Feeds

EU threatens 'formal action' against UK.gov on Phorm

Brussels increases pressure over secret trials

Choosing a cloud hosting partner with confidence

Exclusive The European Commission has given its strongest signal yet that it will hold the UK government to account for its failure to act over BT and Phorm's secret and allegedly illegal internet monitoring trials in 2006 and 2007.

Telecoms commissioner Viviane Reding has again demanded answers from the UK as to why no enforcement action has been taken over the wiretapping and profiling of tens of thousands of BT broadband subscribers without any permission or notification. An unsatisfactory response could eventually land the government in the European Court of Justice.

Speaking to The Register today, Reding's chief spokesman Martin Selmayr said: "The European Commission's investigation with regard to the Phorm case is still ongoing."

Selmayr added that the Commission had written to the UK government for a third time at the end of January. "The Commission may have to proceed to formal action if the UK authorities do not provide a satisfactory response to the Commission's concerns on the implementation of European law in the context of the Phorm case," he said.

The Commission became interested in the case after Register readers wrote to Viviane Reding last year in dismay at our revelations about the secret trials.

Internet law experts at the Foundation for Information Policy Research, an independent think tank based at Cambridge University, had publicly stated that that BT and Phorm violated the European Privacy and Electronic Communications Regulations (PECR), along with several domestic criminal statutes. Throughout the furore, BT has said it took legal advice prior to co-opting customers into the two trials but has declined to make it public.

When national governments fail to implement European law, the Commission can bring formal action at the European Court of Justice in Luxembourg, a court independent of Brussels. In 2007 Reding referred the German government's blessing of Deutsche Telekom's high speed broadband monopoly to the court.

The UK's public response to the Commission's first inquiry about BT and Phorm last summer failed to address the secret trials.

Instead, in a press statement in September the government said it was possible that future deployments would be legal, and the government has refused Freedom of Information Act requests to release its full response. Five out of the six questions originally posed by the Commission concerned the trials.

The Commission wrote again in October, and the UK government, coordinated by the Department for Business, Enterprise and Regulatory Reform (BERR), responded in November. January's third EU letter indicates that reply was also unsatisfactory.

BERR had not responded to a request for comment on the Commission's aggressive new rhetoric at time of publication.

In the UK, responsibility for enforcing PECR falls to the Information Commissioner's Office. It gave the trials the all-clear, agreeing with BT that it would have been difficult to explain the secret trials to customers.

Nevertheless, BT completed a third, non-covert trial of the system in October, branding it "WebWise". It attempted to explain the technology and emphasised its anti-phishing warning feature, and offered a cookie-based opt-out.

Meanwhile, the Crown Prosecution Service is considering whether to allow a private prosecution of BT and Phorm by privacy campaigners under the Regulation of Investigatory Powers Act. Prosecutors began gathering evidence at the end of November.

An earlier investigation of the secret trials by City of London Police found customers has given "implied consent" for an advertising wiretap, and said a prosecution would not be in the public interest. ®

Remote control for virtualized desktops

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.