Government refusing to act?

Usual story.

It might be a completely different story if we knew which MP's were caught in the trials.

"Mr Speaker, is the Prime Minister aware of the recent illegal Phorm/BT trials?"

Insert noise of unruly rabble here...

"Well he should, as he was included, as was the Foreign Minister".

Heh, one can but dream.

It seems that its time for a fundamental change to the system of governance in this country. The current system just doesn't work anymore.

I have always up to now supported the Labour party. I now think that the Liberals are a more trusted party since they seem to have the only pro active MP's on this very important matter. Labours ineffectiveness in this matter loses them my Vote. Confusion reigns supreme Gordon Brown. Get a grip and show that nobody is above the law!

Phorm is Illegal!

> "I'm absolutely sickened and appalled," Pete John, who has tried to interest authorities, told The Register this week.

Get a grip, I told Pete John this week. With all that goes on in the world, if that's the kind of thing that sickens and appalls you then I'm surprised you have the wherewithall to get out of bed in the morning.

That said, keep up the good fight (when you've got your health back, naturally :)) !

The Tribunal's remit excludes it from acting. "ICO say the Home Office. The Police say the Home Office. The Home Office say they have no investigative role".

If the politicians are serious ( but, hey, we know they aren't) they'd investigate in a Parliamentary committee and then NTBs into the future. Other than prison and punative damages there is little that can be done about the past now but the bleeders need to be stopped from taking the mick in future.

Can BT, Phorm and the rest be nailed under trading standards legislation?

Can we start taking bets on how long it is before certain key people in government departments that seem to muddying the waters on purpose jump ship and join Phorm?

That bloody "Consent" thing keeps coming up.

I run websites - I DO NOT give consent for phorm (and BT, Talk Talk or Virgin) permission to intercept my traffic.

Mabye if a lot of website owners blacklisted the entire BT, Talk Talk and Virgin IP address ranges so they get a message that says something like "Your ISP is a leeching parasitic scum merchant who would sell his granny for a snort of Cocaine" they might get the message?

Actually even better - a redirect so that they get a page full of the nasty truth about Phorm and then topped up with choice keywords would be good (it would certainly screw up the Phorm profilers.) before they get to the actual website.

If they have BT Broadband, then there is a bloody good chance they were.

Anyone willing to put their name on the line and march on Parliament? Peaceful protest my left ass cheek; Through the doors and into the PM's private chambers, so he knows just HOW pissed off the informed public are.

Anonymous? No point. They can track it all anyway.

I have an extremely dismissive letter from Tony McNulty which more or less says "It's not my problem. It's the ISPs responsibility to make sure they don't breach RIPA"

I'm drafting a suitably worded reply, but it's taking a while, since I'm having difficulty framing a sentence without using the phrase "greasy shiteweasel".

As of today, sadly, the position seems to be that public bodies can breach RIPA, in which case they'll be investigated, but this will never come about since everything they do that's covered by RIPA will have been rubberstamped (see Reg passim), that individuals can breach RIPA, in which case inspector knacker will stuff them in chokey for five years, and that corporations can breach RIPA and no one will give a flying fuck.

Fortunately, I can't see this position lasting long, there's to much for the opposition parties and the tabloids to get their teeth into. I mean come one, NuLabour allows big corps to trample over "terrorism"* legislation is a big stick with which to beat an already embattled Prime Minister.

So, on with the fight. The failtrain is still en route, it's just delayed by red tape on the line.

*I know, it actually has very little to do with terrorism, but no one tell the Daily Mail that just yet, eh ?

Putting an MD5 hash for every page a server creates in the HTTP header. Clients could perform a matching hash, and if they don't match refuse to display the page. I'm sure Amazon and eBay would be thrilled to know customers were unable to view their pages because of phorm injected crap .....

Anyone who has had any kind of response from the Home Office, hang on to it. Could come in handy as evidence. Now the Home Office are involved, they have brought the matter within the scope of a Judicial Review. Fatal error. We've just seen how Judicial Reviews feel about the government illegally granting impunity to private corporations in the matter of SFO vs BAE - and they do not like it.

Didja know it only costs £100 to apply for a Judicial Review?

huge letters in The Sun shouting:

BT SPIED ON IT'S USERS

That would be enough to stop that shit going. If all those unwashed start shouting government will not be able to just put a blind eye to it.

My 2p.

I've still not had a reply from the home office about this.

I'm genuinely at a loss as to why this is being ignored.

There are no words that I can find that express how rotten this makes the the country look!

I think I'll pack my bags and move to Zimbabwe - it's starting to look like they have a more moral and trustworthy government.

I wrote to my MP (Celia Barlow (Lab)) a few weeks ago to ask for her support against this technology. Her reply is below:

"Phorm Programs, Open Internet Exchange (OIX) and Webwise are designed solely for advertising, and increased privacy settings. Phorm's ad serving technology uses anonymised data, and does not store any personally identifiable information or IP addresses. The use of OIX and Webwise is voluntary, and as a mother of 3 children, I too am concerned about privacy and monitoring their internet use.

I have passed on your concerns to Michael Wills, Minister of State for the Ministry of Justice. I hope the Minister will be able to provide you with further information. I will write again once I have received a reply."

According to theyworkforyou.com my MP tows the party line on all issues. So I would assume that the above text is consistent with Government feeling. It's nice to see that a new, and additional, method of intercepting private communication can increase privacy. I would have thought that was logically impossible but maybe that is why I am not a leader of people.

It's being "ignored" because;

a) There's a LOT of money involved, and / or

b) Someone (maybe more then one) senior in the Home Office / ICO / Ofcom / Media are in this up to their mucky little neck(s).

Like you, I'm baffled why this hasn't hit the tabloids (see post above yours, then refer to 'b' above!!).

Looks like a snoopers charter.

We're all FUCKED!

Chris it need verifying OC, but dont forget florences latest email with permission from Simon Watkin HO 15-04-2008.

http://www.cableforum.co.uk/board/12/33628733-virgin-media-phorm-webwise-adverts-updated-page-228.html#post34529144

ill leave it to florence to post her views on this matter, as im sure she will be reading this latest news revelation.....as theres a link posted as always to your indepth coverage..

shame the other news outlets dont get their purpose is to inform and investigate, not re-post pre-made PR stories to get the front page counts up....

it seems though, Simon Watkin is on our side, and has been taken out of context by the ISP's, Kurt and the many Phorm/webwise PR teams to make their pimping users copyrighted datastreams for profit projects as profitable as possible.

shame their piracy of user datastreaming piramid scam is falling through the floor looking at the latest market share prices ;)

to reiterate, Simon Watkin makes it cristal clear:

"Simon Watkin HO:it wasn't, and didn't purport to be, based upon a detailed

technical examination of any particular technology. "

"Simon Watkin HO:As much as we were saying was, that in relation to RIPA, we considered it

**may** be possible for such services to be offered lawfully - but it all

depends on how they are offered and how they work."

"Simon Watkin HO:It's not a ruling. It's not advice. It's not a legal opinion. It's a view

and - repeating myself - all it says is it **may** be possible for such

services to be offered lawfully."

This government knows nothing about data protection or protecting privacy. I'm one of 25 million people who had their personal details lost by the government, and have had one letter to say it happened (like we didn't know this already!). No apology, no compensation. And let's not forget about the other recent losses - all taken place without any basic security being applied to the data.

Of course, I may be being totally cynical, but I'm sure ex-ministers sitting on BT's board won't have ANY bearing on the government's (in)decision to act...

Its good to see that the register is still on the case and its good to see lib-dem MP Don Foster is staying closely in touch with all that is going on. This ridiculous (deliberately obstructive?) game of pass the parcel between the ICO, Home Office, Police etc needs to stop. Potentially thousands of criminal offences have been committed in the secret trials of 2006 and 2007 and its time the Home Office did its job and moved to uphold the laws of the land.

If they wont do so then maybe they can be so bold as to point us to a single parliamentary act that they passed giving either BT or Phorm immunity from prosecution? If they cant then they should damn well do what they are paid to do and instruct the police to launch a criminal investigation.

In the mean time here is a link to a new term I have added to urban dictionary "terra-phorming":

http://www.urbandictionary.com/defin...terra-phorming

Targetted advertising - Sounds great. whats the big deal?? So they monitor your inernet use etc, only people with sometihng to hide would mind as far as I am concerned.....

Yes. I am serious. Unlike our elected representatives.

"Tough on crime, tough on the causes of crime".

Oh yes. We thought he was serious too. Now we know better.

that a government that views tracking and spying on the people it is *supposed* to be serving as its most important function supports Phorm.

The conspiracy theorist in me wonders if HM Gov views Phorm as a nice, convenient, way of spying on us that they don't have to pay (much) for.

I also wonder if Phorm has been 'in talks' with HM Gov in just this regard.

It would go a *long* way to explain the lack of concern about this from the Home Office and ICO and why BT and Virgin are pushing ahead with this despite the public's outrage.

Seriously? Where do we pay up?

It would appear that, if BT, or anyone else passed your information to another company without your knowledge or agreement, then your argument is with BT for breach of contract.

So, why anyone with a choice in the matter still signs up for a BT service totally beats me. At the end of the day, you get what you deserve for not being more discerning in the first place.

And if Virgin tries this caper, as was proposed, then my internet connection will be terminated, and it's back to POTS for this end user and my business, until legislation is evident that will protect my business from industrial espionage.

Which is how I consider this little invasion of privacy by Phorm and BT.

You know it, you are either trust worthy or you bloody well ain't.

Alf

So why post as AC? What have *you* got to hide?

Write to your MPs again but this time put in that there is a local election coming up and if you don't do something about it instead of spouting the same crap as everyone else you won't get my vote.

This is typically Britsh. You moan and moan about the council, hte government the opposition your MP and then you vote them in again!

Break the cycle! Vote against the status quo.

This means NOT voting Labour or Tory and except in exceptional cases the dear old lib dems (they wont mind thye never expected annyone to vote for them anyway.

My vote goes to the Monster Raving Loony candidate as being most representitive of my contempt for the current pretend democracy.

I am not suggesting mob policing - just gently silent protests.

For those who object to having their browsing intercepted - change ISP.

BT's broadband pages are full of how they protect customers from AdWare - not true. Is this enough to invalidate their contract with you. I would argue the case if I were with BT.

For webmasters - big warning messages for all BT IP addresses + any other addresses that are tied into profilers from anywhere in the world. I don't earn any income from USA visitors anyway so warn them all.

The Sun will never do anything - look who pays for its advertising space.

Not too sure who owns the local press - the reporters can't all be such fools (Weston-super-Mare excluded from this rant). Maybe they charge BT et al enough for advertising space to cover all the costs of weekly printing so dare not say anything that could risk that income.

Next week I will see what I can get into the school's weekly rag. Even a circulation of 500 is better than none.

The internet is more powerful than this - use it. Because some of us care and have not been blinded nor made dumb.

Mine is the power jacket: power to the people.

Quite right, the police investigate breaches of criminal law.

So, you phoned up the police and they said "Nah, can't be arsed.."?

That suprises you? Never spoken to them before then?

For more detail see this site:

http://www.hmcourts-service.gov.uk/cms/1220.htm

Judicial review is the procedure by which you can seek to challenge the decision, action or failure to act of a public body such as a government department or a local authority or other body exercising a public law function. If you are challenging the decision of a court, the jurisdiction of judicial review extends only to decisions of inferior courts. It does not extend to decisions of the High Court or Court of Appeal. Judicial review must be used where you are seeking:

* a mandatory order (i.e. an order requiring the public body to do something and formerly known as an order of mandamus);

* a prohibiting order (i.e. an order preventing the public body from doing something and formerly known as an order of prohibition); or

* a quashing order (i.e. an order quashing the public body's decision and formerly known as an order of certiorari)

* a declaration

* HRA Damages

Claims will generally be heard by a single Judge sitting in open Court at the Royal Courts of Justice in London. They may be heard by a Divisional Court (a court of two judges) where the Court so directs.

A fee of £50.00 is payable when you lodge your application for permission to apply for Judicial Review. A further £180.00 is payable if you wish to pursue the claim after permission is granted (Civil Proceedings Fees Order 2004).

NB - If you are in receipt of certain types of benefits you may be entitled to exemption/remission of any fee due.

Yeah, because protest marches worked for the anti-Iraq demonstrations and the anti-hunt-ban demonstrations, which I believe were the largest demonstrations in British history. Demonstrations do not work as an expression of opinion, only as a threat of violence, and British people, unlike, say, the French, aren't currently capable of the latter. This is because the government doesn't give two s---s about what you think, only about its survival.

The good news is that BT and Phorm are private companies (in the narrow sense, not the share ownership sense), so unlike Iraq, we do at least have something of a say in the matter. Change your ISP, and if you don't want your website's traffic intercepted, block access from ISPs that use them.

I'm about to email Viviane Reding, who is the European Commissioner for Information, informing her that the British Government are refusing to act in blatant cases of illegal interception.

http://ec.europa.eu/commission_barroso/reding/index_en.htm

My link to the urban dictionary entry was borked. Doh. Heres a working one:

http://www.urbandictionary.com/define.php?term=terra-phorming

I just hope if it does hit the tabloids it isnt represented in an untruthful manner, more lies about it will not help.

To those of you that say its about whether you have something to hide, its not! If you believe everyone should be open about everything tear down your curtains and give all your neighbours binoculars to watch your every move.

So the government asks ISP's to help police the net, in exchange for ignoring them breaking the law with this new advertising scam, they all get rich and less P2P traffic on their networks cause they busy grassing us all up for crimes that have no pysical bearing on our society, Does Gorden Brown/labour ever think of anything else but the economy?

Paris has more common sense then our MP's

http://www.theregister.co.uk/2008/04/03/bt_phorm_interview/ - Stratis Scleparis left his position as Chief Technology Officer at BT to join Phorm after the 2007 trial. Public defence of BT's position is then undertaken by Emma Sanderson of BT Retail.

Subsequently Ben Verwaayen (apparently much respected by BT insiders) resigns as chief executive. The BT board shoo-in Ian Livingston, formerly Finance Director - and old head of BT Retail.

It has since been alleged that the trials of 2007, which were kept secret from both BT customers and BT support staff, were performed without a contract having been entered into between BT and Phorm; that at the time Phorm was still 121Media; that the results of the trial were used to populate Phorm's database.

The allegations, if true, suggest at that persons at BT failed in due diligence over the 2007 trial, which may have been run without the knowledge of the BT board, and specifically the then chief executive. That data which is the property of BT may have been illicitly transferred to Phorm. That persons at BT may have conspired to act illicitly. That they may have been corruptly induced to do so.

Will the competent authorities investigate these matters?

Why has this not been done already? £100 is hardly breaking the bank.

Hell, i'd pay for it myself if I knew what it was and how to do it properly!

I know your post is flame bait, but once Phorm has invaded everything you surf, try explaining to your kids why they get adverts for viagra and hot milf hardcore gangbang on gamesmate because Phorm has skimmed these key words from your spam infested yahoo / hotmail account which you access once a week to clear down.

Not being spied on is a basic human right, there's a European Court of Human Rights. If the British government refuses to uphold the law, that's the next step.

It’s a variation of an old joke: Tap the Internet connection of one person and you’re a nosey relative; tap the Internet connection of ten people and you’re an illegal private investigator; tap the Internet connection of 38,000 people and you’re big business.

The government needs to get its act together, and fast. This harms customer confidence, which harms the economy. This harms the confidence of those outside the country looking to do business with us. If there is no way to bring BT to account, then every company across the country can, from today, start intercepting voice and data communications at will.

What a surptise, this has been a whitewashing of concerns by every interested party. BT and phorm tell us this thing won't invade privacy, but give us conflicting reasons as to why not, at the FAQ session Simon Davies acknowledges that the big issue is legality, but then asks everyone not to talk about it, and now HMG (Who I've suspected always wanted this kind of access) won't take action on it.

It's the ISP's responsibility to make sure they don't break RIPA? That may be, but it's sure as hell this governments responsibility to intervene when they do! This is farcical, if it had been a teenager downloading a few songs that the BPI had asked them to investigate then you can guarantee they would've been knocking down his bedroom door before you could say "hasty search warrant", but because it's the citizens (who MP's are supposed to represent) complaining against big business, nothing gets done! I guess we know who makes the bigger campaign contributions!

PS, why no coverage of the phorm Q&A session?

Helicopter because, well, look around.

Phorm's share price has plunged to 1275p.

Exactly so.....

Cant be bothered with big business

Cant be bothered with crime in the streets

Cant be bothered to secure our personal information

Socialism (you know, the sort of stuff the Labour Party used to believe in) used to run on the basis of 'Do what we tell you and we'll see you're looked after'. Like that or not, it was consistent.

New Labour's version? 'Do what we tell you and we'll crap all over you anyway' .....

But of course, resources of law enforcement agencies cannot possibly be diverted from essential tasks like shooting random Brazilians and safeguarding us from the worldwide Islamist terrorist movement, can they?

The only people doing the hiding is Phorm. They omit when ever they can to mention they wrote spyware and rootkits (under 121 Media).

Since they have wrote rootkits and all sort of PC nasties, don't want these sort of people having access to all my online data. They made their money effectively from spyware.

Phorm - just say NO!

The only way to beat Phorm is with *organised* protests and legal action. All of the current 'pressure groups' are no more than rant shops.

What is needed is someone with PR skill and/or legal training to head up a *real* anti-Phorm organisation that we can support with real money. I would gladly stump up, say, £100 a month to fight this obscenity, and I'm sure many others would, too.

Once you have an organisation with real power (i.e. money) then you can really lay into Phorm. Legal action, full page newspaper ads, mailshots to Phormed ISP customers, intense lobbying of MPs.

Unfortunately I have no PR experience, little legal experience and absolutely no idea how to go about setting up such an organisation (would it be a charity?) Anyone care to step forward???

See

http://www.hmcourts-service.gov.uk/cms/1220.htm

" Peaceful protest my left ass cheek; Through the doors and into the PM's private chambers, so he knows just HOW pissed off the informed public are."

If you dont want to be nailed to the tower, you could always vent on an invovled companies property.. be that in there car park or on the side of a van...

(Tin foil hat on and special flamebait shirt done up!)

Most people use those bloody insidious supermarket loyalty cards, which in my opinion are the biggest excuse for a private company to gather personal information. TESCO, whom I believe have one of the largest customer spending habit databases in the country, but no one minds using the cards and getting their tiny little prize of a fiver off their shopping, at the end of the year do they? Before you start bleating about Phorm/BT, double check your wallet and make sure your shredding your waste paper too!

Until Joe Public actually hears anything about this, this is simply going to be a big shouting match in a quiet little geek corner. Want to make a difference? Simply tell everyone you know who is on the internet in some form or other, that basically their credit info and personal details will sold off to some ad agency in about 6 months time, unless they kick BT/VM/TT up the arse to demand Phorm be removed ASAP. Oh and ask people to stop using those nasty little loyalty cards while you're at it!

"The tribunal has no jurisdiction to investigate complaints about private individuals or companies unless you believe they are acting on behalf of an intelligence agency, law enforcement body or other public authority covered by RIPA."

Do I read that right, Private individuals and companies are exempt from RIPA unless they are acting on behalf of a law enforcement agency?

well, thats all right then, I thought they were breaking the law when all the time it didnt apply to them.

I am moving house soon and going to change to one of the phorm free ISP's, once they go to phorm I'll move again until there are no more Phorm free ISP's.

Make no mistake this is going to go ahead, too much at stake for the businesses involved to let it phail, mores the pity!

So the Royal Mail are allowed to open your post after all, as long as they are doing it to steal money from childrens birthday cards then it is allowed, as long as they are not a law enforcement agency... Who wants my vote? im giving in...

Nothing to stop a man-in-the-middle (MITM) from rehashing the page and replacing the MD5. It'd have to be a cryptographically signed hash, but if you're gonna do that you may as well use HTTPS.

Of course, SSL doesn't prevent you from attacks at the client or the server, so all they'd probably do then is slip adware into their standard software build which intercepted the decrypted SSL data at the client.

Is it possible to launch a private prosecution of BT for breaking RIPA?

Yes.

Me.

Am based in London, and I suggest that some of us meet to discuss tactics and get a proper strategy organised. I am also willing to get the Judicial Review sorted out of my own pocket.

Anybody up for a meeting?

Perhaps you ought to point out to Celia Barlow, that a cookie with an ID number actually is personaly identifiable just like number plates are... they may both be random but they are both unique identifiers.

how many ISP's do you have? are you in a contract to use soley one supermarket? your analogy is flawed. Phorm is worse than loyalty cards.

@ George Johnson

First off, I don't have a loyalty card. I'm well aware of what the likes of Tesco use them for and refuse to have anything to do with them.

But even supermarket loyalty cards aren't as evil as Phorm.

You have to apply for a Tesco card, you are given Ts&Cs to read if you want, so there *is* informed consent. Phorm doesn't give you that.

Tesco pay you to use their card. Sure its peanuts, but that's more than you get for being spied on by Phorm.

Tesco can only track what you *buy* from *Tesco* stores. Phorm can track you everywhere on the WWW and track everything you do short of when you switch to SSL to make the payment. Browse TVs on the Argos site, then go to the Currys site, then, maybe Amazon. Phorm will profile you across *all* of them. Can you imagine the outcry from Morrisons if Tesco found a way to track what customers were looking at on their shelves, yet that is exactly the service that Phorm will provide it its partner sites.

No, Phorm is several orders of magnitude more evil than supermarket loyaty cards.

1. The clubcard scheme is opt in, even if you are opted in you if you don't want to be tracked for a particular purchase (those dodgy Private Eye purchases) you just don't give them the card.

2. They pay you for the privilege.

>ask people to stop using those nasty little loyalty cards

If they want to make a note of everything they purchase and sell it to Tesco or Sainsbury or Debenhams or whoever, that's their business.

The problem with phorm is the opt-in.

I actually suspect that once this is all set up and ticking along nicely, phorm'll start sending out 5 times the data for the non-phorm-id'd adverts thereby making a phorm sign up much quicker online.

I might be missing something here, maybe it is so obvious that it has been overlooked or it is so unworkable that it has been discarded.

If Phorm doesnt profile HTTPS connections is there a secure proxy and would this then provide a clear gateway to the internet since you would use the secure proxy as your initial point of call and then all other traffic comes back to you via the proxy.

Workable? possible? Stupid?

hi lets start the protest now

go to

http://www.number10.gov.uk/output/Page15259.asp

and ask the question to our lazy home secatetary. FORCE her to answer by flooding the system with questions

and then intercept people's web traffic and the government/authorities will not do a thing? Sweet!

But hang on, wasn't there a bit of a fight to hear what MP's are claiming on expenses and yet my spending habits can be up for grabs without my consent?

Funny how it seems to be okay for one and not another

IHTFP

This is a bit long winded, but I Think it's rather salient.

Or go to http://security.homeoffice.gov.uk/ripa and follow the links on the left hand table.

"Interception

Use of interception

Interception is strictly regulated to ensure that its use is proportionate to the activity it is deployed against and in circumstances when required information can’t reasonably be obtained by other means.

Who can use interception?

Intelligence services, the police and other law enforcement agencies such as HM Revenue & Customs can use interception if they have a warrant signed by the Secretary of State."

"Communications data

Obtaining and disclosing data

A strict necessity test must be passed before any communications data can be obtained.

Who can obtain communications data?

A range of public authorities can lawfully obtain communications data, including:

law enforcement agencies - such as the police, the Serious Organised Crime Agency and HM Revenue & Customs

emergency services – such as ambulance services, fire authorities and HM Coastguard

other public authorities – such as the Financial Services Authority and the Department for Transport

‘Authorisations’ to obtain communications data are granted by a ‘designated person’ within each of these organisations. Parliament has specified different levels of seniority required to be a ‘designated person’ for different public authorities. For example, the police ranking required is primarily ‘Superintendent’ and for ambulance services it’s ‘Director of Operations’.

All authorities with permission to obtain communications data do so in accordance with a code of practice, and all activity to obtain communications data is independently monitored by the Interception of Communications Commissioner who reports to Parliament annually.

Permission to obtain communications data

A designated person may only grant an authorisation to obtain communications data if they consider it necessary, proportionate and for a reason available to their public authority whether relating to:

the interests of national security

the interests of public safety

protecting economic well-being of the UK

protecting public health

preventing or detecting crime or preventing disorder

preventing or mitigating death or injury or any damage to a person’s physical

or mental health in an emergency

assessing or collecting any tax, duty, levy or other charge payable to a government department

assist investigations into alleged miscarrages of justice

to identify a person who has died or unable to identify themselves because of a condition not attributable to a crime and to obtain details of the next of kin of such a person or to gather information about the causes of their death or condition

Obtaining the data

The designated person may give notice to a communications service provider (CSP) requiring them to disclose specific communications data or grant an authorisation to officials to acquire specific communications data.

Where notice is given, the CSP must comply with the notice within a reasonably practable time and supply data where it is reasonably practable to do so.

If a CSP fails to disclose the required communications data then the Secretary of State may take civil proceedings against them, which may result in the issue of, inter alia, an injunction which would have the effect of compelling the provision of data.

A notice must immediately be cancelled if the reasons for which it was granted are no longer valid."

Don't see ANYTHING about corporations, companies or private individuals being permitted to do ANY of the above.

@ dangermouse et al..

If you want to move the discussions onto a forum, How about www.badphorm.co.uk? its free.

"Liberal Democrat shadow culture, media and sport secretary Don Foster 'blasted' the Home Office's brick wall stance today."

careful Chris. Otherwise you'll be using words like 'actually' and 'basically' in your reports, like ITV.

Will sign up.

BT is crap anyway, you dont have to use them.

if you use BT as your ISP then move elsewhere & state this as the reason for leaving

AC:"The government needs to get its act together, and fast. This harms customer confidence, which harms the economy. This harms the confidence of those outside the country looking to do business with us. If there is no way to bring BT to account, then every company across the country can, from today, start intercepting voice and data communications at will."

lets not forget the http://www.theregister.co.uk/2008/03/12/mobile_phom/

Qualcomm buys into Phorm-alike firm

Data gathering on the hoof

http://www.cableforum.co.uk/board/34530859-post3815.html

"Bonglet

cf.addict

Join Date: May 2007

Posts: 167

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

--------------------------------------------------------------------------------

Jaqui smiths live webchat is now on please go post i already have .

http://www.number10.gov.uk/output/Page15259.asp "

re: Judicial Review? Anyone to step forward?

Recommend you read the (end of the) relevant Phorm thread on the CableForum website: http://www.cableforum.co.uk/board/12/33628733-virgin-media-phorm-webwise-adverts-updated.html

You'll find support, advice and probably others who'll be glad to work with you to launch the legal challenge.

Thanks for taking a lead!

I wonder if they (Phorm) have made any political donations recently......

We don't need a forum, the only people reading it are the people who have been directed there from El Reg. We are already, to quote Andrew Orlowski, an "echo chamber".

We need wider discourse; tell your friends, neighbours, guy down the pub. Most of us here, correct me if I'm wrong, look after the computers of family, friends & neighbours. Tell them! Explain the insidious nature of this poxy Phorm/BT plan to pimp their data. Explain that it really isn't "Enhancing their browsing experience" etc. et bloody c.

Forget The Sun, get the discussion into the pages of the Daily Wail, Torygraph or Grauniad, that might wake up enough harpies, blue rinse brigade and "Disgusted of Tunbridge Wells", to make a real noise :-)

Mine's the one with the "Kick me!" sign on the back :^)

very quiet on the phorm questions so far and Im asking....

http://www.number10.gov.uk/output/Page15259.asp

When your trusted ISP illegally subcontracts out 36,000 user accounts in secret to a known spyware merchant and tries marketing these actions afterwards as an enhanced privacy policy called Webwise then this must be the most bizarre internet event of all time.

Even more bizarre is the government in discussion with these hackers to allow them permanent access to all our private internet transactions thereafter.

Is this really happening here in the UK?

"It is important to remember that private companies such as ISPs are allowed to do certain things under section 3 of [the Regulation of Investigatory Powers Act] that Law Enforcement Agencies cannot do without permission."

So, companies are allowed to do things that the Government can't do when it comes to monitoring network traffic. Hmmm - so, the Government allows BT to monitor customers' traffic without permission from either a judge or the consumer themselves... now, what if BT just so happens to spot someone is looking at anti-democracy websites and they, purely out of civic-mindedness, decide to inform the police?

Voila! The State secretly gets to find out who's reading/saying what on-line without having to conform to annoying 'principles' such as human rights or judicial process.

> "Can't be bothered " [sundry grumbles snipped]

It's not that nu labour can't be bothered - Bliar's ceaseless endeavours for an invasion of Iraq show they can perfectly when they want to - but that, of governing parties, New Labour has never run an empire. Just as the little englanders of recent times have passed into the hyperreal as tory-voting caricatures, so they are replaced by the nu labouring little-englanders in the real. And just as the old ones were genuinely nostalgic for a lost real empire, so the new ones feign nostalgia for an empire in the hyperreal.

We might call them the little Wozards of Is.

So you dont believe in coordination then. perhaps you ought to be commenting into AO's shell like then no-one will hear you either.

Not only could sites be changed for BT, Virgin Media, and Talk Talk, they could also be changed for the entire IP ranges that the civil service, military and government uses. That may very well drive the message home.

And hey why don't we share all their browsing habits amongst ourselves, whilst we are at, could build quite an interesting profile.

I have quite a few domains I am willing to do this with, they have a fair amount of traffic, if people are interested I will post a guide on how to do it with apache.

On Saturday the ISP Pettition will be the 5th most signed current petiton on the downing street Petitions website and somehow Jaqui managed to selectivly avoid answering even one of many questions about phorm, I guess that is called moderation.

FOI request anyone?... a quick bit of research should reveal whether the questions answered reflected the questions asked.. or if moderation was used!

Ignored the phorm stuff, my, what a surprise.

This is why no-one votes anymore.

"Your stuff's in safe hands

Protect your PC from internet nasties with our free PCguard internet security - a must-have for keeping all your private details safe. If you haven't downloaded it yet, get it for free right now! "

How ironic!

John

Trying to equate supermarket loyalty cards with the sinister, covert profiling operation envisioned by Phorm and its partners simply won't stand up.

Tesco, for example, have an unequivocal opt-in policy: don't accept the card and your shopping habits won't be profiled. Those who choose to opt-in enter into an agreement with the store whereby they receive financial benefits in return for allowing their purchasing habits to be analysed. I don't have a loyalty card through choice, but none the less it seems like a fair and equitable arrangement for those who do sign up.

Contrast this with the activities of BT which has carried out a massive, and probably illegal, covert surveillance operation on its own customers. BT loyalty card, anyone?

However, let's give credit where it is due. Stand up Tony Bliar and Gordon Brown, the architects of unregulated businesses and financial institutions. (Or as the spin meisters call it 'light-touch regulation'.) Well, that fucking works, doesn't it, guys. Credit squeeze, housing market in freefall, collapse of major bank, political intervention to stop an investigation into BAE corruption and now a blank cheque for all their corporate partners to spy on UK citizens.

Enough with the snake-oil salesmen. Vote for any party other than NuLabour or the Tories.

I've been emailing them to try and find out who to make my complaint to... And since (from their own analysis of the RIPA, my willingness to share the e-mail with the world is enough to make it legal) I include it here (any typos are theirs, this is a direct c&p):

Thankyou for you email related to Targeted Online Adverts. As you point out the issue is split between data protection, which is the responsibility of the Information Commissioner's Office and interception as defined by the Regulation of Investigatory Powers Act 2000 (RIPA), which is the responsibility of the Home Office. You are therefore correct to say that the Home Office is responsible for RIPA legislation. RIPA is primarily about how state bodies; such as the police, local councils the security and intelligence agencies, conduct some of their investigatory functions. RIPA exists to provide a statutory basis and operating framework for the Police and other law enforcement bodies to interfere with an individual's right to privacy for instance during the course of an investigation. An independent body exists to deal with complaints about breaches of RIPA in relation to the police or other State investigatory bodies.

The Home Office published a view http://cryptome.org/ho-phorm.htm based upon its understanding of targeted online advertising, specifically related to Phorm. It is important to add this is not a legal opinion, which only a court can give. This is the written response that has been supplied to Phorm and that which is mentioned in the Information Commissioner's statement. As mentioned in the view, there is the

possibility that a communications company can lawfully intercept communications. That is not to say whether or not that has happened in this case, it is for the communications company to ensure that they are compliant with the law.

----

My reply included stating that from their own analysis (that they refered me to in the second paragraph) the trials in 2006/2007 were illegal - and again repeating the question of who I can make a complaint to to get it investigated... Will update if/when I get a reply

Ummm, what do you think I was trying to advocate then?

It's pretty pointless the same 47½ people just shouting louder & louder _at each other_

"Kick me" has been replaced by a target, cunningly entitled "Aim here, but only fire if you stopped reading before the end of the first sentence"

"

"It is important to remember that private companies such as ISPs are allowed to do certain things under section 3 of [the Regulation of Investigatory Powers Act] that Law Enforcement Agencies cannot do without permission."

So, companies are allowed to do things that the Government can't do when it comes to monitoring network traffic. Hmmm

"

were are you getting your first quote from shabble, yours is the only reference on the page.....

if your trying to say thats your Opinion, then your wrong, NO companys are allowed to break the law, if its in RIPA or any other legislation and its not on the exclusion list that they cant do it , end of story......

the fact they have.., and jacui has done jack about it tells you lots... not least id it were anyone other than BT that wouldnt have been left so long unresolved.....

I have just joined www.cableforum.co.uk under Dangermouse so if anyone is interested in my previous offer and meeting up in London, then email me through that site and we can get something arranged.

Godspeed.

<..>The Home Office refused to say where people can go to report that they believe they have been illegally eavesdropped upon by a company.<..>

I suppose it all depends on who's traffic you intercept ...

http://www.theregister.co.uk/2006/08/10/royal_phone_tap_charges/

I remember being rather happy that day in '97. If only I'd known then what I know now. Taxed to hell; economy heading down the toilet; massive national debt; privacy a thing of the past; freedom rapidly being eaten away; health service up the creek; illegal wars; students screwed by massive debts; total incompetence about anything IT; the list goes on. Add to this, the turning a blind eye to corporate law breaking such the Middle East arms bribery scandal and now rampant privacy invasions by BT and proposed privacy invasions by all and sundry.

I thought that horrible old witch and her cronies were bad back in the 80's but they were nothing compared to this lot. What's worrying is that I can't make up my mind whether they are just incompetent or servants of evil whose purpose is to screw up society so much that it will be easier for Satan to harbour in the apocalypse.

Flames ? Because we're all doomed to die in Hell's before long.

MOD is quite easy they are 25/8

The others are harder to get and look like there are huge blocks assigned to them, but they are gapped.

Another approach would be to allow the search engine bots the normal entry, and just deliver a Phorm awareness page to everyone else.

That way Phorm and the companies involved would not profit from the high search engine exposure. Whilst a more detailed IP mapping list was compiled. There are quite a few databases out there, and some coordinated whois on traffic would reveal the blocks over a short time if people pooled the results.

Getting the list of IP numbers allocated to the UK should not be too hard.

Someone may already have done a lot of the leg work and be willing to share.

The search for these numbers and ranges begins at http://www.iana.org

There is also GEOIP that could help in targeting the main datacenters that the three ISPs use.

http://www.irnis.net/soft/xipl/ is a windows tool that also helps with geographical location.

I'm a Virgin Media cable customer, and I only have a cable connection into my house. If VM go with Phorm I would have to sign with BT as my ISP for 12 months just to get an ADSL connection, before I could finally switch to a non-scumbag ISP.

I appear to be royally screwed - the only way I will be able to escape Phorm will be to use mobile internet. I feel very let down by the government - their position is so bizarre I can only assume there is something underhand or corrupt going on. Ms Gisela Stuart (my MP) won't be getting my vote next time.

I presume that the goverment are deliberately stalling to allow all the no morals fat cats to get their money back before the axe drops.

These fatcats invested in a dodgy company and should have to take the loss, however the system in this country always uses taxpayers money to save the scum, see LLoyds names, northenrock etc

I think that the gov will get it stuff together eventually once all its mates are out and clear. I wonder if the Pat Hewitt/BT deal had anything to do with the gov's unwillingness to deal with this crime in a timely fashion see http://www.theregister.co.uk/2008/03/13/hewitt_joins_bt/

Godd investment their BT buy yourself a politition avoid prosecution, more and more like the US everyday

I told y'all before

Government want to profile everyone so they'll ignore it

Law enforcment want to profile everyone so they'll ignore it

ISP's and Telecos want money back so they'll install it

Advertisers want better guarantees on their ads so they want it

Corporates want to sell stuff so they want it.

The sheeple are all to thick to understand what precedent even means let alone spot them.

The last remaining few of us who have brains and sense don't count. So we should just give up and accept getting spied on until we can escape this dump and go somewhere that's at least obviously a totalitarian hell hole, how does Zimbabwe or China sound?

There is no need to go with BT as an ISP first - they will give you the line without needing you to take broadband with them.

If you don't want to deal with them at all, then there are companies like AAISP that will provide you with a phoneline through BT without you needing to actually deal with BT ever.

Not as good as not using them at all (since they still get your custom, albeit indirectly), but possibly better than actually dealing with them directly.

Just wish BE would do that. ;)

Have any of the other isp's signed up with phorm other than bt came out and said they have never undertaken any secret trails?

i had really weird goings on with my machine on virgin media in may of 2007 same rough date as the bt trails were admitted too, and going off what dr clayton said at the meeting in london earlier in the week - a penny sort of dropped that issues he was describing could happen with the system were the sort of issues that were happening to me at the same time.

I of course post this with my tin hat on for flak obviously but i cant seem to find any statments from talk talk or virgin media denying that they undertook in any sort of trials that bt did.

Any links to comments made about this issue from the relevant isp's to set me straight on this matter would be most welcome.

Phorm get paid due to click throughs, advertisers pay this because they perceive it means traffic is coming to their site.

So what if they had to contend with millions of click throughs?

What's required is a set of scripts doing a "click-through" on phorm delivered ads, thus devaluing the advert because the massive "traffic" is no longer people...

You're safe - I had just cable at my abode and told them to phuck off sometime ago, called up BT, got them to put in a phone line.. once it was in I went to o2 for my broadband after first getting an assurance that they aren't going down the same road. (I'd advise it's important for everyone to ask this to make sure they know how many people feel strongly enough to leave if the shiny penny is too tempting).

Granted I have a 12 month tie in with BT for the phone, but paying by DD and managing bills online keeps this to a minimum. The phone's not being used until such time as I can move the calls to someone less nefarious.

"Government want to profile everyone so they'll ignore it

Law enforcment want to profile everyone so they'll ignore it"

Those two (at least) are specious. Neither the security or law enforcement services have any need for Phorm to help them with any kind of data surveillance.

I don't for one moment imagine that "the government" are in league with Phorm, it's just that they are a)busy, b)incompetent and c)pitching a huff because we're taking them to task over something that they don't understand. Oh, and they don't like us very much because of a widespread arrogance that delivers statements like :

"The sheeple are all to thick to understand what precedent even means let alone spot them."

I'm sick of hearing all this "If politicians were competent.... blah blah".

They ARE competent! Look at how quickly and efficiently the United Kingdom's infrastructure, economy, land, education, media, etc have been opened up to a massive corporate feeding frenzy. Incompetence just happens to be a very very good excuse. They have no reason to care about "us". It's not like we can choose how they spend our taxes.

OK back to corporations*, and specifically BT. If you don't like their product, go elsewhere. If you dislike America, don't buy their wine/cola/cars/films/news/etc. I don't. That's that sorted, right? Right. Buy ethical/sustainable products at twice the price, economically self-punish yourself, and more profit margin for the retailers!

And as for the Phorm guff, it's a private network, what right do people have to privacy of communication across it? Use encryption or put up and shut up. Seriously, if you don't like BT (and believe me I don't after just recieving a demand for about 80 quid for a line and number I cancelled in September!) move to a telephony provider that doesn't use LLU or resell BT ADSL, and therefore BT will not profit. Such as Virgin or.... errrr.... Virgin. If you're lukcy, and if they're any good for you. Maybe.

OK those that can't/won't move to Virgin set up a No. 10 petition, cos that's the way to make things happen: ASK for it! Because the ability to ask for something makes a democracy. Just like the orphanage that Oliver Twist was priveliged enough to attend.

Hmmmm... Maybe we are all rogered after all! Lucky I saw all this coming years ago and made plans, so I'm sorted no matter how bad things get! Now I've been a smug little shite and also suggested a way out of this quagmire for those caught up in it. Mission accomplished! Heh.

- S~I

* An extract from the film "The Corporation". Marc Barry, Author, Spooked: Espionage in Corporate America:

"In 1998 I was invited to Washington DC to attend this meeting that was being put together by the national security agency called the Critical Thinking Consortium. I remember standing there in this room and looking over on one side of the room and we had CIA, NSA, DIA, FBI, Customs, Secret Service, and on the other side of the room we had Coca Cola, Mobile Oil, GTE and Kodak. And I remember thinking, I am in the epicenter of the intelligence industry right now. I mean, the line is not just blurring, it’s just not there anymore. And to me it spoke volumes as to how industry and government were consulting with each other and working with each other."

This situation is precisely why we in the US love the trial lawyers we hate. The downside is numerous silly and annoying lawsuits that defy common sense. However, the upside is that if the government decides not to do something, the civil law can be employed. While we aren't able to put the SOBs in jail, we can nick them for multi-millions which hurts them almost as much -- especially if it causes usually sleepy corporate boards to chuck the CEO out and cut off his country club membership. Except of course when the government decides to actively shield their buddies, as with the telco wiretapping lawsuits in progress -- but they haven't won that one yet. It is fortunately harder for government to do something (immunize their buddies) than do nothing (refuse to investigate).

Wiretapping is wiretapping no matter what the purpose. It is the same as opening up the mail to see what you get/send. So:

PHORM is WIRETAPPING!

and by inference:

BT is WIRETAPPING!

Carry on!

Thankfully here in the USA they haven't tries this junk yet. If they do, I'm going to be the first to call up the media. There are several radio people who have "consumer" talk shows who will be interested!

Its ridiculous the police are refusing to investigate this they must have conducted investiagations based on RIPA in the past. I seem to remember a case of some waste company that was illegally wire tapping the phones in a village near them to scupper some campaign against the company organised by the locals.

http://news.bbc.co.uk/1/hi/uk/6767019.stm

RIPA is very short and sweet on nterception without a warrant...very short indeed.

It is also very short and concise on who can bring a prosecution under RIPA.... very concise indeed

Anyone CAN bring a case under RIPA but under Section 1 subsection 8..

No proceedings for any offence which is an offence by virtue of this section shall be instituted—

(a) in England and Wales, except by or with the consent of the Director of Public Prosecutions;

(b) in Northern Ireland, except by or with the consent of the Director of Public Prosecutions for Northern Ireland.

Pretty open and shut there then....if the DPP consents to proceedings they can happen.

Basically RIPA was worded to make sure Joe Bloggs couldn't take HM Government to court for breaking it.....but it also means that HM Gov can protect plc's.... now why would they do that????

Methinks the technology BT tested may do more than just serve ads

Well Jaqui Smith is the Home Office! The same Jaqui Smith who proposed stopping paedos using Bebo by registering their email address with the police. Obviously that would not work, but think what Phorm could do for that idea.

Do you think that Phorm could actually stop someone visiting a particular website using their BT ISP connection?

It looks to me as if Jaqui was counting on Phorm to make her paedo blocking ting work. Obviosuly switching ISP's would carry a 5 year prison term. Also long term Phorm would become law. Like having a government official sitting at the back of the school classroom or a government official on the staff of every news paper and radio station.

Phorm's share price is a delight to behold. Whilst the FTSE 100 has pretty much moved sideways in the last few months, Phorm is now trading at about 1/3 of where it was in early March. Clearly investors don't have much faith in the brave new world of Webwise.

Long URL approaching:

http://www.iii.co.uk/investment/detail?type=&display=chart&code=cotn%3APHRM.L&it=le&timeframe=6m&index=li%3Acotn%3AUKX.L&versus=&linetype=line&Go=Plot+&overlay=&overlay2=&overlay3=&overlay4=&indicator=&indicator2=&indicator3=&indicator4=&chartwidth=500

What's the score if you have a typical family setup, where parents and children share a computer. Maybe Ma and Pa like to look at adult oriented web sites after the ankle biters are in bed. Are the little darlings going to be bombarded with adult oriented advertising the next time they login to their favourite ad-sponsored kiddie websites?

I hope not.

Most of the 'family PCs' I see have a single login, because the grown-ups can't be bothered (or don't know how) to configure separate accounts for everyone in the family. OK, so they *should* keep things separate, but it doesn't happen. Phorm ain't gonna know who it's serving up 'targetted' ads to, even if it can identify the computer by cookie, ip, whatever.

Not for me thanks.

In the good old days there was the British Post Office running the phones. Every month, a certain number of randomly selected phone lines were monitored for quality and engineering research purposes by GCHQ. The random selection could, of course, be slightly less than random if there was a good reason.

All this was nice and cozey with the government owning the BPO and BPO employees signing the official secrets act.

Let us suppose that this still goes on today even though BT is not government owned. This would mean that the government and BT are breaching RIPA every day. Would it be sensible for the government to start investigating BT for breaching RIPA? I think not.

The government will not act against BT or PHORM. The only hope is for users to implement countermeasures when the system comes into use. The main aim of the countermeasures would be to bring the validity of the collected data into doubt so that nobody would want to buy it or act upon it.

If PHORM uses cookies, then write scripts to modify the cookies every hour or so. Offer the scripts free of charge to anyone who wants to protect themselves.

During a period of unemployment in 2006 I remember trying out ethereal for the first time on one of my PC's. I noticed some strange IP addresses in the log and I thought I had a Trojan. After many, many checks and please bear in mind I am ultra cautious regarding spy-ware and I lock my PC down pretty well, I found nothing untoward after countless hours of checks to my PC. I didn't understand it and I shut down the PC until the next day so as to 'sleep' on it as it was very worrying. Something was happening that was very strange.

When I tried ethereal over the next few days the strange IP addresses seem to have gone and subsequent checks showed nothing.

When I saw the news reports about BT tests on the TV (two weeks ago?) staring Stephen Mainwaring, one of the IP address names in the report seemed somewhat familiar to the one I remember seeing.

I can't be absolutely certain as I no longer have the saved dump and I am acting on memory, but maybe Virgin Media are keeping one of the nets best kept secrets and is allowing BT to take all the flack.

Either that, or I did have a root-kit or I just couldn't find a Trojan and it decided to disappear of its own accord?. Incidentally, I have removed the like off countless PC's of others who have sought my help and I have never reached a dead end of that sort before. I wish it had turned up again the next day so that I could have tried a few more things.

One thing for certain. The phorm dns name on the TV did look very familiar in my mind and I never ever had any problems on my PC afterwards despite regular countless checks, due to my paranoia, using every reputable spy-ware package under the sun and of course ethereal.

Have Virgin Media ever offered a statement that denies that they have ever had similar tests performed to that of BT.

that it is all one big illusion and the poor old man on the street does NOT have any rights whatsoever. I have been thru the wringer myself already and can tell you from that experience that there is an unseen code of conduct between the Courts, the Authorities such as Police and a few others and if they want to stop something in its tracks then they can easily telephone their friends and do whatever they like !!. You see what they rely on is the old "it cannot be true" and as 99% of people never need to use the "system" to obtain Justice they never come to know how corrupt it actually is. I could give many examples but I wont bore you with it, save to say that not long ago Met Police were meeting secretly with Judges to discuss various cases. THAT is a known fact, known to some lawyers.

In the Data Protection Act, personal data is defined as meaning "data which relate to a living individual who can be identified(a) from those data, or (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller.

They key point to note is (b). If there is a means by which supposedly anonymised data can, with other data likely to come into the possession of the data controller, be traced back to an individual, then that supposedly anonymised data is personal data and therefore subject to the provisions of the DPA, which requires the consent of the individuals to whom the personal data relates.

Since IP addresses and user account details are certain to be "in the possession of" BT, they can hardly claim that their actions do not contravene the DPA.

I have similar reservations of the poster above about virgin media running secret trials and not issuing any statment that it has not done similar trials.

but my period of discomfort would be from roughly may 2007 i could dig up my call records to virgin media at this time (they would also have the logs of my time on to technical support) and posts i made about issues are documented about the problems i was having on forums which have a timestamp and date to further back me up.

Would love to hear from anyone confirming if vm have said they have not conducted in any way any sort of secret trial.

I'll try to put this politely (again) because apparently it's not yet universally understood: the cookies are irrelevant, the monitoring and analysis goes on regardless of the cookies, all the cookies do is turn on/off the delivery of extra-customised ads.

Imagine a Royal Mail subcontractor opening and reading all your non-encrypted post, and storing details of the "anonymous" information they are reading. They use this "non personal information" (!) to deliver "better targeted" direct mail adverts (for which service they are taking money from the advertisers), while at the same time they are time telling you, the Royal Mail user and customer, that the mail-opening "service" improves your privacy.

Oh, and the Royal Mail trialled the service without telling you, and mail interception was illegal then and now, but they've done nothing illegal.

And Royal Mail's CTO left to work as CTO at LetterOpeners'R'Us.

But if you want to "opt out", a Post-it(tm) on your letterbox (a cookie in your web browser) tells them not to deliver the custom ads, just the routine ones. Till it gets removed.

That's the way Phorm works, except it's BT not the Royal Mail, and it's web traffic not hardcopy mail.

Comfortable with that?

How many top Labour politicians are going to receive cozy directorships when they loose the next general election?

How many spineless backbenchers are going to regret they didn't speak out more in the defense of the rights of the electorate?

So,we are right back where we were in the 70s,80s and early 90s. Plod subcontracts to a private company and no one gives a shit! Same as how they would subcontract tracing agents to find people who they REALLY wanted to "speak to" and "private investigators" to install monitoring devices (Oh all right then, bugs!) in target adresses. Now where did I leave all those cryptographic articles ansd user manuals------

Gary

First of all, remember the adage "never attribute to malice that which can be explained by incompetence."

Second, consider one of the great management vices of the late 20th century, continuing into the third millenium: a profound distaste for ever being seen to have made a mistake, large or small. Institutional paralysis results, as the only criticism that can then result is that of indecisiveness -- but never the feared "made a mistake."

This is a form of incompetence, as any intelligent person knows that anyone or any organization that actually does anything, that actually makes decisions, is going to make mistakes reasonably often.

I offer this up as an explanation (in part or in whole, I dunno!) of the incredible misbehavior of that cow of a home secretary and her boss the blithering idiot.

Gee, I'm glad I don't live in Britain!

An alien couldn't think this up even if he was stoned on skunk.

Just move ISP! Don't moan about it, demand your MAC code. I won't matter if you have signed up for a minimum term contract. Point out to BT that they [BT] won't say exactly WHO was part of the 2007 test, so it COULD be "me". Therefore BT are in breach of contract for allowing "my" data to be intercepted without "my" permission. BT may respond that "you" where not in the trial, at which point you ask them to prove conclusively that you where NOT part of the trial - for example showing the list of the people who where in trial.

Of course, they won't do this, so they will probably just give you your MAC code.

Then you can head for an ISP like Fast.co.uk (no, I don't work for them, but they are my ISP) who are advertising:

"We can confirm that we are not one of the ISPs who have had any discussion with, or entered into a contract with Phorm, or any similar company, who use browsing history data to provide targeted advertising. We strongly respect the privacy of our customers, and will never share any customer data".

YOU are the customer. Vote with your wallet by heading elsewhere. Hit them where it hurts - in the bank balance.

As for the inept fools attempting to run the country on our behalf (in the words of the late, great Douglas Adams) - "They'll be the first againsted the wall, come the Revolution!"

Paris? She could do a better job than the Labour Government!

Does anyone know if there is an Apache module/add-on I can use to recognise HTTP requests from BT? Because if BT put Phorm on-line in an attempt to make money by using *my* web pages to profile users, I want to be able to send a "BT and Phorm can get lost" page instead of my normal sites.

Nasty, nasty, nasty.

Repeat after me: DO NOT WANT

As the IT Manager for our company and an admin for 22 commercial domains, I have now circulated the following letter to all our clients who are operating eCommerce websites on our system:

-------------------------------------------------------------------------------------------------------

Dear [CLIENT_NAME],

It has recently come to our attention that BT, a major ISP in the United Kingdom, has allegedly been engaging in illegal interception practices possibly for the past few years. These practices involve intercepting traffic between your hosted website and any viewer of that site who is a residential customer of BT, and passing this intercepted information to a company known as Phorm, a known purveyor of spyware and malware. According to some reports, the possibility exists that even SSL encrypted traffic, such as credit card payment pages, may be intercepted due to the way ISP servers operate.

Obviously, this presents a serious fraud risk both for you and your valued customers. Consequently, we have put in place a system to prevent any person using BT as their ISP from accessing your website. Such persons will instead be redirected to a warning page advising them of the fraud risk and suggesting they use a different ISP. We believe that the loss of some visitors to your site is more than offset by the mitigation of the fraud risk presented by this situation.

If you disagree with our action, please advise us as soon as possible, and we will remove the anti-BT blocking at your request. However, should you choose to remove the blocking, you must agree to assume any and all liability for loss and damage as a result of credit card fraud on your website, since we cannot guarantee the security of your data in the face of such interception. In this case we will provide you with an amended Hosting Agreement which you would need to sign and return to us in order for us to continue hosting your website.

If you agree with our action, however, you need do nothing further, and your current Hosting Agreement and all data security guarantees will continue in full force and effect.

Should BT discontinue this practice and provide evidence that they are no longer intercepting their customers' traffic we will of course restore full access to your website for their customers.

Please do not hesitate to contact us if you have any further inquiries concerning this matter.

Regards,

Steve Roper

IT Manager,

[company details redacted]

-------------------------------------------------------------------------------------------------------

That's 22 domains that are now off-limits to BT users. So far, all of our clients who have responded have fully supported our action; the possibility of fraud resulting from this illegal interception is something our clients have taken very seriously. I strongly urge other companies hosting eCommerce websites to carry out a similar action, because the legal quagmire that could result from this is a very serious issue, both for you and for your clients.

Well done.

Now if MORE hosting services follow your lead....

That's a very great and wonderful thing you've done there. That will make the sheeple sit up and take notice at least, bravo!

That's great, it would be good if more hots took the same stance, and it's great that the site owners themselves have (so far) supported you.

The only problem would be if (when?) all 3 of the currently interested providers do implement this system.

Presumably these ecommerces sites you host are geared towards to UK market (just an assumption on my part here)? If so, how many ecommerce site would be happy with their hosts blocking 70% of their potential market?

That's the only fly in the ointment I can see in it for now, but it is stil a strong stance to take. If enough sites took this stance (expecially a couple of big sites such as ebay) then customers would be leaving the said ISPs in their droves, and it would be the best way to hammer home to issue.

Have you contact the BBC, Channel 4, The Guardian and, of course, our own El Reg about them doind a story on this?

For a lot of people, just seeing a news story that parts of the web will be closed to them due to these actions would be enough.

Bravo sir, Bravo! Now if more people take your lead...

Respect +

Good move,

but as Christophano says, the biggest problem will be persuading ecommerce sites that they don't need 70% of the UK market.

How about an https portal for Phormed ISPs that shows an anti-Phorm banner to Phormed users. eCommerce sites could add a Phorm protection surcharge of a few pence to their prices to cover the cost of the SSL certificate.

In other words, alongside the cost of the product, VAT and delivery will be something like "Privacy surcharge 50p".....

Shouldn't put too many people off and might encourage them to go to an ISP that value their customer's privacy more than the chance to make a quick buck with a former spyware pusher.

Has anyone heard of any feedback from big eCommerce sites on Phorm. Unless they are Phorm 'partners' Phorm could badly impact on their business. Amazon? eBay? Play.com, etc???

Or are they *all* signed up to Phorm......

You, sir, have balls of steel. This is how things get done - by people actually doing something and sucking up the possibility that they might personally lose out as a result of their decision, rather than whining that the government should be the one to do something. Congratulations.

http://www.opsi.gov.uk/acts/acts2000/ukpga_20000023_en_2#pt1-ch1-pb1-l1g3

I think they must be talking about this bit:

(3) Conduct consisting in the interception of a communication is authorised by this section if—

(a) it is conduct by or on behalf of a person who provides a postal service or a telecommunications service; and

(b) it takes place for purposes connected with the provision or operation of that service or with the enforcement, in relation to that service, of any enactment relating to the use of postal services or telecommunications services.

Anyway - I'm taking my ball and going to a different ISP. I have some free time tonight.

I am going to register myself as a corporation as they are clearly above the law.

Me, as a person, will cease to exist shortly, you can only now refer to me as "Anonymous Coward PLC" - I will be spying on you all shortly, thank you for your cooperation.

I'm totally against the Phorm interceptions and the privacy issues it raises. I'm also totally astonished at the sheer lack of suitable response from .gov.

Despite all this, I do wonder whether your response is entirely appropriate.

If you see your clients computers being targeted with some vicious attack, okay, take action. But you didn't take action during the previous BT/Phorm trials (why would you didn't know they were going on) and the next trials haven't started. Don't you think you should have contacted the customers BEFORE making the change.

I'm involved with a number of sites that are aimed predominantly at a UK customer base. If I found one your letters in my post, I'd blow a gasket. What you're saying is that customers are on BT broadband can't get to the site. So if it were my site, with most customers arriving via web advertising, then I've just paid for the click that directed them to my site, but then they're being turned away.

So aside from the huge drop traffic (and thus revenue) I'd still be paying for them arriving in the first place.

".. the legal quagmire that could result from this is a very serious issue... "

I'd suggest that effectively switching off a website without prior consent of your customer could also be a bad thing.

Don't misunderstand me, I think it's great that you are keeping an eye on the issues that could effect your clients, but that's a pretty big change to make and it does seem a bit knee jerk.

"I have always up to now supported the Labour party. I now think that the Liberals are a more trusted party since they seem to have the only pro active MP's on this very important matter."

Christ man, it's the fault of people like who having voted Labour in and keeping them there that we're in the mess we're in, and now you want to switch to Liberal? Good lord!

Perhaps cutting off the customers is not the best solution as you may only upset the webhosts I support the insertion of a clickthrough warning, whereby the BT VM CW customer are alerted to the fact that they are being watched, but are then allowed to proceed. this is more likely to alert the customers and help spread the word without denying anything.

Are you able to supplie IP ranges so that we may implement this also without having to trawl nominet/other sorces..

I work for the police force in IT, we use BT broadband (supposedly encrypted and secure) for our remote access home users. They access police criminal records, murder enquiries, paedo data, etc is BT going to be intercepting this as well and p