Monday, April 28, 2008

Boffins enter 'online privacy' debate

A feature in this week’s print edition of New Scientist offers an intelligent and balanced look at online privacy, and has decided that the issue is important enough to be discussed in its leader column.

[New is a subscription based model, so we can’t deep-link]

Travel searches are used, along with luxury goods, as an example of target categories where data from ISPs could be commercialised.

Phorm and its US-based rival NebuAd are given plenty of column inches to defend their business. ‘We have built a system that is truly ground-breaking in terms of protecting the privacy of users,’ insists a spokesperson for the former.

As mentioned on this blog before, the laws about online privacy are evolving territory by territory. New Scientist says that it could boil down to whether an individual could reasonably have expected his/her communication to be private. ‘Bugging a conversation using a hidden device is illegal...but listening to someone calling from a busy train is okay,’ it suggests.

The leader column concludes: ‘It is important that we all understand these changes of roles [of the ISPs]. It is even more important that we have a debate about whether it is acceptable, and what the limits should be, before it is too late.’

Martin Cowen, chief writer, Travolution


Anonymous said...

the NS blog at

new scientist said:"Many subscribers are not bothered by this. Phorm and others do not collect information that can be used to link individuals to specific websites, for example. But some users do not like the idea of someone keeping tabs on their surfing. They face a problem, because ISPs often start collecting information without telling their subscribers."

your NS statement is incorrect im afraid , infact its known that Phorm use layer7/Deep Packet Inspection kit to intercept and collect _all_ your data stream regardless of what data they then process and act upon, anonymise etc.

and in the UK/EU that is unlawful without court orders.

for far more acurate detail's and the real feeling in this see:

the longest Phorm related thread on the net, and legal/moral/tech comments by the very paying UK customers effected by this unlawful interception.

The Phorm “Webwise” System - a Legal Analysis
Nicholas Bohm
23rd April 2008

FIPR (the official advisor body to the UK Govt)calls on Home Office to withdraw misleading advice on Phorm.

the many ElReg news coverage

to get you started...

thanks, David M

Travolution Blogger said...

Thanks for the links, David. Phorm isn’t the only online privacy issue knocking around, but it is so newsworthy in the UK at the moment that it could be the one to open the floodgates.

We are about to enter the silly season for mainstream media – we’ve had airport chaos hell stories, swathes of the UK are already paralysed by house price Armageddon and bird flu has been forgotten.

If news editors are looking for something new with which to strike fear into the heart of middle England, online privacy could be answer.

Anonymous said...

"Phorm isn’t the only online privacy issue knocking around, but it is so newsworthy in the UK at the moment that it could be the one to open the floodgates.
indeed, infact since looking into this most interesting subject it appears that we need to be far more diligent.

there is infact the case of NebuAd now having offices inside the UK just waiting on the side lines to see were the Phorm storm goes for instance.

but more than that several inter-related facts have emerged not least the 'Experian [the UKs largest Credit Rererence Agency] to track net users'using exactly the same type of Deep Packet Inspection Kit located in a central
bb site, perhaps directly in the ISPs internal network infact.

but even scaryer than even that DRA linking to your online life and datastream is the far greater
mobile phone and future datastreams being also Phrm like intercepted.

as Orange UK admits to apparently "supplies Xiam with data including billing information, mobile browsing logs and purchase history".

the UK Mobile networks have already been exposed last night on the dispatches program channel 4 as having UK Govt officials support their unlawful price fixing etc and even standing in the way of the EU rulings (see the TV program if you can it explains it far better than any news reports so far)

it was even implyed that the UK mobile networks were looking to mobile WiMax and its data mining as their largest ever cash cow.

and the Govt were pushing the sale of the freed analogue Wireless selloff into the networks favour for future favours rather than release more airspace and return that to the TV networks for far more DVB-T use and growth of that market.

as you might guess, when you look at all this on the bigger scale, any future wireless Phorm like DPI datstream collection has massive implications over and above even the 75% of the UKs wired Broadband customers.....

are you worryed yet, perhaps you should be given this Deep Packet Inspection Kit sees every single bit of data your copyright protected data stream, not mearly some webpages, then process it and finally anonymise any data they deam valuable to their profit for sale machine...

happy days.

Anonymous said...

ohh i forgot to mention the fact its odd that the police havent as yet investigated the unlawful RIPA interceptions of 2006/7

it seems obvious that the BT executives and personel involved in the Unlawful RIPA interception in 2006/7 are under direct threat of a criminal conviction at some point in the future.

remember RIPA Criminal conviction for UK executives case law already exists.

the lost RIPA appeal of Stanford's
Stanford Loses Criminal Appeal

3 February 2006

Stanford Loses Criminal Appeal


The Regulation of Investigatory Powers Act 2000 provides a defence to an individual who intercept a communication in the course of its transmission from a private telecommunication system, if they can establish:

a) that they are entitled to control the operation of the system; or

b) they have the express or implied consent of such a person to make the interception.

Stanford relied on the position that he had gained access to the emails through a company employee. The employee apparently was given access to usernames and passwords on the email server.

Therefore, Stanford argued, he was entitled to access the emails as “a person with a right to control the operation or the use of the system”.

Geoffrey Rivlin QC, the trial judge had a different view. He pointed out that
“right to control”
did not mean that someone had a right to access or operate the system, but that the Act required that person to of had a right to authorise or to forbid the operation. [that mean YOU users as the owner of the data]

Stanford appealed the judge’s decision. However, the Court of Appeal upheld Rivlin’s view. It pointed out that the purpose of the law was to protect privacy. Therefore Stanford’s sentence of 6 months imprisonment (suspended for two years) and a fine of £20,000 with £7000 prosecution costs
were upheld.

Daniel Doherty"