In the security session at the Australian Internet Governance Forum this morning (see www.igf.org.au for info), an interesting dilemma about security responses by ISPs came up.
There is the prospect that ISPs could use a range of more or less reliable technologies (from deep packet inspection to usage metering) to identify users whose accounts are creating a threat -- for instance, compromised computers being part of a botnet attack.
The dilemma is, should they?
It's easy to see an upside from such a step. If you were compromised, or thought to be, your computer could be put inside a walled garden (off the open Internet) so you see a website identifying the problem and suggesting remedial responses. Since most people have no idea about computers this would respond to a key problem -- user ignorance.
What about downsides?
Do we want ISPs monitoring all use of their networks and obliged to act based on what they find?
What about privacy?
Would ISPs be found liable if they failed?
Would security by hackers just leap ahead?
Good arguments were put either way.
I have long had the view that ISPs are, and should remain, simple conduits to the Internet. They should have no content role. They are not copyright police, security police, good taste police, gambling tsars or any of that. They just provide the connection, and are only responsible for doing that. (Unless you buy more services of course.)
Doesn't solve the security problem -- but keeps ISP sticky beaks at bay, and minimises the cost of ISP operations, to the benefit of us all.
What is your view?