Identity, Privacy and Trust

Jun 11 2008   9:07AM GMT

The Phorm effect spreads

tobystevens tobystevens Profile: tobystevens

Tags:
BT
Data protection
incidents
Phorm
privacy

A little while ago I declared a closed season on Phorm, but this story merits coverage. The UK Information Commissioner has examined Phorm’s OIX and Webwise offerings, and concluded that since they have yet to launch a commercial service, it does not merit intervention, and the ICO’s current position is to maintain a watch on events. However, that didn’t satisfy camapaigners who object to Phorm’s approach to user profiling, and as a result the European Commission is apparently considering intervention. Anti-phorm protesters will be at BT’s AGM next month, and will also be demanding police intervention over Phorm’s technology trials with BT (although I imagine it highly unlikely that will result in action simply because of the complexity of the legal issues and an under-resourced police force).

This battle is proving to be another demonstration of just how hard a small but motivated group of campaigners can hit major corporates when they feel their privacy has been breached. BT’s handling of protesters is going to be a tipping point for the battle, so keep an eye on the news on July 16th.

15  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • BTCustomer
    Thanks for the above. The ICO is not just waiting for implementation of the full Webwise service, he is also refusing to act on complaints received about alleged criminal breaches of DPA during BT secret trials of the Phorm technology in 2006 and 2007. That is what the campaigners are concerned about, as well as the police failure to investigate alleged RIPA breaches (among others) during those same trials. The ICO's "watching brief" may be appropriate as we wait for the rollout of the full technology, and we appreciate that his THRD statement about Webwise/Phorm did demand an opt-IN - another campaign success - but the lack of action over the 2006 and 2007 trials is unacceptable, and the subject of vigorous complaint to the police and the EU Commission, now backed with very damning evidence contained in a leaked BT internal document about the 2006 trials.
    0 pointsBadges:
    report
  • Pete
    When you boil it down, the issue isn't complicated at all. BT illegally intercepted the communications of thousands of its customers to sell advertising. Not once, but twice. They had no permission to do so; consequently it was illegal. There, that's not very complicated is it? If the Police and Information Commissioner ignore this because its too difficult for BT to comply with the law and too hard for ICO and humble Policemen to understand... we need a new Information Commissioner and a new SOCA. The good news is European Commissioners seem to understand. Pete
    0 pointsBadges:
    report
  • Annie
    It is very easy BT trailed secretly this DPI which intercepted, peoples surfing profiled their clicks and at some point they actually placed adverts on customers computers targeted to them from their searches.. They say they will use Google robots.txt for permission to harvest, intercept, and forge cookies, pretend to be the site you requested. Google do crawl sites gather keywords but to index the site for searches that then bring visitors to the website. Phorm will intercept, harvest keywords then direct them to websites of other people who are signed up to Phorms OIX platform. They are total opposites and unless phorm are too scared to admit and show what they are doing, use their own robots.txt. Phorm is after one thing earn as much as they can from what they have always done spy on your internet to supply adverts their rootkit was doing this up to 2005/6 wonder just when one stopped and he tried to make it look respectable to BT.
    0 pointsBadges:
    report
  • I Am The Law
    "A little while ago I declared a closed season on Phorm, but this story merits coverage" its a shame you put a self imposed ban of the Phorm?ISP coverage saga way back on April 18, 2008 toby. you have missed so much new information and facts coming to light it might be hard for you to follow the flow.... you know were to find the latest questions and the answers when they are finally answered OC. for instance, we already know that this so called Home Office advice Phorm PR keep repeating in the hopes of convincing some end users, was nothing like looking at the Phorm case files in any form, and was mearly a hypothetical RIPA case, based on the old non DPI kit type cookies case, and the HOs guidence ('not a legal document' his words etc ,etc see below)that this Hypothetical case MAY BE legal IF, and only IF, EXPLICIT, and INFORMED consent were given. you can see the HO replys to the Anti-Phorm end users email questions, on the Cable Forum thread, you would be wise to read that thread from start to finish as its most Comprehensive and full of potentially effected payed up end users and techs. http://www.cableforum.co.uk/board/12/33628733-virgin-media-phorm-webwise-adverts-updated.html Florence has the one that helps to clear this up ,free of ambiguities from any Phorm/BT payed 3rd party Non tech spokesmen.
    0 pointsBadges:
    report
  • Ade
    Nice to see you are covering this issue again, but what on earth were you doing declaring a "closed season"? This issue is MASSIVE. - An ISP has wiretapped, for money. And the government refuses to enforce the Law of the Land. If that doesn't warrant staying in the spotlight, being debated, analysed and commented upon until properly addressed and fixed, then I don't know what the point of the "privacy, identity and consent blog" is. I expect to see a lot more coverage.
    0 pointsBadges:
    report
  • Ade
    Guess as there's been no court verdict, and may never be one, I should say "An ISP has *allegedly* wiretapped, for money. And ...". But it does stick in the throat somewhat.
    0 pointsBadges:
    report
  • Toby Stevens
    Glad to see this one has brought the comments in, thank you for your input everyone. Just to clear one point up: my role here is as an occasional commentator on privacy issues. I have my own personal opinions about the Phorm product set, but I keep those to myself. CW is a respected publication and I'm not going to publish (or be permitted to publish) my own speculation or theories on this site. I also believe very strongly that if an organisation is taking a beating over its privacy practices, you have to stop kicking it when its down and give it a chance to sort the problems out - hence keeping quiet on Phorm. If Phorm go live without addressing campaigners' concerns then you can rest assured I'll have something to say about that :-) Commenters are, of course, welcome to share their opinions!
    0 pointsBadges:
    report
  • icsys
    Quote... "I have my own personal opinions about the Phorm product set, but I keep those to myself. CW is a respected publication and I'm not going to publish (or be permitted to publish) my own speculation or theories on this site." I am sure you will be made most welcome over on the Cable Forum where you may air your personal opinions. See you there soon then?
    0 pointsBadges:
    report
  • Toby Stevens
    It certainly wins the prize for the longest discussion thread I've ever come across - although if I'm there it will have to be pseudonymous!
    0 pointsBadges:
    report
  • Pete
    But Toby, here's the rub. Its too late. BT/Phorm have *already* operated their foul system twice without the consent of their customers, without advising the Home Office, without risk/privacy/security assessments to their customers, without measuring the economic impact, ignoring the distress caused, ignoring the rights of copyright holders... and in doing so *flagrantly* breaking the law. They are taking a beating over their privacy practices because they treated the privacy of hundreds of thousands of BT customers with utter utter contempt, not once but twice. People need to go to prison.
    0 pointsBadges:
    report
  • Stephen Mainwaring
    Toby please keep this story open until justice has been done. Last summer BT intercepted my communications in order to test a new advertising platform. BT intercepted my communications, and processed my data (business and personal) in an attempt to serve ads. They did all this without my consent. When I questioned them about it they deliberately lied to me. They told me my PCs had a virus and that it was my problem. This caused disruption and costs to my business and undue anxiety and stress to me personally. They continued to intercept my communications and give out misinformation for many days after I had logged support, abuse and customer service calls. They continued to intercept my communications even after they knew that I knew what they were up to. BT acted illegally and dishonestly. Not only did they do this to me (a long term satisfied BT Business Broadband customer) but to thousands of other customers out there. BT should not be allowed to get away with what they did. Please keep this story open.
    0 pointsBadges:
    report
  • icsys
    Richard Thomas has let down the people of this country. He claims that "we are sleepwalking into a surveillance society". Well Mr Thomas, you are right, and YOU are leading the way. There should be a call for his resignation over the Phorm scandal!
    0 pointsBadges:
    report
  • John Carol
    Although the campaigners have you believe so, the issue really is NOT as simple or black and white as they claim. Alleged legality has not been tested in the courts. It is not simply a "wiretap" in the traditional sense as a 3rd party has not been listening into calls or reading email. The subtle technicalities and points of law may swing this either way. Another thing the vocal minority of campaigners fail to notice is that Phorm does bring tangible benefits to the community, allowing previously thought unsellable advertising space (due to website content) to be sold based not on the sites content but the visitors interest. This is significant and should be considered alongside the cost in terms of perceived privacy threat. Personally I'm against intra-ISP profiling not because of what Phorm plan but because of the extreme complexity in regulating any such market. How to allow Phorm but stop more intrusive and abusive services?
    0 pointsBadges:
    report
  • Stephen Mainwaring
    John. Where is your evidence that they did not "listen into calls?". How do YOU know that? My internet communications were calling in at sysip.net. What was that all about? As reported by other users downstream webpages were intercepted and injected with javascript as were upstream postings. Now you tell me how that was not an interception? Why is that not illegal? It is simple. It is black and white as Clayton and Bohm have pointed out. The problem is that no-one in authority wants to take action of this and it is going to be upto people like me to take this to the courts.
    0 pointsBadges:
    report
  • Florence
    Hi it is time the people were allowed total control over their privacy. Corporate organisations shouldn't be allowed to share details with partners anymore. If we don't give the partner details then they are not allowed them. I am also a BT shareholder and these trials were never told to us, questions asked at the AG were fudged or not answered. website owners Copyright will be illegaly broken and used for corporate gain.. I see ICO are having a meeting about privacy by design the only way forward now is each individual looks after tehir own privacy any infringement on this should leed to prosicution of offending companies...
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: