BitTorrent Monitoring Report

On Tuesday the web was overrun with reports that BitTorrent users are being monitored by a host of different (and in some cases unknown) organizations. I would like to take a quick look at the actual document that spawned these headlines.

BitTorrent logoThe news is takes from a paper presented this week at the SecureComm conference in Italy by Tom Chothia and colleagues at the University of Birmingham.

The paper is free to read here.

All alarmism aside the paper looks at both indirect and direct monitoring techniques, the indirect being the type that is typically used to “catch” people who are illegally downloading films, music and other copyrighted materials, and the more expensive but precise direct means that various companies are employing.

In the paper the authors state that their contribution to the argument can be summed up as follows:

We determine that indirect monitoring is still in use against BitTorrent users and devise more effective techniques to detect peers engaging in it;

We find indications that certain entities engage in direct monitoring of BitTorrent users and provide features to detect such peers;

We also notice that direct monitoring, in its current form, falls short of providing conclusive evidence of copyright infringement.

This is a complex and technical paper, but certain things are noteworthy. The direct monitoring consists in creating false peers that connect to your IP address and monitor its use, be that downloading updates for Linux or watching War Horse.

A user is much more likely to be directly monitored if they are partaking in one of the top 100 objects for download, and in 40% of cases monitoring began within 3 hours of connection. The less popular the object for download, the longer it takes to become monitored. This suggests that those doing the monitoring (be they copyright authorities or private data collecting companies) spend more resources on popular downloads.

One thing I can take from this paper is that somebody is collecting an awful lot of data about a lot of people and their downloading habits, and I wonder why? And also what do they intend to do with it? Particularly as many lawyers deem the data collected as not strong enough evidence to use in a court of law.