On 5/24/12, not common <notcommonmista...@gmail.com> wrote: [snip > I am looking for some guidance on full packet inspection at the ISP level. Aside from any legal issue; there is a "respectable practices" issue. Even if there is no regulation that prohibits something does not mean it is OK. Your customers' deserve to be made aware of any full packet capture practices that may impact traffic to/from network they own/manage, before packet capture occurs, especially when there is data retention, or human examination/analysis based on contents of large numbers of packets; otherwise there is a risk you will be in trouble, for some definition of "in trouble" that depends on the circumstances.
Because your packet interception can put your user at risk; proprietary information can be disclosed. And most ISP customers intend to purchase network connectivity service, not "record all my traffic without telling me" service .. Are you prepared to explicitly explain to your customers, both existing, and new ones, before they are allowed to buy or continue service from you -- under what circumstances you intercept full packets, whose packets do you capture, what packets do you capture, how many packets / how long will you capture their packets, what do you do with their contents after you capture them, how long do you keep data, what security controls do you have in place to prevent unauthorized access to their packets and ensure timely destruction of sensitive data? If the answer is NO, that you have poor planning, or your privacy practices are not solid enough to reveal to your customers with confidence, then save the money on consulting lawyers, by choosing NOT to implement interception and capture of full packets. > Is there any regulations that prohibit or provide guidance on this? -- -JH