By: MarkJ - 14 April, 2009 (10:55 AM)
The European Commission (EC) has opened an infringement proceeding against the UK after a series of complaints by Internet users, and extensive communication with UK authorities, about the use of Phorms behavioural advertising technology by broadband Internet Service Providers (ISPs). The move follows warnings last month by the EU that it could extend its investigation of Deep Packet Inspection (DPI) technology to include Phorm (original news).


Phorm works with UK ISPs, such as BT (WebWise), to monitor what websites you visit for use in targeted advertising campaigns, though its methods have raised more than a few fears about invasions of privacy. Both Virgin Media and TalkTalk (The Carphone Warehouse) are also known to have been in discussions with Phorm, although to date neither has introduced it. BT angered many when it emerged in early 2008 that they had run two secret trials on customers, without their consent, during 2006 and 2007.

The new EC proceeding will address several problems with the UK's implementation of EU ePrivacy and personal data protection rules, under which EU countries must ensure, among other things, the confidentiality of communications by prohibiting interception and surveillance without the user's consent. These problems emerged during the Commission’s inquiry into the UK authorities’ action in response to complaints from internet users concerning Phorm.

Technologies like internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules. These rules are there to protect the privacy of citizens and must be rigorously enforced by all Member States," said EU Telecoms Commissioner Viviane Reding.

We have been following the Phorm case for some time and have concluded that there are problems in the way the UK has implemented parts of EU rules on the confidentiality of communications. I call on the UK authorities to change their national laws and ensure that national authorities are duly empowered and have proper sanctions at their disposal to enforce EU legislation on the confidentiality of communications.

This should allow the UK to respond more vigorously to new challenges to ePrivacy and personal data protection such as those that have arisen in the Phorm case. It should also help reassure UK consumers about their privacy and data protection while surfing the internet.

The Commission are known to have written several letters to the UK authorities since July 2008, asking how they have implemented relevant EU laws in the context of the Phorm case. The EU appears to have been unhappy with what it has been told and has concerns about structural problems in the way the UK has implemented EU rules ensuring the confidentiality of communications.

Under UK law, which is enforced by the police, it is an offence to unlawfully intercept communications (only applies to intentional interception). However interception is considered to be lawful when the interceptor has ‘reasonable grounds for believing’ that consent has been given.

The City of London Police dropped an investigation of Phorm last year, specifically BT’s secret 2006/2007 trials, because it would have cost too much money, been too complex and those taking part in the trials were curiously deemed to have given their “implied consent”. The Commission is also concerned that the UK does not have an independent national supervisory authority dealing with such interceptions.

The UK has now been given two months to reply to this first stage of an infringement proceeding, with a letter of formal notice being sent today. Lack of a satisfactory reply will result in the proceedings being taken further and could ultimately lead to the EU referring the case to the European Court of Justice.

UPDATE @ 15th April 08:42am:

Phorm has offered the following statement in response to the EU's investigation of their service:

The EU Commission has announced today that it is starting infringement proceedings against the UK Government concerning the alleged failure of UK legislation to conform in certain respects with EU e-privacy and personal data protection rules. This is obviously a matter for the Commission and the UK Government. However, in so far as the Commission's announcement references Phorm's technology, we should like to make the following points clear.

Phorm’s technology is fully compliant with UK legislation and relevant EU directives. This has been confirmed by BERR and by the UK regulatory authorities and we note that there is no suggestion to the contrary in the Commission's statement today. We do not envisage the Commission’s proceedings will have any impact on the company’s plans going forwards.

Furthermore, Phorm's system stands out from other online advertising systems in that it does not store personal data, or browsing histories. Finally, consistent with UK and EU legislation, and in anticipation of any changes that may be made to the law in the future, our system offers un-missable notice and clear and persistent choice to consumers.

This release clarifies any misunderstandings that may have arisen following the Commission's announcement.

Consumer Focus's Linda Weatherhead has also added her thoughts on the matter:

While phone tapping is clearly illegal and unacceptable, it seems that spying on digital communications and activity is not. Information is being collected on our internet viewing habits ‘behind the screens’ and few of us have any choice. It seems that by simply turning your computer on we are consenting to the collection of your personal information.

Consumers need options to protect their privacy. The Government must take the lead so consumers can trust and have confidence in the digital world. Consumer Focus would like to see a set of digital rights - a basic set of protections for consumers to operate in the digital world.

Elsewhere the NoDPI anti-phorm campaign site appears to confirm that both LiveJournal and Amazon have now opted-out of having their websites tracked by Phorm's BT implementation (WebWise).

UPDATE @ 15th April 1:02pm:

Added a video of the EU's original announcement.
Share: Slash., Stumble, Facebook, Digg, Blink, Reddit, Delicious, Diigo
Option: Link | Search

Comments: 8

asa logootester
Posted: 14 April, 2009 - 2:49 PM
Link to comment

This still doesn't make up for the mandatory logging of emails/website addresses.
asa logoAndrew Smith
Posted: 14 April, 2009 - 5:11 PM
Link to comment

I will most definitely cancel my subscription (phone+baseband+cable tv) with Virgin Media, if they decide to introduce this.
I am not willing to concede to any system that modifies traffic 'on the wire'. Opt-out cookies are NOT an acceptable solution.
This is criminal behaviour even in British Law. The problem seems to be that no one appears to have to responsibility for prosecuting the Guilty Party.
asa logoJules
Posted: 15 April, 2009 - 8:15 AM
Link to comment

Andrew Smith: If you're really concerned, I'd suggest finding somebody who was part of the original BT trial without their knowledge and helping them to bring a private prosecution. I'm sure a little fundraising could pay for some reasonable lawyers, who may be willing to work on such a public interest case for quite a low fee...
asa logoCarrot63
Posted: 15 April, 2009 - 11:42 AM
Link to comment

Seems the EU lack the appropriate forelock-tugging deference to "legitimate" business practices, and that the UK.gov would like something more in line with their own grovelling obeisance to the data pimps.
asa logoCarrot63
Posted: 15 April, 2009 - 11:47 AM
Link to comment

A nice article from the BBC - Amazon appear to have an issue with being scanned:

http://news.bbc.co.uk/2/hi/technology/7999635.stm

A few more big ones like this and phorm will have real problems without our toothless regulators having to descend from their business sponsored ivory towers.
asa logoTRIaXOR™
Posted: 15 April, 2009 - 1:49 PM
Link to comment

I can see phorm dying a slow death.. wink
asa logoScav
Posted: 15 April, 2009 - 3:40 PM
Link to comment

Like Andrew, I also will dump Virgin Media if they introduce Phorm. And not just their internet, but cable and phone too.

It will be inconvenient for me, certainly, but I can take a bit of inconvenience rather than have my privacy and security eroded by some creepy advertising company that is purely PARASITIC on the service I am already PAYING for.

History teaches us that every tiny bit of liberty (and privacy is an aspect of liberty) that you let slip out of your fingers is going to cost you disproportionate blood and sweat to get back. So this is very much the time to nip this pernicious weed in the bud.
asa logocurtis
Posted: 15 April, 2009 - 8:31 PM
Link to comment

Back in early part of 2007 I went with BT for BB but it only lasted just under 3 months due to bad /lack of speed so I jacked them in got my mac and went someone else? but I have changed my laptops twice on my second one been vista I transfered my info from one to other but Norton has found a tracking cookie running in the system & trys to get rid of it each it fines it but it resurfaces?. BT may be to blame & may not one will never know!! as they are a law on to their own???



Generated in 0.21465 seconds.
DB queries: 8

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved (Terms, Privacy Policy, Links (.), Live Chat & Website Rules).