How Routing Security Improves Online Privacy

Information for Online Privacy Advocates

Online privacy is freedom from being observed online without consent or knowledge. Improving and securing how traffic moves around the Internet via routing helps improve online privacy by reducing the possibility of data being intercepted, collected, or observed by unauthorized parties.

Securing a System Built on Unverified Trust

The Internet is made up of more than 74,000 independent networks, including those run by enterprises, universities and schools, government agencies, broadband and mobile access providers, and connectivity providers offering transit services to their customers.

Each network exchanges routing information about how they connect to neighboring networks. This information allows your router to select the best path (route) to reach the network you need to connect to.

Sharing routing information relies on trust and was not built with security in mind. Routing can, therefore, be abused by deliberately or erroneously sharing incorrect information, which can facilitate malicious activities on the Internet and result in:

  • Traffic being dropped
  • Unauthorized traffic inspection and/or collection
  • Denial of Service (DoS) attacks
  • Entire countries being disconnected from the Internet

How Can MANRS Improve Online Privacy?

Internet security and online privacy can be significantly improved if network operators (such as ISPs), Internet Exchange Points (IXPs), Content Delivery Networks (CDNs), cloud providers, and equipment vendors implement best current secure routing practices such as those defined by the Mutually Agreed Norms for Routing Security (MANRS).

MANRS defines specific actions that help to weed out bad actors and accidental misconfigurations that weaken security on the Internet. These actions include:

  • Filtering for incorrect routing information
  • Making genuine Internet services more difficult to impersonate
  • Maintaining current and accurate contact information to help network operators reach the right people in the event a network has been compromised, hijacked, or is sharing incorrect routing information
  • Cryptographically validating routing information

How Can I Participate in the MANRS Initiative?

You don’t need to be technically minded to participate in MANRS. You can:

  • Promote MANRS within your Internet Society Chapter or technical community
  • Talk about routing security and MANRS with your regulator or ISP
  • Follow the MANRS blog and social media channels to stay informed of recent developments
  • Promote MANRS to other organizations involved in online privacy
  • If you run a network or operate a company that does, do the actions and join MANRS