Net neutrality and the impact of deep packet inspection technology

20 November 2008

Rhys Williams, Carolyn Burbridge

While there is no precise definition of net neutrality, it is commonly understood to relate to non-discriminatory access for content providers to the internet. As technology develops the opportunities for increased discrimination also grow. Rhys Williams, Partner, and Carolyn Burbridge, Senior Associate, at Bird & Bird look at the particular affects that deep packet inspection technology may have on net neutrality.

The common understanding of net neutrality

Net neutrality is a principle that has been the cause of much conjecture and discussion in the past few years. This has not only been in relation to whether it is generally, to put it simply, a good or a bad thing, but also in relation to what it actually means.

Most commentators agree that net neutrality relates to principles of access for content providers to the internet and subsequently to consumers of that content. The most common understanding of the concept is that there should be no discrimination in the provision of that access. Such discrimination could occur in relation to the type of content that is permitted access as well as in relation to the entities or individuals that send or receive such content. This principle is also broadened in some quarters to include the concept that internet service providers (ISPs) will only charge consumers once for internet access and will not charge the content providers for distributing their content to those consumers. Perhaps not surprisingly, many argue that this latter element is economically unsustainable.

Why is net neutrality an issue?

The internet is an incredibly successful medium of distribution, but it has arguably become a victim of its own success. There are times when its reliability can be questionable and it is increasingly susceptible to congestion of the traffic crossing its networks. There is therefore a clear incentive for the telcos and ISPs who route the packets of data across the internet to consider splitting their service provision, on the one hand developing a superior service reserved only to those both willing and able to pay for it, and on the other continuing with the more freely available, but congested routes. To be able to do this, the telcos and ISPs would have to be able to prioritise traffic depending on who the sender or intended recipient is or even depending on the type of traffic being sent. Of course, this already happens to some degree in any event. For example, the real-time communication required for VOIP is dependant upon voice packets being given priority over data packets. However, the extent to which such telcos and ISPs should have any regard to the content of, or to the sender or recipient of, any packets comprising the traffic over their networks is a particularly contentious issue.

Many well known internet-related businesses argue that once a telco or ISP has signed up a customer it should not censor content or demand additional charges for any particular type of content or service merely because it has control of the network over which that content flows. If net neutrality is not maintained as a concept, their fear is that such a telco or ISP could hold competitors to ransom for good quality access. This is generally argued more vehemently in the USA rather than in the UK or Europe as a whole. In Europe, the market operates differently with far greater competition between providers, which helps to allay such fears. This does of course assume a level playing field for those involved in the market, so regulation may have to role to play in ensuring such equality exists and continues to exist.

The relevance of deep packet inspection technology

However, even in Europe concerns do remain as evolving technology affords greater opportunities to impact the broad principle of net neutrality. Many of these manifest themselves as “Quality of Service” (QOS) initiatives that prioritise certain traffic over others, often at a price; VOIP, as noted above, being a case in point. Deep packet inspection (DPI) technology is an example of such technology and is probably that which is most ubiquitous in the current marketplace.

DPI is a filtering technique that examines the contents of data at an inspection point as they are transmitted across the network.

For data packets to travel through a network, they must pass through several protocol layers. The layers attach a ‘header’ to each packet that identifies the sending and receiving computers. Shallow inspection technology is only capable of interrogating the header of any given data packet. This means that ISPs can collect only basic information such as the origin and destination IP addresses of each packet. DPI works by digging down into the data part of a particular packet until its nature and the application that created it can be determined. DPI therefore enables ISPs to gather additional information on exactly what is passing through their networks. It also identifies and classifies the traffic, thus giving ISPs the opportunity to exercise a higher degree of control over what information is actually sent over their networks and how. If a packet meets certain criteria which is pre-determined by the ISP, rules can then be applied to control the transmission of the data. ISPs can gain a great deal of knowledge about their users and the information they are sending and receiving on the network, thus enabling them, should they wish, to block, shape, monitor, report and prioritise internet traffic. 

Traffic shaping mechanisms generally are becoming increasingly sophisticated. They can help address some of the congestion issues on the internet and so work towards making networks more efficient. This increased efficiency should enable telcos and ISPs to generate additional income. Greater use can be made of that network and premium fees can be attached to the use of a more efficient service offering. Naturally, and not without merit, the telcos and ISPs argue that this is necessary to fund the infrastructure upgrades required to support future growth and the proliferation of the use of the internet for services such as IPTV, which require high bandwidth.

Taking traffic shaping one step further however is the potential for blocking or “throttling” certain traffic. There is obvious advantage in blocking traffic containing viruses, malware, spyware and spam. Indeed, it would be difficult to deny that, in principle, this is in the interest of all interested parties, including the telcos, ISPs, content providers and customers. At present, DPI is probably most commonly used for such purposes. However, it has many other uses and is also deployed for purposes including interceptions at the request of law enforcement agencies; targeted advertising by monitoring web-browsing habits; copyright enforcement by employing DPI to prevent illegal distribution of copyrighted materials; prioritisation of some packets over others; and surveillance and censorship by governments and government agencies.

It is, of course, possible to block various sorts of traffic for a whole variety of other purposes. It is widely accepted, however, and also anticipated that DPI could be used for more controversial purposes. As the ISPs are able to intercept all of their customers’ internet activity, including web surfing, e-mail and peer-to-peer downloads (such as music and video files) there are fears that they could deny content providers and consumers access to certain types of content or specific files, or charge extra for such access or for priority access. In Europe this is most likely to develop according to market forces and commercial imperatives as regulators have generally stepped back from involvement. There is undoubtedly some risk that the use of DPI may be detrimental to content providers and consumers, but its use does not go completely unchecked. ISPs deploying the technology will be all too aware of the need to comply with data protection laws and to ensure that their interference with and control over traffic does not go so far as to mean they would lose their “mere conduit” defence for the purposes of the Electronic Commerce (EC Directive) Regulations 2002. There may be many attractions in knowing what information is passing through networks and having the ability to control it. However, it is likely to be far less attractive to ISPs if there instead becomes an expectation that they will or even should have that role, and this may be the greatest disincentive to any more controversial uses for DPI.


Deep packet inspection technology is just one manifestation of myriad possibilities for seeking to control access to and the use of the internet. The use of DPI is quite clearly contradictory to the principle of net neutrality. However, it is far from clear that net neutrality should be an absolute that is to be sought out at all costs, whether through regulation or market forces. The deployment of DPI and successor technologies, as they develop, will need to be monitored to ensure that the access and use which they seek to control is within legitimate parameters. Telcos and ISPs seeking to use DPI will know that its use is not entirely unfettered in Europe. Care needs to be taken to comply with data protection laws and to ensure that such entities continue to be viewed as “mere conduits”. These requirements, combined with the extent of the competition in European markets, may be sufficient to perform that monitoring role and so ensure that while DPI may have an impact on the principle of net neutrality, it need not result in a negative experience for customers and content providers.

Rhys Williams, Partner, Bird & Bird,

Carolyn Burbridge, Senior Associate, Bird & Bird,