BT, Webwise and Phorm: What you need to know

What is being proposed?

BT, Virgin Media and Talk Talk (Carphone Warehouse) are planning to partner with Phorm to intercept, read and analyse nearly everything you do on the internet. Phorm was formerly known as 121media, and their products were blacklisted by at least three anti-virus companies. The service will be branded as Webwise

Their aim is to profile you for Phorm's advertising network, enabling participating advertisers to target you more effectively.

This is a new kind of user profiling, since every word of nearly everything you do on the Internet will be intercepted, read and analysed if you are part of the scheme. This includes your communications with websites you visit for any purpose, and will include webmail if you do not use one of the major webmail providers.

In contrast, search engines like Google and shopping websites only gather and use your personal information when you are visiting them. And even the Police and Security Services have to follow rigorous procedures if they want to carry out the kinds of interceptions proposed with Phorm.

The proposed system includes an anti-phishing function to warn you when you access a website which might try to obtain your bank or credit card details fraudulently. But this is already available for free in the latest versions of the web browsers used by more than 90% of people on the Internet. Phorm's core purpose is simple: to snoop on your internet usage in order to target advertising at you.

What have the ISPs done so far?

In 2006 and again in 2007, BT intercepted web browsing data from several tens of thousands of their users in trials of the Phorm technology. At no time did they ask any of these users for their consent. In some instances they changed the data sent by the users to the websites they were visiting. Many believe that BT acted unlawfully with these trials.

BT were proposing a third trial to begin by the end of April 2008. However on 9th April the UK Information Commissioner's Office advised that Phorm must be "opt-in" and not "opt-out". With this, and with public concern mounting, BT's published start date for the trial was moved to the end of May 2008.

But by BT's Annual General Meeting on Wednesday 16th July 2008 the trial had not started. Several questions about BT's relationship with Phorm were asked at the AGM, with few clear answers from BT. BT's Phorm trial has not materialised yet, but BT still appear to be planning for it to take place.

Virgin Media have signed a preliminary agreement with Phorm to understand in more detail how it works but have not yet decided if it will be introduced. Carphone Warehouse have said that any of its customers who want to use Phorm will have to positively opt-in.

The focus of the campaign therefore remains on BT, whose relationship with Phorm is the most advanced of the three ISPs. Indeed, Phorm's Chief Technical Officer used to hold a similar position in BT Retail.

What has been the reaction?

On 25th February 2008, the UK-based online IT magazine The Register broke the story, and since then public opposition has been vigorous.

On 9th April 2008, the UK's Information Commissioner advised that Phorm must be "opt-in" rather than "opt-out". Originally, BT planned to intercept all their users' web communications unless they specifically objected.

On 29th April 2008 the chief executive of the British Computer Society responded to the Information Commissioner's advice and stated that "BCS members involved in work of this kind should think very carefully about the implications of these systems and the BCS professional code of conduct they have agreed to."

At the end of May 2008, the Information Commissioner's Office told a user whose web browsing was tapped and profiled during the 2007 trial that it would not pursue BT over alleged breaches of the European Privacy and Electronic Communications Regulations (PECR) even though it believed that Regulation 6 of the PECR would be likely to apply.

As a result of this, complaints were made to the European Commission that the UK Government was not enforcing UK and EU law adequately. In response, Fabio Colasanti, Director General of the EU's Information Society and Media Directorate wrote to the UK Government on 30th June asking for information about their response to the BT trials and possible deployment of Phorm's technology. The letter requested a reply within a month. No such reply appears to have been provided yet.

Meanwhile in the USA, Congress was taking an interest in the activities of companies offering Phorm-like technologies and the Internet Service Providers working with them. On 25th June 2008, The Washington Post reported that following presure from Ed Markey, Chairman of the House of Representatives Energy and Commerce subcommittee, Charter (a US ISP) had withdrawn plans to move forward with a scheme using technology from Nebuad whose approach is similar to Phorm's. On 30th June another US ISP, CenturyTel, suspended their use of NebuAd. And on 7th July yet another US ISP, Massillion froze its plans to embrace behavioral ad targeting with FrontPorch, another company offering Phorm-like technology.

On 17th July, a Congressional hearing quizzed NebuAd's Chief Executive and on 4th August Congress widened its enquiries to encompass thirty major US Internet Service Providers.

Back here in the UK, evidence that BT may have acted unlawfully in 2006 and 2007 was collated and presented to the City of London Police on Wednesday 16th July (Crime Reference Number: 5253/08). The campaign is now focussing on ensuring that this is investigated fully and rigorously.

What can you do?

Read our page which gives seven reasons why Webwise/Phorm is wrong , and our briefing page which provides more background.

Then sign the 10 Downing Street Anti-Phorm Petition, write to your ISP, or write to your MP or MEP. You can find some sample letters here.

You could then contact the UK's Europe Minister, Jim Murphy to ask what has caused the delay to the UK's response to the letter from Fabio Colasanti, Director General of the EU's Information Society and Media Directorate and when he plans to reply to it.

If you decide to move broadband provider, read the forum thread about Phorm-Free ISPs at BadPhorm.

Almost everyone who is aware of Webwise and Phorm shares our concern. The more who know about it, the stronger the opposition will become. So don't forget to spread the word and ask everyone you know to do the same.