Home » ISPreview UK News Archives »
Sponsored
Sir Tim Berners-Lee Accuses Phorm of Snooping on ISP Users
By: MarkJ - 12 March, 2009 (9:00 AM)

Transcripts from yesterdays House of Commons debate (original news) on Internet privacy, deep-packet inspection and Phorm have certainly turned up some interesting quotes and reactions. Chief among those were several comments made by Sir Tim Berners-Lee, inventor of the World Wide Web (WWW):

"To allow someone to snoop on your Internet traffic is to allow them to put a television camera in your room, except it will tell them a whole lot more about you than the television camera," said Sir Tim.

"Clearly we must not interfere with the Internet, and we must not snoop on the Internet. If we snoop on clicks and data, we can find out a lot more information about people than if we listen to their conversations."

Sir Tim's strong opposition to the collection of sensitive personal data about people’s habits drew an angry response from Kent Ertugrul, Phorm's CEO. Phorm's controversial service works with ISPs to monitor what websites you visit for use in targeted advertising campaigns:

"There have been a number of things said that patently misrepresent what we do," claimed Ertugrul before proceeding to point out how Phorm had, "the strongest privacy protection of everyone on the internet." It's not presently clear how such a claim can easily be substantiated.

Ertugrul continued to warn that much of the media wouldn't even exist without advertising, to which Sir Tim responded by saying that targeted advertising was an "improvement" but there were better and no doubt less invasive ways of doing it. Sir Tim has also posted a bullet point summary on his W3 Blog:

A discussion was held at the House of Lords by Baroness Miller on 2009-02-11. These are some notes I made for the event, which I attended.

  • The Internet in general has and deserves the same protection as paper mail and telephone.

  • If fact you could argue that it needs it more, as it carries more or our lives and is more revealing than our phone calls or our mail.

  • The access by an ISP of information within an internet packet, other than that information used for routing, is equivalent to wirtetapping a phone or opening sealed postal mail.

  • The URLs which people use reveal a huge amount about their lives, loves, hates, and fears. This is extremely sensitive material. People use the web in crisis, when wondering whether they have STDs, or cancer, when wondering whether they are homosexual and whether to talk about it, to discuss political views which may to some may be abhorrent, and so on.

  • We use the internet to inform ourselves as voters in a democracy. We use the internet to decide what is true and what is not. We use the internet for healthcare and social interaction and so on. These things will all have a completely different light cast on then if the users know that the click will be monitored and the data will be shared with third parties.

  • The URLs produced when using forms contain the information typed into those forms. Personal data, private data.

  • If people really want privacy, then many users and sites may switch to using SSL encryption: to doing theior actual web surfing thorugh an encrypted tunnel. This takes a lot of server CPU cycles, making server farms more expensive. It would slow the user's computer. It would effectively slow down the whole net. It also prevents the use of HTTP proxies, which currently help the efficiency of web access.

  • There are considerable risks if the information is abused. Imagine:
    -- To be able to buy a profile of a person you are interested in;
    -- To discriminate based on profiles of people when deciding whether suitable to employ them;
    -- To discriminate in giving life insurance, and so on, against those the have lookup up (say) cardiac symptoms on the web;
    -- Criminal attacks on government officials at home;
    -- Foreign attacks on the country made by targeting and analyzing key individuals;
    -- Predators choosing, stalking, and targeting victims;...
    to name a few.

  • The information could be deliberately abused by an inside worker, or could be acquired by an attack on the system's machines.

  • The power of this information is so great that the commercial incentive for companies or individuals misuse it will be huge, so it is essential to have absolute clarity that it is illegal.

  • To put his in perspective, it is like the company having a video camera inside your house, except that it gives them actually much more information about you.
The act of reading, like the act of writing, is a pure, fundamendal, human act. It must be available without interference or spying.

Sir Tim also criticised the government’s own pursuit of privacy invading technologies via its Data Retention laws (Communications Data Bill), which may have made it more difficult for them to act against Phorm while doing something very similar themselves, he remarked.

From Sunday all UK ISPs will be forced by the government to start logging basic customer access, web and email activity on their networks for up to one year (ISPr Article: 'ISPs Raise Concerns Over Data Retention Proposals'). However the full formal introduction will not take place until 6th April and ISPs have been given over a year to adapt.


History - [News Archives]

Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved (Terms, Privacy Policy, Links (.), Website Rules).