ePrivacy watchdog raises concerns over ‘net neutrality’


The EU's data security watchdog has warned of “serious implications” for privacy and data protection if a disproportionate approach is taken to ensure net neutrality like filtering network traffic on a grand scale.

Though net neutrality means that traffic should not be tampered with, experts admit that guranteeing the same level of service for users involves some traffic management which privacy watchdogs warn could become invasive.

In an opinion issued last Friday (7 October), the European Data Protection Supervisor (EDPS) warns against “certain inspection techniques used by ISPs [internet service providers] which may be highly privacy-intrusive, especially when they reveal the content of individuals’ internet communications, including emails sent or received, websites visited and files downloaded.”

“It is therefore crucial that compliance with data protection rules be closely monitored,” concludes the EDPS.

In the near future, internet service providers (ISPs) may be allowed or requested to monitor the traffic of data on the net with the aim of filtering or restricting internet access. This already happens in certain circumstances when operators block or hamper access to certain services on the internet.

As the Commission itself acknowledged in a recent document on net neutrality, “a classic example of this would be mobile internet operators blocking voice over internet protocol (VoIP)” services, such as Skype.

Operators argue that filtering is necessary to allow a functioning traffic management which ultimately benefits all internet users and prevents congestion of the net.

But, as more services migrate to the web, operators may be increasingly tempted to block or slow down other services which compete with their own or do not yield much profit, effectively creating fast lanes and slow lanes for different services.

“The concept of net neutrality builds on the view that information on the internet should be transmitted impartially, without regard to content, destination or source,” argues the European Data Protection Supervisor, Peter Hustinx.

When traffic management turns to be necessary, it should be done in a way that guarantees the fundamental right to privacy and data security of internet users, goes his argument. But this is not always the case.

Traffic management

The European Commission did not take a definitive position on traffic management in its communication on net neutrality published last April, but made clear that further monitoring of dubious practices was required and could amount to possible regulatory measures.

“If significant and persistent problems are substantiated, and the system as a whole is not ensuring that consumers are easily able to access and distribute content, services and applications of their choice via a single internet subscription, the Commission will assess the need for more stringent measures to achieve competition and the choice consumers deserve,” concluded the EU Executive’s document.

The analysis is still ongoing and should bring concrete results by the end of the year when Brussels may be forced to provide “additional guidance” on net neutrality, as pledged in the April paper.

The EDPS opinion comes as the debate is still wide open and tends to influence the final decision on what constitutes harmful traffic management.

The EDPS is in charge of monitoring the respect of privacy and data protection by the EU institutions when they deal with citizens’ personal information. His opinions, however, reach a wider audience and have traditionally influenced policy decisions in the field of privacy and data protection.

At the heart of the controversy concerning net neutrality is whether access to Internet services or content should be controlled and filtered or left untouched according to the principle of ‘best effort’.

This principle implies that no provider can prioritise traffic on the net for economic reasons. Instead, every user should be served with the providers’ best effort. This criterion has seen derogations in order to allow more professional use of the Internet. Therefore, a business user willing to pay more gets a faster and better connection.

However, extending this concept to many more users would run the risk of the majority getting such a poor service that it will prevent them from using the Internet. The borders between the two needs are currently being defined, and are subject to technological and regulatory developments.

The issue of net neutrality was first debated in the US a while ago, and is now generating intense debate in Brussels. In April the Commission presented a paper that left many questions unanswered on the way forward.

The term 'net neutrality' was coined by Columbia University law professor Tim Wu, who has written widely on the rise of Internet monopolies such as Google and Facebook.

  • By end 2011: European Commission to conclude analysis of traffic management practices.

Subscribe to our newsletters