Broadband ISP TalkTalk UK appears to have launched a trial of its forthcoming and often controversial new internet anti-malware "Network Security" technology ('Virus Alerts Service'). The system is designed to automatically protect customers from bad websites but has also caused a storm of controversy with privacy campaigners.


Most of the concern does not centre on the security service itself but the method by which it identifies bad websites in the first place. A separate system, which is managed remotely by Chinese firm Huawei, effectively follows customers around the internet and makes an anonymous record of the website addresses (URL) they visit.

However Privacy Campaigners were quick to point out that the UK Regulation of Investigatory Powers Act 2000 (RIPA) clearly prohibits "interception of a communication" (i.e. such as URL addresses), a rule that is currently in the process of being tightened even further to match EU law (here).

Indeed a URL can contain sensitive personal data, such as names and addresses, which in most cases would occur as part of a private process that TalkTalk's service could still record. In addition, while TalkTalk's security service gives customers the option of using it or not, it's URL tracking appears to be mandatory.

Last November 2010 TalkTalk's Clive Dorsman attempted to alleviate some of the concern and said that its, "system simply records the destination website URLs; it does not record who sends the request or other personal data with the URL." However, when we attempted to clarify with TalkTalk whether or not its system would strip personal data out of a URL they simply refused to respond.

The Open Rights Group (ORG) met with TalkTalk earlier this week to discuss their concern and is currently drafting a response. Meanwhile a website - The Phoenix Broadband Advice Community - claims to be launching its own civil action against TalkTalk after it "objected formally to being visited and scraped by the TT/Huawei bot."


The action, it's claimed, is being taken to "confirm a website owner's rights to control who accesses their website and under what terms and conditions those accesses are made". In reality this is very hard to do, unless you password protect every page or take your website offline, and we foresee a difficult uphill struggle for the action.

The website claims to have sent a "formal letter of claim" "letter before claim" to TalkTalk on 7th September 2010, which was "in accordance with the small claims track protocols for County Court Action." However a TalkTalk spokesperson told us yesterday that it "hasn't received any formal notice of legal action" and as a result had nothing further to say on the matter.

Clearly, whatever the rights or alleged wrongs of TalkTalk's URL tracking, it is a system that still has the power to inflame a lively debate. It's a debate that TalkTalk doesn't need, especially when it already has enough problems with Ofcom's concern over their billing practices (here) and a mis-selling investigation to boot (here).

On top of all that the ISP has just been voted Britain’s Worst for Customer Services in 2010 by thisismoney.co.uk, which awarded it the Wooden Spoon gong. Hopefully TalkTalk can end this year better than they started it. Well, it couldn't really get much worse, could it?

Related News:
26th July 2010 - UK ISP Talk Talk Monitoring its Customers Online Activity Without Consent
30th July 2010 - UK ISP Talk Talk Defends Customer Website Snooping System
16th August 2010 - ISP Talk Talk UK Responds to Privacy Concerns Over URL Monitoring Service
23rd August 2010 - UK ISP Talk Talk Defends Website URL Tracking System from Privacy Concerns
7th September 2010 - Trouble for UK ISP Talk Talk as ICO Criticises Website URL Snooping System
25th November 2010 - UK ISP Talk Talk to Proceed With Controversial Customer Website Snooping System