back to article Net think tank: Phorm is illegal

The Foundation for Information Policy Research (FIPR), a leading advisory group on internet issues, has written to the Information Commissioner arguing that Phorm's ad targeting system is illegal. In an open letter posted to the think tank's website today, the group echoes concerns voiced by London School of Economics …

COMMENTS

This topic is closed for new posts.
  1. Man Outraged
    Happy

    London Busses...

    Talk about bally London Busses coming all at once, what a good news day for those of us who just want an ISP to relay our packets on their way out to the internet, and kindly retrieve and pass back any incoming packets. Is that really too much to ask! THANK YOU FIPR FOR UNDERSTANDING THE ISSUES AND MAKING SOME SENSE!

  2. Alan Parsons
    Thumb Up

    Watching and waiting

    Looking at the share price, willing it to crash and burn :)

  3. Anonymous Coward
    Boffin

    I'm starting to feel vindicated

    Hopefully not persecuted.

    In the long run I think this whole situation will have been less harmful to the ISP's in question to give them a chance to back down a bit rather than if they had gone blindly ahead and suffered the lawsuits after the fact - but I doubt they will see it that way somehow.

  4. Anonymous Coward
    Thumb Up

    At last !

    Can't wait to see lawyers smash grabbit and run kick the crap out of BT :)

  5. Jonathan

    FIPR FTW!

    I love the taste of Phorm's tears - there is nothing quite like the tears of greedy individuals whose ambitions have been foiled.

    lets hope this goes from being the opinion of a think tank to official policy.

  6. Andy Enderby

    This needs a wider audience

    Specifically, it needs posting on the various share price news fora.

  7. Rob

    @ At last !

    It's "Sue, Grabbit & Run", as any fule kno.

  8. Avi
    Joke

    What's this?

    Government department getting something IT related right?

  9. The Other Steve
    Happy

    Bad day for Phorm, good for everyone else

    TBL and FIPR laying into them, negative coverage all over, shares down some more for most of the day. (Closing price down 167.50p on this morning)

    BT have switched to silent running in their support boards, nary a rep to be seen. Oh and Phorm's horrid PR creature has crawled back up it's own arse, having retreated to their own rather pathetic blog*, which naturally doesn't accept anonymous comments. Or possibly any comments at all.

    And we haven't even heard a peep from ICO yet.

    Hello Phorm, your Shipment Of Fail is ready for you to collect.

    * http://blog.webwise.com/ not one single comment posted yet, and don't you just /know/ they've had plenty ?

  10. Sam

    sarcasm

    Wept fucking buckets when I read the headline.

  11. Midnight_Voice
    Thumb Up

    Home Office Advice

    I think the Home Office advice was quite clever.

    While one suspects that the author was under a certain amount of pressure to come up wit the 'right' answer - one that would not leave BT wide open after last year's covert illegal trials of the Phorm technology - he has listed all the reasons why Phorm might be illegal, and the exact parts of RIPA that they fall under, effectively channelling Phorm into the one path of possible legality which requires the 'implied consent' of visited websites.

    And then briefly suggests that this may be the case, and closes.

    But as Professor Peter Sommer points out, and as the raft of 'denial of RIPA consent' headings on Phorm-aware websites is now making explicitly clear, such consent cannot be presumed.

    So whither now, for Phorm?

  12. gautam

    But will they Bite ??

    As per info, its still advisory ! WIll the govt actually put a stop to this madness ? Will anyone get a High court stop/stay order ?

    Is there any way to stop this sly information grab attempts? Can the company be closed down and public interest litigation started? Class action suit anyone?

    I doubt it!

  13. What's in a name?
    Black Helicopters

    Have I missed something?

    Where is the home office advice that this is OK?

    Who wrote that?

    Can they be placed in the stocks and pelted with rotten veg?

  14. Chris Hembrow
    Happy

    Common sense

    coming out of a government agency! Who'd have thought it. But I've still set up TOR, even though I'm not with one of the ISP's who've sold out. Maybe I'll just switch all my traffic to Three mobile broadband on PAYG, and get myself about as anonymous as you can get. Cash only top-ups though, of course.

  15. 3x2

    Quite unbelievable..

    ..that BT and others still think they can get away with it.

    Once Phorm are in chapter 11 where they belong it seems like a good time for HMG to take a long look at competition in the ISP industry. One thing this whole sorry mess has highlighted (to me at least) is the lack of alternative suppliers once the big three are in bed together. Clearly the free market isn't operating in this area or I would have changed my ISP last week.

  16. Matt Haswell
    Pirate

    Goodbye BT...

    Just got my MAC code to leave BT (decided to give Zen a go since it's the same price and their MD said there was no way they'd ever use anything like Phorm in an earlier Reg piece) and was amused to find out that the advisor hadn't had anyone else calling up with that reason yet.

    She went off and read up on it and came back with the BT arguments they gave at the beginning (safer web browsing, all done inside BT and not sent to America, "permanent" opt-out available (*cough* cookies), etc). All of which have been proved to be spin and vague platitudes.

    Not that I blame the poor customer service girl who sounded a bit overwhelmed by the technical detail...

  17. amanfromMars Silver badge
    Alien

    What is Wrong 42 Put Right.

    Surely IT is Phorm who have to be Proved Illegal rather than them Defending Legality

  18. david g
    Thumb Up

    Doh !

    ...and the FIPR Advisory Council includes.....(drum roll) Simon Davies of Privacy International. He must be having a left hand/right hand communication breakdown at the moment.

    Or does that help to signal what might be in the (unreleased) 80/20 Thinking review that Phorm have declined to publish.

  19. paul
    Unhappy

    so they'll change the law

    to make it fit their aspirations.

    Its what government do.

    FIPR have apparently even been kind enough to highlight the exact chapter of the current legislation which needs a minor tweak.

    I almost want to suggest that we should have kept quiet and sued them into the abyss after the fact.

  20. Anonymous Coward
    Anonymous Coward

    Other "rights groups" flunked the test

    One cheer for the FIPR.

    But where was Privacy International? In the press release, PI gave Phorm its seal of approval. And the Open Rights Group didn't seem to notice at all for a month then hedged its bets:

    "Phorm could, as Simon Davies has claimed, represent an advance in online privacy."

    Jesus H Christ.

    So we have ZERO citizens groups who can be relied on? This is not good.

  21. Anonymous Coward
    Anonymous Coward

    What about wi-fi hotspots?

    Does this mean that all those hot-spots around the UK which are using the other ad targeting technology to profile their users' surfing habits have been operating outside the law?

    Suddenly I am very happy not to be an hotel, coffee shop, cafe, borough council, train station .... nor any of the other hotspot outlets in London - how many over the whole of the UK? Is there a difference between the encrypted and unencrypted hotspot suppliers?

    I don't know enough about the hotspot market.

    http://www.jiwire.com/partners/index.htm makes interesting reading - which of those service providers and alliance & technology partners are responsible for the harvesting of data so that the service can be funded from the targeted advertising revenue generated by the users.

    A quick look:

    FrontPorch partner with free-hotspot.com - locations throughout UK - and Jiwire

    Ultramercial is tied in with Jiwire and HSBC Premier, and "Ultramercial is proud to have been selected by Virgin Mobile USA as their partner for SUGAR MAMA. Your brand will benefit from the years of experience we bring to this full-screen interactive advertising opportunity with Virgin Mobile’s 14-24 year old users." http://www.ultramercial.com/homebase.html

    Two words spring to mind: cat & pigeons

  22. Anonymous Coward
    Anonymous Coward

    Whinging

    This is unbelievable- do you people really have nothing better to worry about? Don't you worry that Sky is analysing your viewing habits when your box dials BskyB every night? Or your bank knows where you are spending money then sending you junk mail offering you loans/insurance? For Fucks sake grow up, if you don't like the idea, opt out. Simple. (I'd like to see one of you IT sophisticates actually hack into Phorm and crack the anonymising data_- oh sorry, little too difficult? maybe it really is secure. But don't pretend to be anything other than a Luddite.

    PS anyone care to point me to Tim Berners _ lee interview where apart from trashing Google ( good one Tim) he actually mentions Phorm? Or as in The BBC r4 interview this morning the dolt uses Berners_lee's comments to draw his own (incorrect) conclusion,...

  23. Peter
    Unhappy

    BT stance on Phorm

    Got my first "Phorm" call today on the BT helldesk.

    There hasn't been any word from above on it yet (there has on every, single, little thing else, like wi-fi's safe, don't mention "watchdog" etc.), so asked for our stance.

    The product specailist just shrugged as did the manager, and his manager, who serious aksed why someone was asking about "Porn".

    It's the blind leading the inept- if we get a stirring from Upstairs on this, I'll be surprised.

    Everything we've heard about this is off El Reg.

  24. Alex
    Black Helicopters

    Spin?

    I wouldn't trust this announcement as far as I could ping it, as has been said this could be a classic case of "the easiest argument to win",

    ie: send the consensus in an apparently negative direction only to absolve through setting the deck prior to dealing out your hand.

    DO. NOT. WANT.

    PHORM GET OFF MY CLOUD!

  25. mixbsd

    @The Other Steve

    I more like a phial of phail.

  26. Anonymous Coward
    Anonymous Coward

    And while we have the wind in our sails ...

    ... is it about time to revisit PlusNet's use of Ellacoya?

  27. Geoff Johnson
    Black Helicopters

    Be Afraid.

    BT provide most of the UK's broadband, usually re-badged and sold on through a third party. Prety much anything that isn't LLU is going via BTs DSLAMs. LLU providers are likely to use BT backhaul links anyway.

    How much of YOUR data has already been sold to experimental adware companies?

  28. Fred
    Flame

    well...

    I hope BT get their sorry asses sued to buggery over this! and then once they are done that, they can pay for a replacement 9081!!!!!!

  29. Anonymous Coward
    Flame

    Re: Whinging

    PR flunky? Shareholder? Employee? Kurt?! There must be some reason for the outburst as I can't see an uninterested party coming out with a statement like the above.

    With Sky they make no secret of what the box does. And you can always take the free card option or just *cough* unplug the phone cable from the box.

    My bank(s) and credit card providers(s) know what I want them to know. And there's always the option of cash.

    Cracking Phorm wouldn't be trivial, but it isn't exactly impossible either, especially from the inside. Personally I trust neither Phorm or the owners of the host datacentres to not give into temptation and start playing with the data. Even if they 'anonymise' the data there are still things that can be done with it. Plus you have to trust the anonymising process which is hard to do.

    If you think people who object to an illegal infringement of their privacy are Luddites then I suggest you might lack some understanding of the term. I somehow doubt that those objecting the most are likely to have much of a Luddite tendency given most are in technical professions.

    .

    Anyway, I hope Phorm disappear in a blaze of bad publicity - let's face it, the coverage isn't getting any lighter or more favourable!

  30. Anonymous Coward
    Flame

    @Whinging

    "This is unbelievable- do you people really have nothing better to worry about?"

    Sure, lots.

    "Don't you worry that Sky is analysing your viewing habits when your box dials BskyB every night? Or your bank knows where you are spending money then sending you junk mail offering you loans/insurance?"

    I don't know about Sky (do I care? no) but if the bank did that it would be in _very_ hot water indeed.

    Lost a load of cash on the stock market and coming here to cry, are you?

    "Or as in The BBC r4 interview this morning the dolt uses Berners_lee's comments to draw his own (incorrect) conclusion,..."

    What? Incorrect conclusion? TBL seems pretty clear in said interview:

    http://news.bbc.co.uk/2/hi/technology/7300103.stm at 12:20

    Also it's "Whining". More work for free.

    Now move along and get off my Internet.

  31. Anonymous Coward
    Thumb Down

    HTTP is dead, Long Live HTTPS!!

    Well, it had to happen. The only BEST solution is for every website world wide to start using https instead of http.

    We can all live with self-signed certificates for sites that can't afford to go out and buy expensive ones.. Or they could always get free ones from CACERT.ORG.

    Then Phorm et al can stick their phingers up their phannys and "whistle Dixie".

  32. adnim

    @AC:whinging

    "PS anyone care to point me to Tim Berners _ lee interview where apart from trashing Google ( good one Tim) he actually mentions Phorm?"

    http://news.bbc.co.uk/1/hi/technology/7300434.stm

    http://news.bbc.co.uk/1/hi/technology/7299875.stm

    No mention by Tim of Phorm explicitly. However, Implicitly there most certainly is. As you appear not to object to Phorm's behaviour, implicit consent being a mainstay of their argument concerning rights to your data. You must also accept that Tims implicit statements concern Phorm.

    As for whinging, was your comment a whinge, a rant or both?

    whinge:

    To complain or protest, especially in an annoying or persistent manner.

    rant:

    To speak or write in a angry or violent manner.

  33. 3x2

    @But where was Privacy International?

    A quick mail to PI will get you a pretty clear statement about all of this. The fact that "journalists" (I'm looking at you - BBC) initially didn't bother to ask is hardly their (PI's) fault.

    @Whinging Anonymous Coward - not anonymous for long eh? I think you miss the point that everyone else you mention is ... well ... optional

  34. David Pollard

    Phorm is one of many

    We have to hope that it will be possible to muster more effective support for the FIPR now than there was for their open letter in 2000, http://www.fipr.org/rip/

    While HMG and departments are allowed widespread, unsupervised, unaudited access to communications traffic data there is little hope that unsavoury commercial use can be held at bay for long.

  35. Bobby
    Thumb Up

    Account cancelled

    After several weeks complaining I finally got a phone call from higher Bt customer services on Friday and managed to have my account terminated without penalty even with 12 months left. They guy was quite understanding and even called me back again within 15 minutes with a migration code. Job done on my part and in a couple of days from now I'll be with a 'no way to Phorm' isp who I'm more than delighted with.

    My advice to you all is have a good moan at them and cancel your accounts as I did, you can never again trust an isp that deals with low life scum as they have. There are more reputable services out there awaiting on you and the move is much easier than you may think.

  36. Anonymous Coward
    Happy

    A meeting room at BT

    BT marketing guru arguing with BT PR guru:

    Marketing: "But it is a great idea"

    PR: "But look at the bad vibes you have downloaded onto the brand"

    [Sound of whale song.....]

  37. Mostor Astrakan
    Thumb Up

    No longer let it be said...

    Re: http://www.fipr.org/080317icoletter.html

    That Legal Beagles are incapable of expressing themselves clearly. Go read it. THAT is how you write a legal paper.

  38. amanfromMars Silver badge

    Parallel TraQS ..... in Quantum Systems ...... Alan Turing's Master Prize ....

    .....Virtual IntelAIgents Sharing Creative Plans

    "Two words spring to mind: cat & pigeons" ... As do two others, AC, honey trap. A Mortal Immortal Confection :-) ........ and Beautiful Confusion.

  39. Anonymous Coward
    Anonymous Coward

    I have never been so proud....

    ...of both my industry and of this website. Rest assured, none of the fears and questions now being raised about Phorm, and the other ad brokers that use similar technology would have been raised without the turmoil created by the El Reg (and possibly Slashdot) readership, and by the excellent investigation and reporting by the Register. I personally have written/phoned/emailed Richard Branson, Neil Berkett CEO Virgin Media, my MP, the ICO, Privacy International, Private Eye, Channel 4 News and Ofcom about this whole sorry, sorry business and am sure that hundreds of others have done the same.

    Well done, people. Brings a tear to my eye....sniff.

    Anthony

  40. Senor Beavis
    Thumb Up

    @ Avi

    FIPR isn't a government body in itself, however it is made up of intelligent, well-informed and articulate individuals who advise government (and occasionally government listens).

    Just take a look at their list of trustees (http://www.fipr.org/trustees.html) and I'm sure regular readers of El Reg will recognise some of the names. I have had the privilege of knowing some of those mentioned.

    In situations such as this where groups are campaigning on your behalf, please remember to consider making a donation to allow them to keep doing what they do best (http://www.fipr.org/friends.html).

  41. Anonymous Coward
    Happy

    Thank Phuck for that

    I hope the advisors manage to be persuasive enough to get this canned, I am with TBL, if they want my data and browsing habits then lets negotiate. At least tell me what you are going to do with my information and let me decide if I want to let you do it. Dont just "Assume" people want this "compelling Service"

    @ Man from Mars, getting better, almost made some sense :-)

  42. Andrew Webster

    @ Rob

    "It's "Sue, Grabbit & Run", as any fule kno."

    Actually it's Sue, Grabbit & Rune as any long term private eye reader knows ;)

  43. David Rollinson
    Thumb Up

    Changing ISP

    I'd like to see some response from other ISPs out there that are definitely NOT going to use Phorm, or any similar system; I think this would be a good opportunity for ISPs to declare themselves "Phorm Phree" and gain support from people looking for a trustworthy ISP.

    Does anyone have any information that would be useful in this respect?

    I've asked my ISP (Eclipse) for their comment on this...

  44. Anonymous Coward
    Anonymous Coward

    New section added to my website's Legal Notices

    After taking a little bit of advice, I've added the following to my website's legal notices page. Takes any doubt out of me giving any implied permission to profile.

    "Profiling.

    With the exception of recognised search engines as part of their standard service in directing Users to their first page on this Website, We give no permission, implied or explicit, to any service seeking to intercept or profile any internet traffic between this Website and any Users. Any service seeking to intercept such traffic without prior written authorisation from Us shall be deemed to be making an unlawful interception."

  45. bobbles31
    Paris Hilton

    @Whinging AC

    Is that you you Kent? Whats the matter, your investors suddenly realise that they are backing a complete crook?

    None of the methods of tracking you mention are acceptable. But just because we have those doesn't mean we should accept another one?

    There is a world of difference between the passive medium that is Sky TV, and the proavtive medium that is the internet. Sky can only find out which of their rubbish channels a viewer elected to watch. Somebodys browsing habits could give a very clear insight into their very private thoughts and habits.

    Yes I know Google do it, but I choose to use google and block their cookies.

    No I don't have anything to hide but that doesn't mean there are some things that I wouldn't mind keeping private. I still wear clothes even when I'm not carrying a Gun, Bomb {insert your personal fear of choice here}.

    Paris, because even she can see the difference between Sky TV and my broadband connection. (well maybe not, but I like to think that she could)

  46. Anonymous Coward
    Thumb Down

    RE: Whinging

    As there has been so little from CDR lately, is this a new PR company trying to quieten the Luddites?

    As for Sir Tim, the way I heard his interview, he was talking about the dangers of ISPs profiling data. Period.

    It does not matter what the profiling business calls itself - each day I am finding more 'suppliers', the ISPs should not be doing this.

    I loved Sir Tim's discussions about the origins of email and how quickly the networking value of email has been undermined by the spammers. If you were better educated, you may just have been able to hear what he was saying, but then a good PR person would not be able to do his job well if he ever stopped to listen to the counter arguments.

    Right now, there is a much more import matter at hand. I will put that into another post.

  47. stu
    Boffin

    tesco's clubcard

    I can't help thinking it is no different from a tesco clubcard though...

    I don't have one, because I don't want to give tescos valuable info on what I buy, when, how often, where, etc, etc.

    But the vast majority of people do seem to have tesco club cards.. have they all given 'informed consent' ?

    Have they buggery. They got a card almost by default, are happy to use it cause they save money, and seem oblivious to the actual reason for it's existance*

    *and if you point it out to them they don't seem to care either, but that's the great unwashed public for u...

  48. James
    Coat

    Have they got phorm?

    It's a fitting name for a shady past company. They've certainly got Phorm, guv!

    Mines the old, bright orange cagoule (very late 70s!)

  49. Alexander Hanff
    Stop

    @stu

    Get a god damn clue will you. For fucks sake I am sick of the utter ignorance and lack of intelligence from some of these comment posters. This is not like Tesco fucking Clubcard, it is not like Sky, it is not like anything. You have the choice to use your Tesco clubcard or not, if you are stupid enough not to read the bloody T&C that is your problem. Also Tesco collecting information on your purchasing habits by you consenting via the use of their card is a mile and a half from BT breaching criminal fucking law (RIPA).

    So if you don't have anything intelligent to say, go back to your apathetic little bubbles, because you are giving those of us with a brain and degree of intellect a bloody headache.

  50. Anonymous Coward
    Paris Hilton

    @Stu

    There is a huge difference between Phorm and Tesco Clubcard. If I choose to have a tesco clubcard and to allow them to compile data on my shopping habits then I get a return for allowing them to do that: discounts on certain items and vouchers etc

    With the Phorm system, however, there is no quid pro quo. They get to intercept my data and profile my browsing habits and in return give me anti phishing technology that is already present in most if not all browsers already.

    Paris? Well, she definately gives quid pro quo!

  51. N

    Result!!!

    Just for once theyve done something decent,

    lets hope everyone migrates away from BT anyway

    & as for Phorm, well they can Phuck off!

  52. Slaine
    Thumb Up

    innocent 'til proven guilty - after amanfromMars

    fair enough... how about...

    BT - guilty of breaching their own security, guilty of a breach of contract, guilty of a breach of trust, guilty of the illegal transfer of private data, guilty of deliberate deception, guilty of abusing a near-monopolistic position.

    Phorm - guilty of an association with 121media, guilty of attempting to circumvent legal treatises, guilty of coersing a third party to break the law, guilty of receiving stolen (virtual) goods, guilty of deliberate deception.

    And, just for the record, Mr Phorm... even if you could generate the most accurately identified adverts for my regularly purchased products, when streamed at my computer, they will generate exactly ZERO SALES because I NEVER click on those links (in case it is a link to malware pages or phishing zones). I won't opt in, but I have decided that I won't opt out either... - I'm researching http randomisers and port forwarding instead.

  53. Anonymous Coward
    Alert

    Tesco Clubcard

    I know people who deal with Tesco clubcard data. The data protection act is supposed to prevent them from looking at individual account holders, but take it from me, they all know what a number of well known people have purchased recently....

    But at least I can choose not to have a club card.

  54. Graham Wood
    Thumb Down

    @stu

    Unless you pay with cash all the time, you are giving Tesco the same information every time you shop with or without the clubcard. They can quite easily link the purchases to the card(s) you use - in the same way that Phorm can link to the "anonymous" cookie they drop on your PC.

    A more accurate comparisson would be if someone was parked outside your house and, as you came home with your groceries, x-ray'd your car to see what you'd bought. Then stuck a sticker on the car that said you were person <x>.

    Other issues with your comparisson:

    - The clubcard /does/ reward you - it doesn't just change the adverts you see.

    - Using a clubcard doesn't expose your data to 3rd parties, tesco do the profiling themselves. No data goes to China/Russia (at least as far as I know)

    - Tesco don't hide a piece of plastic in your wallet/purse and claim that actually some criminal must have broken into your house to do it, "go learn about security!"

  55. Simon Ball

    @stu

    There are two main differences. Firstly, a Tesco clubcard doesn’t fall under RIPA because Tesco, as one of the two parties to any transaction using the card, isn’t a third party to the data transfer, and therefore is not intercepting data. It falls under normal data protection laws, and Tesco only have to get consent from the customer, not from anybody else.

    Secondly, most reasonable people – and the courts - would probably not regard the contents of their shopping to be anywhere near as sensitive as what they may read/write on political/religious/sexual websites. Consequently, consent does not have to BE as informed. True, if Tesco employs extensive statistical analysis techniques, it MIGHT be able to make an educated guess about your religion, political beliefs and sexual proclivities, but I suspect that data protection laws only cover facts, not guesswork.

  56. Julian Maynard-Smith

    Phorm's official response to the allegations made by FIPR

    Here is Phorm's official response to the allegations made by FIPR:

    We don't agree with FIPR's analysis. And its description of the Phorm system is inaccurate. Our technology complies with the Data Protection Act, RIPA and other applicable UK laws. We've sought our own legal opinions as well as consulted widely with experts such as Ernst & Young, 80/20 Strategic Thinking, the Home Office, Ofcom and the Information Commissioner's Office (ICO). We discussed our system with the ICO prior to launching it and continue to be in dialogue with the organisation.

    Phorm's CEO is hosting a live webchat on Thursday 20 March at 1.30pm (UK time): the URL is www.webwise.com/chat.

  57. Anonymous Coward
    Black Helicopters

    @ stu

    It isn’t the same as a clubcard because you have a choice and if you choose to opt out by not having a clubcard then your buying habits are not profiled. I have been thinking about an analogy for this and the post office one most frequently pointed out (with a few refinements) is still the most obvious one.

    Firstly the post office adds a new profiling service in order to provide advertisers with better information and it assumes implied consent on your behalf.

    1. You write a letter to your insurance company and the postman opens it, reads it and adds this information to your profile.

    2. Next time any junk insurance email comes in, the postman opens that and inserts a more "relevant" junk advert (OK so the original junk email would have to come from an advertiser who subscribes to the post office profiling service) but I guess if the post office can offer an advertiser a specifically targeted audience, profiled to meet their current products then more and more advertisers will sign up.

    3. Lets say you opt out, the postman will still open and read all your outgoing mail, just not do anything with it.

    The opportunity for insider underhanded dealings is increased because of the entire mechanism, if you add a point where all your outgoing information is intercepted and read, even if you are opted out, then there is ALWAYS going to be a point where your private data can be obtained. OK so the profiled data is (said to be) anonymous but all your data including who you are what you were writing about etc must, at some point be somewhere where an insider could abuse their position and use this.

    I want an ISP to forward my outbound packets and deliver my inbound packets and that’s it, I don’t even want their bundled email services, their web portal or anything else.

    Yes, a lot of web sites store data about me and when I go back offer me choices based on past visits but I have accepted this because most, if not all web sites have terms and conditions. I am assuming that BT and the others will include this "profiling" in their terms and conditions and as soon as they do and I have the chance I will decline the new terms and conditions and go elsewhere.

  58. Mostor Astrakan
    Flame

    Oh joy...

    A post by one of the effluent-spillers. I'm assuming that this one comes from Phorm or one of its well-wishers. Since the main perpetrators seem to be unavailable, let's rip this post into tiny shreds, shall we?

    "This is unbelievable- do you people really have nothing better to worry about?"

    Why, yes. But you, my little pond scum, have managed to attract the attention of the Angry Mob, and much deservedly so. I cannot see this die down until your company files for bankruptcy.

    "Don't you worry that Sky is analysing your viewing habits when your box dials BskyB every night?"

    No, I don't. The reason being, I know that no privacy sensitive data goes into my skybox. So Sky is welcome to deduce from my viewing habits that QI is a very popular program. The Internet on the other hand, is worming its way into more and more of my financial arrangements.

    "Or your bank knows where you are spending money then sending you junk mail offering you loans/insurance?"

    Well, no they don't. I have told them in no uncertain terms to refrain from such activities or lose a customer. So far they have abided by that request.

    "For Fucks sake grow up, if you don't like the idea, opt out. Simple."

    As has been pointed out, opting out is not *that* simple, and involves switching ISPs. Because while opting out returns the annoyances to their old scattergun approach, you will still be stealing my data regardless of whether I opt in or out.

    "(I'd like to see one of you IT sophisticates actually hack into Phorm and crack the anonymising data_- oh sorry, little too difficult? maybe it really is secure."

    That's not the point. However secure it is, it's *in the wrong hands*. You filth-encrusted bottom feeders are stealing *my* data for your own grubby purposes. As has been pointed out: that is illegal.

    "But don't pretend to be anything other than a Luddite."

    I have been waiting for an excuse to use the phrase "arse-gravy of the worst description". You are clearly not up to date with the life and works of General Ludd, if you compare it to the well-deserved trashing you are receiving from Internet users who do not appreciate their data being copied to your sneaky eavesdropping box, for *you* to decide whether it's privacy sensitive or not.

    But maybe I'm too harsh. After all, Phorm has done the Internet an invaluable service by serving as an example of what happens to organisations that are found helping themselves to data that doesn't belong to them. $DEITY knows that there are plenty of other unscrupulous bottom feeders out there that haven't been caught yet.

  59. Anonymous Coward
    Anonymous Coward

    Sir Tim Berners-Lee has seen their presentation

    Sir Tim Berners-Lee has seen their presentation, and held a press conference yesterday to try to stop the practice cold.

    it was the Phorm sales pitch that prompted this Press conference ,End of story @AC:whinging

  60. Red Bren
    Coat

    @Stu

    I think there are subtle differences between loyalty cards and Phorm interception. I have a clubcard and while I know it is used to build a profile of my Tesco shopping habits, I do get some benefits in return in the shape of targetted discounts and offers. However they don't get the complete picture of my shopping habits because I also shop elsewhere, or I can opt out by not handing over the card if I'm buying something dodgy, like that Britney Spears' CD that was a gift for someone else.

    With a Phorm clubcard, I would have to hand the card over for every single transaction in every shop I ever visit, for pretty much nothing in return.

    Mine's the bathrobe as apparently I'm unwashed...

  61. david bates

    @Stu

    The difference is people don't care that Tescos know groceries they buy - and if they decide they don't want Tescos attaching a particular cartload to their profile they can simply decline to hand over their card at the till...

  62. Red Bren
    Black Helicopters

    Will the government listen?

    As with any advice that doesn't suit it's agenda, I can't see the government paying any attention to this report for two reasons:

    1. It's a money spinner for big business

    2. ISPs are effectively wiretapping their customers and it will only be a matter of time before PC Plod will come along and demand that the data is "re-nonymised" for a massive fishing expedition for terrorists/paedos/bogeyman of the month.

  63. Andy Gates
    Happy

    Simply: If my ISP uses Phorm, I'm changing ISP

    Which would be a pity as they're pretty good.

  64. Anonymous Coward
    Anonymous Coward

    Re: tesco's clubcard

    Loyalty cards are just that. They help the marketing gurus track you and your buying habits from one store to another. I shop in three different chains. I hope that the marketing gurus notice that there is a big hole in my shopping list when I shop at their chain. I shop where the price and quality match my needs.

    Just now I am shopping at Sainsburys - after not using that chain for some time, I now have vouchers that knock £12 off every shop over £60: so I am stocking up on wine to increase the shopping total.

    Yes, they do have a lot of info about me. That is why I will not also give them my savings, banking, credit card business nor buy insurance from them - Sir Tim was right on that one.

    The big thing is: I have a choice. I don't have to do ALL my shopping through them. Nor do I have to tell them 'it is me' when I do go shopping.

    If I play this game right, in a few weeks I will get some good discount offers from Tesco as they try to get back my trade.

    Are you sure you are not that pesky PR who is unable to answer any questions so trying to distract us by asking a few unrelated distracting 'bombs'?

  65. Anonymous Coward
    Unhappy

    "Privacy International" loves Phorm

    @ 3x2: "A quick mail to PI will get you a pretty clear statement about all of this. The fact that "journalists" (I'm looking at you - BBC) initially didn't bother to ask is hardly their (PI's) fault."

    You must be new to the Phorm story. The BBC asked PI, and PI said Phorm was OK by them.

    see

    http://calculating.wordpress.com/2008/03/06/privacy-international-idiots-endorse-phorm/

    Privacy International (PI) said: “We were impressed with the effort that had been put into minimising the collection of personal information.” (BBC)

    "Mr Davies might also like to consider if there might be a bit of a conflict between his role at Privacy International and as a member of a start-up which provides helpful quotes to firms like Phorm. If he does not he is not going to be a “respected privacy campaigner” for much longer."

    Which says it all. Perhaps you have missed the fact that PI's founders started a laundering service (oops, consultancy) so spyware scum like Phorm get an official seal of approval. Conflict of interest? Nah, count the cash!

    So thank you Privacy International, and Good-bye.

  66. Paul
    Coat

    caught by the cahones

    So if I willingly consented to Phorm via my ISP but told them to F off on my website, everytime I visited my site they'd be committing an offence.

  67. tim
    Coat

    Opt out

    While agreeing that a Tesco clubcard isn't the same as phorm, you CAN opt out of any Phorm style thing by not using the interweb....

  68. Colin
    Thumb Up

    Making my Government work for me.

    Having read the Phorm articles with growing sense of outrage over the underhanded and sneaky methods being used by Phorm and the ISP's I wrote to my MP asking for him to raise the issue to the highest levels. Most espscially in regards to it's legality under the RIPA and DPA. I received a letter back today telling me that he has raised the matter with the Minister of State for the Ministry of Justice, Michael Wills MP.

    Now if you and I hope most of you did, write to your MP's that will mean that Michael Wills MP, will be getting a lot of letters all asking for the legality of this deal to be re-examined. Politicians only change things when a lot of people ask them to so if you haven't yet written to your MP I suggest you do so ASAP.

    When you do write to your MP ask for your questions to be raised with Michael Wills MP. The easiest way to contact your MP is to use the write to them site.

    http://www.writetothem.com/

    Yor MP will have your letter by today or tomorrow and in a few days Michael Wills MP will have more letters to deal with. The more letters he gets on his desk the more likely he is to get something done.

  69. Fluffykins Silver badge

    Phorm is WELOCME to my data.

    But please, remember, the data is MINE.

    I offer you, jointly and severally with my ISP, the right to intercept MY DATA as you will, for a fee of £500 per day or part thereof.

    That's it.

    If you choose to accept my offer, you may signal your acceptance jointly ands severally with my ISP by intercepting my data.

    If you choose not to accept, then that's fine.

  70. Norbury
    Black Helicopters

    re: Whinging

    Do I worry about Sky knowing my viewing habits? Yes, I don't have Sky or cable for that very reason. I hate giving away personal information.

  71. William Morton

    @Fluffykins

    I would have the payment at £50/byte of data instead, even with BT network speed your not going to get your £500 for quite a while

  72. Alexander Hanff
    Thumb Down

    @Paul

    Chances are if you do that you will be classed as complicit and possibly be accused of entrapment as well.

    I wrote a long comment on one of the other El Reg stories warning about the possible legal come back for customers who do "Opt In".

  73. bobbles31
    Dead Vulture

    Not that I could do this, but someone could

    Phorm's CEO is hosting a live webchat on Thursday 20 March at 1.30pm (UK time): the URL is www.webwise.com/chat.

    DDOS anyone?

  74. Anonymous Coward
    Anonymous Coward

    Sir Tim Berners-Lee comments...

    Mr Berners-Lee said a user's internet activity information was akin to a person's private property.

    "It's mine, you can't have it. If you want to use [that data] for something, then you have to negotiate with me. I have to agree, I have to understand what I'm getting in return."

    http://www.bcs.org/server.php?show=conWebDoc.18272

  75. NickR
    Thumb Up

    Petition Available

    http://petitions.pm.gov.uk/ispphorm

    (I did not start this petition).

  76. Ben
    Stop

    RE: Whinging

    "For Fucks sake grow up, if you don't like the idea, opt out. Simple."

    That's the whole point. I shouldn't have to opt out.

    It's like telling me if I don't like the local fight club I should opt out.

  77. VulcanV5
    Unhappy

    re Stu / Tesco

    The drivel you chose to spout on here has been rightly canned by other posters.

    I'm hoping against hope that you're the head of Phorm's PR department (or Privacy International, seeing as how they're indivisible now) and not a genuine moron, otherwise the dumbing-down of this country really has reached the point where outfits like Phorm and sleazebag ISPs like BT are correct in thinking it's well worth chancing their arm.

    It used to be the case that evil prevailed when the good did nothing.

    Nowadays it's more likely to be that evil prevails because too many half-wits can't even recognise it.

  78. Graham Wood

    @Colin

    I'd love to write to my MP. However, since he's a cheating scumbag (so bad that even the other cheating scumbags in Parliament have done something about it) I don't think there's much point.

  79. Anonymous Coward
    Boffin

    for those who dont understand what all the fuss is about:

    If I (party 1) choose to phone my insurance company (party 2) then both myself and the insurance company can record/monitor/process our conversation. The Telephone company (party 3) are not allowed to record/monitor/processs our conversation.

    If I (party 1) choose to visit my insurance company's (party 2) website, then both myself and the insurance company can record/monitor/process our communication. The ISP acting for Phorm (party 3) believe they are legally entitled to record/monitor/processs our communication.

    as someone once said: Richard Clayton, treasurer at Fipr, said: "The Phorm system is highly intrusive; it's like the Post Office opening all my letters to see what I'm interested in, merely so that I can be sent a better class of junk mail."

    Not really like Tescos. They do not know what you spend at Asda, the Pub, ebay, the vending machine at work, the bookies, that shop with no windows... etc etc... however Phorm will know everything you do.. not just what you google, but what you Ask or yahoo! too!. (They want the whole pie not just a slice, give em pavement pie.)

    @ Stu: got it yet?

  80. Anonymous Coward
    Alert

    Googlemail as well?

    Just read the paragraph

    "The consent of those who host the web pages visited by a user is also required, since they communicate their pages to the user, as is the consent of those who send email to the user, since those who host web-based email services have no authority to consent to interception on their users' behalf."

    ... doesn't this make the premise of GoogleMail (free email that they scan to target ads to you) illegal as well?

  81. SImon Hobson Silver badge

    But what about visitors ?

    Something no-one has mentioned yet - particularly the ISPs now claiming that they will have a "proper" opt-out that stops the data going to the fishing servers ...

    Supposing I visit a friend (or customer, or hotspot, or ...) and plug into his network, and he hasn't "opted out" because he doesn't know he should (OK that's hypothetical because any of my friends on the relevant networks will have been told) ? So I have in no way whatsoever given even implied consent and my data would be intercepted.

    Since the person paying for a broadband connection cannot give consent on behalf of everyone that MAY use his line, the whole thing should be illegal anyway.

    Ho hum, off to add legal "non-consents" to my websites !

  82. Jimmy

    Spot the difference.......Benign & Malign

    Supermarket club cards imply a consensual arrangement between two parties with a beneficial gain for each party. In the case of the business, benefits include the ability to stock their shelves with products that people actually prefer to buy, maintain stock levels and organize the logistics of getting the products from wholesale to the supermarket shelves. For the customer, finding that their favourite nosh is always available off the shelf is one benefit, but let's be honest, the main incentive is a financial one. The business pays you for consenting to be profiled. A good example of benign profiling.

    Contrast the above model with what is being proposed by the big three ISPs who dominate the UK market: Jump into bed with a notorious purveyer of spyware, carry out covert trials of spyware technology and when caught with your fingers in the cookie jar immediately switch to full on bullshit mode. 'Our customers will benefit from the enhanced security provided by our new partners. You may opt out of this enhanced security system, it's optional. Your browsing data will still be forwarded to our partners but, hand on heart and fingers crossed, they wont even take a tiny peek at it. Honest.'

    Beneficial gain to ISPs and partner: loadsa money.

    Beneficial gain to customer: zero, zilch, nada.

    A good example of malign profiling.

    Y'all have a nice day now.

  83. Craig

    Googlemail

    It's not that obviously illegal with Gmail as Google don't hide what they do and you don't have to email anyone with a Gmail account. If you email a gmail account, you accept the profiling.

    BT, et al, give you no choice, even if you "opt-out", your data still goes to the profiler whether you like it or not. Also, if you're a website owner, you have no say in whether your site gets profiled by the system, even if your users are accessing unpublished http addresses which are normally reasonably private.

    My site now has a specific disclaimer in the legal notices saying "no profiling".

  84. Graham Wood

    @AC

    The issue is with interception, rather than anything else.

    If google only read it as they are showing it to you, then they could argue that effectively you're sending it on to them to review - rather than intercepting whilst in transit.

    The servers are also likely to be US based, and therefore covered by different laws ;)

  85. Law
    Happy

    RE: Making my Government work for me.

    Done and done! :)

  86. Alexander Hanff
    Thumb Down

    re: Googlemail as well

    No, GMail is not an interception and as far as I know they do not profile you either, they scan the emails on the page (and I think even then only the subject lines) and provide ads based on that data.

  87. Anonymous Coward
    Anonymous Coward

    Re: Googlemail as well?

    No gmail and yahoo mail are both free to you because it is funded by the advertisements. This is what you agree to when you sign up. If you don't like gmail being read by google, don't use gmail.

    It is so simple, if you don't want your ISP to read your traffic, don't use that ISP.

    When all the ISPs are reading our traffic, we will start shopping in the city centers again and do our reading research in the libraries. A lot less ads there.

    Life can be simple.

  88. Mike
    Thumb Down

    Legality

    Surely asking the government whether it is legal or not it should of started alarm bells ringing.

    "Is this way of betraying our customer's good faith, and violating their privacy legal?"

    Any company which valued it's customers more than just cattle should never be going down a road that they need to ask such a question.

  89. The Other Steve
    Flame

    @Whinging

    Hi HamsterWheel, still holding those Phorm shares eh ? down by another 300 so far today, bummer.

    See how quickly your anonymity was stripped away there, despite the fact that you posted AC, and the reg site does not allow me to see your IP address ?

    Nasty, isn't it ?

    As for your pathetic points, which display your continuing misunderstandings about technology and legal issues, lets have a quick look.

    BskyB :

    Don't use it. That's a choice, see.

    Credit Cards :

    Don't have em. Choice.

    Banks :

    No they don't, because it's illegal, and anyway I usually use cash. Choice.

    Opt-out :

    It isn't as simple as opting out, I would expect someone who claims to have "seen the technology" to know better. Order yourself some Clue.

    Luddites :

    ROFLMAO. Even wikipedia is smarter than you.

    Legality :

    Kent can say he's sure all he likes, but guess what, it isn't up to him to decide what's legal in this country.

    As for "I'd like to see you hack Phorm", be very, very, careful. As a Phorm shareholder, that could be taken as implied consent to do just that. Would you really like to be responsible for millions of people waking up tomorrow and having the first page they see scream "Welcome to Phorm. Kent Ertugrul is a massive Spunk Bubble. We now return you to your normal internet experience." ? Would you like to be responsible for that ? To find that since you have implied consent, it's your fault, and Phorm have no recourse at law ? I somehow doubt it.

    Of course, I'm sure that won't happen, there's no need for it, Phorm are going down all by themselves. You've been a big part of that, your clueless outpourings and transparent attempts to ramp Phorm shares have helped to anger many people who perhaps otherwise would have just sat back and watched the show.

    You should be proud. As should Citigate Dewe Rogerson, whose "Jack and Jane do Pubic Relations" approach has wound up so many. So props to them for their continued efforts to dig the hole that bit deeper.

    Oh, I forgot your other point, about "growing up". Personally, when some bunch of shady fucktards turn up and start plundering my personal data, illegally intercepting my private communications, playing fast and loose with the Data Protection Act, labelling me, categorising me, and treating me as a product to be sold to the highest bidder, I think the "grown up" response is to shout the fucking rafters down and not rest until the beast is slain. It's called "taking responsibility".

    YHL HAND.

  90. I. Aproveofitspendingonspecificprojects

    @Tesco Clubcard

    And of course you can get your negotiables elsewhere.

  91. Peter White

    bt changing line on profiling opted out traffic

    response from BT today, they seem to be changing there line on all traffic going via the profiler

    Thank you for your email.

    Our plans are confined to conducting a opt-in technical trial for about 10,000 customers at the moment.

    I want to confirm to you that BT Webwise will always be offered as a choice. Those customers who have chosen not to participate will not have their browsing information mirrored or profiled, and no information will go to the BT managed profiler. No information is gathered, and therefore no information is forwarded to Phorm. Customers who opt out will not come into contact with any Phorm-managed equipment.

    Opting in and out of BT Webwise is extremely easy and completely transparent. Standard opt out method does depend on a cookie remaining on your machine indicating that you have opted out. If you delete your cookies regularly, you will have to opt-out again each time you start a browsing session. But for those who delete cookies regularly and want to remain opted out, you can block cookies from the domain www.webwise.net on each browser you use. When you block this domain, the service will opt you out permanently.

    In parallel with the trial, we are already developing an opt-out solution that would remove the need for opt-out cookies altogether.

    BT Webwise technology is designed in such a way that it is not possible to reverse engineer identity. The service doesn't store personally identifiable information, doesn't store IP addresses or browsing histories of websites visited. The technology simply observes anonymous behaviours and draws a conclusion about the advertising category that's most relevant. All the data leading to that conclusion is deleted by the time each web page is loaded. The service dispels the myth that data on user browsing behaviour must be retained and stored in order to provide more relevant advertising.

    I hope this email answers some of your concerns.

    Regards,

    BT Webwise Helpdesk

    -----Original Message-----

    From: peter white

    Sent: 13 March 2008 17:20

    To: BT Webwise Help Desk G

    Subject: RE: Technical enquiry from BT Yahoo! online help (broadband)

    May I correct you on several facts

    Talk talk have scaled down and now working on opt in and anybody who has opted out the data will not go via the profiler at all (a higher level of privacy than BT)

    Virgin media seem to be back tracking to the same position as talk talk from the report on the web

    Only BT at this point are proceeding as planned

    The anomonised data can still yield id information as AOL found that out last year when it released a ton of anonymised search requests with the user IDs replaced by random numbers; it had to withdraw the list in haste as it became embarrassingly obvious that users could be identified from that information alone.

    So by using a random number in a cookie will still enable users to be identified from the data passed from the profiler to the phorm server and so privacy is not guaranteed

    The anti-phishing features of webwise is a duplication of the function in

    IE7 and I believe also part of the Norton security suite you provide, so I see little value add from that service, the only thing the users will see is an increase in targeted adverts from the businesses signed up to OIX which was the adware rubbish phorm used to push, how many adverts are going to be for uk based businesses (very few I suspect) and due to the high rate of fraud and phishing on the web people are naturally sceptical of any popup and highly unlikely to purchase via them, this I doubt is of little concern as BT will only get revenue from allowing the adverts to be served and not from any form of pay per click on the actual poup-ups

    Can you confirm if the data of a user who has opted out or blocked the cookie is still sent to the profiler, and although supposedly not , is still possibly scanned (even if in error)

    Can you confirm catagorically that phorm / webwise does not breach my right to privacy under european law of human rights, RIPA, or the data protection act

    I understand the data is held on servers run by BT in BT's hosting centres, but the software is provided by phorm whose past appears to be dubious from the forums and information on the web

    I will be blocking the cookies on all machines in my house to protect myself as best I can and if webwise goes ahead I will be migrating out of BT asap after the notification

    Can you confirm if I Will be offered the option of terminating my contract early due to the changes to the terms and conditions of my contract if bt deem the trial a success and proceed with a full roll out

    Thanks

    Peter white

  92. Ron Eve
    Coat

    @Andrew Webster et al

    (This is one for Pedants Corner)

    "It's "Sue, Grabbit & Run", as any fule kno."

    "Actually it's Sue, Grabbit & Rune as any long term private eye reader knows ;)"

    Actually <sigh> it's Sue, Grabbit and Runne

    /coat with spyglass and turned up collar please

  93. Simon Ball

    @Craig

    Where do you accept the profiling? Where's the disclaimer that says "by sending an e-mail to this account/receiving from this account" you agree to its contents being scanned for advertising purposes"? There isn't one. And the average person can't be expected to know. And without explicit consent from BOTH parties, it would constitute an illegal intercept.

    There is an exemption in law for carriers to perform scanning without consent if it is "necessary to the smooth operation of the service", hence why spam filters are legal, but I'm not sure whether the argument that Google wouldn't provide the service if it wasn't allowed to scan the e-mails would actually stand up in court, since that consideration is only relevant to the person with the Gmail account - not to anybody who communicates with them.

    So, in short, yes - Gmail may actually be illegal.

  94. Anonymous Coward
    Paris Hilton

    Virgin/NTL

    My ISP has kindly just offered me a free upgrade of my Bandband speed but I must upgrade my cable modem which they will provide to me for free of charge....................Should I just grab it or should i stick with my trustly old cable modem

    Is this connected to PHspy

    Paris is my favorite

  95. I. Aproveofitspendingonspecificprojects

    @Colin x@Graham Wood

    You live in Sedgefield?

  96. Anonymous Coward
    Anonymous Coward

    @Mostor Astrakan

    "http://www.fipr.org/080317icoletter.html"

    Many thanks for this link!!! Clear, concise at massively to the point.

  97. colin stone
    IT Angle

    blocking Phorm

    Just a thought..

    would blocking phorm in the .htaccess file stop phorm profiling a site.

    something along the lines of

    .htaccess

    deny from webwise.com

    deny from webwise.net

    deny from webwise.org

    deny from oix.net

    deny from oix.com

    deny from oix.org

    Plus any other domains as needed.

    Is there any reason this could break things?

    Thanks

  98. Colin

    A call to rebell against "Proper English Behaviour"

    @ Graham Woods

    Then I humbly suggest to you and anyone else in the UK who feels the same way about their MP as Graham does about his to write directly to Mr. Michael Wills MP, House of Commons, London, SW1A 0AA.

    Whether or not you believe it will do any good is besides the point, just the annoyance factor alone will be enough to make a politician sit up and take notice. The only way that politicians do anything ever, is if they think there is votes in it for them, or if they think they will lose votes by doing nothing.

    The only way they think either of those is if enough people badger them about it and keep hassling them about it, until they realise that this little itch is getting worse and it's not going away.

    The Register is a good news site for us Techies but the politicians tend to take notice of very little if any of the web based media. Slap big grey Royal Mail sacks full of letters on their desks every day they take notice.

    Do the same to the Editor of the Times, FT, Telegraph etc. and they take notice, cos you bet your life if the Editors of the major broad sheets, get sacks full of letters asking why nothing is being done, then their journalists will start asking Ministers and Minister's Private secetaries why nothing is being done.

    When that happens the Politicians start to ask questions of the type that need answering. Questions like who the hell is this Phorm company? Questions like what the hell do BT, VIrgin Media and Carphone Warehouse think they are playing at?

    The biggest thing the politicians of this country have relied on for years is that the English don't complain. Well wake up England and start complaining, it's your privacy Phorm will take away from you. Would you let someone walk into your house and record what you own so they could advertise newer and better stuff to you? No you would not.

    So get up and instead of moaning about it (we all know the English can moan) do something, one letter sent via the write to them website http://www.writetothem.com/

    It won't even cost you the price of a stamp, you don't even have to go and post it. How hard is that to do?

    Yeah I know Scots, Welsh and Irish (Northern Ireland has BT too) read the Register. But the largest population base affected by this deal is the English and anyway everyone knows the Scots, Welsh and Irish can and do complain when they feel wronged. We of the celtic backgrounds are born with the fire in our blood we got to put it in the English and get them all riled up first.

  99. Anonymous Coward
    Alert

    RE: Googlemail as well?

    No not Googlemail, Googlemail is a choice you can choose Hotmail or Yahoo and it has nothing to do with Google.

    all of these companies have the right Idea, provide a Service for free! Phorm offer no service, and are blanket invaders of privicy just like there 121 predessecors

  100. Alexander Hanff
    Stop

    People need to understand interception

    Gmail is NOT guilty of interception under RIPA. Whether you agree with thier advertising or not is irrelevant, they are not breaking the law. They are simply not intercepting your communications, the communications you have with Google are exactly that, between you and google, google are not sitting in the middle trying to grab your data (well they might be but not in any way which is relevant to RIPA). Google -ARE- the destination for your gmail emails so how on earth could they be classed as an interception? When someone sends you an email to a gmail address, they are sending it to gmail, it is as simple as that. Google through agreement with you then deliver the email to you, but they would be perfectly within their rights legally, to never deliver the email to you and just keep it forever as they OWN the gmail address it was sent to.

  101. alistair millington
    Thumb Up

    Just watched the BBC interview.

    9 minutes in he is asked the question, 12:40 mins in he is asked about three isp's that are thinking of data monitoring and he says he wouldn't want it and would move if he had to.

    Can't see any other conclusions to make from that. 14:28 he says about opting in should be the way forward.

    I like him. :)

    Nice to see another QUANGO doing something useful for once, unfortunately they are all hangers on, the main one is the DATA protection people and they are silent, which bodes ill. They are the data police and if they don't speak up then it will have to be court for a private citizen to force it through, or of course an MP gets wind and then we end up legally changing RIPA and this becomes legal, but I also think this is a police state and data pimping being legal plays in comrade Browns policies.

    :)

  102. Paul Delaney
    Thumb Up

    @AC Re: Whinging

    Almost deja-vu...

    So reminiscent of the statement made by the President of Sony's Global Digital Business - Thomas Hesse:

    "Most people, I think, don't even know what a rootkit is, so why should they care about it?"

    You are obviously in the employ of Phorm and the fact that you feel the need to post here in such a fashion is a clear indication that you think you have already lost...

    You know what?

    You're right...

  103. John
    IT Angle

    a bit about monitoring

    Even if you don't have a tesco clubcard they can still find out what you bought. I go shopping in Tesco every Thursday around the same time. (So just by going shopping therefore I give data away to the local council/police/tesco themselves who can monitor my trip into the UBD without my permission.) Their automated tills (that run embedded Windows 2000; sometimes perfroming the odd illegal operation) when they decide to work can accurately record what you have bought anyway. It's the same if you go to the corner shop as well. As the old saying goes, there's more than one way of skinning a cat.

    Data floats around in various formats and humans are creatures of habit, so it's easy to monitor them and whatever they're doing. That said, I would prefer not be junk mailed, spammed etc etc unless I specifically ask for it; the folks at El Reg have it right by allowing us to opt in. Its good that someone has decided that the delivery boy can't snoop or pass stuff on. He/his masters wouldn't want to open something that could be dangerous.

  104. Anonymous Coward
    Coat

    So Long and Thanks for all the Phish

    It doesn't matter how BT finally implement Phorm, or if they even do at all now. They way they thought they could do it initially was hideously underhanded and showed complete contempt for their users.

    The execs that thought this was "A Good Thing" are still there, still thinking the same way and probably still prepared to swallow down any good PR hype that comes throught the door with the promise of sacks of cash.

    I have to be able to trust my ISP to treat my data with integrity, to secure it to the full extent that the law allows and not to some spun-down interpretation. And to treat it for exactly what it is: My Data. That chain of trust has been broken, right there...

    Sad to be going really, they've been very reliable in the 6 years I've been a customer.

    That's it, those there. Yes, the 2 MACs.

  105. Stewart Haywood

    &Andrew webster

    "Actually it's Sue, Grabbit & Rune as any long term private eye reader knows ;)"

    Hmmmm....I always thought that it was "Sue Grabbit & Runne". Rune sounds like something to do with Gandolph the Grey.

  106. Alex
    Thumb Up

    The 80/20 Thinking Report...

    looks like the BBC is finally laying off the bull:

    * selected highlights *

    "The report commissioned by Phorm and carried out by two respected privacy campaigners said sensitive user data should not be collected by the tool."

    "E-mails, credit card details and information on secure websites would not be tracked and analysed, Phorm has said.

    But the interim privacy impact assessment report, written by Simon Davies and Gus Hosein, of 80/20 Thinking Ltd, said the company should go further.

    It said: "Information from websites and queries regarding sexual content, political preferences, medical health, racial origin should be blocked from processing."

    "Similarly, as profiles are developed Phorm should communicate openly whether profiles and channels will match information of this type, e.g. matching pharmaceuticals with web activity that searches for anti-depressants.

    The report also called on the tool to disregard data collected from website addresses so that ISPs could not, in theory, learn about their customers' commercial preferences, such as which bank or insurance company they use.

    It said: "If this information was to be logged by an ISP this would make users feel spied upon because their ISP would know which services he or she makes use of. Phorm must ensure that it is not using information about these sites in any way."

    "The report asked Phorm: Can cookies lead back to users in any way? Of course it is merely a unique identifier but a unique identifier can still be linked to individuals.

    Can an external attacker gain access to the required information to re-link the individual and the unique identifier?"

    "The report also urged the company and ISPs to make the system opt-in, so that users choose to use the service."

    BBC: http://news.bbc.co.uk/1/hi/technology/7303426.stm

    ...nice report there phorm, that's the independent report that praises your proposed invasion of privacy tool kit is it?

    its good to see the scales slowly falling from the eyes of the mass media, I wonder how well Kent E Phorm is sleeping at the moment?

    DO. NOT. WANT.

  107. Anonymous Coward
    Coat

    Even their own report is damming

    According to the Beeb ( http://newsvote.bbc.co.uk/1/hi/technology/7303426.stm)

    "A system that matches users' web surfing habits to adverts must ensure sensitive sites are black-listed from tracking, a privacy report has said.

    Phorm's online technology is set to be rolled out by three of the UK's biggest ISPs, BT, Virgin and Talk Talk.

    The report commissioned by Phorm and carried out by two respected privacy campaigners said sensitive user data should not be collected by the tool. "

    "But the interim privacy impact assessment report, written by Simon Davies and Gus Hosein, of 80/20 Thinking Ltd, said the company should go further.

    It said: "Information from websites and queries regarding sexual content, political preferences, medical health, racial origin should be blocked from processing. "

    Odd how they've changed their stance since their last report which basically said everything was wonderful and shiny.

  108. Anonymous Coward
    Anonymous Coward

    80/20 Thinking report

    ...is here:

    http://blogs.guardian.co.uk/technology/Phorm%20PIA%20interim%20final%20.pdf

  109. Anonymous Coward
    Happy

    Anonymising your Clubcard data

    Don't present the card at the till. Take the receipt to the customer services desk and they just add on the points manually... voila! points and no association with the trolley load.

    As per the chap doing the Sainsbury's thing - me too - Mr Tesco's notices that I've not shopped there for a while and sends me a heap of vouchers. So I shop there. Then Mr. Sainsbury's notices that I'm not there either after a few weeks so a heap of vouchers appears.

    Saves me about 15% on my groceries - which is nice :)

  110. Anonymous Coward
    Pirate

    BT has its head firmly in the sand

    I work for BT as a back-office support person (on of the few remaining onshore!) and this whole situation is absolutely pathetic. Internal newsgroups are buzzing with this story and I've yet to see one person post anything supportive of this sellout plan.

    I think BT Retail will more than likely not make any big statements, proceed with the trial and deploy as planned, as quietly as possible..users be dammed.

    I'm sure they have already worked out how many end-users this will cost them and have factored that against the profits they will be getting from a cut of the ad. revenue from Phorm (i.e. if we assume that Phorm will net them about 20M a year then they can afford to lose about 100k customers assuming each one coughs up £15 a month..that's quite a lot before the bean counters see this as a bad deal)

    the biggest points for me are that If users opt out why is their web traffic still processed by Phorm owned and maintained equipment based at the ISP (phorm keep spitting the line out that no data is transmitted out of the isp network yet want us to ignore that big man behind the curtain) ..so Phorm could patch their equipment whenever they felt like it and change what they sniff out. Proof that they are thinking about this lies in their Patent application 20060212353 to the UPSTO:

    "[0042] As explained above, the context reader may be configured to more than just keyword and other contextual data pertaining to a given web page. The context reader may also include behavioral data (e.g, browsing behavior), other historical data collected over time, demographic data associated with the user, IP address, URL data, etc."

    [0022] also states that its not just HTTP data they are eyeing up, IM / email may be on their long term goal list..its just the thin end of a wedge. When this system goes live, expect tweaks / enhancements that mean your IM, pop/imap email and other services also gets sniffed.

    Another point is that BT and Virgin still want opted-out customers to have all their traffic routed through Phorm owned equipment (again at the ISP data centres)..why would they still be sticking to this if the servers aren't supposed to be doing anything. It just reeks of abuse and slyness. Phorm will be happy at that (or nonchalant at best) as it means they can still do something with the data should they choose. opted out shouldn't be cookie based, opted out customer traffic should be on a whole different network segment to Phorm servers and ISPs should be held accountable if any opted out traffic touches 3rd party equipment...of course BTR Marketing will never willingly go to an opt-in system as they wouldn't get many lab rats to sign up.

    I get my Broadband for free, yet i will be switching ISP once this comes into play.

  111. Werner McGoole
    Thumb Down

    @Michael

    That's a facile argument isn't it?

    I can believe that RIPA lets too many people see my private data. I can also complain that some people are trying to see my data when RIPA says they shouldn't. And I can be glad if it at least stops those people.

    No contradiction there that I can see.

  112. Colin

    Futher to; Making my Government work for me.

    I told you all earlier I had written to my MP about this proposed invasion of our privacy. Well I also wrote to the House of Lords, specifically to a member of the House of Lords from my area asking for him to raise whatever questions that he could about Phorm and the entire dodgy dealings between them and the ISP's.

    Well I got a response from the Lord I asked to look into it and he said that he will be looking into the questions I raised about privacy laws. Another little step in the direction we want it to go. It may only be a little step but keep asking them to take steps and eventually you get the politicians moving.

    Please keep pushing your representatives keep hammering home the message that we don't want this. Educate the users in your workplaces, do anything legal that you can do to throw a spanner in the works of this deal.

    To the people who have suggested hacking and DDOS attacks etc.

    **Don't break the law by hacking them, you let Phorm win if you do that**

    It won't matter squat how nasty we say they are to the using masses, cos you will have made Phorm into the victim. We need the uneducated and inexperienced to see Phorm as the bad guy in all this, not us.

  113. Peter Fairbrother

    Re: "Privacy International" loves Phorm

    Privacy International has, as far as I know, made no public statements whatsoever about Phorm - though Phorm have said otherwise, and so have the BBC etc.

    The confusion comes about because a report was commissioned from 80/20 Thinking by Phorm. 80/20 is run by Simon Davies, who is also well-known member of PI - but he is not representing PI here.

    The interim report from 80/20 says that the Home Office concluded that Phorm would be in compliance with RIPA - I don't know how Simon D came to that erroneous conclusion, it says nothing of the sort, perhaps he was told so by Phorm.

    From his emails I don't think Simon D had actually seen Simon W(atkin)'s Home Office "view" when the draft report was written, but I can't confirm that.

  114. Peter Fairbrother

    Re:Phorm's official response to the allegations made by FIPR

    "We don't agree with FIPR's analysis. And its description of the Phorm system is inaccurate. Our technology complies with the Data Protection Act, RIPA and other applicable UK laws. We've sought our own legal opinions as well as consulted widely with experts such as Ernst & Young, 80/20 Strategic Thinking, the Home Office, Ofcom and the Information Commissioner's Office (ICO). We discussed our system with the ICO prior to launching it and continue to be in dialogue with the organisation."

    Ernst & Young are a firm of accountants, they are not lawyers, and their report merely suggested that Phorm might comply with some US and Canadian standards. mentioning nothing about RIPA compliance.

    80/20 are not lawyers, and according to Simon D they did not independently consider whether Phorm would be legal under RIPA.

    The Home Office are not lawyers, and in any case they did not say that Phorm would be legal under RIPA.

    The ICO say that they only learned about Phorm a couple of days before this all started (haven't got the exact ref to hand), and they have not commented publicly on the legality of Phorm under RIPA as yet.

    So that much is all bullshit. I don't know what Phorm's own legal opinions said, but if they had told me was lawful then I'd get me some new lawyers.

    It's totally, blatantly, and very obviously illegal.

  115. Spider
    Thumb Up

    oh the humanity

    Phorm share price down 13% in 48 hours.

    just thought i'd share the good news.

  116. George Johnson

    Phorm running out of steam?

    Today on the BBC, the Auntie is rolling out the old news that two two indepdent privacy advisors addressed customers concerns and that Phorm, while needing better protection for customer data, will not disclose or gather information from https sites.

    http://news.bbc.co.uk/1/hi/technology/7303426.stm

    Hmm quite, until you read who they were, our old friends from 80/20 again!

  117. Phil Storer
    Alert

    Yeah, and what do I get ?

    I think I may invoice the car fone wharehouse for my time while I surf.

    my rate is 25 gbp/h. if they pay they can log as much activity as they wish, if they dont pay, Illkeep invoicing then untill the amount is enuogh for the small clame court to deal with on my behalf.

    You gottafight for your rights to party....

  118. Julian Smart

    Keeping it in the public eye

    If the ISPs do go ahead with Phorm (and similar systems) anyway, I for one would contribute to the cost of full-page newspaper ads keeping the public informed about which ISPs are spying on them. With 7,000+ signatures on the petition, I think there's the motivation to keep up the pressure for quite some time - which would be necessary to make sure that sufficient numbers of people leave the ISPs for their bean-counters to start taking a different view.

  119. Anonymous Coward
    Thumb Down

    The 80/20 Thinking Report

    Doesn't exactly give phorm a clean bill of health does it? If I got a health report like that I'd check myself into the nearest hospital ASAP.

    The report is full of assumptions, unanswered questions, recommendations that haven't been acted on, misunderstandings and, frankly, a lack of comprehension of some pretty basic security and privacy technicalities. And the authors' supposed reputation as "respected privacy campaigners" doesn't exactly hit you in the face either. I can well see why they didn't want to publish it.

    I accept that it's a preliminary report, but even allowing for that it comes nowhere near to supporting phorm's claims on privacy and security. In fact you have to look pretty hard to find the positive bits that phorm keeps quoting - and seen in context even these are faint praise.

    So when phorm next quotes this report, I think the response should be universal laughter. And a few choice quotes in return.

    We should perhaps be a bit kinder to the authors, but even so, it still looks a lot like they were in the process of selling their souls to phorm before reality intervened. A very clear conflict of interest.

  120. Anonymous Coward
    Paris Hilton

    Forget newspaper ads...

    Instead of newspaper ads, if this goes ahead, we should set up a fund to launch a class action lawsuit against any ISP involved.

    I am surprised that we have yet to hear of anyone complaining to police about the BT trials that were run last year without any kind of consent. Would be interesting to see what the police did if those affected last year were to write to the police claiming BT had committed offenses under RIPA.

    Paris because shes had plenty of dealings with the police.

  121. stewart mitchell

    What?

    This is a non government body telling the gov that it might be illegal - I don't see any iminent changes here

  122. Anonymous Coward
    Anonymous Coward

    @AC

    One of the things on my schedule for this weekend is asking my brother (BT) to check for a webwise cookie.

    If one exists, then I will be asking him to contact BT for comment about this invasion of privacy...

    I'll get back to you after that if it turns out he was hit by the trial - assuming that PC Plod doesn't request that he not talk about it until it's been dealt with *grin*.

  123. Anonymous Coward
    Jobs Horns

    @Phorm's official response to the allegations made by FIPR

    " By Julian Maynard-Smith

    Posted Tuesday 18th March 2008 11:45 GMT

    Here is Phorm's official response to the allegations made by FIPR:

    We don't agree with FIPR's analysis." Ect... Spin and more spin......

    I am wondering if they have sacked the PR people now.

    Julian Maynard-Smith’s Specialties:

    Documentation, marketing copy, articles, interviews and reviews. New media (Webwise, OIX), IT, DR, data centres, finance / banking (front and middle office), travel industry, CAD/CAM, project management software. Music, crime fiction, novels.

    As he is an expert in crime fiction , were his skills used to write the blurb for Phorm about how secure the system is, and of course "no personal days is ever used honest"

  124. Anonymous Coward
    Anonymous Coward

    Hitwise

    Does this mean Hitwise is illegal also?

  125. Graham Wood
    Gates Halo

    Phorm are hilarious

    http://news.bbc.co.uk/2/hi/technology/7303426.stm

    "Webwise deliberately ignores https pages"

    Short of getting a trusted wildcard certificate to allow a MitM attack, they don't have any choice.... Well, I suppose they could install something on the user's PC that monitors the pages viewed, but that would be wrong, and they'd never do that would they?

    It's not often that I'm going to get to use this icon, but compared to these guys....

  126. Anonymous Coward
    Thumb Down

    Re: "Privacy International" loves Phorm

    @Peter Fairbrother: "80/20 is run by Simon Davies, who is also well-known member of PI - but he is not representing PI here."

    That's my point.

    We need citizens rights group to work for citizens, not for privacy-invading spyware scum. They can't do both at the same time, like Simon Davies has done here.

    So in the morning Davies, wearing his 80/20 hat, does Phorm consultancy and congratulates it for protecting our privacy. In the afternoon, he puts his "Privacy Campaigner" hat on an says Phorm is invading our privacy. (Actually, as you say, he hasn't even done that - there's complete radio silence from PI).

    And you think this is OK?

  127. Julian Smart
    Thumb Up

    Re: "Privacy International" loves Phorm

    I think this is fascinating from a psychological perspective. What might be going through Mr Davies' mind, to compaign for many years in the public interest and then seemingly detonate his own reputation by association with a dodgy company intent on riding roughshod over users' privacy?

    One, partial, answer comes from the rather sheepish admission from another member of PI that their funding isn't great and they have make ends meet (but that PI distanced itself from the 80/20 report). This was reported in another Register comment page.

    Another factor may be the phenomenon that after building up a reputation, a person can begin to feel invincible - and is therefore confident that being wined and dined by this kind of company is fine and his reputation unassailable. He could be justifying himself by arguing that he has the chance to change what Phorm are doing for the public good; while forgetting what this relationship will look like to the outside world, and the fact that tweaking Phorm's processes doesn't remove the underlying dangers.

    Another theory is that it's a cunning plan to actually undermine Phorm, at the same time as extracting a fee. The final report might therefore be full of surprises for Phorm.

    No doubt we'll get answers eventually. I suspect there's a TV drama to be made out of it, with a healthy mixture of corporate greed, grass-roots campaigning and larger-than-life personalities. To complete the picture, someone just needs to turn up videos of some of the protagonists in compromising situations... happily, these will be much easier to find when BT, Phorm &co have flushed away the online privacy of the nation.

  128. Andy
    Linux

    Use Konqueror if it's not supported:)

    So all those using Linux can use Konqueror. Or, when KDE 4.0 is out, Dolphin:)

    Phorm appear to be in discussion with other ISPs both here and abroad, according to this :

    http://www.iii.co.uk/investment/detail/?display=news&code=cotn:PHRM.L&action=article&articleid=6611046

    We need a page somewhere that lists all those ISPs that don't give a damn about their customers. Maybe a section on El Reg?

    VM now have a webwise page :

    http://www.virginmedia.com/customers/webwise.php

    Here is an extract :

    Webwise will help provide you with a safer and more relevant online experience by helping you avoid scam emails or websites, as well as making your online experience more relevant through advertising that matches your areas of interest.

    According to that, it will also protect us from scam emails. Well how are they going to do that unless they are sniffing our emails?! I for one will be leaving vm, as will the missus seeing as we share the connection. I will have to get her another email

    address. Maybe gmx.com - no spam there.

    Why do the ISPs assume we want ads thrown at us anyway? oh yeah, to make them more money. Maybe this is why vm have dropped their prices and upped the speeds at the same time. They knew they were going to rip their customers off by flogging their surfing habits and making money out of them.

    There is one other thing to consider - sometimes we forget a password and it is emailed to us and we happen to use webmail to view it. Oh look! They can see my password that I got emailed to me. And they say they will ignore passwords. Or we get a link to a page to change a password. Get out of that one then Kent "the lying b***tard" Phorm.

    Just checked that investors site, here is the latest posting :

    http://www.iii.co.uk/investment/detail/?display=discussion&code=cotn%3APHRM.L&it=le&action=detail&id=3962215

    Briefly, it says it is looking good in the USA (for Phorm), looks like AT&T will be signing in a couple of weeks and revenue will soon be coming in from the UK ISPs.

    So it looks like the 3 traitor ISPs are going to be starting their sniffing very soon. Well that is what it is, sniffing our packets.

    We don't want ads so phuck off phorm. And up yours vm!

    Tux because I use Linux Konqueror is not supported:) Yes, I also use windoze, but Linux is my OS of choice.

  129. ben
    Dead Vulture

    Hang on a moment....

    It doesn't matter two hoots if your ISP is a Phorm Signup or not, or if you have the opt out cookie.

    Your IP traffic will go via some Phorm signed up ISP router somewhere and hence be profiled...

    In the UK, as BT pwn much of the backbone and BT are part of the Phorm collective, I suspect all your http GETs are belong to Phorm anyway...

    Dead vulture cos resistance is futile

  130. Andy
    Paris Hilton

    @Ben

    But even if BT own much of the backbone, it will be in their data centres where the phorm servers/hardware are and if I am with someone else, say Zen, they will have their own data centre surely and so my http GETs won't go anywhere near BT's phorm servers? I don't know much about networks but this is how I would imagine it is set up. Perhaps someone could enlighten me?

    As for the opt out cookie, it shouldn't be a cookie. It should be an opt in and if you don't opt in then your net traffic goes nowhere near phorms server.

    Paris, cos she can come and get me any time:)

  131. Andy
    Gates Halo

    @Ben part 2

    If we don't opt in (don't know anyone who will) and our http GETs go through to a phorm server in one of BTs data centres then that is illegal and BT should be taken to court and have their ass kicked big style. Plus compo for the users affected.

    BillG cos even he ain't that bad.

  132. ben

    @Andy

    I think you miss the point slightly.

    How do you think your GETs get to the remote end?

    They go off your PC as a TCP/IP Packet, routed via the backbone to its destination.

    The backbone can mirror those packets without your consent or knowledge - do you see where I am going?

    As BT are signed up to Phorm, and IF Phorm are found to be legal, I can see nothing really preventing them from writing a bit of code for the backbone (OK all the backbone routers) to mirror all http GET packets to the BT Phorm servers regardless of their (the IP Packets) origin. If AT&T in the states also sign up to the Phorm nonsense, it will be nearly impossible to stop this Pharming going on and you, the end user, will have no chance at all of opting out.

    /me I'll get my own TFH thanks

  133. Peter Lovatt

    Hit back

    Why not search out investor forums and highlight the bad press and the prospect of future lawsuits.

    Add this to emails letting your ISP know you will close your account if they do implement Phorm.

    They have two masters - customers and shareholders. Hit both of them

    Peter

  134. Stephen Baines

    BT to comply with Swedish Law

    As a webmaster with sites hosted outside the UK and operated from Sweden, I wrote to the Company Secretary of Phorm and Webwise telling them that under Swedish law such interception is absolutely illegal and it must not happen on communications with my server.

    I have had no response from Phorm yet, but I have had a response from BT:

    >Dear Mr. Baines,

    >

    >Thank you for your letter to our company secretary Mr. Larry Stone.

    >

    >I acknowledge the receipt of your letter and confirm that we will take

    >the necessary steps to honour your notice.

    >

    >Regards,

    >

    >Mangesh Kulkarni

    Anyone on BT webwise who wishes to check for me later, please let me know!

  135. Anonymous Coward
    Thumb Down

    Virgin Media and Phorm

    I work at Virgin Media support and recently was contacted by a customer about Phorm. Apart from the information on the public website all we've had is a near-identical intranet announcement. Obviously all I'm able to tell anyone is this official line ("helps protect against fraud bla bla bla") which the fairly tech-savvy customer wasn't entirely happy about hearing (I have to say I felt pretty crappy having to regurgitate the VM BS relating to it as well). Gotta laugh when the ISPs can't even be honest with their own staff about this.

  136. W
    IT Angle

    "Rate this story"

    Where's the new "Rate this story" 'barometer' when you need it?

  137. Anonymous Coward
    Joke

    @Phorm's PR

    Hahahaha....

    Quote "because you are giving those of us with a brain and degree of intellect a bloody headache."

    Aww is someone upset? Give a sh*t. Jog on.

    What made me cry with laughter is this news item

    http://www.ft.com/cms/s/0/eef58398-ef9a-11dc-8a17-0000779fd2ac.html

    1. "Phorm seeks $65m for overseas expansion" - Phailing.

    2. Phorm, which reported no revenues - Phailing.

    3. $16.3m loss for the first half of last year - Phailed.

  138. 3x2

    @"Privacy International" loves Phorm

    <...>You must be new to the Phorm story. The BBC asked PI, and PI said Phorm was OK by them.<...>

    Yes very new. Right I'll type slowly so you see the words ...

    The initial BBC story, for the first day or so, did say that PI endorsed the Phorm system. Then the BBC did their checking (which they should have done first) and amended the story. Before they (BBC) amended their story, unlike you, I asked PI directly about Phorm and they cleared up the misunderstanding.

    OK so far? Good. Now then re: http://calculating.wordpress.com/2008/03/06/privacy-international-idiots-endorse-phorm/

    These dicks presumably went to the same school of journalism as the BBC because you see they re-printed the BBC article without checking their facts either. It happens a lot on the Internet and when you are a big AC you will begin to understand that and maybe think (or god forbid research) before you type.

    - Hope that's all clear enough now

  139. anonymous sms

    UK Government and BT's Dishonest Record on Internet Fraud

    The issue of trust and honesty concerning all the parties involved in this personal data collecting/selling scheme should be considered.

    @ el Reg. All this information is in the public domain. I believe it shows that BT is not a fit and proper company who should be trusted to prevent the potential fraudulent use of the data they intend collecting. I also believe it shows that the Government and Regulators should not be trusted to step in to protect the public when this data collecting scheme is abused (and it surely will).

    Throughout 2004 (1st Jan to Aug) the UK public lost tens (hundreds?) of millions of pounds due to internet fraud in the form of "rogue diallers".

    Throughout this period BT claimed they had no way of knowing if the numbers appearing on victims bills were the result or rogue diallers or the legitimate use of the customers PC.

    What BT and the Regulators failed to tell the media and victims was that the level and pattern of complaint (concerning the same known numbers) clearly indicated that the bills were the result of the use of illegal dialler software. They failed to tell the media and the thousands of victims that 20% of all complaints they received in 2004 concerned the same UK company (Telecom One) and 3,500 known premium rate numbers (0909 967 ****).

    In an article in The Guardian (July 2004) it was reported that Icstis (PhonePayPlus) had received "at least 25 complaints" during June 2004 for each of the three Telecom One numbers mentioned in the story.

    At the same time as the Regulators were allowing BT to continue billing for the 3,500 Telecom One numbers BT were also billing for their own Redstone numbers that were later discovered to have been programmed into illegal diallers.

    Despite the high level and serious nature of complaint Ofcom only acted in August 2004 after increasing media pressure. They finally introduced vetting on the internet diallers. It was later revealed in an Ofcom case (May 2005) that Icstis had requested information from Telecom One in February 2005 regarding the services being billed using their numbers. The Ofcom case also revealed that by the time Icstis had requested this information and reported Telecom One they had stopped receiving complaints regarding the 3,500 numbers. Ofcom decided to close the case because Telecom One's service providers had apparently left the market.

    Before we allow BT to collect and sell our personal date I believe people should ask serious questions into the apparent inability of Government and regulators to prevent the telecoms networks and the internet being used to target the public with such high levels of serious organised fraud.

  140. Paul Delaney
    Coat

    Re: Did you have comments when RIPA was introduced?

    "You hypocrites, you hate RIPA more than Phorm"

    (with reference to sarcasm)

    Ah - but that was before anyone (including the RIPA authors) realised that in certain circumstances, obviously not envisaged at the time, the legislation could actually be used to protect the rights of Joe Public!!

    The one word in question, obviously a typo, was overlooked in the final draft and an ammended version will no doubt become available in due course...

    as soon as the relevant palms have been greased

    Edit/Replace...

    Find what: permission

    Replace with: indifference

    Interpret the meaning of that in court!

  141. Mark

    Phorm Blacklisting

    They claim there is a blacklist that will not 'profile' sensative pages like web based mail pages. However I run my own server and as such I have my own web based email as does ALL people who have PLESK on there server which is most dedicated and VPS servers these days. Also most people who have a domain with UK-REG have web based mail. I dont see how they are going to black list personal web mail pages for every domain?!

    BT is the main subscriber to Phorm and it wont come as a shock that the goverment will let this continue as BT is the bedrock for the UK's communications.

    What a way to alienate the internet population.

This topic is closed for new posts.

Other stories you might like