Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I don't know about this forum but I posted the following on the BT Forum on 12th May.

It is entirely because the internet is so new and growing so quickly that we need our government to draw the lines now before it's too late. The internet is not going to come to a halt because one money-making scheme fails but it is at serious risk if people are afraid to use it.

The alternative - one which I predict will be with us very soon if this goes ahead - will be the encoding all data between users and between users and websites using private keys such that Phorm style systems can not read the data. If Phorm want to read your data or access data transferred from your website, they would have to be granted a key and pay for it if so required. As the data - including the website's content would only be decrypted after it reaches the end-user's computer, it would not be available in any usable format for the ISP and the whole Webwise idea falls to pieces.

Even the use of a simple encryption key on the data would require an illegal act on the part of BT or Phorm (or any other similar system) as unauthorised decryption is prohibited under existing law without a warrant and it is extremely unlikely that any such warrant would ever be issued on the basis of "we want to make a profit". Even the police and security services sometimes get refused such warrants and such intervention has always been taken very seriously in the UK.

If you combine encryption with data compression you have a doubly useful tool given as the volume of data carried could be reduced making better use of bandwidth. Imagine that everything you send or receive travels along the internet as an password protected zip file with a non-commercial use condition applied not to the data itself but to the key. It kills Phorm's argument that information on the web is freely available and makes it immediataley and irrefutably illegal to access the data. Newer PCs with multicore processors will not even see a marked slowdown as the data is transferred - it could still be packeted - and decrypted on the fly at the PC. Older PC's may be slower at the encryption/decryption but this is a short term problem which reduces as PCs are replaced.

Governments have always tried to oppose such an idea as it could be used to prevent monitoring by official bodies such as anti-terrorism or anti-childporn investigators. The US government has often tried to and sometimes succeeded in preventing new encryption techniques from being made available to the public for similar reasons. The public in America are more worried about government monitoring than about commercial datra usage but even they seem to be getting hot under the collar about this issue now that they've been informed that various ISPs have been intercepting their data over the last year or so.

It may be that faced with such a system coming into being purely to avoid ISP level profiling for profit, governments may decide that allowing such action by data carriers is not quite as trivial as they seem to believe it is at present.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The Home Office advice does not say that you can imply consent of ALL web site operators for interception. The whole document is about intercepting consenting user data streams with UIDs and scripts hosted on web sites to deliver the adverts. The advert delivery script is downloaded by the user's computer and is not part of the original page intercepted. The implied consent comes in the delivery of the page which enables the ad delivery script to be called.

Nowhere does it say anything about non-RIPA interceptions relating to web sites which are not part of providing the advertising services to consenting users being exempt from RIPA. The document is silent on this other than to confirm that 2(2) and (8) are confirmed as an interception within the meaning of RIPA (viewable by a human or recorded on a proxy where it is technically possible for a person to view the content).

The more I read the HO document, the more I see that the answer related to one very specific question: the interception of the user to enable the advert delivery script to deliver the advert. See para.2

Read para.7 (a closed system - not a DPI provided data stream) and consider the conclusion in para.8

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Thnaks.

How stupid.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

If the exit node you are using was on a phormed ISP connection, or if phorm were to run their own exit nodes, then the Phorm Webwise UID would be unique for each person's browser, so each person would be tracked individually.

Providing a Tor exit node, or running a public proxy would be a good way to test phorm - in fact the leaking javascript in Phorm's 2006 tests contained a variable which indicated the ISP that was running the test, and one of the values was "I.PUBLICPROXY".

I guess you could monitor your traffic for webwise.net redirects and Nebuad faireagle.com requests and blacklist exit nodes that exhibit those symptoms, however you'll have no guarantee that the owner of the exit node isn't monitoring your activity - TOR aims to provide anonymity not privacy - Also if you intend to use a proxy such as tor it is wise to delete all your cookies first because a dodgy exit node could use man-in-the-middle type exploits to trick your browser into sending cookies for any site they are interested in so that it can capture them.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I read this as meaning ALL web sites

However, it does say downloaded and not intercepted :)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

So, they are transparent in telling web site owners that they have to block googlebot if they don't want to be phormed. I don't really know who is being blackmailed the most here. Do BT really think that they can tell sites to stop trading with google: are they trying to put google out of business, or is it the sites that rely on their business partnership with the search engine to stay in business that they are trying to stop from trading?

If BT are so transparent about their requirement, where are the newspaper articles or full page adverts circulating around the world to publicize the need to block googlebot?

IF BT are so transparent, why have they failed to reply to emails requesting technical information relating to how blocking googlebot will block the phorm script from intercepting the site?
With googlebot, the webmaster can see googlebot requesting the robots.txt file and the logs will show that googlebot has honoured the robots.txt file by not visiting any pages. What audit trail is left by the phorm script?

Oh dear, Revenue Science and Tacoda use scripts and cookies, hosted on partner sites, which all web savvy people block, so BT can use scripts which don't require any partner sites and which no one can block. That is good logic

And the UID is safe because there won't be a coordinated market for harvesting the data. Oh, the innocence.

Can anybody find a s.28A in the Copyright Designs and Patents Act? The only reference I can find is as follows, and relates to an amendment to the Patents Act 1977 where section 28 relates to the restoration of lapsed patents.
and I see nothing in any of that text that nullifies infringement nor decreases the rights of the patent owner.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

• TECHNOLOGY. Ricchetti Incorporated is lobbying for Phorm on online privacy issues. Steve Ricchetti, former deputy chief of staff under the Clinton administration, and Luke Albee, former chief of staff to Sen. Patrick Leahy (D-Vt.), will be lobbying for Phorm.

http://thehill.com/business--lobby/b...008-07-28.html

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Totally agree with your post Peter, the problem as I see it is that we currently have decisions being made by powers that be who seem to have the technical know-how to only plan as far ahead as the next move on a chessboard. The end of their nose seems to be as far as they can see.

I suspect a lot of them may also have been Phormwashed by Kent. A subtle 'Phorm' of Hypnotism.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Read the question above para.3 - it is about targeted online advertising services. It is not about general browsing that is not partnered with delivering targeted advertising services. (Sorry about the double negative.)

Keep reading. English is a wonderful language and each word has a unique meaning, with the context within a sentence, paragraph or section helping to confirm that unique meaning. Take an English word out of context and it can mean whatever you like.

Even para.9 talks of filtering and deleting. It does not talk about filtering, making a record and then deleting. The filtering and deleting could reference the anti-phishing warning or the detection of the advertising partner - most probably, as it then analyses whether or not the script delivering the script is an interception, and decides that it is not, in para.11. (Displays a lack of understanding of DPI, but ignore that as DPI is not under discussion here, although interception by proxy is considered in para.10 for delivery of web page and targeted advertising content.)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

At the risk of repeating myself (I've asked this before but it's still relevent and still unanswered)

If ISPs want to profile their customers' data and they are so sure that customers are happy to allow this in return for targetted adverts, why not release Webwise as a browser add-on and allow people to download it.

All of the profiling would be done on the user's PC saving BT and Phorm the cost of installing and maintaining dedicated equipment. There would be no need to fake cookies as the application would send the profile data when they open the webpage and there would be no need for an extra copies to be made of the data so all information would remain entirely on the customer's PC. Add to that the fact that Phorm already have such software ready made from their previous spyware toolbar add-ons and you have to wonder what is going on.

This is a cheaper, safer and more effective solution than Phorm's DPI based one so you have to ask the simple question:-

Why are the ISPs so fired up about using DPI to get information that can be obtained much more cost effectively and with no legal problems through existing methods?

Could it be because the system I suggest can only be used to deliver adverts and can't be subverted into other uses such as surveillance or personal profiling?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Section 17 of Copyright, Designs and Patents Act 1988
I like 2 & 6 especially.

I agree with others who have said that the copyright aspect is only one small aspect of what Phorm wish to do, however, I have my suspicions about how they intend to claim that what they do is legal (interception-wise).

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

You are forgetting that what a user downloads will be copied from their browser cache and used for commercial purposes without the permission of the copyright owner. This makes the person downloading the content liable for infringement, jointly liable with the person supplying the method of making the copy. Do you think anyone will be happy when the web site owner contacts their ISP with a letter demanding payment for copyright infringement? - with music and videos they are complaining enough about warning letters.

There are already many much easier solutions. Sites where you can register your interests and be rewarded with seeing adverts for related products, including discount codes so that you can even save some money in exchange with sharing your interests. No browsing is intercepted, and you don't have to even visit related sites to be shown the ads you are interested in. Everything is coded and scripted on just one site.

Look at how popular the existing discount code sites are and they don't even ask for any information about your interests.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Yes I thought that Phorms (121Media) PeopleOnPage browser add-on did basically the same thing when linked with their contextPlus Engine. (Nasty Spyware though (can you see much difference?) )

I think the post Rob Jones referenced this evening on BT beta Here #12828 definitely throws up some very interesting points that are very much in-line with some of my thoughts (and perhaps yours) and excellently put across in the comment referenced.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I'm not forgetting it.

I'm just pointing out that everything that Webwise can do can already be done using far cheaper and far less dangerous methods and thereby raising the basic question of why is this system necessary and why are the ISPs willing to spend money and alienate their customers to bring it in.

The copyright issues are not directly to the reasons why the ISP are so focused on the use of DPI which is what I was dealing with.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Webwise DPI at ISP level = 100% coverage. That is a lot of data that can be sold again and again, not to mention analysed in many different ways.

Nowhere has the opt out ever been an opt out of the DPI route. It has only ever been an opt out of the phorm/webwise/oix controlled advert system.

DPI is not the rouge here. Using DPI for the interception of all the data packets is the problem. It is the fine tuning of the demographics that earns the money.

Isn't it interesting that the few independent and financially secure ISPs in UK are not even thinking about using DPI for anything other than traffic monitoring and service enhancement for all their users. They don't need to collect any user data to sell on to 3rd parties because they use any data collected to improve the service they offer the customers and earn additional revenue by providing a premium service.
Because the non-phorming ISPs offer value for money, they don't have to tie their customers into anything more than 1 month contracts, they don't have to spend a fortune on customer retention, and they don't need expensive help desks answering questions about poor services and the problems that causes.