Posted: 13th Jan, 2011 By: MarkJ
Broadband ISP TalkTalk UK appears to have launched a trial of its forthcoming and often controversial new internet anti-malware "
Network Security" technology ('
Virus Alerts Service'). The system is designed to automatically protect customers from bad websites but has also caused a storm of controversy with privacy campaigners.
Network Security Trial
The TalkTalk Network Security Trial will help to test the latest network-based security offering TalkTalk is developing for its customers. We are looking for 150 existing TalkTalk broadband customers to take part.
The aim of the trial is simply to test the new service works for customers in a logical and easy-to-understand way, and provides a good overall experience. Prizes for premium feedback and participation on this trial include an iPod Touch and Amazon vouchers.
Most of the concern does not centre on the security service itself but the method by which it identifies bad websites in the first place. A separate system, which is managed remotely by Chinese firm
Huawei, effectively
follows customers around the internet and makes an anonymous record of the website addresses (
URL) they visit.
However Privacy Campaigners were quick to point out that the UK
Regulation of Investigatory Powers Act 2000 (RIPA) clearly prohibits "
interception of a communication" (i.e. such as URL addresses), a rule that is currently in the process of being tightened even further to match EU law (
here).
Indeed a
URL can contain sensitive personal data, such as names and addresses, which in most cases would occur as part of a private process that TalkTalk's service could still record. In addition, while TalkTalk's security service gives customers the option of using it or not, it's URL tracking appears to be mandatory.
Last November 2010 TalkTalk's Clive Dorsman attempted to alleviate some of the concern and said that its, "
system simply records the destination website URLs; it does not record who sends the request or other personal data with the URL." However, when we attempted to clarify with TalkTalk whether or not its system would strip personal data out of a URL they simply refused to respond.
The Open Rights Group (ORG) met with TalkTalk earlier this week to discuss their concern and is currently drafting a response. Meanwhile a website -
The Phoenix Broadband Advice Community - claims to be launching its own civil action against TalkTalk after it "
objected formally to being visited and scraped by the TT/Huawei bot."
Phoenix Broadband Advice Community Statement
"The action is being taken in response to a trial by TalkTalk involving the tracking of customers browsing, using Deep Packet Inspection, and the consequent scanning of website content by a TalkTalk bot. TalkTalk have refused to acknowledge that they require website consent before downloading content for their own commercial purposes. Their legal position is that as such content is publicly available on the internet they may access it without restriction and contrary to the expressed wishes of the site owner."
The action, it's claimed, is being taken to "
confirm a website owner's rights to control who accesses their website and under what terms and conditions those accesses are made". In reality this is very hard to do, unless you password protect every page or take your website offline, and we foresee a difficult uphill struggle for the action.
The website claims to have sent a
"formal letter of claim" "
letter before claim" to TalkTalk on 7th September 2010, which was "
in accordance with the small claims track protocols for County Court Action." However a TalkTalk spokesperson told us yesterday that it "
hasn't received any formal notice of legal action" and as a result had nothing further to say on the matter.
Clearly, whatever the rights or alleged wrongs of TalkTalk's URL tracking, it is a system that still has the power to inflame a lively debate. It's a debate that TalkTalk doesn't need, especially when it already has enough problems with Ofcom's
concern over their billing practices (
here) and a
mis-selling investigation to boot (
here).
On top of all that the ISP has just been voted
Britain’s Worst for Customer Services in 2010 by
thisismoney.co.uk, which awarded it the
Wooden Spoon gong. Hopefully TalkTalk can end this year better than they started it. Well, it couldn't really get much worse, could it?
Related News:
26th July 2010 - UK ISP Talk Talk Monitoring its Customers Online Activity Without Consent
30th July 2010 - UK ISP Talk Talk Defends Customer Website Snooping System
16th August 2010 - ISP Talk Talk UK Responds to Privacy Concerns Over URL Monitoring Service
23rd August 2010 - UK ISP Talk Talk Defends Website URL Tracking System from Privacy Concerns
7th September 2010 - Trouble for UK ISP Talk Talk as ICO Criticises Website URL Snooping System
25th November 2010 - UK ISP Talk Talk to Proceed With Controversial Customer Website Snooping System