NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Legality of Phorm's advertising system


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Not sure if this is still seen as being on-topic, and the legal issues
involved are very UK specific --- mind you most of the stuff on the list
is very US specific, and that seems to be OK :)

http://www.fipr.org/press/080317phorm.html

- --=--=--=--=--=--=--=--=--=--=--

FIPR Press Release

For Immediate Release: Monday 17th March 2008

Open Letter to the IC on the legality of Phorm's advertising system
- -------------------------------------------------------------------

The Foundation for Information Policy Research (FIPR) has today released
the text of an open letter to Richard Thomas, the Information
Commissioner (IC) on the legality of Phorm Inc's proposal to provide
targeted advertising by snooping on Internet users' web browsing.

The controversial Phorm system is to be deployed by three of Britain's
largest ISPs, BT, Talk Talk and Virgin Media. However, in FIPR's view
the system will be processing data illegally:

*   It will involve the processing of sensitive personal data: political
    opinions, sexual proclivities, religious views, and health -- but it
    will not be operated by all of the ISPs on an "opt-in" basis, as is
    required by European Data Protection Law.

*   Despite the attempts at anonymisation within the system, some people
    will remain identifiable because of the nature of their searches and
    the sites they choose to visit.

*   The system will inevitably be looking at the content of some
    people's email, into chat rooms and at social networking activity.
    Although well-known sites are said to be excluded, there are tens or
    hundreds of thousands of other low volume or semi-private systems.

More significantly, the Phorm system will be "intercepting" traffic
within the meaning of s1 of the Regulation of Investigatory Powers Act
2000 (RIPA). In order for this to be lawful then permission is needed
from not only the person making the web request BUT ALSO from the
operator of the web site involved (and if it is a web-mail system, the
sender of the email as well).

FIPR believes that although in some cases this permission can be
assumed, in many other cases, it is explicitly NOT given -- making the
Phorm system illegal to operate in the UK:

*   Many websites require registration, and only make their contents
    available to specific people.

*   Many websites or particular pages within a website are part of the
    "unconnected web" -- their existence is only made known to a small
    number of trusted people.

The full text of the open letter can be viewed at:

    http://www.fipr.org/080317icoletter.html

QUOTES

Said Nicholas Bohm, General Counsel, FIPR:

    "The need for both parties to consent to interception in order for
    it to be lawful is an extremely basic principle within the
    legislation, and it cannot be lightly ignored or treated as a
    technicality. Even when the police are investigating as serious a
    crime as kidnapping, for example, and need to listen in to
    conversations between a family and the criminals, they must first
    obtain an authorisation under the relevant Act of Parliament: the
    consent of the family is not by itself sufficient to make their
    monitoring lawful."

Said Richard Clayton, Treasurer, FIPR:

    "The Phorm system is highly intrusive -- it's like the Post Office
    opening all my letters to see what I'm interested in, merely so that
    I can be sent a better class of junk mail. Not surprisingly, when
    you look closely, this activity turns out to be illegal. We hope
    that the Information Commissioner will take careful note of our
    analysis when he expresses his opinion upon the scheme."

CONTACTS

Nicholas Bohm
General Counsel, FIPR
01279 870285
nbohm@ernest.net

Richard Clayton
Treasurer, FIPR
01223 763570
07887 794090

NOTES FOR EDITORS

1.  The Foundation for Information Policy Research (http://www.fipr.org)
    is an independent body that studies the interaction between
    information technology and society. Its goal is to identify
    technical developments with significant social impact, commission
    and undertaken research into public policy alternatives, and promote
    public understanding and dialogue between technologists and policy-
    makers in the UK and Europe.

2.  Phorm (http://www.phorm.com/) claims that their "proprietary,
    patent-pending technology revolutionises both audience segmenting
    techniques and online user data privacy" and has recently announced
    that it has signed agreements with UK Internet service providers BT,
    TalkTalk and Virgin Media to offer its new online advertising
    platform Open Internet Exchange (OIX) and free consumer Internet
    feature Webwise.

3.  In a statement released on 3rd March the Information Commissioner's
    Office (ICO) said:

        "The Information Commissioner's Office has spoken with the
        advertising technology company, Phorm, regarding its agreement
        with some UK internet service providers. Phorm has informed us
        about the product and how it works to provide targeted online
        advertising content.

        "At our request, Phorm has provided written information to us
        about the way in which the company intends to meet privacy
        standards. We are currently reviewing this information. We are
        also in contact with the ISPs who are working with Phorm and we
        are discussing this issue with them.

        "We will be in a position to comment further in due course."

- --ends

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBR96cppoAxkTY1oPiEQLeawCdGDnbiu2nrL+bZRjLDGMiiesVgycAmwZl
f2TuoAZ1bGVquDE3Zl3x/Pk8
=sRe1
-----END PGP SIGNATURE-----