Feeds

EU mulls intervention over BT's secret Phorm trials

Your views sought

The essential guide to IT transformation

The European Commission is considering intervening over the failure of UK data watchdogs to punish BT for the way it secretly co-opted tens of thousands of customers into trials of Phorm's profiling system to serve them targeted advertising.

At the end of May, the Information Commissioner's Office told Stephen Mainwaring, whose web browsing was tapped and profiled during the 2007 trial, that it would not pursue BT over alleged breaches of the European Privacy and Electronic Communications Regulations (PECR).

The ICO's letter claims that because it would have been hard for BT to explain to customers what it was doing with their broadband connections, regulators should let the secret trials pass. "Taking into account the difficulties involved in providing meaningful and clear information to customers... in this case, this is not an issue we intend to pursue further with BT," the regulator wrote.

Now however, the European Commission is considering calling BT to account in lieu of a domestic response. A European Commission spokeswoman told The Register on Monday: "We are continuing to monitor this closely. If need be we will take action."

People who feel strongly about the trials or believe they were unwittingly profiled in 2006 or 2007 should write to Viviane Reding, the European Commissioner for Information Society and Media, the spokeswoman said. The Downing Street petition calling for government action has now passed the 14,000 signature mark.

Reding's spokesman told The Register: "This is first of all a matter for the UK authorities to deal with, as it is their responsibility to apply EU law in the UK."

"In case of incorrect application of EU data protection law by a national authority, the Commission could start infringement proceedings against the country concerned." He wrote that the European Commission does not currently have "indications that the UK authorities, in assessing the Phorm case, would have acted illegally".

Mainwaring now intends to approach Reding unless he receives a satisfactory response from the ICO to a complaint he has sent to it detailing objections to its response. He has asked regulators to reconsider their view that "there is no evidence that the trials generally involved significant detriment to individuals, or privacy risks to individuals". Mainwaring says he lost countless business hours attempting to identify the cause of unsusal activity on his BT Business broadband line, having been told by BT he most likely had a spyware infection.

He told us: "I believe the ICO is failing in its duty to protect personal information."

In a statement, the European Commission said: "The ePrivacy Directive [PECR] obliges Member States to ensure the confidentiality of communications and related traffic data through national legislation. In particular, they are required to prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than the users without their consent, which must be freely given, specific and informed indication of the user's wishes."

Anti-Phorm campaigners are set to picket BT's Annual General Meeting at the Barbican in London on the morning of 16 July. They will later hand a dossier of evidence to the Metropolitan Police in the hope that a criminal investigation will be launched under the Regulation of Investigatory Powers Act and Computer Misuse Act. Among the documents to be turned over is the internal BT report on the 2006 experiment that we revealed in April.

Conservative peer David Carnegie, the Earl of Northesk, backed the campaigners' bid to have BT fully investigated. "On the face of it the spirit if not the letter of the law has been breached," he said. "Criminally, I hasten to add. What's the point of having laws if they are not going to be enforced?"

He said that although police are under-resourced to deal with breaches of communications and computer laws, the BT trials are too significant an issue to be ignored.

BT maintains its statement that the advice it took ahead of the trials said they would be legal. Despite the ICO's view that it is impossible, BT aims to explain to customers what the Phorm "Webwise" system does when it begins a third trial, this time with permission, at some unspecified date soon. ®

Next gen security for virtualised datacentres

More from The Register

next story
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'
Games disrupted as firm struggles to control network
BT customers face broadband and landline price hikes
Poor punters won't be affected, telecoms giant claims
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
EE: STILL Blighty's best mobe network, says 'Frappucino' Moore
Fresh round of network stats fisticuffs possibly on the cards here
US TV stations bowl sueball directly at FCC's spectrum mega-sale
Broadcasters upset about coverage and cost as they shift up and down the dials
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?