Who should have access to what you do on the Web?
Should Internet Service Providers be allowed to read your online activity so as to select the advertisements you see? Or should they be expected to operate like the Royal Mail and telephone companies, who simply carry messages between communicating parties?
Can websites expect their communications with their visitors and customers will be private? Or should internet service providers be allowed to intercept data coming into and out of websites and pass key information about it to those websites' competitors?
This debate has been running since February 2008 when BT and two other internet service providers (Virgin Media and TalkTalk) signed exclusive agreements with Phorm. Phorm provide both the equipment to read online activity and the exchange to present advertising to users based on the websites they visit.
In BT's secret trials of the technology in 2006 and 2007, users had their web activity intercepted and read without their consent. BT trialled the scheme again in 2008. These trials, and the idea that Internet Service Providers could decide to read and analyse all your web activity and all activity about you on the web, provoked a strong public reaction.
Only you and the websites you visit should have access to what you do on the Web
In Summer 2008 the US Congress acted to halt the deployment of such technologies. And in Autumn 2008 Orange, Sky and Tiscali distanced themselves from Phorm.
On 14th April 2009 the EU opened an infringement proceeding against the United Kingdom Government about the use of Phorm by UK internet service providers. Also in April 2009 Amazon, Wikipedia and other major websites said they would not allow Phorm to scan their web pages to produce targeted ads.
Initially the UK Government appeared to believe that Phorm's product and similar technologies could be operated lawfully if certain conditions were met. The UK Information Commissioner took no action despite his concerns about all three of BT's trials. The City of London Police decided not to prosecute, and the case was passed to the Crown Prosecution Service Complex Casework Centre where it is still being reviewed.
More recently both the Department of Business, Enterprise & Regulatory Reform and the Home Office have expressly stated that they never confirmed to Phorm that their technology was fully compliant with UK legislation.
The battle is not yet over
BT and TalkTalk have now stated that they have no plans to deploy Phorm's technology. However, Korea Telecom may be running trials, and Phorm are in discussions with other Internet Service Providers worldwide.
Laws on interception, privacy, use of data and copyright must be upheld and technologies such as Phorm's should never be allowed to operate. If you value the privacy and integrity of the data you send and receive while using the Web, please join our campaign at No DPI.
Where can you get further information?
1. Read our Phorm Timeline which sets out what has happened so far.
2. Read our seven reasons why Webwise/Phorm is wrong.
3. Read If BT are inspecting all my internet packets, can I trust them?", posted in the BT Forums on 8th November 2008.
4. Keep up to date with the news log on the "Save UK internet privacy - reject ISPs that use Phorm" Facebook page.
5. Read The Register's reports on Phorm.
6. Visit other websites campaigning on this issue: NoDPI, Dephormation, Planet Jamie, and Bad Phorm.
7. And if you need to find the original source of any information or report on Phorm, consult our attributions pages.