Mapping privacy concerns
The circuitous route our data take is a serious concern
Suzy’s e-mail was personal, powerful and meant for John only. The couple moved to almost opposite ends of the country after their breakup.
But the e-mail took a rather circuitous route, bouncing its way through San Francisco and St. Louis on its way to his inbox.
A broken love affair will not necessarily draw the attention of international law enforcement and security agencies; it’s a make-believe scenario, and Suzy and John don’t exist.
But the circuitous route our data take is real; what does exist is a serious concern among privacy advocates and legal experts about just where our data packets do go.
IXMaps (www.ixmaps.ca) is a Canadian developed website and interactive tool that lets users know where. It tracks the packets that make up our e-mails, website requests and other data transmissions.
Far from an amorphous cloud, the Internet is a collection of interconnected networks, with very physical bricks-and-mortar points of contact.
Those contacts (IXPs, or Internet Exchange points (www. euro-ix.net) are where one Internet Service Provider’s network meets up with another operator’s network. They pass along the data — it’s called peering — based on technical, strategic, business and/ or jurisdictional agreements.
But the longer the route between or among peering networks, the longer a transmission will take: data latency or lag will increase, and websites will be load slower.
What’s more, the international nature of Internet traffic and cloud computing means personal data and confidential business communications are more vulnerable when they cross borders and reside on servers in other jurisdictions.
“What IXmaps does is show what’s inside the Internet,” explained Professor Andrew Clement of the Faculty of Information at the University of Toronto; he’s also project manager at IXMaps.
“Increasingly, data handling is done behind the scenes,” he said, noting the difficulty there is in finding out how data are handled, where, and by whom.
“I was surprised to see so much ‘boomerang’ traffic,” Clement said, referring to transmissions that start and end in Canada, but end up travelling to the U.S., where they can be subject to laws and regulations that are not Canadian in origin or application.
Clement and the IXMap team are not alone in their concern: in fact, the Office of the Privacy Commissioner of Canada (www. priv.gc.ca) seems to share them.
The federal office is providing $500,000 this year for research and awareness projects that look at important privacy issues: IXMaps is among them.
The team will receive support for its ‘Mapping Canadian Privacy Risks in the Internet Cloud’ project, and to conduct an information session about Internet routing and cloud computing, and its privacy implications for all Canadians.
Affected, too, is the overall health of the Canadian economy, says the Canadian Internet Registration Authority (/www.cira.ca/), the organization that manages the .ca Internet domain.
It wants to see more IXPs in Canada; it points out there are about 350 IXPs around the world, and some 85 in the U.S. — all integral to the Internet infrastructure — but in Canada, there are only two. “This is not acceptable,” said Byron Holland, president and CEO of CIRA, in calling for a national IXP fabric here.
“This is about improving security, speed and network resilience, while maximizing the amount of traffic that stays within Canada for the benefit of all Canadians.”