Phorm agrees to independent inspection of data pimping code

But what's a privacy group doing in bed with it anyway?

By Chris Williams • Get more from this author

Posted in Telecoms, 19th March 2008 14:01 GMT

See what The Register's experts have to say on application security

Like web inventor Sir Tim Berners-Lee, 80/20 argues that Phorm would only be allowable on an opt-in basis. The logic goes that if the "service" is so great, why wouldn't people choose to be part of it? Carphone Warehouse is committed to offering "Webwise" on an opt-in basis. BT and Virgin media are not.

Despite this cautious stance, to many, Davies and Gus Hosein, his colleague in both 80/20 and Privacy International, have an unresolvable conflict of interest when it comes to Phorm. We and others have argued that the emergence of a new technology for monitoring our web browsing habits cannot logically be a good thing for privacy, no matter how many independent bodies assess its safety or who they are.

One anonymous commenter summed up Davies' perceived problem in response to our last Phorm story: "We need citizens rights group to work for citizens, not for privacy-invading spyware scum. They can't do both at the same time, like Simon Davies has done here."

"In the morning Davies, wearing his 80/20 hat, does Phorm consultancy and congratulates it for protecting our privacy. In the afternoon, he puts his 'Privacy Campaigner' hat on."

To them, Phorm's PR line that it actually is good for internet privacy is exactly analogous to Orwell's famous maxim for Big Brother: "War is peace, freedom is slavery, ignorance is strength." And in this context, comparing Phorm's privacy controls to Google's seems a smokescreen. Webwise users will be profiled by Phorm as well as Google, not instead of it.

To muddy the waters further, Davies is a member of the advisory panel of the Foundation for Information Policy Research (FIPR). The think tank gave a massive boost to claims that intercepting web traffic in the way Phorm intends to is illegal under the Regulation of Investigatory Powers Act 2000.

Phorm says it is aware of Davies' role at FIPR, but that it is a matter for him. Speaking on Tuesday, he said his primary concern is the privacy implications of Phorm, rather than its legality. "I'm not a lawyer," he emphasised.

We asked Davies whether knowing what he now knows about Phorm - its history as a rootkit peddler (80/20 was unaware of 121Media's role as developer of PeopleOnPage), and the near-unanimous public view that it can only be a bad precedent for privacy online whether he would have gotten involved commercially. After a long pause, he said: "It's certainly been a steep learning curve."

"On balance, I think it's better to engage. I still talk to the Home Office even though they tried to trash my reputation and relationships over ID cards."

You can read and download a copy of 80/20 Thinking's report here. ®