BT uses customers as Phorm guineapigs
Bad call
BT HAS ILLEGALLY tested an online ad system on over 30,000 unsuspecting customers, according to a digital rights lawyer.
BT admitted testing a demo of Phorm, which injects targeted advertising into web pages, using data acquired through the interception of the URLs visited by a user, in 2006 and 2007, without letting customers know.
A member of the Foundation for Information Policy Research (FIPA), Nicholas Bohm, told the BBC that the tests were "an illegal intercept of users' data". Some 36 thousand customers unwittingly took part in the 2006 and 2007 trials. BT apparently refused to comment on whether or not they were in the wrong, saying only that the test was supposed to test the technical performance of the platform and that "no personally identifiable information was processed, stored or disclosed during this test".
FIPA has now also asked the Information Commissioner to rule that Phorm contravenes the Regulation of Investigatory Powers Act 2000 (RIPA), protecting users from illegal hoarding of their information. They argue that Phorm has to get consent from both Internet users and website operators for the technology to be considered legal.
Phorm works by literally "trawling" websites visited by users and matching keywords from the page to a user profile. The user can then be targeted with more streamlined advertising, making it easier for marketers to bombard people with the most relevant adverts to them.
BT is not the only British ISP using the privacy-invading platform. Virgin Media and Talk Talk are also planning on using the technology in the near future.
Apparently not bothered by their abuse of customer privacy, BT is going ahead with plans for a third test of the system next month. This time, the company says it will ask the 10,000 customers it needs, whether they would like to take part or not. Better late than never, supposedly. µ
L’Inq
BBC
See Also
Web’s
creator slams targeted ads
Comments
Which one?
I thought you were talking about the musician at first.It's even worse...
Re: "the interception of the URLs visited by a user, in 2006 and 2007, without letting customers know."It's worse than just obtaining the URL. There is a T-junction in BT's Intertubes somewhere that sends all Web traffic (Webmail, Forum posts, perhaps even this very comment) to one of Phorm's servers, at which point Phorm decides for you whether or not the thing they have just stolen is "privacy sensitive". If it is (like, oh, email addresses or bank account numbers because we all know that there is no other privacy sensitive data), Phorm generously refrains from analysing those parts of the webpage.
To add to the euphoria, the system also has the capability of sending you, transparently, to a different web page than the one you just asked for. Earlier versions of the system would also insert Phorm's Javascript into the pages you asked for.
In a burst of creative writing, they advertise this as a defense against Phishing, and a great privacy-enhancing feature.
They are also very proud of their "Opt-out" feature. All that it requires is a cookie stored on your machine, and you will just get to block the normal, non-targeted ads until "something" happens to that cookie. It does not, however, keep them from rooting through your web traffic.
I want to see this company die. Messily. In the single-gunshot-heard-from-the-boardroom sense. The FSM knows that there are plenty of other grubby companies like Phorm out there and I want them to take note of what happens if they stick their filthy pseudopoda out of the primordial ooze where they dwell.