A big thing at stake in the debate over a free, open internet like we've had on terrestrial internet service for a while and a closed, sectioned off internet like cellphone internet was back before iPhones and Androids has been prioritization of traffic and what it means for freedom. There are those who want the FCC or Congress to mandate that there's no prioritization so that a carrier like verizon can't make youtube artificially slow for their subscribers so you'd have to watch a pay on demand streaming thing instead. Or that an ISP with certain political leanings didn't favor their allies blogs over their rivals. There are carriers and ISP's who argue they need to be able to prioritize and throttle traffic to keep their networks operable and raise the cash to build out more infrastructure.
Verizon and Google's proposed compromise didn't really address these concerns to the satisfaction of people who are advocating for the sake of free speech and online democracy.
So, I propose to take a stab at it myself. I am online politically and happen to be a big nerd who does IT. I can see both sides of the coin. I'm not a netroots superstar or Vint Cerf, but I know enough about the respective issues to tell the kernels from the bullcrap.
I think maybe filtering and prioritization could be allowed given the following guidelines:
- Wireless, terrestrial or any networks that can be described using the OSI model (http://en.wikipedia.org/wiki/OSI_model) and/or TCP/IP protocol suite are to be treated equally.
- Above all other considerations Emergency Services communications will be prioritized above all other traffic. This is defined as communications between state qualified emergency services personnel during an emergency or any form of 911/e911 communications.
- An ISP or carrier may prioritize or tune traffic on OSI layers 1-3 within their network only. Equal access and priority must be given to ingress/egress routers with outside networks as with internal services. For instance: If Time Warner had an online movie store inside their network, a user of their internet service would not be impeded on OSI layers 1-3 when trying to get to iTunes or Netflix or anywhere else online. Their internal routes and hosts are equally available as external routes or hosts. This network optimization allowance is to enable performance tuning a network. All ingress/egress traffic must be treated equally.
- "Carterphone" principles are to be adhered to regarding what devices operating on layers 1-3 are allowed on the network.
- Layer 4 and TCP/UDP. A Carrier or ISP may prioritize UDP over TCP. It may not prioritize based on where, from/to whom, internal or external of network. It can only opt to prioritize all UDP over all TCP. This allows for VoIP, video streaming, conferencing and the like that use UDP for it's 'fire and forget' stream of packets to enjoy QoS over other things. It would be forbidden for carriers/ISP's to tunnel "premium" TCP streams through prioritized UDP. Carriers or ISP's concerned about subscribers performing the tunneling themselves would not be able to forbid this in ToS. They do have the option of treating TCP and UDP equally as a remedy if tunneling gets out of hand.
- Prioritization, blocking or filtering of subscriber traffic on layers 5-7 is forbidden for carriers and ISP's.
- Hard part about #6: It's a common practice for ISP's to require users to use their internal SMTP service to fight spam. It may seem like a good idea to allow this but it's a slippery slope. If we allow this, then RIAA/MPAA can chime in and make their case for building copyright enforcement into the network. And the COPA people would do the same. Something like DMCA's notice and takedown provision could get around this but that provision is ugly and likely unconstitutional because it violates due process and has a long history of abuse. Perhaps a solution would be something like the FISA court where end users, carriers/ISP's, rights holders and law enforcement could report abuses. This facility could rapidly vet complaints for maliciousness or bad faith (DMCA copyright abuse), solicit a defense from the target of the complaint then issue injunctions. It could provide (and replace) the expediency intended by DMCA notice/takedown, provide for due process protections of citizens and automatically provide an avenue for appeal, since it's an action of a court. This is a larger debate. This could kick it off.
- Deep packet inspection is forbidden. We don't allow the post office or phone company to eavesdrop on communications. Deep packet inspection is the same thing. Payload access and/or deep packet inspection can only be performed when carrier/ISP has been compelled to do so with a Warrant or requests compliant with FISA and/or CALEA.
- Packet Jitter. Inserting jitter, stutter, chaff or any other kind of artificial networking anomalies across all layers and protocols is forbidden. What/why is this? For a long time long distance telephone carriers have been allowed to add errors and degrade signals when trunking to a competitor. For instance: Your long distance is through AT&T and your mother has Verizon. If you were both on the same long distance, it would sound as good as the network possibly can. But in this instance the companies have been allowed to make the signal sound like crap so that you think Verizon is bad and your mother thinks AT&T is bad. This is annoying and unnecessary in regard to phone calls. But it's a bigger deal when we're talking about network packet prioritization rules. If we make rules saying all traffic must be given equal prioritization footing and carriers still want their services to perform better than those of their rivals, they could just mess with the data or flow control data in their competitor's streams. This could take the form of dropping packets, inserting RSTs, delaying packets, reordering packets, repeating packets... any kind of error they could think of. Now, this kind of thing happens by accident or pesky physics all the time. This rule mainly closes a loophole for prioritizing where it is otherwise forbidden. Some online rights organizations have released tools for telling when ISP's are blocking certain things. It would be necessary for FCC to develop or embrace similar tools and enlist users to report abuses. Similar to the Post Office's "secret shopper" program where they send mail to participants and they report when they got it if at all and in what condition. This could show if network errors were just noise or showed a pattern of malicious intent.
- Opt-in filtering and blocking. China's great firewall and Australia's similar blocking proposals are totalitarian and anti-democracy. However, parents, educational institutions and other parties may have legitimate cause to add filtering and blocking to their information security planning toolkit. A standardized filtering access control file (Let's call it a FACF) format for domains, IP addresses and access controls may be created and maintained at IETF. Entities, I will call then Filtering Service Providers (FSP's) can offer DNS and IP blocking services which follow access controls as described in a valid FACF for a registered user. FSP's may not block, prioritize or filter in OSI layers 5-7. Subscribers may use any DNS or FSP they wish. Carriers and ISP's can provide this service to their subscribers only if it's an opt-in service offered separately from the subscription. FSP's must disclose what hosts, domains and controls a plan or FACF contains as part of the sign-up/opt-in process. Congress shall pass no law nor may any public or private entity construct any other legal device mandating or compelling a private entity or citizen to use a FSP. Congress shall pass no law establishing a national FSP behind which citizens would be forced to operate (Like china's great firewall).
- To the extent that a business may filter or block internal network communications of it's employees or enter into a b2b agreement with another business compelling the same, said businesses are not considered FSPs under item 10.
So there we have it. I by no means claim to know OSI or TCP/IP or how to craft policy at the level for whom it is their profession. But I do know how I would enable online democracy and create an information availability and integrity policy for a network I was administering. If there is to be compromise on internetworking policy issues I hope this is an informative and constructive document in the requisite debate. And be gentle. This is lower level networking than I deal with daily.