back to article BT targets 10,000 data pimping guinea pigs

BT is preparing to test Phorm's advertising targeting technology on 10,000 of its customers this month, to gauge people's reaction to their web browsing being exploited for extra revenue. The trials will begin mid-March and guinea pigs will be drawn from BT Retail's consumer broadband subscriber base. The firm believes …


This topic is closed for new posts.


  1. anonymous sms

    Profiling Potential Scam Victims?

    As I understand it BT will not be giving Phorm our identities but they will be giving them our internet 'addresses'. They will also be giving them a complete profile of the type of person at that address.

    Would we want Royal Mail to give our addresses and a complete list of the organisations we communicate with to unknown third parties? Certain mass-marketing 'companies' that currently target us with various scams would love that type of information.

  2. SilverWave

    From politicalpenguin,295/

    "Our first avenue of investigation available when trying to hunt down the information on this system should come from the hint on Phorms own website, that this technology is patent pending.

    There are numerous repositories on the net that monitor and collect information on new patents. We also know the name of one of the directors of Phorm, Kent Ertugrul. A quick look around new patents reveals this.

    As far as can be told, it is the only patent registered by Kent Ertugrul and is registered with the US Patent Office.

    A quick look at the overview of the system and it’s title ‘Targeted advertising system and method’ not to mention the inclusion in the system of the use of ISP’s would clearly indicate that this is indeed the system that Phorm are planning to implement through their deal with UK ISP’s.

    I’ll first reproduce the claims of the technology here then do a brief synopsis of what this actually means."

  3. Steven Burn

    @Those recommending TrackMeNot

    For those recommending Firefox + TMN, this will NOT stop them profiling you, nor will it stop them tracking you (I suspect they'll just filter out requests to search engines if enough people start doing this). Identifying fake requests is alot easier than some of you seem to think ;o)

    If you want to stop them tracking/profiling you, use a proxy (i.e. Tor) .... and even then, make sure the traffic is encrypted for the proxy BEFORE it leaves your computer/network (i.e. SSH) .... and HOLY CHOCOLATE CAKES BATMAN - you can use shells other than FireFox with these!!!

    @ the person that mentioned the government petition, ignore it - they'll not give a hoot ....

    Best way to stop them doing this is to vote with your cash and move providers (i.e. to one that IS NOT selling your data). I'm currently with PlusNet, who claim may not be introducing this - which is also false (their RIN customers WILL be affected by this), and I doubt PN themselves will not be going for this themselves as they've been more interested in cash than customers for quite a while now (and I don't mean since being taken over by BT either).

    For those wondering, whether you opt out, use TMN, your provider is a BT "reseller" (e.g. PN, AOHell, Tiscali, TalkTalk etc etc) (by reseller, I mean they still require you have a BT line, so it's obvious they go through BT pipes) - if your traffic is not encrypted before it leaves your end, it's going to go through BT/cable pipes, so it'll be trivial for them to profile you (they've actually been doing this for years - whether or not they previously sold it to third parties is debatable).

    Can you end your contract without penalty if your ISP is using Phorm? yes you can. Your ISP has changed your contract without notifying you first and thus, has broken the contract themselves, thus all you need to do is write to them (ALWAYS put this type of thing in writing), and give them notice of their breach of contract and your subsequent cancelling of such contract.

    A simple;

    "Dear Sir/Madam,

    Due to your introducing Phorm on your network, without giving me prior notice or requiring my written consent, you have breached our contract and thus made it void. I am therefor cancelling my subscription to [ISP NAME] immediately and without penalty."

    I did the same to end my Tiscali and AOL contracts (though this was for a breach of contract, it had nothing to do with their tracking or selling me data or browsing habits).

    Anywho, Top Gear is on ....... so I'm gonna stop rambling and caboot .....

  4. Anonymous Coward

    The Key is in the last sentence

    The last sentence of the BT statement suggest that once people understand the 'benefits' they will be able to make an informed choice about opting out of the service.

    The point is that even if they do opt out they will still have their calls intercepted. It's like "if we change the words we use then the law won;t apply to us!"

    This is typical cockup by someone very senior in the business, they think it;s a good idea, and believe they will be covered with Glory for scoring a few extra pence a month per subscriber.

    "oh Rodney, if only we could sell a pencil to everyone in China"

    Now they are prepared to risk their shareholders money to cover their incompetence.

    Classic ivory tower thinking, "pride, fall, etc..."

    We had a boss like that at Worldcom !!!

  5. VulcanV5


    Please, everyone: sign the petition, and get everyone else you may know -- whether they're BT customers or not -- to do likewise.

    Also: please don't meander off into the world of cookies. The issue at the heart of this is that customers have contracted with BT to provide an Internet service. They have not contracted with some scumbag outfit for that traffic to pass through and be sampled and recorded by China-based computers -- which is what will happen whether the cookie's there or not.

    BT is hoping that because current UK legislation is protective of "personal data" it can side-step the issue by claiming that no personal data is transmitted. Actually, your online habits are unique to you and therefore as personal as your name. The fact that your name isn't in the hands of the dreadful Phorm means nothing -- be interesting to see what happens when Phorm itself gets hacked, as it most surely will after this rumpus.

    As to looking for assistance from the BBC: forget it.

    It seems not to employ real journalists any more and there certainly aren't any in news management. It spent more time covering the Oscars with more staff -- who was that stupid woman saying how wunnerful to be at Elton John's party, oh look, there's Stevie Wonder, Stevie! Stevie! Oh he doesn't appear to have seen me? -- than covering anything that truly mattered that week.

    As to "Watchdog", it thinks it's a branch of show business. And a cookie is nice biscuit from America. Then again, if there's a chance for any BBC journalist to wangle a free trip to America on the back of this, then yes, there'll be some publicity. Perhaps someone should send the Head of News a travel brochure for Delaware.

    Stick with liberal newspapers like The Guardian and Observer. . . but give them something to write about by ensuring the petition becomes a news story in its own right. Thousands, not hundreds, of signatures are needed, so if you're a member of any other online forums, spread the word on there, too.

    * Finally. . . Congratulations to The Register. In an age when journalism is becoming more rare than hen's teeth, how gratifying to find The Register telling the truth and providing a genuine public interest service. Well done, everyone.

  6. Steven Burn


    I meant to add, with regards to;

    [Q]"And got this answer from 'techteam':

    "When you opt out -- or switch the system off, it's off. 100%. No browsing data whatsoever is passed from the ISP to Phorm. We should be clear that the Phorm servers are located in the ISP's network and browsing data is not transmitted outside the ISP. Even if you are opted out websites will still show you ads (as they do now) but these will not be adverts from the OIX system and they will not be relevant to your browsing.""[/Q]

    This isn't actually true ....... whilst Phorm hardware exists on the ISP's network, the browsing data and everything else going to/from your computer, is passed to the central Phorm servers (located OUTSIDE of the ISP's network).

    Additionally, you may want to mention to them that it's been pointed out time and time again that opted out or not, everything going from/to your computer, is still logged by the Phorm servers (just as it's always been logged by the ISP's servers (contrary to their claims)).

  7. Anonymous Coward
    Black Helicopters

    the spooks will not be happy.

    What would GCHQ make of Phorm? With some of the UK's largest ISP's signing up, the home surfing habits of a large fraction of their employees is about to be analysed inside the jurisdiction of a foreign power. And they're as human as the rest of us. De-anonymization? Guess who'll be working on it.

    Black helicopter, on its way to make a small crater.

  8. Pseudopath

    @ Ben Tasker

    Thank you, just the type of letter I was looking for. And as I'd simply be moving to a reseller I think I might as well blugeon it out with BT.

    Bones - cause pirates don't just do software

  9. alphaxion

    about phorms china server

    Interesting to note that when the rumours of being based in china begun surfacing, the domain info got changed... anyone have any screen caps of the IP they used to use before feb 29th?

    Since both their .com and .net addresses now point to UK based IP's, would be very interesting to see where they used to point to.

  10. peter ashworth

    reported to ofcom

    this sort of thing really annoys me so i have just reported it to ofcom, and the guy i spoke to certainly seemed interested to hear about it, saying it was the first he had heard of it

    now to contact the data protection bunch who have been renamed ICO at

  11. alphaxion

    ceo interview

    techcrunch uk have released a video interview with the CEO of phorm

  12. Anonymous Coward
    Anonymous Coward

    Emailed the Beardy One directly...

    ...don't know if he saw it, but got a "reply" from Virgin Media.

    Posted verbatim...

    Dear Matthew,

    Thanks for your email.

    With the information that you have supplied I am still unable to locate your Virgin Media account on our Customer Services Database.

    Also note that our privacy policy relates to the way that information is stored on our websites and database system. The privacy policy prevents us from displaying or sharing your payment details in full the Virgin Media portal.

    I am sorry if you feel that we are in breach of our privacy policy but I can ensure you that we are adhering to both the privacy policy

    Also note that Virgin Media is a conglomeration of different companies and we deal with only non-cable/ADSL (formerly Broadband connection issues.

    I would request you to contact 0845 840 7777 where one of our representatives will help you with any query that you may have.

    Please visit this link and choose the appropriate the department:

    If you need any further assistance please contact us again, or visit the following address:

    Many Thanks


    Virgin Media Customer Support

    --Original Message--

    From: {email address}

    Date: 3/5/2008 8:59:30 PM


    Subject: Virgin Media - Phorm Deal


    As an existing Virgin Media customer (Account Number XXXXXXXX) I have read with alarm of the proposed tie up between Virgin Media & Phorm. This apparently, somehow, involves the disclosure by Virgin Media, to a third party (Phorm) of my web browsing habit.

    I can find nothing in Virgin Media’s stated privacy policies, terms and

    conditions or service, or indeed anywhere else that permits Virgin Media to

    disclose my browsing habits or indeed any personal information to third

    parties, other than as specifically required by law. To do so, discloses or may

    disclose sensitive personal data and until recently, there were clauses in the

    Acceptable Use Policy which indicated that as my ISP you did not even monitor how I used my services and I have not consented to this change.


    I hereby confirm I do not opt in.

    I also note it might be the intention of Virgin Media and / or Phorm to operate

    an “opt out” system which relies on data placed on a users computer. I am not obliged to retain on my computer any means of storage of information of my preferences, which may be used by others.

    In relation to cookies I do not consent to this. In relation to root-kits, I do

    not consent.

    To the extent that either of these are placed on my computer and cause my

    computer to operate in any way differently, I do not consent to this and to

    place root-kits on my computer (if this is how it is done) is a breach of the

    Computer Misuse Act and a criminal offence of unlawful access to my computer.

    [Please see the Information Commissioner’s Office: Guidance on the Privacy and Electronic Communications (EC Directive) Regulations 2003, Part 2, section 2.2.

    Thus reliance on a cookie to prevent transmission of my browsing habits to

    Phorm via Virgin Media, or simply to prevent me seeing their served up

    electronic ads breaches these rules.

    I confirm I do not give consent for such a cookie to be placed on my computer.

    I confirm that I do not consent to you having any permission whatsoever to

    amend or control any operations taking pace on my computer.

    For the avoidance of doubt, I do not consent to my browsing habits, or indeed

    any other personal data being disclosed to third parties, or even other Virgin

    Group companies. This applies to any marketing or other purposes that are not directly associated with the supply of the services I have contracted to


    To the extent that any of the URL's contains content, and by inference,

    authentication information within what would otherwise be traffic data this is

    considered to be a breach of RIPA.

    The claim that Phorm get the content of the web pages you see (and therefore your mail if you use webmail) is a breach of RIPA as certain operations on my computers take place in the background and RIPA applies and you are not entitled to have, not do you have my consent to hold authorization codes embedded in my URLs and in the event that you are providing search content direct from my computer to Phorm in parallel with my use as user,then that constitutes an interception as defined in RIPA and a criminal offence.

    Please confirm your receipt of this email and acknowledgment that I have

    exercised my right to opt out as provided for by the Data Protection Act and

    that my data will not be passed to Phorm, whether to be ignored by them or

    processed by them or otherwise.


    Anthony {Surname}


    London {Post Code}

    I would particularly like to draw Register Readers attention to the incorrect name in the reply, no acknowledgment of my refusal of consent and the fact that they do not mention Phorm or this proposed agreement AT ALL. It seems that they possibly know they are breaching laws etc, but are pushing this through anyway because Ofcom, the ICO et all don't have the powers or drive to seriously punish them, and the most of the slack-jawed tracksuit wearing public of the British Isles won't understand this or give a shit.

    Bunch of incompetent fuck-wits, the lot of them.


  13. Dan

    found on the bbc today

    I just found:

  14. Steven Burn

    Just an FYI folks,61201.msg500802.html#msg500802

  15. Stephen Cole

    The BBC/Phorm

    That BBC "article" is really gulping down the Phorm koolaid there...

    The whole tone of the article is more about people being paranoid and "spooked" by our ignorance for not understanding how much better our lives will all be with more internet ads from ISP's SELLING OUR PRIVATE DATA TO A DISREPUTABLE 3RD PARTY.

  16. 3x2

    The BBC "article"

    Is that what passes for journalism on the BBC now?

    It's a cut and paste job from Phorm and BT website blurb. Well there you have it - Phorm say it's OK and the BBC agree. Nothing to see here move along.

    Perhaps Phorm will eventually breach the BBC carbon footprint standards then we'll see some real journalism.

  17. Anonymous Coward

    RE: BBC Article - read my post here!

    I won't cross-post, you can get it here:

    According to their charter, the BBC have to consider every formal complaint. Make sure it is slanted towards their journalistic code (bias, quality) rather than rant about alleged links to Russia etc.

  18. Steve

    re - bt sending spam

    I found a good solution to this; having given bt their own email address (ie. bt@...) whilst a customer, they started spamming it after I'd stop being their customer.

    So, tell them to stop or all future emails automatically forward to their abuse team and their head office will a covering note explaining that they were still sending unwanted emails, before being deleted from the server.

    Every now and then I'd remove the autodelete to see if it was still being spammed, and if so put it back again. It took them several months, but eventually they got the message.

  19. Alexander Hanff

    Emails removing consent to process

    A quick word of advice to everyone using emails to their ISP to remove their consent to process or pass on their data to 3rd parties. Instead of sending email you should really send them a printed letter by registered post. It will cost you about a fiver but they can't deny they have seen it because you can print out the delivery confirmation from RMs website.

  20. Anonymous Coward

    If you really want to get some attention

    Forget the liberal papers for the informed, this story needs to get in to a sensationalist rag like the Sun, sadly that's how you get attention in this country

  21. Anonymous Coward
    Paris Hilton

    Underage browsers

    What about children under 13? If they use their own computer and accidently click to opt in or don't notice the opt out. What are the legalities of tracking what they do online?

    Paris, because thats probably what 13 year old boys are searching for online.


This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021