Feeds

BT's Phorm small print: It's all your fault

'Daddy needs to tell you about an exciting new service called WebWise'

3 Big data security analytics techniques

BT subscribers who are invited to take part in its new trial of Phorm's internet monitoring and advertising system will be responsible for telling anyone who uses their computer that they could be being tracked online - whether they opt in or not.

In the updated Total Broadband terms and conditions for the trial, BT washes its hands of any legal responsibility if people do not realise their web browsing is under surveillance. What's more, parents are expected to teach their children about Phorm, so they can offer the individual informed consent the technology requires to operate within the law.

The terms and conditions state: "The BT WebWise service must be switched on and off separately for each user of your service and on each browser and on each machine that you and other users of your service use to access the internet.

"You are responsible for making sure that all other users of your service know about the BT WebWise service and how to switch it on or off."

Under the normal Total Broadband terms and conditions, there is no obligation for the account holder to communicate aspects of the service to others who might use the connection. No other aspect of BT's internet provision involves a wiretap as defined by the Regulation of Investigatory Powers Act (RIPA), however.

Customers who are invited to join the trial and decline are still subject to the new terms and conditions - it's just that BT and Phorm promise to ignore their traffic as it passes through profiling hardware.

The new deal for triallists also has a catch-22 clause that means BT and Phorm can monitor users who don't want WebWise switched on if the system's feeble cookie-based opt-out fails. It states:

If you or another user of the BT WebWise service switches the BT WebWise service off, you consent, and you agree to ensure that each user of the BT Webwise service consents to us carrying the technical operations necessary to prevent the BT WebWise service being provided to you or the other user of your broadband service.

That means that if you don't want BT and Phorm to monitor all your web traffic, you provide consent for them to monitor your web traffic to determine that. BT told El Reg this week it is still working on a network-level opt-out, but said it may not be in place if and when Webwise is rolled out across the country.

Phorm critics, notably the Foundation for Information Policy Research, have argued that under the Regulation of Investigatory Powers Act it also requires informed opt-in consent from website owners. However, in its advice to Phorm and ISPs, the Home Office said it believed that publishing a website gave implicit consent.

For the trial, BT is offering website owners an email address to write to in order to have their domains added to a blacklist of sites that it promises not to read and profile. You can find the address in the "information for website owners" section here. ®

3 Big data security analytics techniques

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.