Posts by Peter White 61 publicly visible posts • joined 12 Mar 2008
just been looking at the much quoted report, it is just a process/procedure confirmation report, a bit like bs5750, not really worth the paper it, it just says they have the procedures in place, but just because they have them does not mean they follow them.
response from BT today, they seem to be changing there line on all traffic going via the profiler
Thank you for your email.
Our plans are confined to conducting a opt-in technical trial for about 10,000 customers at the moment.
I want to confirm to you that BT Webwise will always be offered as a choice. Those customers who have chosen not to participate will not have their browsing information mirrored or profiled, and no information will go to the BT managed profiler. No information is gathered, and therefore no information is forwarded to Phorm. Customers who opt out will not come into contact with any Phorm-managed equipment.
Opting in and out of BT Webwise is extremely easy and completely transparent. Standard opt out method does depend on a cookie remaining on your machine indicating that you have opted out. If you delete your cookies regularly, you will have to opt-out again each time you start a browsing session. But for those who delete cookies regularly and want to remain opted out, you can block cookies from the domain www.webwise.net on each browser you use. When you block this domain, the service will opt you out permanently.
In parallel with the trial, we are already developing an opt-out solution that would remove the need for opt-out cookies altogether.
BT Webwise technology is designed in such a way that it is not possible to reverse engineer identity. The service doesn't store personally identifiable information, doesn't store IP addresses or browsing histories of websites visited. The technology simply observes anonymous behaviours and draws a conclusion about the advertising category that's most relevant. All the data leading to that conclusion is deleted by the time each web page is loaded. The service dispels the myth that data on user browsing behaviour must be retained and stored in order to provide more relevant advertising.
I hope this email answers some of your concerns.
Regards,
BT Webwise Helpdesk
-----Original Message-----
From: peter white
Sent: 13 March 2008 17:20
To: BT Webwise Help Desk G
Subject: RE: Technical enquiry from BT Yahoo! online help (broadband)
May I correct you on several facts
Talk talk have scaled down and now working on opt in and anybody who has opted out the data will not go via the profiler at all (a higher level of privacy than BT)
Virgin media seem to be back tracking to the same position as talk talk from the report on the web
Only BT at this point are proceeding as planned
The anomonised data can still yield id information as AOL found that out last year when it released a ton of anonymised search requests with the user IDs replaced by random numbers; it had to withdraw the list in haste as it became embarrassingly obvious that users could be identified from that information alone.
So by using a random number in a cookie will still enable users to be identified from the data passed from the profiler to the phorm server and so privacy is not guaranteed
The anti-phishing features of webwise is a duplication of the function in
IE7 and I believe also part of the Norton security suite you provide, so I see little value add from that service, the only thing the users will see is an increase in targeted adverts from the businesses signed up to OIX which was the adware rubbish phorm used to push, how many adverts are going to be for uk based businesses (very few I suspect) and due to the high rate of fraud and phishing on the web people are naturally sceptical of any popup and highly unlikely to purchase via them, this I doubt is of little concern as BT will only get revenue from allowing the adverts to be served and not from any form of pay per click on the actual poup-ups
Can you confirm if the data of a user who has opted out or blocked the cookie is still sent to the profiler, and although supposedly not , is still possibly scanned (even if in error)
Can you confirm catagorically that phorm / webwise does not breach my right to privacy under european law of human rights, RIPA, or the data protection act
I understand the data is held on servers run by BT in BT's hosting centres, but the software is provided by phorm whose past appears to be dubious from the forums and information on the web
I will be blocking the cookies on all machines in my house to protect myself as best I can and if webwise goes ahead I will be migrating out of BT asap after the notification
Can you confirm if I Will be offered the option of terminating my contract early due to the changes to the terms and conditions of my contract if bt deem the trial a success and proceed with a full roll out
Thanks
Peter white
seems BT may be back tracking
below is a reply i got from BT
Thank you for your email.
Our plans are confined to conducting a opt-in technical trial for about 10,000 customers at the moment.
I want to confirm to you that BT Webwise will always be offered as a choice. Those customers who have chosen not to participate will not have their browsing information mirrored or profiled, and no information will go to the BT managed profiler. No information is gathered, and therefore no information is forwarded to Phorm. Customers who opt out will not come into contact with any Phorm-managed equipment.
Opting in and out of BT Webwise is extremely easy and completely transparent. Standard opt out method does depend on a cookie remaining on your machine indicating that you have opted out. If you delete your cookies regularly, you will have to opt-out again each time you start a browsing session. But for those who delete cookies regularly and want to remain opted out, you can block cookies from the domain www.webwise.net on each browser you use. When you block this domain, the service will opt you out permanently.
In parallel with the trial, we are already developing an opt-out solution that would remove the need for opt-out cookies altogether.
BT Webwise technology is designed in such a way that it is not possible to reverse engineer identity. The service doesn't store personally identifiable information, doesn't store IP addresses or browsing histories of websites visited. The technology simply observes anonymous behaviours and draws a conclusion about the advertising category that's most relevant. All the data leading to that conclusion is deleted by the time each web page is loaded. The service dispels the myth that data on user browsing behaviour must be retained and stored in order to provide more relevant advertising.
I hope this email answers some of your concerns.
Regards,
BT Webwise Helpdesk
-----Original Message-----
From: peter white [mailto:greycow@btinternet.com]
Sent: 13 March 2008 17:20
To: BT Webwise Help Desk G
Subject: RE: Technical enquiry from BT Yahoo! online help (broadband)
May I correct you on several facts
Talk talk have scaled down and now working on opt in and anybody who has opted out the data will not go via the profiler at all (a higher level of privacy than BT)
Virgin media seem to be back tracking to the same position as talk talk from the report on the web
Only BT at this point are proceeding as planned
The anomonised data can still yield id information as AOL found that out last year when it released a ton of anonymised search requests with the user IDs replaced by random numbers; it had to withdraw the list in haste as it became embarrassingly obvious that users could be identified from that information alone.
So by using a random number in a cookie will still enable users to be identified from the data passed from the profiler to the phorm server and so privacy is not guaranteed
The anti-phishing features of webwise is a duplication of the function in
IE7 and I believe also part of the Norton security suite you provide, so I see little value add from that service, the only thing the users will see is an increase in targeted adverts from the businesses signed up to OIX which was the adware rubbish phorm used to push, how many adverts are going to be for uk based businesses (very few I suspect) and due to the high rate of fraud and phishing on the web people are naturally sceptical of any popup and highly unlikely to purchase via them, this I doubt is of little concern as BT will only get revenue from allowing the adverts to be served and not from any form of pay per click on the actual poup-ups
Can you confirm if the data of a user who has opted out or blocked the cookie is still sent to the profiler, and although supposedly not , is still possibly scanned (even if in error)
Can you confirm catagorically that phorm / webwise does not breach my right to privacy under european law of human rights, RIPA, or the data protection act
I understand the data is held on servers run by BT in BT's hosting centres, but the software is provided by phorm whose past appears to be dubious from the forums and information on the web
I will be blocking the cookies on all machines in my house to protect myself as best I can and if webwise goes ahead I will be migrating out of BT asap after the notification
Can you confirm if I Will be offered the option of terminating my contract early due to the changes to the terms and conditions of my contract if bt deem the trial a success and proceed with a full roll out
Thanks
Peter white
part of a response to me from BT
it sheds some light on the way phorm uses cookies
peter
We will be inviting around 10,000 BT broadband customers to take part in the trial. The trial invitation will be presented through a special web page that will appear when those customers start a web browsing session.
At this point, those customers invited can choose to opt in, opt out or to find out more information. Customers choosing not to take part will not be profiled. The www.bt.com/webwise site also contains detailed information on the service and a one-click option to switch the service off, which can be activated at any point during the trial. The BT Privacy Policy and BT Total Broadband Service Terms will be amended accordingly.
Opting out means that no browsing data whatsoever is looked at or processed by BT Webwise. Opting in and out of BT Webwise is extremely easy and completely transparent. Standard opt out method does depend on a cookie remaining on your machine indicating that you have opted out.
If you delete your cookies regularly, you will have to opt-out again each time you start a browsing session. But for those who delete cookies regularly and want to remain opted out, you can block cookies from the domain www.webwise.net on each browser you use. When you block this domain, the service will opt you out permanently.
very long but the full story so far, i have left only the bt CS person first name in and mine (as it is on my posts anyway)
the interesting one for me is you can permantly opt out by blocking the cookie,(so trend and co can safely remove the cookie without opting you back in) but will that show up in there stats as a opted out user
below are the emails
Chris,
Thanks for your reply
But You have failed to answer my question regarding if I opt out is my traffic still passed to the profiler, nor the question about assumed automatic opt-in
If it is I still have major concerns regarding privacy as you can not guarantee the profiler can not be updated to look at the opted out traffic but just not serve adverts
And I have big , big prolems with any data passed to a company whose roots are one of the biggest original adware / crudware companies on the net, like many I do not believe leopards can change their spots
Another point is as AOL found that out last year when it released a ton of anonymised search requests with the user IDs replaced by random numbers; it had to withdraw the list in haste as it became embarrassingly obvious that users could be identified from that information alone.
So by using a random number in a cookie will still enable users to be identified from the data passed from the profiler to the phorm server and so privacy is not guaranteed
The anti-phishing is a duplication of the function in IE7 and I believe also part of the norton security suite you provide, so I see little value add from that service, the only thing the users will see is an increase in targeted advert from the businesses signed up to OIX which was the adware rubbish form used to push, how many adverts are going to be for uk based businesses (very few I suspect) and due to the high rate of fraud and phishing on the web people are naturally sceptical of any popup and highly unlikely to purchase via them, this I doubt is of little concern as BT will only get revenue from allowing the adverts to be served and not from any form of pay per click on the actual poup-ups
Please inform your managers that the customer base is not happy with this, people are not going to put up with popups, adverts or other junk on their screens (we get enough junk in the post)and many will hopefully vote with their feet
The only way I will stay a BT broadband customer is if you can guarantee opted out traffic does not go via the profiler at all and it is an assumed automatic opt-out, this is the position that car phone warehouse is taking and looks like the same with virgin media (if they actually go ahead, which is not looking likely)
Car phone warehouse are (rightly so) of the opinion webwise / phorm will fly or fail on its merits and if customer find it usefull, not on wether you can bully customers into accepting it to obtain additional revenue
One final question how will you know if the trial is successful, I assume it will be by webwise telling you the percentage of users opting in and out, and who will audit those figures and confirm they are correct?
A better way would be to use an independent market research company to canvas ALL of the users in the trial with a web based questionaire similar to how microsoft get feedback from my after my partner training courses
when my updated terms and condition are offered to me I shall be reviewing my option to cancelled my contract early depending on whether BT has changed its position with webwise / phorm, which is a shame as I have had good service until this.
Thanks
Peter white
-----Original Message-----
From: Residential Services [mailto:XXXXX@bt.com]
Sent: 13 March 2008 12:55
To: XXXXX@btinternet.com
Subject: Re: I want to complain - I have a general complaint (KMMXXXXXXXX71L0KM)
Dear Mr White,
Thank you for your e-mail dated 12/3/08 regarding Webwise, and the passing of your browsing or personal data to Phorm, and I am sorry for the difficulties you have encountered whilst trying to obtain information on this and for any inconvenience this may have caused.
As per your request for written confirmation, I have supplied you the information in the form of an email as i work from the e-contact queue only.
The data capture is designed to preserve your anonymity and privacy. We will be communicating to all customers during the trial with a page that appears at the start of their browsing session and ask customers to look at amended Terms and Conditions which can be viewed on www.bt.com/webwise. There will always be clear choice in the hands of all of our customers. We also provide them with information on their current status on www.bt.com/webwise, which can be changed with a click of a button.
Your data? is not passed to any third party. On each browser navigation, a ?data digest? is created consisting of URL, search terms submitted to a major search engine, and the top 10 most frequently-occurring page keywords from the page (which are cleaned to remove email addresses, numbers and names). This is matched against a list of advertising product categories. After the match is made, ?data digest? is deleted permanently and immediately. The ?data digest? is never written to disk so it is never stored.
All this processing is done completely within BT?s network. The matching information ? the only information held within the system, is never sent to any system held outside the BT network. You can permanently opt-out by blocking cookies from the domain http://www.webwise.net on each browser you use.
You can check whether BT Webwise is on or off by simply going to http://www.webwise.bt.com/ You?ll be able to see whether BT Webwise is turned on or off on the computer, user account, and browser you?re using at the time. To turn on or off this service, simply go to http://www.webwise.bt.com/ and click ?BT Webwise Off? or ?BT Webwise On?. BT Webwise uses cookies stored on your computer to capture your preference. These cookies are linked to individual computers, user accounts, and browsers, so you will need to switch the service on or off from each computer, user account, and browser you use. If you delete the cookie, you?ll need to reset your preference.
I hope the information provided will assist in helping you with your enquiry, and if you should have any further queries please do not hesitate to contact me again via e-mail.
Thank you for contacting BT.
Yours sincerely,
Chris XXXXX
eContact Customer Service
Ref: XXXX
Original Message Follows:
------------------------
Feedback from: peter white (contact number ) Telephone Number:
Account Number:
Email Address: XXXXXX@btinternet.com
Customer Comments:
i do not wish any of my web browsing (past, present or future) to be profiled or stores for any reason other than as you are require to keep records under RIPA for the fight against terror
i specifically do not consent to any of my web browsing or personal data being passed to phorm or any other similar company.
i do not require the webwise anti phishing product as none of my family use internet banking for the simple reason of its insecurity
i specifically do not want any advertising (targeted or other pop ups other than the single frame advert on my yahoo / bt homepage which i easilly ignore)
i want an immediate assurance in writing of the above
1:- if my terms and conditions are changed to allow any of the above,
2:- if webwise / phorm is rolled out with an assumed opt in
3:- it is proven that even when opted out my web traffic will still be passed via the webwise / phorm profiler
i will have no option but to excercise my right under the change to terms and conditions clause and immediately change ISP
please note car phone warehouse are guaranteeing "opt in" only and segregating their network so opted out users are definitely not passed through the web wise / phorm profiler, and virgin media have not finally commited to rolling this out yet
a very unhappy customer who is likely to be looking for alterantive ISP shortly
regards
peter white
there seems to be only two ways to beat this,
1:- vote with your feet and migrate to a new isp as soon as the new contract arrives on your screen
2:- everybody block the cookies from phorm / webwise (less effective as your data is still being profiled)
these are the only two options that kill phorms (and the ISP's) revenue stream
any other method puts traffic through the system and provide both phorm and ISP with saleable traffic no matter how rubbish the data generated is
with all the fraud and dodgy dealer on the net, who in there right mind is going to click on one of these adverts and actually buy anything, very, very few people in their right minds
its a bit like the nigerian 419 scam, pump enough ads and you will hook a few suckers.
the real test will come when people start buying from any of these ads and see if the goods turn up or worst still their card maxed out by fraudulent transactions
will the ISP or PHORM be giving and fraud protection from buying from any of these adverts
let me take a micro second to think and come up with a BIG FAT NO!!!
below is lifted from BT's webwise faq page
it seems to infer that there are both opt out and opt in cookies and if it can't put a cookie on the machine (because you have blocked them) it seems to assumes opt out from below
About use of cookies in BT Webwise
What happens if I delete my cookies?
You will receive a new cookie from your Internet service provider (ISP) when you go online. You will need to choose again whether to turn BT Webwise on or off. You should return to www.bt.com/webwise and turn it on or off as necessary. [X]
Why does BT Webwise use cookies?
This is so that we can send relevant advertising without learning a customer's identity. [X]
I delete my cookies regularly, and I want to keep BT Webwise switched off. How do I do that?
If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add "www.webwise.net" to the Blocked Cookies settings in your browser. Up-to-date versions of both Internet Explorer and Mozilla Firefox have this capability. [X]
the microsoft definition of adware
Advertising that is integrated into software. Adware is often combined with a host application that is provided at no charge as long as the user ...
www.microsoft.com/security/glossary.mspx
the f-secure definition of adware
A type of Advertising Display Software that delivers advertising content potentially in a manner or context that may be unexpected and unwanted by users. Many adware applications also perform tracking functions, and therefore may also be categorized as Tracking Technologies. ...
www.f-secure.com/security_center/malware_code_glossary.html
just because the software is on the ISP's server not your PC need i say more
it is an unwanted intrusion to privacy
sign the petition at http://petitions.pm.gov.uk/ispphorm/
and complaint to you isp bt's complaint page is a link on http://www2.bt.com/contactus
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
