Quote:
Originally Posted by R Jones
1. Website cookie forging by Webwise/Phorm remains murky and unexplained by Phorm - who gave anyone permission to forge a cookie purporting to come from one of my registered domains? I withhold consent for BT/Phorm to use the domain names of my sites within any cookie set by Webwise.
A: Webwise cookies are clearly associated with the Webwise service. Where a website uses cookies, we prefix the Webwise UID (unique ID, a random number) to a cookie coming from the website. It is clear in this cookie at what point the Webwise UID starts and the domain cookie stops (and vice versa). Where cookies are not used by a website, only the Webwise UID is placed into a new cookie which will be associated with the domain of the website being visited. In both cases, the Webwise UID element of the cookie is clearly labelled so as to be associated with the Webwise service.
|
Completely ignored your question and your concerns. Altering an existing cookie from a domain without permission could be seen to infringe Copyright, Designs and Patents Act 1988 as well as Computer Misuse Act 1990 and Fraud Act 2006. Creating a new cookie because a domain does not issues cookies, is almost definitely a violation of Fraud Act 2006 as explained by Dr Richard Clayton at the PIA public meeting.
Quote:
2. In response to your question this week - whether or not you are liable to prosecution if you visit websites like Amazon etc....
A: Any user who has consented to taking the BT Webwise service will not make any unauthorised use of a website as a result of taking the Webwise service. BT has carefully considered the privacy and legal issues arising from the BT Webwise service and we are confident that operating the service does not lead to issues for our users in this regard.
|
Nicholas Bohm is currently looking into this issue after I raised my concerns with him on the subject of complicity. It would seem likely that if the system is illegal, knowingly opting into that system and then initiating an unauthorised interception by communicating with a web site who have denied consent, that the user would be complicit and guilty of incitement.
Quote:
3. In response to your question yesterday regarding the legality of Webwise/Phorm following the publication of the latest FIPR report and the forthcoming trial dates.....
BT and Phorm have sought extensive legal advice over the last two years and been in regular contact with both the ICO and Home Office. I am sure you have seen their recent statements also. We have also reviewed the FIPR report. BT is, of course, aware of the legal requirements regarding interception of communications under the Regulation of Investigatory Powers Act 2000. We consider that the steps we are taking will meet the legal requirements of RIPA and also ensure that customers are able to take a fully informed decision as to whether to take the service (it will be optional and customers will have a clear choice). Furthermore we are confident that Webwise/our approach conforms with other relevant UK laws.
We will commence trialling BT Webwise shortly and have committed to providing at least 24 hours notice prior to commencing the trial. We will do this via the BT forums etc.. Rest assured it is not unusual for trial/launch dates to change.....
|
An outright lie. It has been confirmed by the Home Office and ICO that neither BT nor Phorm have communicated with them prior to January this year. Also, they have yet again left themselves wide open for liability with regards to the 2006/2007 trials in saying they believe the steps they "are taking" will be compatible with RIPA as opposed to saying the system is currently and always has been compatible with RIPA.
Basically, their entire reply is nothing but a charade.
Alexander Hanff