Ten unanswered questions for BT

1. Are you willing to make public the legal advice you received before proceeding with the Webwise/Phorm trials in 2006 and 2007? If not, are you willing to say which counsel provided it?

2. During the two trials of Webwise/Phorm you did not seek or obtain consent from the users affected nor from the owners of the websites they visited. On what basis do you think that the trials did not break the law, specifically the Data Protection Act and the Regulation of Investigatory Powers Act?

3. Are you willing to publish in detail the user research which you quote as giving approval to Webwise/Phorm? if not, are you willing to disclose the specific questions users were asked?

4. On the Webwise pages about Phorm on your website, you do not state explicitly that it works by inspecting every packet of data between the user and the Web, whether generated by searching, browsing, shopping, reading sensitive documents or indeed sending and receiving private emails using any services not recorded as such by Phorm. On what basis do you believe you will be obtaining informed consent from users?

5. For an interception to be legal, both communicating parties have to give their consent. How do you plan to obtain consent from the owners of the websites accessed by users who have opted in to Phorm? If an opted-in Phorm user makes a purchase from an online retailer and the interception of their data by Phorm results in them receiving an offer for goods or services from a rival of that retailer, what makes you think that the original retailer will not initiate criminal or civil proceedings against BT?

6. In what ways are the anti-phishing features bundled with Phorm superior to those provided free with modern web browsers?

7. Do you propose to make Phorm 'opt-in' or 'opt-out'? If users opt out of Phorm, will all their web traffic still be intercepted to determine that they have opted out?

8. Phorm was formerly known as an adware company, 121media. Its adware network PeopleOnPage was blacklisted as spyware by Symantec and F-Secure. Computer Associates categorised it as a Hijacker. What effect do you think partnering with Phorm has on your reputation?

9. What audit processes will BT be adopting to ensure that their Phorm servers comply with UK and EC legislation and are protected from criminal activity? Will BT have access to the source code running on them?

10. If the Phorm servers in BT's network are compromised by criminals resulting in financial losses for BT's customers or for owners of the websites served to them, will BT provide full compensation?