Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 04-04-2008, 19:53   #2314
Barkotron
Inactive
 
Join Date: Mar 2008
Posts: 46
Barkotron will become famous soon enoughBarkotron will become famous soon enoughBarkotron will become famous soon enough
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by mart44 View Post
This is a huge thread that I've only just come in on. A search and a quick scan by me hasn't brought up reference to this interview in The Register. Apologies if it has already been highlighted. Perhaps worth a read to see what is said in defence of Phorm.
Unfortunately he doesn't get very far in that interview without being very economical with the truth. In fact if I wasn't feeling charitable I'd say his very first answer was an outright lie.

The previous product was malware, plain and simple. Trying to call it "adware" rather than the more correct "spyware" is fairly desperate spin. It was software which installed itself surreptitiously, hid itself from users and the operating system, took extreme measures to prevent its own removal and required extraordinary effort to finally get rid of. Of course, it also delivered your browsing habits to advertising servers: remind me why they claim this isn't spyware again? Look up Apropos rootkit for info, here's one to get you started.

I'd suggest you have a good read of the comments thread on that Register interview by the way. If you manage to wade through some of the more excitable members of the readership, there's still a very clear thread of reasoned argument against this company.

Moving to the FIPR write-up, it looks a lot like Phorm don't (or didn't when the meeting took place) actually understand the law as it applies to their system.

Quote:
Originally Posted by "Light Blue Touchpaper
Phorm assumes that their system “anonymises” and therefore cannot possibly do anyone any harm; they assume that their processing is generic and so it cannot be interception; they assume that their business processes gives them the right to impersonate trusted websites and add tracking cookies under an assumed name; and they assume that if only people understood all the technical details they’d be happy.

Well now’s your chance to see all these technical details for yourself — I have, and I’m still not happy at all.
Let's go through this statement:

"they assume that their processing is generic and so it cannot be interception" - in which case, I'd suggest they need to hire better lawyers. The process is indisputably an interception under RIPA - their only get-out from this act is consent, which they empatically do not have on most people's reading of the law.

"they assume that their business processes gives them the right to impersonate trusted websites and add tracking cookies under an assumed name" - they'd better be _very_ sure of the Fraud Act 2006 and/or the Computer Misuse Act 1990, as mentioned.

So some very technically and legally aware people have looked at this in great detail, speaking to the company involved, and they are _still_ convinced that this is illegal, very possibly under more than one statute. Please tell me how this opinion is based on emotion and mistrust.
Barkotron is offline