Feeds

BT's secret Phorm trials: UK.gov responds

EU lawyers mull action

HP ProLiant Gen8: Integrated lifecycle automation

Updated The European Commission is analysing the government's explanation of why UK authorites have taken no action over BT and Phorm's allegedly illegal broadband wiretapping and ad-targeting experiments in 2006 and 2007.

A spokeswoman for Vivian Reding's information society and media commission confirmed that a response to its call for information had been received in Brussels and would form part a "legal assessment" of the trials. The UK government's letter was about a month and a half late, the EU having originally set a reply deadline of the end of July.

The Department for Business, Enterprise and Regulatory Reform (BERR), which coordinates UK diplomatic dealings with the European Commission, refused today to provide the full text of the letter.

It sent The Reg a statement detailing only a small part of the letter. It dodges the central issue: That the UK's largest telecoms provider secretly monitored tens of thousands of its customers' web browsing habits without consent, and that so far the Information Commissioner's Office and the police have not taken any enforcement action.

Here's BERR's statement in full:

The UK is committed to providing a high level of consumer protection. We take our community obligations very seriously especially in the area of data protection and e-privacy. The possible future use of Phorm technology has raised material concerns in this area and the UK authorities are working to ensure that if it is introduced into the market for internet based advertising services, this is done in a lawful, appropriate and transparent fashion.

After conducting its enquiries with Phorm the UK authorities consider that Phorm's products are capable of being operated in this fashion on the following basis:

  • The user profiling occurs with the knowledge and agreement of the customer.
  • The profile is based on a unique ID allocated at random which means that there is no need to know the identity of the individual users.
  • Phorm does not keep a record of the actual sites visited.
  • Search terms used by the user and the advertising categories exclude certain sensitive terms and have been widely drawn so as not to reveal the identity of the user.
  • Phorm does not have nor want information which would enable it to link a user ID and profile to a living individual.
  • Users will be presented with an unavoidable statement about the product and asked to exercise a choice about whether to be involved.
  • Users will be able to easily access information on how to change their mind at any point and are free to opt in or out of the scheme.
Future developments involving Phorm will be closely scrutinised and monitored by the enforcement authorities.

Four out of the five questions posed by information society and media departmental director general Fabio Colasanti targeted UK authorities' failure to act over BT's secret trials in 2006 and 2007. Viviane Reding has herself said that the acts were a breach of EU privacy directives without consent.

In July the Commissioner said: "It is very clear in EU directives that unless someone specifically gives authorization [to track consumer activity on the Web] then you don't have the right to do that."

Yet BERR's statement makes no mention of the two secret experimental deployments. Rather, it is a close relative of the Home Office's disputed advice to BT and Phorm, repeating that the government believes future Phorm deployments could be legal if consent from ISP subscribers is obtained. [The Home office had contact with BT on interception for behavioural ad targeting from autumn 2006, but says it had no knowledge of the secret trials until they were revealed by El Reg.]

A spokeswoman for BERR said it had decided not to disclose the government's line on the trials. "We believe it's important to have an open and frank discussion... it's not normal practice to disclose [such letters]," she said.

Meanwhile campaigners are awaiting the City of London Police's decision on whether to formally investigate BT and Phorm for breaking criminal wiretapping laws governed by the Regulation of Investigatory Powers Act.

Watch this space. ®

Catch up with the Phorm saga here.

Update

Following publication of this story, Phorm's PR agency Citigate Dewe Rogerson sent a statement. It's fairly standard stuff:

The UK's Government's position on Phorm's technology reflects our common commitment to transparency and superior standards of online privacy. We also believe that revolutionary technologies should be introduced in line with stringent criteria. For instance, our unique 'privacy by design' approach means our internet advertising and online fraud protection system stores no personally identifiable information or browsing histories. We will continue to engage with stakeholders from regulators to consumers and are excited about demonstrating how our system will benefit all of them by introducing a new way to help fund the future of the internet and its richness and diversity.

The Power of One Infographic

More from The Register

next story
Google Nest, ARM, Samsung pull out Thread to strangle ZigBee
But there's a flaw in Google's IP-based IoT system
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Rural mobile coverage: Tweeting twits to join chirping tits in UK's national parks
Yup, someone IS gabbering behind you on the hiking trail
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
NBN Co execs: No FTTN product until 2015
Faster? Not yet. Cheaper? No data
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.