Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 08-03-2008, 19:42   #817
Phormic Acid
Inactive
 
Join Date: Mar 2008
Services: Still to decide on Aquiss or Be
Posts: 62
Phormic Acid is an unknown quantity at this point
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77 & 102]
Quote:
Originally Posted by Phorm View Post
RIPA is intended to protect the privacy of private communications. As outlined above, the Phorm service respects users' privacy at all times by ensuring that users remain anonymous and by obtaining the user's consent to the service via our ISPs. We have considered RIPA with great care and are satisfied that our technology does not breach RIPA
Consider the following scenario:
1. Person A starts a web browser.
2. Person A attempts to start browsing.
3. The first page person A requests is hijacked and replaced by the Webwise page asking them whether they consent to Phorm monitoring their web browsing.
4. Person A decides to allow Phorm to monitor their web browsing.
5. A non-persistent (session) cookie is sent to the web browser showing that person A has consented.
6. The presence of this session cookie means that future web pages are not replaced by the Webwise consent page.*
7. Person A walks away from the computer without locking it, logging out or switching accounts and without closing their browsing session by closing all the browser windows.
8. Person B comes to the computer.
9. Person B starts browsing the web using the open web browser windows.
10. Person B is not presented with a Webwise consent page.
11. Phorm monitors person B’s web browsing without obtaining their consent.
12. Under RIPA, a criminal offence has now been committed.
I would like to know which, if any, of those statements is in error and why.

I don’t see how Phorm can rely on users behaving in the way they’d like. I think the assumption that one browsing session will be used by only one person is unreasonable and will not be supportable in law. The Internet is an ‘always on’ packet-based network. It’s not like the telephone, where, once you finish your communication with a specific second party, you put the receiver down and completely sever the connection.

*I know there have been comments that cookies are restricted to the domain from which they’ve come. I’m expecting some fairly dirty trick to get around that. As it has been stated that Webwise does not work with Safari, I conclude that Phorm haven’t got this trick working with that browser.
Phormic Acid is offline