From: Charlotte BOGUSZ

To: The Global Internet Governance Academic Network – GIGANET

The Global Internet Governance Academic Network - GIGANET

Subject: A paper proposal for the Fifth Giganet Annual Symposium

Topic: Implications of Internet Governance mechanisms and processes for development and developing
countries.

NEUTRALITY, PRIVACY AND SECURITY :

THE EXAMPLE OF THE FILTERING MEASURES

The concept of Net neutrality is often attributed to M. Tim Wu, who defined it as follows: “For a public
information network to be as useful as possible, it must tend to treat all contents, sites and platforms in
the same way. The Internet isn’t perfect but its original architecture tends towards that goal. Its
decentralized and essentially neutral nature is the reason of its success, both economic and social”.
Specifically, the Internet’s architecture is made of several independent layers. The three main and
distinct layers are:
- a conveyance layer (the infrastructure)
- a “logical” layer containing the applications (the infostructure)
- a contents layer
The neutrality principle means that the network’s intelligence lies in its extremity, instead of an
intermediate layer of the network1. This neutral architecture resulted in the establishment of an “open”
Internet, allowing the users to access and put online the contents and information of their choice, to use
and develop services and applications, and to connect whatever facilities they want to the network.
Thanks to these technical reasons, the Internet was able to encourage innovation, competition and an
exponential distribution, and became a huge economic and social success. The Internet is now a part of
our lives: beyond the mere media, it plays a fundamental part in our social and economic relations, as
well as cultures and our exchanges…

However, just like the real world, the Internet isn’t free from illegal behaviors: scams, incentives to
hatred, violence and crimes of all kinds… Therefore, in order to fight cybercrimes, our democratic
States have promoted the use of filtering techniques. Filtering is designed to “prevent specific contents
from reaching a computer, using a software or hardware that scans the Internet traffic and determines
whether it should prevent the reception and/or display of the targeted contents”2.

1
This separation is also called "principle of end to end".
2
In “Filtrage d'Internet et Démocratie”, Main Abstract, October 22, 2009 : available on:
http://www.laquadrature.net/files/Filtrage_d_Internet_et_d%C3%A9mocratie%20-
%20R%C3%A9sum%C3%A9%20Principal_1.pdf

1
But aren’t these techniques that we use to block, degrade, slowing down or diverting the transmission of
data, incompatible with the sacred neutrality principle?

In order to answer this question, we will study in the first part the principle of Net neutrality, both in its
text recognition and its present endangerment. Then we will focus on the filtering techniques, which
infringe upon this neutrality but are increasingly developing nevertheless. This will include certain
provisions regarding intellectual property rights.

How can we strike a balance between neutrality and filtering of the Internet? On May 10, 20103, the
European Data Protection Supervisor declared that “even though there is no doubt that intellectual
property is important to society and must be protected, it cannot be placed above the fundamental right
to privacy and the protection of data”.

3
On May 10, 2010, the data protection European Controller rendered its opinion on the Proposal for a Directive on
exploitation and sexual abuse of children and child pornography : available on : http://owni.fr/2010/06/09/lautorite-
europeenne-de-protection-des-donnees-critiquele-Filtering/

2
PART 1. NET NEUTRALITY: A FONDAMENTAL PRINCIPLE THAT MUST BE
GARANTED

We mentioned in the introduction that the principle of Net neutrality guarantees a strong separation
between the network (merely in charge of conveying the data) and the peripheral applications (the only
ones capable of managing the data). This implies that there should be no discrimination, based on the
sender or receiver’s identity, or the nature of the data, in the information processing.

However, this open Internet, which promotes innovation and competition, has to be weighed against
legal, social, economic and technical considerations. In our market society, where do we strike the
balance between profitability and equality with respect to the Internet? Between the preservation of
public order and abusive filtering? In order to answer this, we will see that the neutrality principle has
been legally recognized, and then we’ll try to understand the difficulties resulting from this principle.

1A. Net Neutrality: a core principle now universally recognized.

Historically, the questions surrounding Net neutrality arose in the United States in 2000 because of a
dispute opposing Internet Service Providers (the “ISP”) to cable-based providers regarding the
conditions for the access of ISPs to the cables of the plaintiff’s companies. The Federal
Communications Commission (the “FCC”) then outlined the future guidelines based on this neutrality
principle. In 2005, at the time of the debate regarding the deregulation of access to broadband Internet
access, the FCC affirmed the right of users to access and use any content, application, and terminals
according of their choice, provided they are legal. It also affirmed the necessary competition between
ISPs. However, the “Policy Statements on 4 Internet Freedoms” affirms the freedom for providers to
adopt reasonable technical devices to ensure a better traffic management. In 2007, following the lawsuit
involving Comcast4, a bill on “Net neutrality” was proposed, to no end. In 2009, the FCC launched a
public consultation in order to codify the 2005 “rights” and to complete them with the affirmation of
two other principles of Internet governance: non-discrimination and transparency5 6.

Conversely, in Europe, the debate regarding Net Neutrality appeared later, in particular because Europe
had implemented a strong regulatory framework regarding local loop unbundling and to support
competition between providers. In 2007 and later in 2009 however, the discussions on the new
directives known as the Telecoms Package7 8 caused heated debates on neutrality, in particular on the

4
The cable-operator provider Comcast had been sentenced for blocking content using the exchange protocol peer to peer
"BitTorrent" unrelated to periods of congestion or size of files and without transparency to its customers. However, that
decision was overturned by the federal Court of Appeals of Washington DC in April 2010.
5
In “La neutralité de l'Internet, un atout pour le développement de l'économie numérique” , French Government Report to
the Parliament established under Article 33 of Law No. 2009-1572 dated December 17, 2009 on the fight against the digital
divide: available on : http://www.laquadrature.net/files/Rapport_Net_Neutralite.pdf
6
In “Consultation publique sur la Neutralité du Net”, April 9 to May 17, 2010, the Secretariat of State prospective
development of the digital economy: http://www.telecom.gouv.fr/fonds_documentaire/consultations/10
7
The Telecoms Package is composed of two directives Better Regulation (amending the Framework Directive, "Access" and
“authorization" of 2002), and “rights of citizens"(revising the guidelines" universal service "and" privacy "of 2002) to be
transposed into national law by May 15, 2011.

3
subject of “the vital objective of access to content”. More precise requirements also appear in the
framework directive such as the general objective of access to content9 (Article 8 of the framework
Directive). The transposition of the directive will allow national implementation of the following
provisions: the obligation of transparency with respect to the possible restrictions of use put in place by
network providers on end users, as well as traffic management policies implemented by the providers
(Articles 20 and 21 of the universal service directive) and the new power to impose a minimal quality of
service, within the framework determined by the Commission (Article 22 of the “universal service
directive”10).

More recently still, Net neutrality was the subject of a public consultation within the European
Commission11 and was even mentioned in the Digital Agenda which was rendered public by the
European Commission in may 2010 within its Europe 202012 strategy.
Lastly, it is important to underline the fact that Net neutrality is not codified under French law. There are
certain scattered provisions that mention this principle such as article L.32-1-II-5 of the Post and
Electronic Communications Code which introduces the concept of “neutrality as regards the content of
the transmitted data” and which still remains to be used. Under articles 33-1 and D.98-5 of the Post and
Electronic Communications Code, “the telecom operator must take adequate measures to ensure the
neutrality of its services regarding the content of communications on their network and the privacy of
correspondence. For this purpose, the provider must ensure its services without discrimination without
regard to the nature of the communication transmitted and must take all useful measures to ensure the
integrity of communications.” Article 33 of the law on the fight against the digital divide of December
17, 200913 states: “in the six months following the promulgation of this law, the Government shall hand
to Parliament a report regarding the neutrality of electronic communications networks which include
those that benefit from public aids.” More generally, various sectors of French law – such as consumer
protection laws - mention interconnection and access obligations.
Thus, the neutrality of the network is inherent to the Internet. And although it has not been codified, it
has certainly been established as a fundamental founding block of the Internet. This non-discrimination
principle was one of the prerequisites to bring about economic, social and cultural benefits. Today,
however, this neutrality principle is endangered by commercial interests. Both the physical
network/topology (communications infrastructure) and the logical network/topology (communications
protocol) are concerned. ISPs now have the option of using physical equipments that allow both

8
For more details: “Consultation publique sur la transposition du Paquet Télécom, du 5 mai au 25 mai 2010”, of the State
Secretariat for the prospective development of the digital economy, available on :
http://www.telecom.gouv.fr/fonds_documentaire/consultations/10/100505paquettelecom.pdf
9
Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework
for electronic communications networks and services (“Framework Directive”)
10
Directive 2002/22/EC of the European Parliament and of the Council of 7 March 2002 on universal service and users'
rights relating to electronic communications networks and services (Universal Service Directive) [Official Journal L 108 of
24 April 2002].
11
In April 2010, Mrs. Neelie Kroes, Vice-President of the European Commission, announced the launch of a Public
Consultation on Net neutrality in order to change the debate on neutrality in Europe:
http://europa.eu/rapid/pressReleasesAction.doreference=IP/
12
"In March 2010, the European Commission launched the European Strategy for 2020 out of the crisis and prepare the EU
economy to the challenges of the next decade. Europe 2020 sets a vision for reaching levels high employment, productivity
and social cohesion, and a low emission rate of carbon, implement concrete actions at national and EU. The digital strategy
for Europe is one of the seven flagship initiatives of the European Strategy 2020 and aims to define the prominent role that
information technology and communication will play if Europe wants to see his ambitions for 2020 successful": available on
http://ec.europa.eu/information_society/digital-agenda/documents/digital-agenda-communication-fr.pdf
13
Law No. 2009-1572 of 17 December 2009 on the fight against the digital divide.

4
analyzing data flow (which is also referred to as deep inspection14) and slowing down or even blocking
certain flows. In a second part, we will focus on filtering itself. We will examine its usefulness, its legal
grounds and the different filtering methods. We will concentrate on an example of the type of sectors
that are concerned by these “abusive censorship measures”, Intellectual property.
But before, it is necessary to underline the fact that the monetization and the securitization of the
Internet, although they seem necessary, will have but one consequence: the end of Net neutrality, which
is the very essence of the Internet.

1B. Net Neutrality: a principle now in jeopardy

As we have seen previously, neutrality is one of the founding principles which allowed the development
of the technological, social and economic innovations of the Internet. However, nowadays, other
considerations are taken into account among which pecuniary, legal and technical considerations which
lead to a reframing or at the very least to reconsider Net Neutrality.
Initially, we will study the difficult balance between Neutrality and Law and Order in our nations. Many
principles are involved here, such as the freedom of expression and communication, the right to privacy,
protection of minors, … The Internet must tend towards being an ecosystem free from illegal acts such
as the diffusion of pedopornographic works, of hate-inciting speech, or even infringements on
Intellectual Property (“IP”) rights (on which we will focus on in the second part of this paper).
Consequently, some15 will argue in favor of filtering or blocking measures. Thus, it is crucial to strike a
balance between freedom of expression due to the decentralized structure of the network and the
necessary protection of the State for citizens. However, there are no studies dealing with the benefits of
network control measures. On the contrary, the French Federation of Telecoms16’ study of 2009 on the
impact of filtering measures states that “all blocking techniques, without exception, can be bypassed”.
The French Constitutional Council even highlighted in its June 10, 2009 decision17, the role of the
Internet in the exercise of citizenship and of democracy. Except where they are abused, freedom of
expression and of communication and thus freedom of accessing the Internet are components of a
democratic state. The Internet differs indeed from the other modes of telecommunications such as the
radio or television, and profits a leveling capacity of diffusion of information. Each connected terminal
will be, unconstrained of investment in capital as for any other media, ready to emit information and
source; a pluralism ideological. But, by implementing these filtering and “management” measures of
Internet traffic, there is a risk that the leaders of important media groups, together with providers, try to
restore their control on the way information is brought to end users. However, in a democracy, only a
judge can rule on the restrictions it is possible to bring to our freedoms of expression, of
communication, and more generally to the exercise of our rights.

14
The Deep Packet Inspection focuses on the analysis of the entire contents of data packets sent over the network, the
headers and data structures protocol (as opposed to the simple technique called shallow or which analyzes only the headers)
and then compare the contents with predefined signatures at the moment where they are exchanged.
15
For example : Jean-Pierre Bigot, in “dépolluer le numérique : le filtrage d'Internet est souhaitable, mais pas sans une
réforme de sa gouvernance”, la Gazette du Palais, Édition du 23 juillet 2010, specialist of the IT-Law.
16
Impact of blocking child pornography sites on behalf of the French Federation of Telecommunications, July 3, 2009.
17
In its decision against the HADOPI law implementing “three strikes” policy against filesharing2, the French Constitutional
Council (Decision rendered on June 10th, 2009) outlined the importance of the Internet for citizenship. Finding that the law
disrespected the 1789 “Declaration of the Rights of Man and of the Citizen”, the Council stressed that free access to the
Internet has become essential for the proper exercise of the freedom of expression and communication. By doing so, the
constitutional judges implicitly recognized that an open Internet provides us with the opportunity to deepen people’s freedom
and autonomy, and therefore improves democratic processes.

5
Then, let us note that the Internet knew to be, for some, the most important Revolution since printing
works as regards communications; for others, Internet remains unequalled. That is in particular due to
the innovation its neutrality allowed. Neutral Internet could be qualified as a platform accessible to all,
where all new users can profit/benefit from and especially create contents with even title as of well
established users. The neutral architecture of the Net, which brings about competition and innovation,
was the reason Internet traffic was multiplied by 10. But the network risks to be saturated due to its
expansion (more and more applications and services and more and more actors and users). As a
consequence, the need for security (through anti-spam and anti-virus fights) and the necessary
guarantees of stability and continuity of service, have brought providers to manage data flow to manage
traffic or offer a better service. However, this brings innovation to a halt. Indeed, if an actor had to ask
permission to all the providers to use their networks or if he had to pay a tax to guarantee a priority for
his service, would we not end up with a system where providers would appropriate for themselves all
creative power?
For example, isn’t competition endangered when the three French mobile providers favor their own
services by making it impossible for their clients to use Voice over IP services such as Skype and, of
course, make their users pay for those services? These providers also block peer to peer18 file sharing so
that the only contents distributed is their own.
Lastly, a distinction must be made between the real economic models and those governing the Internet.
Today, important investments must be made to increase the flow capacity and to bring broadband to the
user as there is increasing demand for bandwidth and a minimum quality of service must be maintained.
According to the Idate, the projected growth of Internet traffic for the 2010-2013 period is around 43%
per annum (in part due to online video). The use of mobile Internet will also grow rapidly in the next
few years (currently 100% of all services).
Consequently, the ever increasing number of consumers creates more and more bandwidth and
generates too much traffic. Providers have developed various options to regulate traffic without regard
for Net neutrality to update their technical infrastructure: imposing on publishers of content, services or
applications to pay (on top of “peering” agreements19) to allow users to have an ideal transmission
speed, and/or the development of differentiated offers depending on the needs and uses of each
individual user (with a priority in case of congestion of traffic). For example, starting in November
2009, Vodafone announced the launch of a paid offer for its Spanish clients who could obtain a priority
access in the event of a congestion of the 3G network20.
However, both the Public Consultation on Net neutrality21 carried out in France from April 9 to May 17,
2010 and the “To guarantee Net neutrality”22 file are vocal against this solution. One of the options
studied within the public consultation is differentiated offers. To quote the Consultation, they “may
constitute a discrimination of traffic between users (and) raise question regarding Net neutrality. They
may also induce a lack of visibility and transparency between offers available to the users.” Moreover,
the Quadrature du Net states regarding temporary congestion of traffic that “during exceptional
congestion periods, reasonable network management practices are sufficient to cope.”
Indeed, the following practices regarding traffic are then examined: infected machines quarantined,
slowing down certain applicative connections beyond a certain volume or beyond a certain connection
time. In all of these cases, “the network provider must be able to show the network congestion was not

18
The peer to peer, is a model of computer network near the client-server model, but in which each client is also a server:
Wikipedia
19
The agreements are called peering agreement between two or more local providers of Internet access accepting
interconnect their networks to exchange their data traffic, so avoid using equipment interconnection of major national or
international suppliers: http://www.voxinternet.org/spip.php?article100
20
http://www.digitalworld.fr/un-projet-abonnement-3g-
21
In “Consultation publique sur la Neutralité du Net”, April 9 to May 17, 2010, the Secretariat of State prospective
development of the digital economy: http://www.telecom.gouv.fr/fonds_documentaire/consultations/10
22
In “Garantir la neutralité du Net”, April 2010, from la Quadrature du Net: available on :
http://www.laquadrature.net/files/LQDN-20100412-RapportNN.pdf

6
foreseeable and that all necessary measures were taken to fix it.”23 This solution which would prevent
infringing on Net neutrality, would allow a certain amount of traffic management without only
proposing commercial offers that serve data control than investment for better networks.
In conclusion, it is to be noted that within the Internet, the Neutrality principle is the guardian of the
very existence of competition, of true innovation, of the exercise of our fundamental liberties and of a
renewal of democracy. However, this Neutrality is today in danger because of economic, structural and
political motives as well as the fact it cannot justify not implementing laws. We are witnessing the shift
from a technically simple filtering that is a legal exception and thus the subject of many restrictions
towards a quasi-systematic use of “hybrid” filtering – or deep pocket inspection – despite constituting a
breach of our rights and liberties.

PART 2. THE GROWING IMPORTANCE OF FILTERING MEASURES

On April 10th, 2008, the European Parliament Deputies stated that “an unfettered Internet access,
without any interference is a considerably important right. The Internet is a vast platform for cultural
expression, access to knowledge and participation in the European democratic process (...) and it is
protected by freedom of expression, although it is not a fundamental right.”24. However, because of
there is more and more illegal content on the network, are legal systems most now resort to filtering
measures (A), and have based this on Law and Order to implement the various aspects of our public
policies (B).

2A From simple filtering to Deep Packet Inspection

Although filtering measures are highly criticized today, they are far from being recent. Indeed,
beginning of the 1990s, filtering measures were already implemented to fight against spam mail to
ensure the non-saturation of the networks.

Today, filtering measures fall within two categories: personal filtering and network filtering. Filtering
allows to decide which type of content should be blocked with regards to a criteria designed for a
particular end user or a type of user (adult or child for example). This filtering is defined by the user
himself and thus does not prohibit access to illegal content. The second system is Internet filtering and is
based on the network itself. The ISP will determine which type of content and/or activities will be
filtered and thus inaccessible for the end user. We will focus our attention on this type of filtering. It is
often adopted after a very quiet debate, under public control et often without the end user’s express
agreement. Thus, Internet users need more transparency and information and a real framework of the
duties of ISPs in instating these filtering measures.

23
id.
24
In “Filtrage d'Internet et Démocratie”, Main Abstract, October 22. 2009: available on:
http://www.laquadrature.net/files/Filtrage_d_Internet_et_d%C3%A9mocratie%20%20R%C3%A9sum%C3%A9%20Princip
al_1.pdf

7
In practice, the first step in the adoption of a filtering measure is establishing where the measure will be
implemented (user/network). Then the content to be filtered must be determined which raises questions
as to whom should be in charge of deciding what sort of content should be filtered and how
knowledgeable he should be about this problem – government body, the legislator, a judge; and how
transparent the measure must be towards the end user.

To understand filtering despite its technicality, one can adopt an approach based on the target of the
measure. The measures may be based on the service (e.g. emails), on the content (within the contents
aimed at by the law one can find spam email, erotic and pornographic emails, child pornography, hate
inciting speech, illegal gaming and infringement on author’s rights), on the users (e.g. users
downloading illegally) or even web browsers (rendering certain illegal websites invisible in our search
results). However, it is important to note that all filtering systems are prone to false negatives or false
positives25 which means that, inevitably, access to legal content is blocked which is a strong
infringement on our rights. This is even more flagrant with regards to blacklisting26 which is the most
common filtering method.
Contents present on the Internet can be exchanged in many ways and a filtering measure only applied to
the Web can be easily bypassed through alternative means of publishing content. Thus, filtering
measures appear to be the means for an end user to prevent himself from accessing illegal content.
Inversely, it is less probable that these filtering techniques will be a useful tool to effectively fight
against cybercriminality.

Our States have put forward the use of filtering techniques by invoking public interest and the respect of
our public policies. Certain States also use filtering measures but this time to extend their control on the
information present on the networks. These filtering measures remain legally disputed27. Through the
use of these measures, the contested content itself is not removed. The various “bypassing” means, ie.
overblocking, underblocking, etc. show that the issue of filtering measures is not merely about blocking
or not content. An in depth study is done every time such a measure is to be implemented: the measure
must be necessary technically limited to respect the proportionality principle and thus be accepted in our
democratic societies. Legally, a definition of filtering could be: “a measure which would grant the right
to filter, to chose the technical means to filter and the content to be filtered to protect a particular interest
while knowing that it results in denying citizens of the right to access content and of the right to publish
content”. Thus, Internet filtering appears as the implementation of a measure which protects one right
but has a negative impact on many others.

Although they are used as a tool in the protection of children against violence28, in the protection against
discrimination29 30 and in the protection against copyright infringements, we will study international,
European and French laws that are infringed upon by filtering measures as is the case with the right to
privacy and freedom of expression.

25
A false negative occurs when an email is allowed to pass despite the spam filters, it is considered containing no spam, then
it is actually spam. A false positive occurs when an item that does should not be blocked by the filtration is, however,
because the filter returns a positive result.
26
Blacklists return filter configured by default to allow content to pass unimpeded, except those content on this special list.
27
For more examples: “Vague de filtrage sur l'Internet mondial” : http://homo-numericus.net/spip.php?breve993
28
Convention on the Rights of the Child adopted by the UN, ratification and accession by General Assembly its resolution
44/25 of 20 November 1989
29
Convention on the Rights of Persons with Disabilities adopted by the UN, adopted December 13, 2006, at the sixty-first
session of the General Assembly, by resolution 61/106.
30
International Convention on the Elimination of All Forms of Racial Discrimination, the UN adopted the United Nations
General Assembly December 21, 1965

8
First, we will concentrate on the right to privacy which protects the individual, his family, his home and
his correspondence against any arbitrary interference. This right is affirmed in several texts among
which Article 12 of the Universal Declaration of Human Rights (UDHR) (‘”Everyone has the right to
the protection of the law against such interference or attacks.”), article 17 of the International Covenant
on Civil and Political Rights (ICCPR) which states that these interferences must be legal, and article 8
of the European Convention on Human Rights.

The European Court of Human Rights also protects the secrecy of correspondence (mentioned in article
8 of the UDHR) which could be directly in conflict with filtering measures. Indeed, the filtering
attempts may sometimes lead ISPs to retain the content of a communication without the sender’s
consent, even though these communications - whether sent or received - are not deemed to be a private
correspondence, the filtering measure still constitutes an infringement against his right to privacy. The
1995 European Directive on the protection of personal data affirms confidentiality of data as well as
imposes conditions regarding the treatment of personal data31. In cyberspace, every user is “identified or
identifiable”32 which imposes on every filtering measure a requirement that it serves the preservation of
Law and Order, Freedom of expression holds both freedom of opinion and the freedom to receive or
communicate information or ideas. The UDHR completes this right with the freedom to search for
information and ideas using any means of expression (Article 19) and the ICCPR states this right may
be exercized in any way: oral, written, printed or artistic or by any other means he may choose (Article
19).
This liberty of expression induces the right for every citizen to access the Internet. This right was
reaffirmed by the European Parliament in 2009 in the Telecoms Package: “no restriction may be
imposed on the fundamental rights and freedoms of end-users, without a prior ruling by the judicial
authorities (…) save when public security is threatened”.

Finally, the various topics covered by French law (inspired by European rights and duties) allow in
theory the imposition of restrictions regarding the use of filtering measures. Indeed ISPs are subject to
an obligation of universal service33 and must provide a minimum quality of service.
Some of the provisions in the law on the confidence in the digital economy that regard ISPs
responsibility and in particular the lack of a general surveillance obligation of the network34 is against
the quasi systematic resort to filtering measures that ISPs could demand and have demanded.
Thus arises the need for a balance between fundamental rights. Under the ECHR and the ICCPR the
balance will result from the limitation of one liberty to protect another right. Under Articles 8 and 10 of
the ECHR (right to privacy and freedom of expression), the interferences must be provided for by law,
attempt to achieve one of the legitimate goals with regards to the article which provides for this right
and it must be necessary in a democratic society to achieve the goals mentioned previously.
Thus the adoption of filtering measures passes the test mentioned previously in the fight against child
pornography, the prevention of crimes and the filtering of unwanted emails. However filtering measures
are inappropriate in other circumstances such as the fight against infringements on intellectual property
rights. Filtering measures do not pass the balancing test as there is no sufficient basis to show the
31
European Parliament and Council Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to
the processing of personal data and on the free movement of such data [Official Journal L 281 of 23.11.1995]
32
For more details see this on the European and French litigation concerning the qualification of the IP address element as
allowing a person to be "identified or identifiable.
33
For more information, see the file from ARCEP, “Le service universel des telecommunications”, July, 6, 2010 :
http://www.arcep.fr/index.php?id=8102
34
Article 6 of the Act on Confidence in the Digital Economy, June 21, 2004, which states: "Persons providing a service
providing access are not subject to a general obligation to monitor the information they transmit or store, nor to the general
obligation to seek facts or circumstances indicating illegal activity.

9
interests of IP rights holders are in peril. There is no study that evaluates or proves the existence of
losses due to illegal downloading. However, these filtering practices impede legitimate and
proportionate behaviors and thus, breach the principle of Net neutrality.

Finally, we will concentrate on the new generation of filtering measures, the deep packet inspection
(DPI). To counter criticism that filtering measures are inefficient, a new option is now available: DPI. It
analyzes the entire content of packets of data transiting on the network, the headers and the structure of
protocol data (as opposed to the simple technique also referred to as the shallow technique which only
analyzes the headers) and compares it with predefined signatures as they are exchanged. So, DPI allows
for a concurrent analysis of all the layers of data sent through the Internet, as opposed to simple
filtering. Of course, this technology is against Neutrality even though it is a fixture of the Internet’s
architecture. To illustrate the DPI technique, we can refer to the postal services. DPI is like an
automated system capable of opening every letter, verifying its contents, modifying them if necessary
and closing the letter to send it back on its original course. All of this is done without any transparency
or information available to the public.
Thus, DPI worries our societies because of the depth of the analysis as well as the importance of the
traffic filterred done.
Once the data is identified by the DPI as a signature that needs to be filtered, there are several options
available: the packet can be blocked, or the Internet connection may be disrupted. The simple
elimination of offensive texts will also be possible before the reinsertion of the content in the packet
without any trace of this to alert the end user.

This technique is now used by private actors who benefit from this technology to ensure a more
profitable management of the networks or to conform with various local judgments, but also by our
governments who see these measures a tool to optimize network surveillance and sometimes even
facilitate Internet censorship. Tunisia and China for example are considered to be on the forefront of
State censorship because of their filtering policies that are based on IP addresses, keywords, etc. It is
clear that these techniques are used today as behavioral advertisements in the United States, in the
United Kingdom, among others. Finally, it is important to underline the fact that the distinction made
between private and public actors is not impervious. Indeed, there is a convergence of interests between
state policies based on DPI filtering and the interests of private companies who practice filtering. This is
more visible with regards to Intellectual Property which we will now examine.

2B. ACTA, Hadopi: A focus on the regulation on Intellectual Property

In this last section, we will analyze filtering measures with regards to IP rights. Accordingly, we will
briefly discuss the Anti Counterfeiting Trade Agreement (hereinafter referred to as “ACTA”35). We will
then focus on the HADOPI law36.

In 2006, Japan and the United States launched the idea of a new multilateral treaty regarding the fight
against counterfeiting and piracy37. The goal of this treaty was to reinforce international cooperation
through the adoption by many states (among which Canada, the European Union, Japan, Switzerland
and the United States) of common. The negotiations really began in June 2008, with a broader
participation (Australia, Mexico, New Zealand, Morocco, the Republic of Korea, Singapore, and the 27
35
http://fr.wikipedia.org/wiki/Accord_commercial_anti-contrefa%C3%A7on
36
http://www.legifrance.gouv.fr/affichLoiPreparation.do;jsessionid=1536BB65249C513E7BCF478172534D55.tpdjo03v_2?i
dDocument=JORFDOLE000019017488&type=general
37
http://www.laquadrature.net/fr/ACTA

10
Member States of the European Union). This agreement was negotiated in secret, so much so that a first
range of measures was revealed only this year, and this after being pressured by the European
Commission38. All in all, the chapters of this agreement regarding the protection of the intellectual
property rights will relate to civil procedure, criminal procedure, the introduction of border control
measures, or even the implementation of new practices to fight against the proliferation of counterfeited
goods.
Rumors on the ACTA project claimed there would be an increased responsibility of the ISPs and even
of the web browsers in case of illegal downloads. This measure would be followed by an strong increase
in the use of filtering measures, and specifically of the technologies used within the framework of the
DPI and would bring an end to Net neutrality. The possible adoption of such an agreement which
promotes intensive or even systematic filtering would, no doubt, amount to a slowing down of the
network’s traffic.
This adoption would constitute a considerable setback with regards to our rights and liberties and as
regards to the protection of personal data. The Internet users wishing to illegally download files would
all turn to darknets (underground and anonymous networks). If paired with the increasingly powerful
data encryption tools, these darknets would become a true “digital haven”. The various rumors regarding
ACTA mentioned the concept of graduated response, it is important to study the filtering put in place on
the basis of the Creation and Internet Act.
The Creation and Internet Act39 of June 12, 2009, also referred to as the HADOPI Act40, punish peer to
peer filesharing if it constitutes an infringement on IP rights. This Act follows the 2001/29/CE European
directive transposed into French law with the DADVSI Act41 which specifically seeks to protect
authors’ rights on the Internet, This Act was followed by another referred to as HADOPI 242 on
September 21, 2009. Indeed, the DADVSI Act (…), which was adopted on June 30, 2006 by the Senate,
stated the creation of a graduated response system which would complete the already existing criminal
response. Christine Albanel, the Minister for Culture and Communication handed M. Olivennes, the
CEO of FNAC a mission to determine the terms of this graduated response which would serve the
creation of the HADOPI Act.
It is important to underline here that these agreements were immediately subject to criticism, including
from the signatory parties such as Orange, Free or Dailymotion. After many auditions before State
agencies (in order, the CNIL, the Senate, the National Assembly, a parliamentary joint committee, the
National Assembly43), the Constitutional Council objected to several key measures in the June 12, 2009
decision among which the graduated response. This highly criticized measure is based on a three-strike
policy. Two of them are preventive and the last one is punitive44. Other criticized measures in the law
were the identification of the IP address, the implementation of a presumption of guilt and the costs of
these measures (the costs for the ISPs of adapting to these new duties could amount to 90 million Euros
between 2009 and 2012).
Regarding filtering measures, HADOPI allowed the introduction of DPI into French culture. Article 5 of
the Act states: “In the presence of infringement of a right of authorship or a related right within the
contents of a public on line communication service, the Superior Court, decreeing as required on the
form of the hearing, may order at the request of the owners of protected works and objects, of the
holders of their rights, of societies for the management of rights set forth in article L. 321-1 or
professional organizations set forth in article L. 331-1, all measures needed to prevent or halt such

38
http://ec.europa.eu/trade/creating-opportunities/trade-topics/intellectual-property/anti-counterfeiting/
39
http://fr.wikipedia.org/wiki/Loi_C r%C3%A9ation_et_Internet
40
Law No. 2009-669 of 12 June 2009 to promote the dissemination and protection of creation on the Internet.
41
Law No. 2006-961 of 1 August 2006 on Copyright and Related Rights in the Information Society.
42
Act No. 2009-1311 of 28 October 2009 on the Criminal Protection of Literary and Artistic Internet.
43
For more information: http://www.assemblee-nationale.fr/13/dossiers/internet.asp
44
These steps are first a warning letter by email, then a warning letter by letter recommended, and finally the suspension of
the Internet subscription. It is the holder of the subscription that would receive such couriers.

11
damage to a right of authorship or a related right, against any entity able to help remedy it.” Thus, we
can see that the notion of “all measures” is way too broad in a democratic society that is governed by the
principles of legality and proportionality. Moreover, the parties concerned by this text are not identified.
This text puts in place a quasi-duty of surveillance of the networks and thus is against the Law on the
confidence in the digital economy that we have mentioned previously. As with ACTA, the parties
concerned will have the duty to resort DPI techniques and many were reticent as is the case of the
French Association of ISPs, Apple and Microsoft when the Bill was approved. This generalization of
filtering measures among which DPI is also noticeable in the LOPSPSI 2 Act45 46 regarding internal
security. Under the terms of Article 4 of the Bill proposal, ISPs can be forced to prevent access to illegal
content within the context of the fight against child pornography. This would have to be done “without
delay”, on the basis of a blacklist established and under the control of a judge who, we can fear, will be
lenient and apply more and more often and so, for all DPIs. For example, the August 6, 2010 decision of
the President of the Tribunal de Grande Instance of Paris regarding filtering measures implemented on
an online gaming website which reads: “it is the ISPs responsibility to take all the measures which
would allow blocking access to the service in question - i.e. all the filtering measures - by blocking the
domain name, the IP address, the URL or by analyzing the communication’s content47.” Due to the lack
of precision, these measures might be implemented alternatively or concurrently which would lead to a
generalization of DPI.

45
LOPPSI : http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000000780288
46
Project LOPPSI 2: http://www.inlibroveritas.net/docs/Binder_LQN_LOPPSI_V1.pdf
47
http://www.leparticulier.fr/upload/docs/application/pdf/2010
08/tgi_paris_10_56506_06082010_fournisseurs_acces_internet_sites_paris_arjel.pdf

12
 CONCLUSION

To conclude with, we have seen that filtering is now truly in a phase of expansion and is a tool used in
the implementation of the public policies that affect our everyday lives.

However, what may seem as a necessary tool in the fight against pedophilia and incitement to racism
may not be seen as such with regards to the protection of IP rights. Indeed, the most crucial element to
be considered with regards to the implementation of a filtering policy is proportionality. There must be a
balancing test: the measure must have an stronger impact on illegal content and criminal activity than on
legal content and legal activity. As regards IP rights, there is no conclusive evidence that the interests of
IP right holders are endangered. However, the material consequences are well established: additional
costs for the Internet industry, for governments and even for the users of the Internet as well as
overblocking i.e. filtering out legal content.
Morally, should we not establish a scale and differentiate the importance of the protection of children,
the fight against crime and the pecuniary interests of a few intellectual property right holders?

Should we not imagine a new economy for online contents instead of expanding the use of content-
control measures? How will we apply our balancing test and what importance will we give to individual
rights and liberties? As Mr. Laurent Le Besnerais – co-founder of the Institute for liberties and numeric
citizenship - stated regarding France: “The goal of the majority party in France is not to stop with the
HADOPI Bill. It also wishes to implement the LOPSI bill, which includes a chapter on
pedopornography on the Internet. The intent is commendable but the complete lack of transparency on
the way websites will be deemed to be dangerous is worrisome.” Moreover, the link between deep
packet inspection and Internet censorship is more disquieting with regards to freedom of speech than
concerning the violation of IP rights or traffic filtering.

There are numerous examples: Iran, China, Tibet, United Arab Emirates, etc. already use filtering to
control information and not to protect IP rights.

The Internet must remain what it is: a tool open to all and everything and a platform open to innovation.
This implies choosing adaptability over optimization of the network, as well as choosing plurality of
content over security. Thus, the fundamental and essential principle of Net neutrality must be
reaffirmed. Even though it does not prohibit all filtering measures, it commands that the latter be subject
to a strict legal review.

The necessary balance between Net neutrality and web filtering will continue to be the subject of much
debate, especially with the growing importance of smartphones and web-connected televisions. Neelis
Kroes, the European Commissioner for Digital Agenda announced in April 2010 a Public Consultation
on Net neutrality. The questions raised include the possible permission for ISPs to manage their traffic,
the means of this management, the necessary competition between ISPs, the impact of these measures
on consumers and the need for transparency concerning filtering measures. The Public Consultation will
end on September 30, 2010.

13
 BIBLIOGRAPHY

Amico, T., Le partage des facilités essentielles comme défense du principe de neutralité de l'Internet.
Les régulateurs français et américains face aux enjeux de l'accès aux réseaux haut et très haut débit,
2007

Amico, T., et Benhamou, B., Neutralité de l'Internet, Enjeux et perspectives politiques en Europe et aux
Etats-Unis, 2006

Clayton, R., Failures in a Hybrid Content Blocking Laboratory, 2005.

Communication de la Commission au Conseil et Parlement Européens : COM (2009) 277 final : la

Gouvernance de l'Internet, les prochaines étapes : 18 juin 2009.
http://ec.europa.eu/information_society/policy/internet_gov/docs/communication/comm2009_277_fin_f
r.pdf

Conseil de l'Europe, Internet – une ressource cruciale pour tous, 17 novembre 2008 :
http://www.coe.int/t/informationsociety/documents/SG-Inf(2008)14_fr.pdf

Dutton, William et Peltu, Malcolm, The Emerging Internet Governance Mosaic: Connecting the Pieces
(November 1, 2005) : http://ssrn.com/abstract=1295330

IFLA, Déclaration de l'IFLA sur l'accord commercial anti-contrefaçon, 2010 :

http://www.ifla.org/files/clm/statements/acta-fr.pdf

Internet for All, Proceedings of the Third Internet Governance Forum (IGF). Ed. By Don Maclean
(2008) : http://www.intgovforum.org/cms/2009/sharm_el_Sheikh/intforall/Internet_for_All_final.pdf

Katz, E. et Hinze, G., Essay : The impact of the Anti-Counterfeiting Trade Agreement on the Knowledge
Economy :
http://hugoroy.eu/doc/acta/EFF_YaleACTA,_U.S_Democracy_and_the_Global_Knowledge_Economy.
pdf

Poullet, Y., et Dinart, JM., Rapport sur l'application des principes de protection des données aux
réseaux mondiaux de télécommunications, Conseil de l'Europe, Strasbourg, novembre 2004.

Quadrature du Net, Dossier sur ACTA : http://www.laquadrature.net/ACTA

Wallon, F., Le filtrage est techniquement possible et socialement nécessaire, Communication

Commerce Electronique, n°9, Septembre 2005.

14