Feeds

BT admits misleading customers over Phorm experiments

We know what you pimped last summer

Boost IT visibility and business value

BT has admitted that it secretly used customer data to test Phorm's advertising targeting technology last summer, and that it covered it up when customers and The Register raised questions over the suspicious redirects.

The national telecoms provider now faces legal action from customers who are angry their web traffic was compromised.

Stephen Mainwaring, a BT Business customer in Weston-super-Mare, believes sensitive banking data relating to his online horse racing business was press-ganged into a trial of an unproven technology. He suffered sleepless nights after detecting the dodgy DNS requests, and said today: "It is very likely that I and others will take legal action against BT for what they did last summer."

In a statement, BT said: "We conducted a very small scale technical test of a prototype advertising platform on one exchange in June 2007. The test was specifically conducted to evaluate the functional and technical performance of the platform.

"Absolutely no personally identifiable information was processed, stored or disclosed during this trial. As with all service providers, it is important for BT to ensure that, before any potential new technologies are employed, they are robust and fit for purpose."

Speaking to El Reg on Friday, Stephen agreed: "Absolutely, new technologies should be stringently tested, but not using mine and my customers' data. If they wanted to run a trial, they should have asked. I would have told them I did not want to be part of it.

"I note the statement, 'absolutely no personally identifiable information was processed, stored or disclosed'. That means that all my information was processed, stored or disclosed but the personal bits were filtered out. Clearly that was unlawful."

Stephen has already filed a complaint with the Information Commissioner's Office and is consulting on how to proceed through the courts with other BT subscribers who believe their connection was subject to illegal Phorm tests.

Today, he and a fellow BT customer also disputed the claim that only one exchange was involved in the covert testing.

Spike, a Reg reader based in Brighton and Hove, also noticed dodgy redirects of his web traffic last July to sysip.net, a domain owned by Phorm. He wrote about the mystery here at the time.

Spike and Stephen urged other BT customers who believe they may have been co-opted into last summer's secret trials to speak out.

We first asked BT about its relationship with Phorm in July 2007, when it was widely known as 121Media, a firm deeply involved in spyware. BT denied any testing and said customers whose DNS requests were being redirected must have a malware problem.

It wasn't until 14 February this year, when the deals between BT, Virgin Media and Carphone Warehouse to pimp customer web browsing were announced, that a cover-up was revealed. You can read the original story here.

BT's belated confession that it secretly used its customers' traffic to test the safety of ad targeting technology can only add to the distrust around Phorm, whose executive team includes a former BT Retail CTO. Several security firms have confirmed plans to classify Phorm's cookies - both for opting in and opting out of Webwise - as adware.

As part of its admission to the secret 2007 trials, BT also said it will follow Carphone Warehouse's lead and develop an opt-out that does not involve cookies and means no data will be mirrored to a profiling server, even if it is ignored. It follows serious concerns raised by experts on the Regulation of Investigatory Powers Act 2000 (RIPA) that Phorm's plan to use cookies to exclude people who opt-out is illegal.

BT repeated its insistence that the technology is legal, however. It said: "We are already developing an opt-out solution that would remove the need for opt-out cookies altogether. We have carried out significant due diligence in this area, and informed consent from our customers will satisfy the necessary legal requirements."

Yet some authorities on RIPA have argued that ISPs would also need permission from website owners to profile the content of their pages. BT has not responded to our questions on this point.

ISP data pimping has also invoked the ire of the Greatest Living Briton™. Today the BBC reports that Sir Tim Berners-Lee, inventor of the web, has spoken out against ISP ad targeting. He summed up public opposition to the system: "It's [web traffic] mine - you can't have it. If you want to use it for something, then you have to negotiate with me. I have to agree, I have to understand what I'm getting in return."

Meanwhile, the Downing Street petition against Phorm has now garnered almost 5,000 signatures.

Carphone Warehouse has said it will ensure that its subscribers are opted out of Phorm and Webwise by default. BT and Virgin Media have made no such promise.

You can follow all our reporting of Phorm over the last three weeks here. ®

Boost IT visibility and business value

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Speak your brains on SIGNAL-FREE mobile comms firm here
Is goTenna tech a goer? Time to grill CEO, CTO
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.