Feeds

Phorm failed to mention 'illegal' trials at Home Office meeting in 2007

Just fancy that!

The smart choice: opportunity from uncertainty

Exclusive The Home Office held a private meeting with Phorm in August last year, but BT's interception and profiling partner did not disclose that it had completed an allegedly illegal trial of its technology on tens of thousands of unwitting broadband subscribers just weeks earlier.

Senior civil servant Andrew Knight revealed the meeting had taken place in a response to a Freedom of Information Act (FOI) request from a member of the public, passed to The Register. Today, the Home Office said it had no knowledge of the secret interceptions until we revealed the 2007 trial on 27 February and the 2006 trial on 1 April this year. BT reps were not present, Knight's note implied.

The Home Office refused to disclose further details of who was present at the August 2007 meeting with Phorm, how it was arranged, or what was discussed, saying that the information remained the subject of an ongoing FOI inquiry.

The trials have been widely branded a criminal interception on a grand scale, under the Regulation of Investigatory Powers Act 2000 (RIPA). Phorm refers all questions on the legality of the action to BT, which in turn refuses to comment beyond stating that it took legal advice.

In response to our questions about its meeting with the Home Office, Phorm said in a written statement: "We have been entirely open on our consultations with stakeholders across the industry and that part of this process included a meeting, at our request, with the Home Office."

A Phorm spokesman said during a phone call that it would not discuss what it had told the Home Office or the reasons for those choices. "We've made our statement and that's all we're going to say," he said.

Nicholas Bohm, an expert on interception law at the Foundation for Information Policy Research, an internet policy think-tank which has called for BT to be prosecuted, said: "It's surprising that Phorm didn't think it was relevant to tell the Home office what they had been up to. You have to wonder whether they were certain about the propriety of what they had done with BT."

Several months after the meeting took place, in January 2008, Phorm and BT requested legal advice from the Home Office. It was written by Knight's colleague Simon Watkin, who came to the published conclusion that the advertising targeting system might be within current law if full consent was obtained from broadband subscribers. No attempt to get customer consent was made by BT during either the 2006 or 2007 trial.

To tell or not to tell

Phorm's failure to disclose the fact it had carried out the interceptions without consent suggests three possible conclusions.

Obviously, it would be understandable for anyone who knew they had broken the law on a grand scale to keep that fact on the down-low when talking to the government department charged with ensuring that those laws are enforced.

A second possibility is that the legal advice BT claims it took went against the the opinion of the Home Office's own RIPA expert and all other legal opinion we've heard over the last three months, and so Phorm didn't feel it needed to mention the trials.

Finally, perhaps in its keenness to rise from the ashes of its spyware business, Phorm forgot to consider the law.

Yet the Home Office has disavowed any responsibility for pursuing transgressions of RIPA, even on this scale, so why not just toss it into the conversation? Phorm has not been shy about its ability to "see the entire internet" now that it is looking for publishers and advertisers to join its targeting network.

Authorities including the police and Information Commissioner have so far not investigated the events of Autumn 2006 and July 2007. Private individuals who believe their broadband line was subject to the secret wiretapping still have several legal avenues open to them, including the right under RIPA to pursue a private prosecution. ®

Bootnote

We tried to obtain an interview today with Andrew Knight via a direct email approach. A Home Office press officer called soon after to say that "I'm not impressed by that... you [El Reg] do not do that, you come through us. If you do you will not get any response [at all to your queries]".

We asked if it was Home office policy to threaten journalists with excommunication if they try talking to senior civil servants. "No," she said. "It's just the way it is."

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
All those new '5G standards'? Here's the science they rely on
Radio professor tells us how wireless will get faster in the real world
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.