UK ISP TalkTalk Defends Website URL Tracking System from Privacy Concerns
Posted: 23rd Aug, 2010 By: MarkJ
Broadband ISP TalkTalk UK has issued a new update today that offers more detail on how its controversial future security system, which follows customers around the internet and makes an anonymous record of the website addresses (URLs) they visit, will work. Sadly TalkTalk still does not appear to recognise that URL addresses themselves can also hold private personal data, many of which would not ordinarily be visible to the public or search engines like Google.The update itself doesn't offer anything terribly new except for some additional clarification. The ISP admits to having received "lots of questions from customers about [its] network security technology", which has been covered in several of our recent news items.
Related News:TalkTalk also firmly believes that its anti-malware system is compliant with the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the Data Protection Act 1998. This has yet to be properly tested and, as we highlighted in our article on 16th August 2010, the reality is somewhat less clear cut.
26th July 2010 - UK ISP Talk Talk Monitoring its Customers Online Activity Without Consent
30th July 2010 - UK ISP Talk Talk Defends Customer Website Snooping System
16th August 2010 - ISP Talk Talk UK Responds to Privacy Concerns Over URL Monitoring Service
TalkTalk's 23rd August 2010 Clarification Update
As a network operator, TalkTalk receives and processes billions of requests daily from its customers to connect to websites across the internet.
We route these requests across our network and beyond but inevitably this exposes our customers to the countless viruses, worms, spyware and other malicious pieces of software out there on the internet.
As I’ve mentioned before, the aim of our new internet security technology, which will be free and opt-in only, is to help make the internet a safer place for our customers by warning them if their computer or device connected to their home broadband is viewing a page that contains viruses or other online threats.
Our new internet security technology will include an anti-malware system which has been tested in the TalkTalk network. (Malware is the name given to any software designed to infiltrate a person’s computer without their consent.)
As requests move through the network, the anti-malware system filters and records the website URLs to which our network has been asked to connect. The system simply records the destination website URLs; it does not record who sends the request or other personal data with the URL.
Being located in the TalkTalk network, the system is subject to the same high level of security applicable to the TalkTalk network and TalkTalk’s customer data. The process is not dissimilar to how we record voice traffic.
The system scans website URLs for malware and other viruses and then places each website URL in a white list (if the scan is clean – this is retained for up to 24 hours and then automatically deleted) or a black list (if the scan shows viruses, malware or other irregularities – this is retained for up to 7 days and then automatically deleted).
Given the volume of website URLs, these lists are recorded in a temporary electronic state and not in conventional accessible storage. When the anti-malware service goes live to customers, these lists will in future be used to alert customers to websites suspected to have malware or viruses.
Importantly, the anti-malware system does not record or scan any secure “https” website URLs.
And TalkTalk’s use of the anti-malware system is compliant with the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the Data Protection Act 1998.
As a network operator, TalkTalk receives and processes billions of requests daily from its customers to connect to websites across the internet.
We route these requests across our network and beyond but inevitably this exposes our customers to the countless viruses, worms, spyware and other malicious pieces of software out there on the internet.
As I’ve mentioned before, the aim of our new internet security technology, which will be free and opt-in only, is to help make the internet a safer place for our customers by warning them if their computer or device connected to their home broadband is viewing a page that contains viruses or other online threats.
Our new internet security technology will include an anti-malware system which has been tested in the TalkTalk network. (Malware is the name given to any software designed to infiltrate a person’s computer without their consent.)
As requests move through the network, the anti-malware system filters and records the website URLs to which our network has been asked to connect. The system simply records the destination website URLs; it does not record who sends the request or other personal data with the URL.
Being located in the TalkTalk network, the system is subject to the same high level of security applicable to the TalkTalk network and TalkTalk’s customer data. The process is not dissimilar to how we record voice traffic.
The system scans website URLs for malware and other viruses and then places each website URL in a white list (if the scan is clean – this is retained for up to 24 hours and then automatically deleted) or a black list (if the scan shows viruses, malware or other irregularities – this is retained for up to 7 days and then automatically deleted).
Given the volume of website URLs, these lists are recorded in a temporary electronic state and not in conventional accessible storage. When the anti-malware service goes live to customers, these lists will in future be used to alert customers to websites suspected to have malware or viruses.
Importantly, the anti-malware system does not record or scan any secure “https” website URLs.
And TalkTalk’s use of the anti-malware system is compliant with the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the Data Protection Act 1998.
The ISP hopes that its latest clarification update will "allay some of the concerns" expressed by their customers, which we have our doubts about. They have also promised to reveal more information nearer to the products actual launch, which is expected before the end of this year.
Latest UK ISP News
Cheap BIG ISPs for 100Mbps+
Community Fibre £21.00
Virgin Media £26.00
Shell Energy £26.99
Plusnet £27.99
Zen Internet £28.00 - 35.00
150,000+ Customers | View More ISPs
Cheapest ISPs for 100Mbps+
Modest Availability | View More ISPs
Latest UK ISP News
Cheap BIG ISPs for 100Mbps+
Community Fibre £21.00
Virgin Media £26.00
Shell Energy £26.99
Plusnet £27.99
Zen Internet £28.00 - 35.00
Large Availability | View All
Cheapest ISPs for 100Mbps+
Large Availability | View All
Helpful ISP Guides and Tips
Sponsored Links
The Top 15 Category Tags
- FTTP (5538)
- BT (3518)
- Politics (2542)
- Openreach (2300)
- Business (2267)
- Building Digital UK (2247)
- FTTC (2045)
- Mobile Broadband (1978)
- Statistics (1790)
- 4G (1669)
- Virgin Media (1625)
- Ofcom Regulation (1467)
- Fibre Optic (1396)
- Wireless Internet (1392)
- FTTH (1382)
Sponsored
Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules