Attributions
BT Trials
ThinkBroadband Forum thread on one user's experience of the 2007 trial at the time
Alexander Hanff's analysis of the BT Trials
Covering article by Alexander Hanff
Channel 4 report: BT 'spies' on customers
includes the experience of one BT customer who was an unwitting participant in the 2007 trials
and also a grilling for BT's Emma Sanderson
Leaked BT Paper describing the 2006 Webwise/Phorm Trial
Dr Richard Clayton calls for prosecutions
Web Browsers already have anti-phishing functions
Net Applications Market Share Statistics
Shows that more than 90% of users have either Internet Explorer or Firefox.
Microsoft Phishing Filter for Internet Explorer
Information Commissioner's Position
The Information Commissioner's current view on BT Webwise and Phorm
" . . . Phorm products will have to operate on an opt in basis to use traffic data
as part of the process of returning relevant targeted marketing to internet users."
"Even if Phorm is not processing personal data, the ISP undertaking the profiling
may be to the extent that it uses IP addresses in that profiling and is able
to link its customers to an IP address although this may not be its intention.
To the extent that personal data is processed that processing must be
fair and lawful in order to comply with the First Principle of the Data Protection Act."
ICO documents obtained under a Freedom of Information Request (delivered on 26th June 2008)
Regulation of Investigatory Powers Act 2000
Unlawful interception is defined right at the start of the Act
In an email released in March 2008, the Home Office issued advice to Phorm on how its service might be lawful ... if it was undertaken with the highest regard to the respect for the privacy of ISPs' users and the protection of their personal data, and with the ISPs' users consent.
Further clarification of this was provided in the Cable Forum in April 2008 (See Post 4309 on the linked page) where by mutual agreement the outcome of a series of exchanges between two members of the Cable Forum and the Home Office was published.
Foundation for Information Policy Research Open Letter to the Home Secretary (23 April 2008)
Asks the Home Office to withdraw their advice.
European Commission position on Phorm
P2PNet article quoting communications sent to members of the public on 27th May 2008.
Phorm appears to be illegal under EU law.
BT's Webwise (Phorm) pages
BT's Webwise (Phorm) pages
As of 6th June, there was no explicit statement on that if a user was opted in
then all their web traffic would be monitored unless Phorm had identified the site
as providing banking or webmail services.
Anonymised searches are not anonymous
A Face Is Exposed for AOL Searcher No. 4417749
Article in the New York Times
Foundation for Information Policy Research Opinion
FIPR Open letter to the Information Commissioner (17 March 2008)
Provides authoritative arguments on why operating Phorm would fall foul of the law.
Also points out that not only the website user has to provide consent for Phorm to intercept traffic:
the website owner must also provide consent.
FIPR Legal Analysis of Phorm (23 April 2008)
Concludes that deployment by an ISP of the Phorm architecture will
involve breaches of three separate major laws and other illegalities,
for which ISPs will be primarily liable and for
which Phorm Inc will be liable as an inciter.
Phorm's past life as 121media
Background to Phorm, formerly known as 121Media, the company providing Webwise to BT
Phorm admits that as 121media they were an adware company (BBC)
The Register describes 121media's PeopleOnPage as spyware rather than adware ...
"Phorm is run by Kent Ertegrul ...
Previously, his most notable foray online was as the founder of PeopleOnPage,
an ad network that operated earlier in the decade and which was blacklisted
as spyware by the likes of Symantec and F-Secure."
... and F-Secure substantiates what they say ...
CA provide some more information ...
"Changes browser settings other than homepage, without user permission.
Can't be uninstalled by Windows Add/Remove Programs
and no uninstaller is provided with application."
Phorm Public Meeting
Unedited Video Footage from the Phorm Open Meeting on Tuesday 15th April 2008
This site has been hacked twice so far, so it must contain important material!
Simon Davies Introducing The Event And 80/20 Thinking's Role
Kent Ertegrul's Presentation
Dr Richard Clayton on The Problems With Phorm
Dr Richard Clayton's Q&A Session
Alexander Hanff On The Legal, Historical and Social Context of Phorm
Alternative link to the videos in case the main site has become unavailable
How Phorm Works
Harlan Yu's article Phorm's Harms Extend Beyond Privacy at Freedom to Tinker
A high-level technical summary of how Phorm works and the issues it raises
Richard Clayton's report of 4th April 2008
Sets out the full detail of how Phorm works
Richard Clayton's Blog
"Overall, I learnt nothing about the Phorm system that caused me to change my view
that the system performs illegal interception as defined by s1
of the Regulation of Investigatory Powers Act 2000."
BT's more recent pages explain how they will implement Phorm to enable opt-out without
having to have an opt-out cookie
But you will still have to block webwise.net cookies
and they will still have to intercept your communications with the website you are accessing.
Wikipedia's entry on Deep Packet Inspection
"Deep packet inspection (and filtering) enables advanced security functions
as well as internet data mining, eavesdropping, censorship, etc.
Advocates of net neutrality fear that DPI technology will be used to
privatize the Internet."