology worldwide.
In your own defense you state that NSN was helping Iran fulfill its legal requirement "to have the capability for Lawful Intercept.
I also question your recently announced partnership with Sandvine (also cited above). Sandvine is among the world's leading suppliers of DPI technology. If NSN is intent upon washing its hands of DPI, why are you engaged with Sandvine? Can NSN say with certainty that it will not offer DPI as a service to the governments it lists as clients?
People in these countries shouldn't be denied access to technology that helps them connect with others at home and abroad -- even in NSN countries where the leaders form a veritable rogue's gallery of human rights abuses.
I do have a problem, however, when such technology is used to hunt down dissidents and stifle free speech.
If you sincerely share this concern, I hope that NSN will agree henceforth not to sell DPI technology to governments. Can you make that pledge right now?
Yes, it's odd that you acknowledge our statement, yet don't address any of the factual points we make.
Nobody has 'investigated' our sale to Iran and come to the conclusion we're selling DPI. Wired just reported what the Wall Street Journal said and some of the fallout. The WSJ has since published our clarification unchallenged.
European export laws actually forbid the sale of IP technology to Iran. It's old fashioned GSM, circuit switched voice that we provide there.
Operators in Iran are required to operate their networks under the telecoms regulations of that country. Lawful intercept is built into GSM switches as a standard feature from all vendors. (Incidentally the mobile operators are our customers, not the government
Should we be help provide mobile networks in Iran at all? That's a valid question. Mobile penetration there has gone from around 12 million subscribers a couple of years ago to over 53 million. I personally believe this 'connectivity' is very empowering.
Regarding Sandvine, I'll look into your claims, but it's not my role to make company policy on the fly.
For further 'crowd sourced' information on DPI in Iran, see: http://sil
And this: http://www
Regards,
Ben Roome
"Can you make that pledge right now?"
....waitin
Apparently not
Unfortunate that the author of this story has chosen to simply ignore the facts. He declares "Had Nokia Siemens chosen not to sell DPI to Iran..." Here is some news: NSN did not sell DPI to Iran. The statement from the company noted that "The restricted functionality monitoring center provided by Nokia Siemens Networks in Iran cannot provide data monitoring, internet monitoring, deep packet inspection, international call monitoring or speech recognition. Therefore, contrary to speculation in the media, the technology supplied by Nokia Siemens Networks cannot be used for the monitoring or censorship of internet traffic." The full statement can be provided at the link below. For full disclosure, I work for NSN - but that hardly changes the fact here. I would hope the author would do the Huff Post readers a service and correct this clear error.
http://blo
See Timothy Karr's Profile
Back at you Kevin:
According to a July 2008 press release, Zeugma Systems manufactures DPI packages that give ISPS "the ability to identify and monitor each and every session flow traversing their network."
I see that you actually work for them, as Zeugma's vice president for marketing. Or is their another Kevin Walsh trolling comment threads for the DPI industry?
In the release you said that with your services customers will "find themselves in a position where they can better manage, from a quality-of-service standpoint, those traffic flows and even, possibly, customize some of those traffic flows."
Your release later states that Zeugma's offering: "occupies the same space in the network as three existing network elements: the edge router, broadband remote access server (BRAS), and deep packet inspection device."
http://lw.
Seems you forgot to fact check yourself..
Good catch. You get them, Timothy. Expose them for what they are.
I think the companies mentioned here -- their customers -- are for the most part a far cry from the abuses of DPI in Iran. But, this isn't to say that come companies aren't taking notice of the potential dangers and doing something about it. Netequalizer moved away from it completely in large part because of the potential privacy issues. Regardless, if it is going to continue to be used (and it will), there should be some regulation as to when and how it happens, starting with full disclosure from ISPs using it.
…one also wonders about the self righteous statements emanating from our esteemed Congressmen. They evidently hope that the public remains unaware of the fact that they also require broadband operators (and their equipment suppliers) to monitor broadband lines for “lawful intercept” purposes.
And naturally, the public shouldn't expect corporations to look out for our best interests. Public policy is designed for that role -- to make it profitable for corporations to behave in ways that don't harm the rest of us.
Or persuade the rest of us to do harm to others. The more likely scenario.
You must be logged in to comment. Log in or connect with
