Downing Street on Phorm: 'Meh'
ICO recipient of passed buck
Downing Street has palmed off responsibility for enforcing the law around its web monitoring and profiling technology to the Information Commissioner.
The Prime Minister's response to a public petition today comes despite his Home Office having given a positive pre-launch legal opinion in private to Phorm and BT.
The petition on Gordon Brown's website started last March and signed by more than 21,000 people, called on him to investigate Phorm's technology and review privacy laws to ensure it is properly regulated.
In response, the government said: "The government is committed to ensuring that people’s privacy is fully protected. Legislation is in place for this purpose and is enforced by the Information Commissioner’s Office (ICO)."
The ICO is legally responsible for enforcing the Data Protection Act, and the European directive on privacy and electronic communications.
The ICO's failure to act in response to revelations BT and Phorm had trialled their monitoring and profiling system on tens of thousands of customers in secret and without consent has prompted the European Commission to begin legal proceedings against the UK government.
The government continued today: "ICO is an independent body, and it would not be appropriate for the Government to second guess its decisions.
"However, ICO has been clear that it will be monitoring closely all progress on this issue, and in particular any future use of Phorm's technology. They will ensure that any such future use is done in a lawful, appropriate and transparent manner, and that consumers' rights are fully protected."
The petition had called on the government to tighten privacy laws where they are found wanting. Instead, the European Commission plans to take the UK to the European Court of Justice in Luxembourg to force it to comply with EU law.
The government response makes no mention of the Regulation of Investigatory Powers Act (RIPA), which the Home Office analysed in 2007 on Phorm and BT's behalf. Officals asked Phorm for their approval of their analysis. Independent legal experts have since claimed RIPA makes Phorm's technology illegal, and its secret trials doubly so.
That response in full:
Thank you for the e-petition on internet advertising technologies and customer privacy.
As your petition states, some Internet Service Providers (ISPs) have been looking at the use of Phorm’s Webwise and Open Internet Exchange (OIX) products. However, the only use of the technology so far has been the trials conducted by BT.
Advertisers and ISPs need to ensure that they comply with all relevant data protection and privacy laws. It is also important that consumers’ privacy is protected and that they are given sufficient information and opportunity to make a clear and informed decision whether to participate in services such as Phorm. The Government is committed to ensuring that people's privacy is fully protected. Legislation is in place for this purpose and is enforced by the Information Commissioner's Office (ICO). ICO looked at this technology, to ensure that any use of Phorm or similar technology is compatible with the relevant privacy legislation. ICO has published its view on Phorm on its website:
ICO is an independent body, and it would not be appropriate for the Government to second guess its decisions. However, ICO has been clear that it will be monitoring closely all progress on this issue, and in particular any future use of Phorm's technology. They will ensure that any such future use is done in a lawful, appropriate and transparent manner, and that consumers' rights are fully protected.
Sponsored: 2016 Cyberthreat defense report