The Pirate Bay has ambitious plans to bring end-to-end encryption to all network activity, essentially blacking out a user's traffic from deep packet inspection gear and other prying eyes. Interesting project, sure, and definitely ambitious, but will it work? We doubt it, at least in the near term, and here's why.

NewTeeVee has a nice writeup on the proposal by Pirate Bay cofounder Fredrik Neij for a system which he calls IPETEE. The system either replaces or sits atop the basic operating system network stack, encrypting and decrypting all communications that pass through the the computer. Diffie-Hellman key negotiation is used to generate session keys for the computer on each end of the network connection, though the system is smart enough to revert to standard, unencrypted TCP/IP or UDP should the target computer not support the encryption scheme. (Rudimentary information is on the project's wiki.)

Apart from the obvious drawback of CPU and bandwidth overhead, such a project could no doubt be completed (eventually) by the Jolly Roger-waving lads of The Pirate Bay, but its hurdles to adoption are legion. For one thing, there's the practical matter of what benefit it would have. BitTorrent and other P2P protocols already have numerous encryption options, one reason that DPI vendors have tried to identify P2P "flows" based on handshake details, packet lengths, and behavior rather than on scanning headers. Secure connections to e-mail are widespread; bank records and other confidential information is routinely protected on the web already through robust encryption. Skype encrypts VoIP calls.

There are other uses, of course, such as evading traffic-watching ad products from companies like NebuAd and Phorm, but the encrypted packets would still contain the source and destination IP addresses. While this would keep your Amazon browsing history safe from the watchful eyes of that humming gray box in your ISP's network operations center, visiting Expedia.com at lunch every day still indicates that you're interested in travel. For the same reason, mere encryption isn't an effective way to avoid censorship.

But the bigger practical question is who will adopt such technology? After all, it's useless unless both parties have modified their machines. P2P downloaders might well do this without a second thought, but it's unlikely that most popular websites and web services would adopt a such an encryption method; just carrying the "Proudly produced by The Pirate Bay" logo alone could well be enough to keep image-conscious companies away from the tech.

Widespread encryption might well come to all network activity in the long run, but in the short term, it's unlikely that such a standard could be widely deployed enough to be useful until a broad range of interests feels that it's urgent. With individual websites, application developers, and protocol designers already incorporating encryption into the specific services where the public most clamors for it, the case for total encryption of network activity hasn't been made.

Governments around the world are doing their best, though, as wiretap rules give government unprecedented access to private communications. While most people in the US, at least, don't appear worked up over the government's warrantless wiretapping program or the NSA's involvement with the telcos (see today's lopsided Senate vote in favor of the new FISA "compromise"), a couple of high-profile scandals, data breaches, or even information leaks on the true extent of such program may do more to make the public clamor for widespread encryption than the RIAA's legal campaign ever has.