Navigation:

Find in this Blog

About diaTribe

The diaTribe blog is our occasional take on life, the universe and everything. Observations on current affairs, the environment, politics, humour and music/gig reviews. Travel diary and extreme sports stories, along with the usual rants/raves are also chucked in for good measure.

April 2008
M T W T F S S
« Mar   May »
 123456
78910111213
14151617181920
21222324252627
282930  

Categories

Recent Articles

Archives

Friends of diaTribe

Blogs Worth Visiting

Syndicate this blog

What is RSS?

Other Links

Visit Zimbio - opens in new window

Hate Spammers? Check this out - opens in new window

We Support Wikipedia
Wikipedia Affliate Button

Stop ISP snooping! Oppose Phorm

Stop PHORM!

If they have their way all your web browsing history will be collected and sold to the highest bidder.

Fight back!

Technology at it's most pointless
Apr18

Rant: Phorm Storm (or when ISPs become ISPyers)

No Phorm! Image: S.Lawrence, Bandanna Club

Would you consent to your phone lines being permanently bugged or all your mail (in and out) being read, so you could be sent advertising leaflets matched to the information gained on your personal interests?

Would you as a business person, allow someone onto your premises (or to bug your phone / read your email) whose ultimate aim was to collect details on how to contact your visitors and customers, in order that your direct business rivals could thus target them with their own advertising?

No? Well you might then be interested in what is currently happening on the web to do with a company called Phorm, a service called Webwise and an ad delivery system called OIX (Open Internet Exchange).

Phorm (an ex spyware distributor – believe it or not!) is currently negotiating with three of the UK’s top ISPs (Virgin Media, BT and Talk Talk which supply circa 70% of the UK market) in order to install profiling software on the ISPs’ servers. If you are a customer of one of these ISPs, then this software will intercept and profile every webpage you visit, including specific page contents. It will then associate you with the website subject in order to serve you with relevant adverts when you visit a website that has signed up with the Phorm advertising system (OIX).

Surely there is some sort of protection from such communication snooping? Yes, in actual fact in the UK there is. The Regulation of Investigatory Powers Act 2000 (RIPA) states that for interception of a communication to be legal, certain conditions must be met. When this interception is by an ISP it appears that it would be necessary to gain consent from both parties (sender and receiver – website and surfer).

If you are a customer of one of the three ISPs mentioned, then presumably your Terms and Conditions will be amended to make your consent a part of your contract. But this doesn’t solve the issue of consent from the sender (ie the website owner).

However, the Home Office seem to be of the opinion that by publishing a website and therefore consenting to have that content publicly viewed in the normal way, this also may mean there are ‘reasonable grounds for believing’ that website owners consent to having their content intercepted and profiled. Which nicely circumvents the need to gain permission.

The RIPA does mention the issue of ‘reasonable grounds for believing’ regarding consent and that then interception may be legal. However, we feel that ‘reasonable grounds’ assumptions in this specific case is critically flawed.

Let’s take the example of a commercial site. When a business publishes a website, they do so to promote their own business enterprise in some way. It may just be advertising, it may be to sell online or to inform their customers. However, what a business could not just be assumed to want by publishing a site, is to promote the business profits of their direct rivals and possibly to lose a sale or potential customer by doing so. It is hard to understand why anyone would believe that a business would spend time and money, gaining important traffic/visitors etc, in order that their competitors may use this information to promote their own products/services in such an advantageous way.

Well there seems to be some kind of thought from Phorm that they are only doing what everyone else does, by surfing the net, i.e. viewing content. But that ignores a vital issue; they are not just viewing content, they are associating that content with a visitor in order to benefit commercially. Gaining privileged information on a competitor’s customer/visitor base is a completely different thing, to directly viewing a web page for your own requirements.

Another issue which comes up is that telecommunication organisations are specifically mentioned in the Regulation of Investigatory Powers Act (RIPA) and that interception – if it is a part of their service – can be lawful. However the interpretation of a ‘telecommunication service’ in the Act is quite clear and it is to provide a connection. Providing relevant advertising is not a necessary part of this core connection service (it is a valued added service). So our understanding is that to intercept for advertising purposes would indeed need specific consent from both parties of that communication.

So can you as an end user and customer of one of the ISPs say no? Well currently you can opt out. Yes, that’s correct! You have to opt out, rather than opt in… as you will be opted in by default*. The opt out uses a somewhat criticized method of an opt out cookie, which must stay on your system permanently. Lose it and you opt in automatically again, use another browser (or another computer) and you need another cookie. Opt in on your system and anyone using your PC may also be opted in, possibly without even realising it. Even with opt out, apparently data still gets intercepted…and you have to rely on your ISP not to use it!

As you may guess there is a huge furor from tech savvy people and privacy advocates, website owners and customers of the ISPs, as the implications of this system are potentially far reaching, not to mention unnecessarily intrusive of personal privacy.
Speaking personally, we would deny any Phorm-interested ISP our business. It may be that an ISP implements a correct opt in procedure, but even so any ISP who is even seriously considering such an intrusive system as this, is one we simply would have little trust in.

As website owners we will also be including a specific ‘no consent to intercept’ message on all our sites (this site is the first). We don’t believe that such detailed information on our site visitors should be available to Phorm and it’s minions, or that anyone should benefit commercially from our own hard work and financial input without our specific permission…. and that doesn’t even address the issue that such a preferential benefit may equal a loss on our part.

As a web surfer, if you care about preserving your browser privacy or you simply don’t want to be inundated with ads every few seconds then help us oppose Phorm by visiting: www.dephormation.org.uk to learn more, contact your MP and download useful Firefox protection plugins. You should also consider signing the petition against Phorm

If you are a webmaster, who cares about protecting your hard-built content from the Phorm freeloaders, then visit www.badphorm.co.uk and start taking steps to protect your site content.

*The Talk Talk ISP seem to be the best of the bunch of the three, as, although they are still implementing the Phorm system, they appear to be at least trying to find a way to make sure that the opt out is actually a real opt out so that no browsing data is even passed through the Phorm software.

+17
  
Submit to StumbleUpon
Permalink| Tags: , , , , , , , |

3 Comments for: Rant: Phorm Storm (or when ISPs become ISPyers)

  1. Visitor Comment # 1
    Mike Rutherford : (Visitor)

    Interesting article

  2. Visitor Comment # 2
    Tomas Blaine : (Visitor)

    Looks like George Orwell only scratched the surface.

  3. Visitor Comment # 3
    Mike Adams : (Visitor)

    Scary! Looks like I need to find another ISP

Sorry, comments for this article (Rant: Phorm Storm (or when ISPs become ISPyers)) are now closed.

Valid XHTML 1.0!If page contains a form it won't validate due to 'aria-required' attribute. We have chosen accessibility over validation. Valid CSS! Valid RSS! Valid Atom!

NoPhorm - No consent to intercept

Regulation of Investigatory Powers Act 2000 (RIPA) Notice

No consent is given for interception of transmission of any page in this site.