Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 10-03-2008, 18:02   #956
manxminx
Inactive
 
Join Date: Jan 2008
Location: Newcastle Upon Tyne NE6
Services: All VM cable: V+, 20Meg Broadband, XL phone
Posts: 131
manxminx is on a distinguished roadmanxminx is on a distinguished road
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
How secure is my website forums from Phorm?

I posted the following elsewhere, but have yet to receive a reply from anyone at Phorm:

Quote:
Dear Phorm Comms Team,

I own and administer a phpBB support forum for people with a specific type of physical/mental health problem. Only members are allowed access to the (advert-free) forums. Am I right in saying that the Phorm software located at the ISP will be able to access the forums and log key words - which I presume would include usernames and aliases - from those forums? If so, then I feel this is a security risk, and my response would be - "All information located within my webforums is of a highly confidential nature. Phorm is not a member of the forums, nor do I give permission for Phorm to become a member, nor do I give permission for any Phorm software (located at members ISP's or elsewhere) to access my forums".

In other words, will there be any way to block any Phorm software from accessing my website and forums? If not, surely this breaches the DPA, and my responsibilities under the DPA?

Many thanks in advance for your response.

AK.
After having read all the posts on this thread, I see that virtually no-one has brought up this aspect of the problem with Phorm. Forums that are visible to Member only ensure that no-one who isn't a member gets access - including bots as I have a total bot exclusion in my robots.txt file. If Phorm accesses my forums without permission they are as far as I can tell, falling foul of the DPA. Seeing as Phorm does not obey robots.txt comands, maybe all of us who own webstes and forums, and wish to keep them safe from prying eyes should send Phorm a DPA notice specifically refusing to allow them access?

Another point regarding this - phorm say they only collect regularly occuring key words from webpages, the rest is striiped out - well, usernames and aliases are regularly occuring keywords within forum pages, so how would the phorm software know that 'manxminx' is my username, and therefore is a piece of personally identifying data?

Why should I have to buy a security certificate to make my forums https? In other words, why should I have to pay to block Phorm? Website and forum owners should be able to opt out, yet no-one, Phorm included has brought this up. And what about members of social networking sites that have made their profiles friends only? If one of their friends use a Phorm enabled ISP, then Phorm has access to those private pages . . . .

Ali (Note to Phorm- that's my name, which is personal data as it identifies me. I do not give permission for Phorm to scan any personally identifying data within this forum post).
manxminx is offline