Four years ago, Jisc responded to the Board of European Regulators of Electronic Communications (BEREC) consultation on network neutrality to point out that some security measures cannot just be temporary responses by the victims of attacks, but need to be permanently configured in all networks to prevent them being used for distributed denial of service and other attacks. This applies, in particular, to blocking of spoofed addresses, as recommended by BCP-38.
A new EU law, created earlier this year, requires public network providers to ensure "network neutrality" – roughly, that every packet be treated alike unless there are legitimate reasons not to.
There's a tension between network neutrality - essentially the principle that a network should be a dumb pipe that treats every packet alike - and network security, which may require some packets to be dropped to protect either the network or its users. Some current attacks simply can't be dealt with by devices at the edge of the network: if a denial of service attack is filling your access link with junk then nothing you do at the far end of that link can help.
Two recent news stories suggest that the importance of open Internet connectivity is gaining increasing international recognition.
A couple of developments in network neutrality.
This seems to be a particularly busy summer for consultations! I've just submitted a JANET(UK) response to an Ofcom discussion paper on Traffic Management and "Net Neutrality".
A short but interesting note from BEREC (the group of European Telecoms Regulators) on information they have collected from 400 mobile and fixed line operators on their traffic management practices. I get the impression BEREC were surprised at how varied the reports were!
Ofcom’s latest statement on Network Neutrality provides some more insight into their thinking about when it might be necessary to regulate the provision of Internet services. They see two different approaches to traffic management, which they believe should co-exist: managed services (for example prioritising delay-sensitive applications), and best-efforts internet access (which may still involve some traffic management if necessary to deal with congestion).
The European Data Protection Supervisor (EDPS) has published an Opinion on the current Network Neutrality discussions, making the interesting point that blocking, filtering and traffic management activities may affect privacy as well as their more obvious impact on access to services.
An interesting meeting on Network Neutrality at the the Digital Economy All-Party Parliamentary Group last night. Despite the wide range of speakers, there was a remarkable level of agreement that:
