China wants to meter all internet traffic that passes through its borders, it has emerged.
The move would require international agreement – but it is being discussed by the United Nations body in charge of internet standards. It would allow countries which currently receive no payment for use of their lines to generate income. But an EU cyber security expert has warned the plan could threaten the stability of the entire internet.
Andrea Servida, of the European Commission, told a House of Lords committee that China could have a “hidden agenda” in wanting to monitor data flows. And, in later comments to BBC News, he suggested technical changes needed to charge everyone for internet traffic flowing through China could undermine the web’s founding principle of openness as well as raising security and stability concerns for all net users.
But the International Telecommunications Union (ITU), the UN internet standards body, firmly rejected his claims saying it was “not clear” how introducing tariffs could threaten internet security or stability. The ITU also stressed that the Chinese proposal did not involve modifying the Border Gateway Protocol (BGP) – one of the core specifications that controls how data flows around the internet – as Mr Servida has alleged. An ITU spokesman said: “The ITU has no plans to modify the BGP protocol, which is not an ITU-T standard.
“A proposal has been made, and is being studied, to use BGP routers to collect traffic flow data, which could be used, by bilateral agreement, by operators for billing purposes.” The spokesman said discussions about international internet tariffs had been taking place for the past 10 years and the Chinese proposal was one of many ideas of being studied by ITU working parties.
“We would have welcomed EU participation in the discussion and it’s regrettable that the UK Parliamentary committee has been misled in this way,” added the ITU spokesman. But Mr Servida said that as far as the European Commission was concerned the Chinese proposal was “ambiguous” about whether it would involve installing BGP routers or modifying the BGP protocol itself.
And he told BBC News the European Commission’s concerns were shared by other delegations at the ITU. He said that because the BGP protocol is an Internet Engineering Task Force standard and not controlled by the ITU “the involvement of ITU in this specific matter is highly questionable and alarming”. “It indicates a clear intention to introduce higher government control of a critical internet function through what may appear to be a purely technological discussion,” he added.
The ITU firmly rejected this claim and insisted that it had involved the wider internet industry in its discussions – with several experts being invited to contribute to the most recent talks on introducing tariffs, which took place in Kampala, Uganda, in September this year. “There have not been any proposals to introduce ‘higher government control of a critical internet function’,” an ITU spokesman told the BBC.
Mr Servida, who stressed he was speaking in a personal capacity and not on behalf of the European Commission, said it was “certainly worth engaging in a discussion on tariffs for international internet” – but he suggested China could have ulterior motives for wanting to monitor “packets” of data flowing around the internet and that it could “establish a ‘de facto’ legitimacy for someone to have a closer look at internet data flows”.
China’s proposal is understood to have the backing of a number of developing countries, who currently have to bear the cost of international internet connections. At the moment, when countries install internet circuits, they have to choose between a “peer-to-peer” system for connections with other countries, in which no money changes hands but the traffic flow between the two countries balances out, or an asymmetrical system, where they have to pay the full cost of the connection.
It is understood that the Chinese proposal would see countries reaching a commercial agreement when internet connections are established, including possible compensation for traffic flow and number of routes. Mr Servida, deputy head of unit at the European Commission’s Information Society and Media Directorate General, is one of the authors of an EU plan to protect all 27 member states from large scale cyber attacks and disruption, which is expected to come into force some time after 2011.
The Commission is also working on proposals for international standards for internet security and resilience. Mr Servida said: “Our target is to develop a roadmap for international cooperation on principles and guidelines for security and resilience by the beginning of 2010.” The proposals would be presented to the EU’s international partners at the UN-run Internet Governance Forum and elsewhere at the end of next year, he added.
Mr Servida raised his concerns about China earlier this month when he gave evidence to the House of Lords EU home affairs subcommittee, which is investigating cyber-security. He cast doubt on the idea that is was possible to “take down” the entire global internet, but added: “Regionally you may have strong disruption and that goes for any region.”
He also spoke of the need to reach out to nations who “feel they have legitimate grounds to think of the internet as a kind of private garden” and involve them in international cyber security efforts. China’s laws restricting internet access had been brought in to “protect Chinese citizens” and so were hard to argue against, he told the committee, but the country was now working on technical and trade barriers which would be “bad” for all net users.
“Fencing the internet is not going to help anybody,” he told the committee.