Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

What are the terms of reference for his PIA? Is it an analysis of the current Phorm system, or these types of systems in general and how they would have to be deployed/changed in order to not contravene privacy laws?

If it's the latter, then this goes along with Simons comments in an interview that indicated there could be a compromise solution. I'd expect the PIA to have a list of recommendations of changes Phorm would have to make in order to comply, Phorm spin then says the PIA puts them in the clear etc....

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Check out Simon's background.
Drop him a PM if you have any doubts about his previous record.
Email him and ask for a chat (but recognise that he's kind of busy right now and probably won't want to discuss the PIA conclusions until they're published).

I'm confident that you'll find it extremely difficult to find a single candidate that you'd rather have conducting the PIA.

---------- Post added at 10:31 ---------- Previous post was at 10:29 ----------

Have a read of the interim report?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I have just watched a few minutes of this, and Alex how on earth could you bear to sit near that creap? k*nt really makes my skin crawl, that smarmy look on his face(man wouldn't I love to slap that look right off his face) he's clearly out of his mind, I cannot believe he is STILL compairing his crappy system to google (off topic, has anyone contacted the head(s) at google to see how they feel about this trash?) he is clearly dis-illusional to what his own 'creation' does and does not do!

Man my hat goes off to you Alex, for if I was sitting there I could not stand all that butting in, interrupting & his frankly lying answers!

My feelings on that "man" (and I DO use that term lightly) will never change, and I really do pitty him if I ever come face-to-face with such a disrespectful (insert choice words).

I hope I have not offended anybody (apart from k8nt) but I cannot stand the creep, simple:td:

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

As the BT Webwise/Phorm trials theoretically approach, (due by May 26th according to latest BT claims) and the likelihood of 10,000 BT customers having their browsing intercepted so that they can be given the invitation to join the trials, the issue of "inphormed choice" becomes rather urgent.

I am pressing BT to give me detailed arguments (and to give ALL their customers open access to such arguments when invited to join Webwise) as to how they think this system is LEGAL. Because the only detailed published opinions on the legality of Webwise so far, suggest it is illegal on multiple counts, BT are failing in their duty of inphorming customers, by not issuing detailed rebuttals of those criticisms of Webwise/Phorm made by FIPR, Richard Clayton, Alex Hanff, et al.

Their earlier claims about consultation with the Home Office have fallen apart with the recent HO notes.
The Ertugrul garbage about Pricacy International audits and his reliance on some irrelevant US auditing firm Ernst & Young (accountants who are no strangers to FTC punishments), don't cut the mustard either.
The ICO have toughened their stance, particularly on opt-IN and informed choice.
The FIPR analysis remains UNanswered by Phorm or BT.

As a BT customer I am still without detailed information from my ISP that tells me this system is legal. It is not enough for BT to simply "reassure" me, because any average rational BT customer who hasn't been asleep for the last twelve months, will take such BT management statements with about a ton of salt, because BT have a clear record of dissembling on the whole subject of Phorm, and have NO grounds for expecting me to trust them.

The government are also dragging their feet in refusing to answer written questions put to them in the House of Lords.

So BT - you say you have done due diligence.

Lots of people I DO trust say this Webwise/Phorm system is illegal.

YOU say it's legal but refuse to give me the details. How do you rebutt Nicholas Bohm from FIPR?
What is your answer to Alex Hanff?

Point by point please?

RIPA?
DPA?
Fraud Act?
PECR?
Civil liability to website owners?

If you won't do this, then you are refusing to inform me properly about Webwise. I can't make an informed choice. So you are breaking the law if you present me with an invitation to join Webwise, without giving me (and 10,000 other customers) a lot more legal infomation than you have currently supplied. It is NOT enough to say "we have carried out - er - um - sought extensive legal advice". The weight of published opinion on this subject is AGAINST Phorm/Webwise. You must redress the balance, if you can, and if you genuinely wish to offer your customers the opportunity to make inphormed consent.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Love the language RJ, "Theoretically" - LOL - Indeed!!! :handshake

I agree, I can't make an inphormed choice either - so they have to provide this detail for it to be 'informed'.

:clap:


Agreed - I did not see your derision of the methodology either (even in the quoted post). Ceedee seems to be saying we should not critique some specifics around the current output from Simon but I don't see why these should go unchallenged because this is a public forum and unless the challenge became personal or an invasion of privacy in some way, then I don't think it's wrong in a democracy.

It IS important that we await the PIA before making any final judgements on it, but I don't see the harm in debate or speculation now as long as it is properly read, considered and responded to in a reasoned manner when it does arrive.

Specualtion isn't pointless (IMO only) because in the absence of facts today it sparks debate and conversation about this whole sordid issue, which is why people come here to a forum to take part. Unfortunately for some of us tho, there is painting to be done and I will be shot by you know who if it is not finished today (or at least the ceiling!)

Got an unexpected letter from the Earl of Northesk today, but I'll share later.

Have phun :)

Hank

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Just been reading the intrim report again and wel the final bit by Simon I can answer in MPO..

Start there with what has hapened recently plus the known history of Kent then this is the first stumbling block.
1. He already has history of maliciously attacking peoples computers putting rootkits on and spying on these people.
2. Seems strange the profesional video is in phorm hands and not released and the only known online copies of a private one gets hacked. ( I read on another forum where it was said that a large company was offering money!) Now I will leave this to be interpreted which ever way you like but it is strange the Videos where attacked to stop them being viewed.
3. The way he has shown contempt and disregard to the truth and had truth spun round to make his system look accepted gives me enough to say no thank you your system may be gret may do al you say but you are its biggest enemy you are who we distrust the most anything with you in the managment is not acceptable period.

The traffic can point to who this person is as the system works on scripts to track and cookies, this script only needs alteration and it will harvest anything they request. The only people with access to this side are the first bunch of people you wouldn't let near any of your details or PC's.
IP address is shown on a lot ot sites you visit now some show the resolve IP addresses which with the way form gathers would be harvested.

Going from the present audit this is another point to say trust is not there.
1. Each country has their own levels of privacy laws which has to be followed to the letter, on recent knowledge phorm and BT have already shown they are willing to flaunt this trust by illegal tests.
Security from working in an educational setting the security of the pupils were supposed to be paramount yet teaches overworked stressed etc could forget to do a few things then used the year before security checks to cover this up.. Known fact by me so what is going to be different for someone like Kent who has shown his disregard for peoples privacy, security in the past. We all kow many cut corners to get where they want he is willing to cut more than I am willing to accept. MPO from news, listening to his recording for the last few days the more I listen the more sure I am there is some other reason he is desperate to get hold of as many British PC's as possible.

I do hope that Simon re-reads his PIA also relistens and re-reads any contact with Kent notes the number of times Kent has either changed his stance failed to deliver what he promised or dropped you in deep dung before signing of the PIA.

I hope and pray that Simon is true to his reputation and re-visits areas of concern re-visits programs like cllick other recordings etc and then thinks about "malicious." Is this were Phorm is heading malicious use of 70% of the UK pcs, some websites take payment for putting trojens on UK pcs get £100 per pc. Ethics come into this Kent has none but his own which do not include public we are just a means to an end for him, ISP managers are his tool to manipulate to his way of thinking and Simon is his pawn he hopes will sway the phorm way.

With all this said I lost faith and trust in VM with their silence for so long so moved to safer place.
I hope for all those left that you are not forced into the devils lair which is the path of Phorm...

The only good thing phorm is supposed to do was most likely copied from some software out there since even the name and logo are almost copies of an older company..
I rest my case the jury is out what is your verdict Phorm guilty as charged with BT or innocent..

:angel:

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I for one do not doubt Simon and 80/20 thinking's ability to handle the privacy angle.

My concern is that he is essentially auditing a rather intricate software system which is itself a rather complex and specialist task, and I don't see any visibility of who is involved with this task.

There is a need to consider not only what Phorm claim the system to do now, but what a software expert views the system to do now, and what the platform is capable in future (with software upgrade).

These risks then need to be mitigated by strict operational, development, validation and procurement procedures as they are e.g. in any mainstream communications equipment manufacturer.

There is a well-documented chasm in opinion between how executives in software companies view software development and the view of the software developers, designers and architects themselves (just one example in Watts S. Humphrey in Winning with Software: An Executive Strategy: http://www.amazon.co.uk/Winning-Soft...dp/0201776391/)

This applies especially to how risks are viewed and mitigated. Whilst executives tend to believe risk (and with it software security) management is just another bolt-on layer that can be organised and paid for (i.e. bought in) as part of planning a programme of works, in reality this risk needs to be mitigated from the start of the project and by training everyone involved in the project, from developer to director, to spot and mitigate these risks.

The cyber security threat is very real, with documented cases:
http://www.theregister.co.uk/2008/04...e_development/

TS Ameritrade showed last year what such practises can do when it admitted that a backdoor created by an outsourced programmer was to blame for the loss of 6.3 million customers' details

Note also that in allowing Phorm, the Home Office and ICO are implicitly opening up the intra-ISP profiling market to all. A green light, as The Register put it, to anyone who can pursuade an ISP to allow them access. Since big financial rewards are being touted, ISPs may be pursuaded. Don't also forget the many "micro-ISPs" e.g. operating hotspots in Hotel rooms.

My concern is over who will regulate this market, ensuring not only that the profilers do what they say, safeguard privacy and respect user’s choice, but also ensuring the software vendors adhere to the strictest standards and development procedures to minimise the increased security threat.

It was first suggested by Phorm that the ISPs themselves are more than capable and motivated to do this, however, as I have pointed out in numerous blogs, to the BBC, at the Town Hall and to Phorm in person (Radha) that the ISP has for the first time got a financial interest in ensuring the marketability of the data output from the profiler.

The “Cisco� argument put to me by Phorm (an ISP accepts software on trust from Cisco, so why not Phorm) falls over because neither Cisco nor an ISP stand to made direct financial gain based on the marketability of the output of its kit.

I have no direct experience of Cisco but I do of other manufacturers and I know first hand the procedures such companies have in place. Furthermore full source is provided where kit is to be installed in sensitive situations, and these same units are on general sale, to millions of customers worldwide. These customers gain much comfort in knowing these facts.

I simply don't see who is going to regulate this market.

The question of legality is a red herring of sorts. A practice is legal until the courts (or regulators) decide it's not. Furthermore Parliament may still decide to change the law to legalise a practice they see as beneficial (EU commitments duly noted).

Access to the courts is restricted by money or public interest, and at the moment Phorm is generally seen as a good thing for business, even by Don Foster, who wrote in a personal letter to me, "Having met [with Phorm] ... I am convinced that Phorm can provide a useful service with more than adequate security protection for each user."

The argument I am trying to put forward is that there is a public interest in this issue, and in the absence of a capable independent regulator for intra-ISP profiling I personally think RIPA should be enforced strictly because I feel there is a legitimate threat to cyber security once the market is open to all.

James Firth

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Well I certainly wouldn't pick a fight with an ex NCO!
Seriously though - Phorm have played fast and loose with terms like due diligence, audit, and PIA. There is a long list of false or irrelevant claims that they have made in attempting to validate their system.

They claimed PI had done a PIA, then got very pernickety when it was pointed out that PI and 80/20 were not the same organisation, and had silly arguments about what "hats" Simon Davies was wearing (Charles Arthur interview, Guardian)
They claimed a PIA had been done, when in fact it was an interim privacy report. (Sadly the 80/20 site itself replicated this error on its front page, although not on the inside pages, until only a day or so ago)
Phorm quoted the privacy audit by Ernst & Young in discussions on the UK implementation of Webwise, when Ernst & Young did not look at the technical specifics of how the Webwise system would operate in the UK when/if adopted by the ISP's, and they did not consider the UK/EU legal environment. And they are a US outfit who have been in trouble with the US FTC themselves, so why should be believe a big US accounting firm anyway on issues of integrity?

So, I think we can expect that whatever the final report from 80/20 says, Ertugrul will be quoting selectively from it, and claiming much more for it than he is entitled to. That is simply the way he operates. We must make sure that the relevant journalists know the right questions to ask him, live, on air, and encourage them to give him plenty of exposure.

I think we need to keep our powder dry, read the interim privacy report from 80/20, read the final report when it comes out, remember to refer to those reports accurately, remember the caveats in the original interim report that said a full PIA was actually not possible because of the late start, and then see exactly what is said, and check very very carefully what use is made of the report by Ertugrul and the ISP's.

I think it would be unwise if anyone were to impugn the integrity of 80/20 at this stage, although I would understand that there might be some vigorous private correspondence between campaigners and 80/20 about outstanding issues like the video, the integrity issues around Phorm Inc (I'd like to hear from them about their logo for example - DID they steal it from the Sheffield design company called Phorm?). Kent Ertugrul has landed the ISP's in the manure by the way he has handled his PR, if he was my commercial partner, I'd be furious. I imagine he will happily attempt to exploit 80/20 for his own ends too. Whether he succeeds or not, we will have to wait and see. That 80/20 report needs publishing and very very soon - we don't want a long embarrassing delay like we have had with the Town Hall video.

And once it IS published, of course we need to check whether the system being adopted by the ISP's, is the SAME as that which was being discussed in the 80/20 report - it can't be, because BT at least, are retrophitting it as we speak, in an attempt to make it slightly less illegal (culpable homicide rather than 1st degree murder?).

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The extended edition (woop I have an extended editition yay! Eat that Brad Pitt) is far better than the limited edit for the actual show. If you look closely you can see the stunt double at one point.

But seriously, nice that they released an edit where at least some of the important points I made were shown.

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Like hell I am!
All I've done is ask that people consider the implications of wildly (by which I mean, in an exaggerated, unwarranted or unreasonable manner) criticising the report, the methodology or the authors before publication because that will surely be used to denigrate it's conclusions.
(The quoted post suggested that the PIA would be of little or no value and that 80/20's ethics weren't "worth the pixels its written in" (that I presumed to be black humour) hence my description of it as derision.)

If I suggested that it's not a good idea to shoot the messenger or declare that the message has no value before you find out if it's good news, would it make more sense?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

We should Digg this one too:

http://digg.com/tech_news/BBC_Click_Phorm_discussion

It is a link to the extended web edition of the Click! debate

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Eh? I can't believe you posted that, YET IGNORED OUR COMPLAINTS AND REQUESTS FOR AN APOLOGY.

Simon, just in case you missed our posts, here they are again:

Simon, you there? Yes of course you are.

You can see our original posts on page 364 of this thread.

We STILL await your reply. And apology.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Done

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

One thing that I'm not clear on here - is there any obligation on Phorm to actually publish the final PIA in full? Presumably, as they have commissioned it, they will own the copyright?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The problem is whichever way you look at it, this PIA is open to spin manipulation. If it's critical of webwise, it will be disregarded by Phorm under the premise that Phorm's critics denounced it beforehand; if it supports webwise, we will reject it as 'bought'. I think that makes the PIA just some words written by some bloke who none of us know. Is it really of any more value that a column written by a hack in a National rag? I can't see how.

I think Simon should be left to reflect on this sorry tale. I think the encouragement has to focus on our friendly-neighbourhood ISP's who need their customers as much as we enjoy the services they provide. I don't want the contract I have with my ISP tinkered with and, for me, therein lies the real issue. Not Phorm. Not Kent. Not Simon. Virgin Media, whom I have found to be a fair and honest Company and who still have NOT committed to an agreement that is very unpopular with its customers, is who I'm am relying on.