Policy implications of technology for detecting P2P and copyright violations

The effectiveness of many proposed policies regarding both online copyright protection and network neutrality depend on the extent to which it is technically possible to detect peer-to-peer file sharing (P2P), the transfer of copyrighted files, or both. There are many detection approaches, some performed primarily by network operators and some by application-layer agents. This paper describes capabilities, limitations, privacy issues, and policy implications of detection technologies and their countermeasures, in part through quantitative analysis of empirical data. Different approaches are better for different purposes. Network operators are well-positioned to estimate how widespread copyright violations are, but application-layer detection from outside entities has important advantages when the purpose is punishment. Detection is also imperfect, so policies should require more transparency regarding how it is done than we see today. It is shown that, although network operators may not detect every transfer, and they typically miss more video than audio, they can identify most individuals who share copyrighted files via P2P after several weeks of monitoring provided that traffic is unencrypted, which is useful for some purposes. However, it is also shown that encryption is already in use, and it effectively prevents network operators from detecting transfers of copyrighted content. Thus, if network operators are held responsible for monitoring illegal file sharing, there is a tension between using detection to identify violators of copyright law for punishment, which may motivate even greater use of encryption, and using detection for other purposes such as creating fair compensation schemes for copyright-holders, warning users that they may be violating copyright law, or allocating network resources. Alternatively, there are forms of detection that are not evaded through encryption, and application-layer agents rather than network operators are primarily responsible for these. These copyright policy issues are intertwined with network neutrality policy in subtle ways. Network neutrality rules do not protect illegal transfers of copyrighted content, but if network operators are responsible for enforcement (as in “graduated response”) then regulators must determine when it is reasonable to terminate or degrade service based on allegations of copyright violation given the limitations of detection technology to prove those allegations. Allegations of copyright violation should be considered invalid unless they are accompanied with information about how detection was performed and an opportunity for rebuttal. Such transparency has been routinely lacking in both laws and industry agreements.