Editing Deep packet inspection (section)

==At network/Internet service providers==
In addition to using DPI to secure their internal networks, [[Internet service provider]]s also apply it on the public networks provided to customers. Common uses of DPI by ISPs are [[wiretapping|lawful intercept]], [[Network security policy|policy definition and enforcement]], [[targeted advertising]], [[quality of service]], offering tiered services, and [[copyright]] enforcement.

===Lawful interception===
Service providers are required by almost all governments worldwide to enable [[Lawful interception|lawful intercept]] capabilities. Decades ago{{when|date=November 2024}} in a legacy telephone environment, this was met by creating a [[traffic access point]] (TAP) using an [[intercepting proxy server]] that connects to the government's surveillance equipment. The acquisition component of this functionality may be provided in many ways, including DPI, DPI-enabled products that are "LI or [[Communications Assistance for Law Enforcement Act|CALEA]]-compliant" can be used – when directed by a court order – to access a user's datastream.<ref name=Anderson2007>{{cite web|url=https://arstechnica.com/articles/culture/Deep-packet-inspection-meets-net-neutrality.ars|title=Deep Packet Inspection meets 'Net neutrality, CALEA|website=[[Ars Technica]]|author=Nate Anderson|date=2007-07-25|access-date=2006-02-06}}</ref>

===Policy definition and enforcement===
Service providers obligated by the [[service-level agreement]] with their customers to provide a certain level of service and at the same time, enforce an [[acceptable use policy]], may make use of DPI to implement certain policies that cover copyright infringements, illegal materials, and unfair use of [[Bandwidth (computing)|bandwidth]]. In some countries the ISPs are required to perform filtering, depending on the country's laws. DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail, to websites, to sharing of music, video and software downloads".<ref name=Chester2006>{{cite web|url=http://www.thenation.com/doc/20060213/chester|title=The End of the Internet?|website=[[The Nation]]|author=Jeff Chester|date=2006-02-01|access-date=2006-02-06}}</ref> Policies can be defined that allow or disallow connection to or from an IP address, certain protocols, or even [[Heuristic (computer science)|heuristics]] that identify a certain application or behavior.

===Targeted advertising===
Because ISPs route the traffic of all of their customers, they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests, which can be used by companies specializing in targeted advertising. At least 100,000 United States customers are tracked this way, and as many as 10% of U.S. customers have been tracked in this way.<ref name=wapo/> Technology providers include [[NebuAd]], [https://www.frontporch.com/ Front Porch], and [[Phorm]]. U.S. ISPs [[Network monitoring|monitoring]] their customers include [[Knology]]<ref>{{cite web|url=http://connect.charter.com/landing/op1.html|title=Charter Communications: Enhanced Online Experience|access-date=2008-05-14}}</ref> and [[Wide Open West]]. In addition, the United Kingdom ISP [[British Telecom]] has admitted testing solutions from Phorm without their customers' knowledge or consent.<ref name=wapo>{{cite news|url=https://www.washingtonpost.com/wp-dyn/content/article/2008/04/03/AR2008040304052.html|title=Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising|date=2008-04-04|author=Peter Whoriskey|access-date=2008-04-08|newspaper=The Washington Post}}</ref>

===Quality of service===
DPI can be used against [[net neutrality]].

Applications such as [[peer-to-peer]] (P2P) traffic present increasing problems for broadband service providers. Typically, P2P traffic is used by applications that do file sharing. These may be any kind of files (i.e. documents, music, videos, or applications). Due to the frequently large size of media files being transferred, P2P drives increasing traffic loads, requiring additional network capacity. Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as e-mail or Web browsing which use less bandwidth.<ref>{{cite web|url=http://www.lightreading.com/insider/details.asp?sku_id=1221&skuitem_itemid=957|title=Deep Packet Inspection: Taming the P2P Traffic Beast|website=[[Light Reading]]|access-date=2008-03-03|archive-url=https://web.archive.org/web/20080302113455/http://www.lightreading.com/insider/details.asp?sku_id=1221&skuitem_itemid=957|archive-date=2008-03-02|url-status=dead}}</ref> Poor network performance increases customer dissatisfaction and leads to a decline in service revenues.

DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. Additionally, a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not.<ref>{{cite web|url=http://www.computerworld.com/article/2541004/networking/ball-state-uses-deep-packet-inspection-to-ensure-videoconferencing-performance.html|title=Ball State uses Deep Packet Inspection to ensure videoconferencing performance|date=2007-09-17|website=[[computerworld]].com|author=Matt Hamblen|access-date=2008-03-03}}</ref> This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks.

===Tiered services===
Mobile and broadband service providers use DPI as a means to implement tiered service plans, to differentiate "[[walled garden (technology)|walled garden]]" services from "value added", "all-you-can-eat" and "one-size-fits-all" data services.<ref>{{cite web|url=http://news.moneycentral.msn.com/ticker/article.aspx?Feed=PR&Date=20080205&ID=8139811&Symbol=ALLT|title=Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value- Added and Tiered Service Packages|website=news.moneycentral.[[MSN]].com|date=2008-02-05|access-date=2008-03-03}}{{dead link|date=November 2016|bot=InternetArchiveBot|fix-attempted=yes}}</ref> By being able to charge for a "walled garden", per application, per service, or "all-you-can-eat" rather than a "one-size-fits-all" package, the operator can tailor their offerings to the individual subscriber and increase their [[average revenue per user]] (ARPU). A policy is created per user or user group, and the DPI system in turn enforces that policy, allowing the user access to different services and applications.

===Copyright enforcement===
ISPs are sometimes requested by [[copyright]] owners or required by courts or official policy to help enforce copyrights. In 2006, one of Denmark's largest ISPs, [[Tele2]], was given a court injunction and told it must block its customers from accessing [[The Pirate Bay]], a launching point for [[BitTorrent (protocol)|BitTorrent]].<ref>{{cite web|url=http://www.infoworld.com/article/08/02/13/Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1.html|title=Danish ISP prepares to fight Pirate Bay injunction|website=[[InfoWorld]].com|author=Jeremy Kirk|date=2008-02-13|access-date=2008-03-12|url-status=dead|archive-url=https://web.archive.org/web/20080214235115/http://www.infoworld.com/article/08/02/13/Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1.html|archive-date=2008-02-14}}</ref>

Instead of prosecuting file sharers one at a time,<ref>{{cite web|url=http://www.enn.ie/frontpage/news-9617239.html|archive-url=https://archive.today/20070814234157/http://www.enn.ie/frontpage/news-9617239.html|url-status=dead|archive-date=2007-08-14|title=Eircom and BT won't oppose music firms|website=enn.ie|author=Matthew Clark|date=2005-07-05|access-date=2008-03-12}}</ref> the [[International Federation of the Phonographic Industry]] (IFPI) and the big four record labels [[EMI]], [[Sony BMG]], [[Universal Music]], and [[Warner Music]] have sued ISPs such as [[Eircom]] for not doing enough about protecting their copyrights.<ref>{{cite web|url=https://arstechnica.com/news.ars/post/20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps.html|title="Year of filters" turning into year of lawsuits against ISPs|website=[[Ars Technica]]|author=Eric Bangeman|date=2008-03-11|access-date=2008-03-12}}</ref> The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network, despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit, and directive 2002/58/EC granting European citizens a right to privacy of communications.

The [[Motion Picture Association of America]] (MPAA), which aims to enforce movie copyrights, has taken the position with the [[Federal Communications Commission]] (FCC) that network neutrality could hurt anti-piracy techniques such as deep packet inspection and other forms of filtering.<ref>{{cite web|url=http://www.news.com/8301-10784_3-9746938-7.html|archive-url=https://archive.today/20130129180811/http://www.news.com/8301-10784_3-9746938-7.html|url-status=dead|archive-date=January 29, 2013|title=MPAA: Net neutrality could hurt antipiracy tech|website=[[CNET]] News|author=Anne Broach|date=2007-07-19|access-date=2008-03-12}}</ref>

===Statistics===
DPI allows ISPs to gather statistical information about use patterns by user group. For instance, it might be of interest whether users with a 2&nbsp;Mbit connection use the network in a dissimilar manner to users with a 5&nbsp;Mbit connection. Access to trend data also helps network planning.{{Clarify|date=December 2011}}<!--elucidate please, also wouldn't shallow packet inspection be sufficient?-->