Deep packet inspection is bad under any regime, no matter how benevolent. When a regime such as Iran today gets access to technology with the potential of DPI, you have a justifiable uproar on far more serious and urgent implications than delayed music downloads.
Global media over the past week pointed to Nokia and Siemens as having provided the Iranian regime with technology to detect and filter information they found inconvenient. According to a widely republished and quoted Wall Street Journal article on 22 June that the newspaper stands by, a system installed in Iran by Nokia Siemens Networks provides Iranian authorities with the ability to conduct deep-packet inspection of online communications to monitor the contents and track the source of e-mail, VoIP calls, and posts to social networking sites such as Twitter, MySpace and Facebook. As quoted by Wired, the newspaper also said authorities had the ability to alter content as it intercepted the traffic from a state-owned internet choke point.
Commenting on the story was Ben Roome, a spokesperson for Nokia Siemens Networks who noted in a blog post that,
I do want to say to the people commenting here if we’re (I’m) aware of the situation in Iran. We are (and I am), and it is mainly because of mobile phone video, photos and calls from across Iran, communicating events first hand as they happen, that we are so aware. As I said above: we had a choice as to whether we bring the Iranian people this mobile connectivity, in the knowledge that telecoms networks in Iran are required to have the ability to monitor voice calls as they do all over the world. We made that choice and believe there is a net benefit to the people of Iran.
The point made is that the world is angry about Iran, and sees horrific videos such as the murder of Neda Soltani, because of the ICT networks and foundations facilitated by Nokia Siemens Networks. The over one hundred comments to date on Ben’s blog post reveal the frustration and anger of people who point to the culpability of Nokia Siemens Networks in the violence that has gripped Iran today.
I suggested to some colleagues this morning that one can look at this issue from the perspective of power and accountability. The power of these DPI systems in Iran pale into insignificance with the capacity of what, for example, the US and its allies can monitor and intercept domestically and globally. But there is, at worst, retroactive judicial oversight in the US even when the Executive runs amok combined with the enabling Freedom of Information legislation. What can and should business do when this accountability and oversight is not present, and yet government’s ask for powerful technologies that can be used to undermine human dignity and human security?
But let’s not kid ourselves – you don’t do any business with a regime like Iran expecting them to give a free reign to rights, dissent and democracy. Is that a reason to not do any business? Not. Is that a reason to be up front to consumers about the business one does? Perhaps. Is that a reason to brush away a moral responsibility for the death of Neda Soltani?