Republished: Second time I've contacted BT about Phorm
Originally published on Benscomputer.no-ip.org on 8 Mar 2008
Well, I've just emailed BT for the second time about this Phorm debacle. I contacted them the first time outlinign my concerns, and included a Data Protection Act notice effectively barring them from passing my details outside the EU, to any third parties (except where required by law) or using any data other than that required to fulfil their contractual responsibilities.
Got a really, really crap reply telling me what BT WebWise is, how it's fantastic for the consumer etc. but not addressing a single one of my complaints or concerns, not aknowledging the DPA Notice. Simply put someone read the first line, typed WebWise into the PC and copy n pasted from the script without reading the rest of the letter.
So I've emailed them this;
Dear
Sir/Madam,
I am
writing to you today having not received a response to my previous
correspondence. My previous correspondence stated that I feel that BT's
reply does not even begin to accurately address my complaint, and quite
frankly, has the appearance of being read from a script.
As my
original correspondence contained a Data Protection Act Notice, I would
strongly recommend that BT re-examine it and address the issues I have
raised. I do not consent to BT passing my browsing traffic through
hardware supplied by Phorm, and will therefore consider BT in violation
of section 11 of the UK Data Protection Act 1998 if they do so. Whilst
both Phorm and BT claim that users who have 'opted-out' will have their
data discarded after the first stage of processing, the Data Protection
Act does not allow for this. I have not, and do not consent to my data
being processed in this manner, and should my data pass through even
the first stage of the 'profiling' process, the operator will be in
violation of the Data Protection Act.
Why
BT believe that the service is so desirable to users is beyond me, but
further than that I cannot begin to comprehend why such an allegedly
desirable service is not 'opt-in' as opposed to 'opt-out'.
Quite
aside from Phorms links to malware (and yes, many people consider
adware to be malware) the proposed plans introduce an extra link into
the routing chain, and simply serve to create the possibility for
another vulnerability. A vulnerability that would be common across all
ISP's utilising the hardware.
No
matter what Phorm and BT claim the system will be doing, my issues lie
with what the system is capable of, should a disgruntled employee or
anyone else decide to adjust the way it works.
I
will not be allowing my traffic to pass through this hardware, and if
that means changing ISP then so be it.
As BT
will be receiving revenue from this proposed system, will its users be
seeing a fall in prices? I think this is highly unlikely, although BT
may well see a drop in users. Especially amongst the more tech-savvy
consumers.
Personally
I believe that BT will fall foul of the Regulatory Powers of
Investigation Act, and are likely to find themselves involved in a
number of court cases over the next year or so. It is time this madness
was stopped, if as many ISP's are claiming they are merely conduits for
information (which is the defence against the proposed anti-piracy
measures) why are they contradicting themselves by bringing in a system
such as the proposed measures?
Finally
I wish to express my grave concerns over BT's silence on this matter,
surely if this service is as beneficial as BT have claimed, you should
be trumpeting the service. I, and many others, want answers as to why
our privacy is being put at risk. Why are we not being given the option
to fully opt-out? Why are we required to opt-out rather than opt-in?
Why are BT promoting the Anti-Phishing side of the 'service' and
remaining relatively quiet about the Advertising side? Why are BT not
being transparant about the tests that appear to have been run within
the last 6 months? What if a Webmaster does not want the hardware to
'profile' his site? What happens on a multi-user computer?
The
final question is a compelling one, my partner cannot legally consent
to my data being shared with a third party on my behalf. So if she
turns Webwise on when the service is first launched, where does BT
stand legally? I have given no consent, informed or otherwise, and
therefore BT would certainly be in violation of RIPA.
In
conclusion, I do not want 'Webwise' active on my account in any shape
or form, no targeted advertising, no anti-phising warnings (I already
have that in my browser), and definitely no extra hardware between my
computer and the sites I am connecting to. Furthermore I do not give
permission for Phorm or BT to create a mirrored copy of my Website for
'profiling,' for BT (or Phorm) to do so would be a violation of the
Copyright, Designs and Patents act 1988.
I pay
BT to provide a service, I expect BT to fulfil their contractual
obligations, and to respect my privacy. Whatever BT and Phorm may claim
about the privacy of the system, it's very existance means that BT's
network no longer achieves my expectations. BT must provide me with a
way to bypass the system, or I shall search for an ISP who will provide
me with a written convenant not to pursue any course of action similar
to the course currently pursued by BT, Virgin Media and Talk Talk
Thank
you for your time
Yours
sincerely
Ben
Tasker
No doubt I'll get a crappy reply again, but as this time I could tick 'yes' to have you complained to us about this before? Hopefully it'll get noticed by someone a little higher up. Sadly if I do change ISP this site could be offline during the changeover (and I'll have no connectivity) but if it keeps my data away from Phorm then it'll be worth it.