Network Neutrality: Distinctions and Controversies

by Andrew Oram

This was originally published on the O’Reilly Media web site as a wiki on September 12, 2010.

This article aims to distinguish different arguments and reasoning in the debate around network neutrality, or control over traffic transmission on digital networks. The page was created to disentangle the many arguments, because the people arguing for and against network neutrality use multiple definitions of the term and mix together many arguments on different levels. The purpose of this page is not to air polemics, but to elucidate the various points made for and against various forms of network neutrality. The document treats network neutrality as a business practice, and therefore does not cover related topics such as copyright enforcement, censorship, the move of processing and data to remote servers (often called “into the cloud”), policies of mobile providers toward content and applictions, or surveillance. Essentially, the document covers a public issue that started as a set of economic concerns and has been invested by debaters with social policy concerns.

Varieties of intervention in Internet traffic

Much confusion among the public, and many instances of debaters talking past each other, are caused by the possibility of differentiating among Internet traffic in many different ways.

In all these cases, an Internet service provider monitors traffic at its routers and chooses to drop certain packets entirely or to send them at a slower frequency. When traffic uses TCP, dropping selected packets near the beginning of a session causes the sender to throttle back the speed of transmission, because TCP assumes that the lack of acknowledgment indicates a congested route.

A router is normally expected to check only crude indicators of traffic such as IP address and port (characteristics stored in Internet packets at the Internet Protocol level). Deep packet inspection is a technique permitted by faster and more sophisticated routers, letting them look at more fine-grained elements of the session and even at application-layer data.

Differentiation by service (port, protocol)

Business case

Services that use a lot of bandwidth in a sustained manner can have trouble cohabiting the lines with other traffic. Voice over IP used to fall into this category, although now the protocols have reduced its demands and the bandwidth in most places has increased to the point where it is not a problem, and streaming video has replaced it as a concern. Streaming media such as voice and video are the high-bandwidth transfers that concern both users and ISPs, because any delays except the most minor ones introduce noticeable problems such as jitter, hanging, and indecipherable voice content. Non-streaming services simply take longer to transmit material, but users often don’t notice.

By detecting streams and giving them higher bandwidth, ISPs can provide a more desirable service. Differentiation can be accomplished by directing the streams onto different lines reserved for high-priority traffic or by privileging the packets over other traffic. Customers have traditionally reserved high-priority lines and paid extra. Using the same lines would allow an ISP more fine control and more options in offering enhanced services and charging higher revenue for them.

Potentially, if specialized new services become popular (telemedicine and long-distance education are often cited), the ISP can provide the high bandwidth needed for the services and charge the users on one or both ends. If the provider of the service is charged, the charge would presumably be reflected in service fees.

On the other hand, some ISPs have seen VoIP and video streaming as competition, particularly when the ISP is offered by a company that also offers telephone service of cable TV. Thus, these ISPs have been known to ban VoIP or video streaming and take steps to detect and block them.

Although most Internet services have traditionally been offered to individual end-users for free (or more likely, with embedded advertising to pay for them), businesses have paid for Software as a Service for some time, and there is a trend toward end-user services charging subscription fees, such as some journalistic sites. The popularity of services running on mobile devices provides another opportunity for user fees to be introduced on the Internet. Differentiation by ISPs (especially mobile companies) among services allow them to charge for a service and perhaps share the revenue with the site providing the service.

From the beginning of the network neutrality debate, phone and cable companies have claimed that charging for Internet service—usually, charging the provider rather than the end-user—is necessary to provide the funds to bring higher bandwidth to areas that are currently underserved. Differentiated service is seen as a way to promote innovation in networks. In addition to allowing phone and cable companies to differentiate themselves—one perhaps being seen as a friendly site for games, another for telemedicine, etc.—it can also help Internet sites to differentiate themselves on the application layer. For instance, one Internet site can offer faster access to its content by paying for higher bandwidth.

Technical means

Services such as email, the web, and DNS traffic traditionally use different ports to make it easy to route traffic to the right program, although this is not universally true and some programs deliberately use ports meant for others (especially port 80, which is usually open, at least for incoming traffic, because it is assigned to the Web).

A router can therefore check the port number for a preliminary indication of the traffic being carried. Because programs can use other programs’ ports and the port numbers indicate nothing about the actual traffic going between services, deep packet inspection is often used to determine the type of service in use. Thus, although peer-to-peer file transfers could be considered a distinct service, the programs do not use well-known ports and must be detected in other ways.

For instance, many ISPs want to detect Voice over IP for a variety of reasons: to give its packets a higher privilege because it’s a streaming service and therefore subject ot jitter, to block the service because the ISP considers it a competitor to its own voice service, or to offer surveillance to law enforcement. Voice over IP tends to use many ports, often including port 80. Therefore, it is usually detected by building into the router a sophisticated understanding of its protocols. A “protocol” includes various standard forms of data at the start or end of a message (headers and footers), as well as a strict set of messages exchanged to start, end, or manage a session.

Conditions for success

Differentiation by participants (IP address)

Business case

Differentiation is usually provided for pay or on some other contractual basis, so traffic needs to be tied to the organization that has contracted for the service. Organizations often contract for a particular Quality of Service measured in throughput. The ISP is not required to demonstrate a particular response time or other element of the user experience, because such measures can be subjective and are affected by many elements of the environment outside the performance of the network. But some aspects of quality, such as the number of packets sent, received, and dropped over a period of time, are easy to measure.

Technical means

Most people and institutions have one or more contiguous IP addresses assigned by their ISP. (A few institutions with historic roots in the Internet were assigned IP addresses directly.) Thus, the institution can be identified by its IP address. Many large organizations also contract with content delivery networks such as Akamai to cache content close to the users and deliver it from servers owned by the content delivery network.

Conditions for success

Differentiation by volume or density of traffic

Business case

The number of bytes transmitted corresponds fairly closely to the costs to the ISP. No ISP wants to meter service to the end-user, but the ISP must estimate and aggregate the expected usage among all users in order to provision lines and routers and make deals with other ISPs carrying traffic. Although some ISPs rely on natural network behavior to control the volume of traffic (there is no need for a cap when there’s little congestion, and all transmissions will slow down when congestion strikes) caps on transmissions have been common for quite some time on some networks, notably cable Internet service and wireless ISPs. Many ISPs distinguish between “home” and “business” service, requiring customers to pay more for the “business” service if they use more than a certain amount of bandwidth during a month.

Home users are unlikely to strain the network unless they regularly download large amounts of material, and the usual culprits are music and videos. Other individual transfers can be large—such as a major PowerPoint presentation or a Linux distribution—but users are unlikely to conduct enough transfers of such material to make a noticeable dent on the ISP’s bandwidth. The stress on the network seems to come with music and video, particularly when peer-to-peer file sharing is used. This usage is also normally illegal because most legitimate copyright holders have other ways to distribute music and video.

Technical means

Differentiation comes into play when an ISP decides to react dynamically in real time to large data transfers instead of simply telling the customer later to upgrade to a more expensive service. Some ISPs cut off transfers above a certain size or drop packets selectively to degrade the speed of the transfer. The sophisticated techniques mentioned under [[Differentiation by service (port, protocol)]] can also be used to identify peer-to-peer behavior.

Conditions for success

These are similar to the conditions for success listed under [[Differentiation by service (port, protocol)]].

Ban on “servers”

Although the Internet is designed around a model of communicating peers, most applications use a client/server model. Content is stored in a large central system (the server) and parcelled out to simpler programs (clients) running on the computers of individual users.

For instance, even though email appears to be a communication between peers, each side actually communicates with a server that intermediates between them.

Servers generally handle more traffic than clients, so ISPs who provision resources for home use sometimes include a ban on servers in their terms of service.

In the early 2000s, a peer-to-peer model arose that doesn’t fit into the client/server model. Virtually no services run as pure transfers between peers; most require some server or a set of super-peers for connection. But these systems at some point ask the end-users to disconnect from the servers or super-peers and exchange data directly. Most ISPs define this peer behavior as running a server, because it involves higher data transfers than most client programs engage in. The ISPs also justify the ban on the basis that most such peer-to-peer transfers are unauthorized transfers of copyrighted material.

Conditions for success

These are similar to the conditions for success listed under [[Differentiation by service (port, protocol)]].

Application-level filtering

Every ISP combats unsolicited transmissions (spam, phishing, and virus transmission) by checking the content of messages. Suspicious traffic can be dropped or flagged to warn the user. Some security experts would like ISPs to check outgoing traffic as well, so that when an individual user’s machine gets infected and starts sending out spam or malicious traffic, the ISP can block it and cut down the spread of infections.

Business case

Because at least 95% of all email is estimated now to be spam, end-users clearly benefit from filtering at the ISP level. However, disruptions from this filtering are well-known. Legitimate email can be trapped in error (false positives), and all the users of an ISP may be blocked over a dispute in which a black hole operator believes the ISP is not being strict enough to terminate a malicious user.

Technical means

Checks for dangerous traffic are usually done at the application layer—for instance, a dedicated system through which all email is run to check for spam and other undesired content.

Conditions for success

ISPs must be able to distinguish the undesired traffic from legitimate traffic with few enough false positives and false negatives to keep customers.

Objections to differentiation

Technical objections

Economic objections

Social policy objections

Legal remedies

These have been proposed by various actors for all varieties of differentiated traffic handling. The effects might be different, however, depending on the variety.

Competition and anti-trust law

Complaints about discrimination could be dealt with through laws on competition and monopoly, on an individual basis, by such bodies as the Federal Communications Commission or Federal Trade Commission. Objections to this course of action include:


“Truth in advertising” laws and regulations could be invoked to require the ISPs to tell customers what kinds of differentiation are in use. See for instance David Farber’s offering in the [ Communications of the ACM’s Point/Counterpoint Network Neutrality Nuances]. Objections include:

Common carrier status

The FCC could require ISPs to act as common carriers toward services above them. A federal appeals court ruled in April 2010 that the FCC (in a suit brought by Comcast) lacked the authority to require this neutrality. The suit concerned blocking service through traffic analysis, but applies equally to any form of differentiation chosen by an ISP. The FCC could attempt to reassert authority by reclassifying Internet service (see for instance [ Susan Crawford’s New York Times op-ed]), but many people believe Congress must or should be brought in to resolve the question through law.

Essentially, common carrier status would require every bit to be treated equally, also known as “first-in-first-out” treatment, with possible exceptions for classes of traffic that the government has a reason to suppress. Objections include:

Structural separation

Congress could require companies that offer transport (the hardware and protocols for networking) to be separated from the companies who offer application-level services. This would remove the incentive for companies offering transport to play favorites and privilege some transmissions against others either to promote particular application-layer services or to suppress services they see as competitive threats to their own services. Objections include:

Promoting competition at the network layer

Competition could provide alternatives to customers, who could then leave ISPs who try to control their choices. Regulations could force incumbents to interconnect and to offer their facilities to competitors for reasonable fees. Such laws and regulations are seen to have played a major role in making high-speed networks widely available in South Korea, Japan, and the Netherlands.

If private competition is not robust, the government can fund networks, particularly on a municipal level. A few observers have suggested that users could buy their own fiber, either individually or collectively. Objections include:

Types of Internet control not covered in this document

Several types of intervention in Internet traffic are not covered in this document because they are related only in indirect ways to the central ISP business issues expressed in the network neutrality debate.

Copyright enforcement

ISPs do not take on the task of detecting and stopping the unauthorized transfer of copyrighted material, such as P2P file sharing of videos and music recordings. However, copyright holders often demand cooperation from ISPs in stopping transfers or catching the parties involved, and use techniques related to the ones described in this paper, notably detecting transfers and using IP addresses to identify the party at one end. Furthermore, ISPs often cite the use of high-volume data transfers and P2P file sharing for illegal purposes as justification for traffic control.


Many of the techniques used to detect various types of transfers for business purposes can also be used for censorship, along with even more sophisticated techniques. For instance, governments often block access to IP addresses associated with news sources they disapprove of, or services used to proxy and hide data transfers.


The techniques in this document are often used by ISPs to support efforts by law enforcement to detect criminals or other people they want to track for any reason.

Author’s home page
Other articles in chronological order
Index to other articles