Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 04-06-2008, 10:17   #7955
bluecar1
Inactive
 
Join Date: May 2008
Location: Kent
Services: No DPI Kit snooping on USERS
Posts: 447
bluecar1 has a spectacular aura about thembluecar1 has a spectacular aura about thembluecar1 has a spectacular aura about thembluecar1 has a spectacular aura about them
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by R Jones View Post
you don't need to think about routers - you can just read BT's admission that the company which HAS had access to the information entered on BT Webwise contact.php forms was Phorm.

Email(s) received by me (and also Miles Golding over on BT Beta forums) in response to enquiries on that contact.php stated as follows: (see also my earlier posts with evidence of References header contents and FW in Subject line)

Dear Mr. Jones,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

Regards,
BT Webwise Helpdesk

and

Dear Mr. Jones,

This email should be covered in the last email to this email address.

Regards,
BT Webwise Helpdesk

________________________________

From: ***, **** on behalf of *****-webwise@yahoo.co.uk
Sent: Thu 29/05/2008 07:27
To: BT Webwise Help Desk G
Subject: RE: BT.webwise.com Contact Request



Thank you for your reply.

Why does your reply contain the header
References: <**********.*************@ww3.phorm.com> ?

I thought I was talking to BT when I filled in this form. Has any of my
personally identifiable data gone to Phorm?

Are YOU Phorm?


and

Dear Mr. *****,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

The bt.com site includes functionality which enables it to remember users for the duration of their session (i.e. from when they sign in to when they close their web-browser), in order to provide a smoother customer experience and prevent the need to repeatedly log-in or re-state preferences. This is done by using a secure single-sign-on solution which employs cookies. The design of that system prevents unauthorised access to a user's logged-in session.

Regards,
BT Webwise Helpdesk

Now add that lot to what Dephormation logs show, and to what BT WERE doing with Phorm via this site (but say they aren't doing any more) - and there is IMHO a case to take to the ICO for the Commissioner to suck on. Sould I send him a teething ring along with the letter - surely his teeth will grow through eventually?
deja vous

Dear Mr. xxxxxxx,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

Regards,
BT Webwise Helpdesk

admittion that phorm have been hosting the site and had their hands on the data before forwarding it to bt

peter

my reply back to BT

*****************Thankyou for the reply but I still have the following outstanding queries

Why should I have to block cookies for a service I do not want and that invades my privacy by watching my browsing at network level.

I have 6 machines in my house why should I have to do this due to BT's and phorms lack of technical ability to provide a trial with correct authentication and safeguards in place that mean only the account holder has the ability to make the initial change to my T's and C's

How will I know if a subaccount holder has agreed to PHORM and changed my contract ?

BT should be making sure the trial is conducted in a way where the account holder only has authority to accept the service as it requires a change in the term and conditions of my contract with BT

When opted out is my web traffic still passed via a profiler (even if ignored) or my taffic profiled but no targeted adverts served to me, or is my traffic passed direct out onto the internet vai a different route thus bypassing the system altogether (unlikely as apparently I will get reminder adverts about webwise system being turned off and click here to turn it on?)

If I block the domain I will not be aware of when you start spying on my browsing

Can you confirm the statement earlier in the email from one of your colleagues that unless I agree to PHORM my terms and conditions will not alter, so I will not be allowed to terminate my contract due to material change to T's and C's?

If a subaccount holder accepts the change to my T's and C's during the trail how do I get it reverted to the original contract as they would not have had the correct authority to make this change

Does the trail require me to accept a new contract or is it only the full service when released

Regards
*****************************
bluecar1 is offline