Feeds

Phorm failed to mention 'illegal' trials at Home Office meeting in 2007

Just fancy that!

Eight steps to building an HP BladeSystem

Exclusive The Home Office held a private meeting with Phorm in August last year, but BT's interception and profiling partner did not disclose that it had completed an allegedly illegal trial of its technology on tens of thousands of unwitting broadband subscribers just weeks earlier.

Senior civil servant Andrew Knight revealed the meeting had taken place in a response to a Freedom of Information Act (FOI) request from a member of the public, passed to The Register. Today, the Home Office said it had no knowledge of the secret interceptions until we revealed the 2007 trial on 27 February and the 2006 trial on 1 April this year. BT reps were not present, Knight's note implied.

The Home Office refused to disclose further details of who was present at the August 2007 meeting with Phorm, how it was arranged, or what was discussed, saying that the information remained the subject of an ongoing FOI inquiry.

The trials have been widely branded a criminal interception on a grand scale, under the Regulation of Investigatory Powers Act 2000 (RIPA). Phorm refers all questions on the legality of the action to BT, which in turn refuses to comment beyond stating that it took legal advice.

In response to our questions about its meeting with the Home Office, Phorm said in a written statement: "We have been entirely open on our consultations with stakeholders across the industry and that part of this process included a meeting, at our request, with the Home Office."

A Phorm spokesman said during a phone call that it would not discuss what it had told the Home Office or the reasons for those choices. "We've made our statement and that's all we're going to say," he said.

Nicholas Bohm, an expert on interception law at the Foundation for Information Policy Research, an internet policy think-tank which has called for BT to be prosecuted, said: "It's surprising that Phorm didn't think it was relevant to tell the Home office what they had been up to. You have to wonder whether they were certain about the propriety of what they had done with BT."

Several months after the meeting took place, in January 2008, Phorm and BT requested legal advice from the Home Office. It was written by Knight's colleague Simon Watkin, who came to the published conclusion that the advertising targeting system might be within current law if full consent was obtained from broadband subscribers. No attempt to get customer consent was made by BT during either the 2006 or 2007 trial.

To tell or not to tell

Phorm's failure to disclose the fact it had carried out the interceptions without consent suggests three possible conclusions.

Obviously, it would be understandable for anyone who knew they had broken the law on a grand scale to keep that fact on the down-low when talking to the government department charged with ensuring that those laws are enforced.

A second possibility is that the legal advice BT claims it took went against the the opinion of the Home Office's own RIPA expert and all other legal opinion we've heard over the last three months, and so Phorm didn't feel it needed to mention the trials.

Finally, perhaps in its keenness to rise from the ashes of its spyware business, Phorm forgot to consider the law.

Yet the Home Office has disavowed any responsibility for pursuing transgressions of RIPA, even on this scale, so why not just toss it into the conversation? Phorm has not been shy about its ability to "see the entire internet" now that it is looking for publishers and advertisers to join its targeting network.

Authorities including the police and Information Commissioner have so far not investigated the events of Autumn 2006 and July 2007. Private individuals who believe their broadband line was subject to the secret wiretapping still have several legal avenues open to them, including the right under RIPA to pursue a private prosecution. ®

Bootnote

We tried to obtain an interview today with Andrew Knight via a direct email approach. A Home Office press officer called soon after to say that "I'm not impressed by that... you [El Reg] do not do that, you come through us. If you do you will not get any response [at all to your queries]".

We asked if it was Home office policy to threaten journalists with excommunication if they try talking to senior civil servants. "No," she said. "It's just the way it is."

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.