Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 08-03-2008, 23:25   #827
popper
Inactive
 
Join Date: Jan 2006
Posts: 3,270
popper has a bronze arraypopper has a bronze arraypopper has a bronze array
popper has a bronze arraypopper has a bronze arraypopper has a bronze arraypopper has a bronze arraypopper has a bronze arraypopper has a bronze array
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by isf View Post
Big surprise, German politicians pushing for more overreaching tech laws. If it's possible to track users by IP why do all search engines set identifier cookies? And tell me which individual is personally identified by 0x7f000001 ???

Search engines are opt-in services and IP address may be attached to but are not themselves personal data. Phorm propose to intercept all web requests without explicit user permission. Web page requests are likely to contain significantly more privacy sensitive information than whois entries for domain names or static IP assignments; and I don't care that they claim not (yet) to be logging this information.

The only thing of note about this article is that if our ICO don't take action over phorm, the EU are going to have a field day.
thats the point of posting it, the EU IC states IPs are personal data, the UK are in the EU and subject to its laws etc.

you opt-out,its been said time and again,the data gets sent as far as the profiler at least, so they are subject to handling and collecting at least, as regards the UK IC DPA.

as they now say this data wont get anonymised and then passed along, so its still got the IP and other potential legally defined personal data inside.

http://www.dataprotectionact.org/4.html
data collection (as in sending to the profiler)


When handling, collecting, processing or storing personal data, ensure that:
a) all personal data is both accurate and up to date
b) errors are corrected effectively and promptly
c) the data is deleted/destroyed when it is no longer needed
d) the personal data is kept secure at all times (protecting from unauthorised disclosure or access)
e) the Data Protection Act is considered when setting up new systems or when considering use of the data for a new purpose. Note that this may affect the existing registration with the Data Protection Authority
f) written contracts are used when external bodies process/handle the data explicitly specifying the above requirements with respect to the data
It is equally important NOT to:
a) access personal data that you do not need for your work
b) use the data for any purpose it was not explicitly obtained for
c) keep data that would embarrass or damage YOUR-COMPANY if disclosed (eg: via a subject access request – see below)
d) transfer personal data outside of the European Economic Area unless you are certain you are entitled to or consent from the individual concerned has been obtained
e) store/process/handle sensitive personal data (see below) unless are certain you are entitled to or consent from the individual concerned has been obtained

---------- Post added at 23:25 ---------- Previous post was at 23:10 ----------

btw i just took the url from above someone else posted, on closer inspection its not an official UK/ICO site, infact its housed in the US.
http://www.who.is/whois-org/ip-addre...ectionact.org/
so to get a better understanding of the exact UK/EU meaning, read the act, or put some effort in an find a better UK source...
popper is offline