Doubt over ISPs' ability to detect illegal file sharing

Business secretary Peter Mandelson's decision to force internet service providers to introduce technical measures to combat music, video and software piracy begs a question: will it work?

Business secretary Peter Mandelson's decision to force internet service providers to introduce technical measures to combat music, video and software piracy begs a question: will it work?

James Blessing, a consultant to smaller ISPs and ISPA council member, says obtaining proof that files are being illegally shared is difficult.

Each message is broken into packets or envelopes of data and each may be sent via a different route to its destination where they are reassembled into a coherent message.

It is fairly easy for ISPs to identify peer-to-peer traffic using protocol analysers. Doing anything about it is problematic. "You can't just block P2P because you break legitimate traffic," Blessing says.

This means ISPs will have to open up the packets to see what content they contain. Three problems arise. One is that ISPs have no way of knowing whether the music or video file they find is being transmitted legitimately, or even if the ones and zeros are music, video or even spam.

Rights holders could put a kind of digital watermark on the content that would indicate what is legitimate, but they show no signs of doing so, says Blessing.

Second, the best content inspection appliances are about 80% effective at 400Mbps, and many ISPs have throughputs of 10Gbps or more. They would each need at least 25 such appliances to monitor their present traffic, let alone cope with the jump in traffic volumes that a 2Mbps universal service might bring.

"This is an engineering problem," Blessing says. "ISPs can split their traffic (for inspection), but that's inefficient and will raise costs, or they can wait for the engineers to build faster appliances."

Third, if the content is encrypted, as it is with Skype, ISPs can't read it at all. Francisco Mingorance, senior director for public policy for the Business Software Alliance (BSA) Europe, says encryption services are available to file-sharers for $5 a month.

Content filtering risks stopping or holding up legitimate use of file-sharing networks, and content inspection at the very least means messages will take longer to get to their destination, he says.

But ISPs want content owners to provide evidence of such quality that it will stand up in court, says Blessing. Much of the evidence that comes to them is incomplete at best, he says.

Getting solid evidence of wrong-doing is costly, and the return on investment barely justifiable, says John Lovelock, chief executive of the Federation Against Software Theft (FAST). It cost FAST £135,000 to sue just one infringer. The £3,500 fine levied was 100 times the cost of the stolen software, and the thief could pay it back in his own time, if ever, he says.

Kevin Peel, CEO of 4theNet, a Sussex internet service provider with both business and consumer clients, says the existing system of notification and takedown works well. "The rights holders tell us which of our customers is infringing, we send them an e-mail, and usually they apologise and remove the offending material at once," he says.

If the government is to pursue its proposals, it will have to be on a cost-recovery basis, Blessing says. Many smaller ISPs already subsist on gross margins of 50p per connection per month, he says. Any extra unrecoverable cost will put them out of business.

Blessing rejected the idea that the cost could be passed on to customers. Smaller ISPs are already losing customers to the bigger players that can offer packages that include fixed line telephony and TV as well as broadband.

The technical problems of accommodating the government's proposals boil down to engineering, cost and a willingness to reduce the amount of competition in the ISP market. If these could be solved, would they work?

It is unlikely that the draconian measures proposed by Mandelson will have the desired effect. It is more likely that they will encourage persistent illegal file sharers to use encryption, anonymising networks and other technical measures to evade policing.

Read more on IT legislation and regulation