Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Quote:

Originally Posted by Kursk

Fair comment. Look, 80/20T will be back soon with a new strategy. A carefully worded PIA will probably validate the technology with a few insignificant qualifiers for realism (when you pay for something, you get what you want). There's a case for us playing less defensively whilst they are hitting problems. Reacting to their developments all the time keeps us on the back foot; I still think hammering it home at high level is our next best move.

(Sorry for delay in replying)

Maybe you're right - My MP is quite tech-savvy and was really helpful when it came to the slow local bt broadband roll-out scheduling but I've read a couple of times of MP's, due to either not reading or not understanding the issue assuming that it's about P2P file sharing or else failing to reply at all. There's also the instantly denied hidden agendas issue

I forgot that was looming but isn't PIA going to be about how Phorm so care about privacy and they're so privacy conscious it makes people feel all fluffy and warm and can be as relaxing as a radox bath on valium

I'm not sure how they're going to convincingly side step the opt-in consent issue. Regardless of how much they sugar coat the privacy aspects of their system that one operation endorsed by the ICO is going to make or break Phorm. Their business model is reliant on the Internet Service user showing indifference towards (or preferably being unaware of) Phorm's nasty little system. Without a high percentage of data cows to milk - it won't fly!

ICO: "Regulation 7 of PECR will require the ISP to get the consent of users to the use of their traffic data for any value added services. This strongly supports the view that Phorm products will have to operate on an opt in basis to use traffic data as part of the process of returning relevant targeted marketing to internet users."

Phorm: "We believe the approach that we will take to user notice will not only provide for such consent, but will in fact exceed the level of notice provided by anyone else.
We're very confident, as has been the case with the DPA and RIPA, that closer scrutiny will demonstrate that the way in which we obtain consent will substantially exceed any legal requirement."

Wow - that good eh! When they respond with PR designer statements like the one above historically it means "we'll stall you on that issue and hope it goes away because compliance would hamstring our product but we don't want you to think that it will"

In any other scenario merely changing T&Cs does not constitute opt-in consent. That would have to involve some form of action on the user's part like logging on to the site, putting a tick in the check box next to "Sign Me Up for Phorm & General Abuse Now" and clicking Apply Ok - in other words it would need to be agreed to at account level only carried out the once and lasting until you wanted to opt-out.

As usual they will try their best to conceal the fact that this for them represents their biggest problem which, as usual, will result in being be a mostly futile exercise on their part after their PR spin gets the better of them and destroys their argument...

I realise they've dumbed down their PR - but has Kent dumbed himself down (leopard vs spots etc)

So far it has not been that difficult to disarm Phorm because they always highlight aspects of their system that their target audience couldn't care less about in the hope that they'll be so dazzled they'll completely forget about the real problem areas. That's going to happen with the PIA even with Simon's input - it will still be OTT PR driven and delivered to us in a contemptuous manner because that's Phorm's perception of us and it's not difficult to work out the true company policy with regard to us - the user/doner/victim. Kent Ertugrul gave it away at the meeting by refusing to acknowledge Alexander, if the CEO behaves this way it's a fair assumption that this attitude will be prevalent in the board room which, in turn, reflects in company policy - he can be sooo transparent!

Just my 2p

And


Kent Ertugrul must've listened to this a lot as a child...

Prince charming
Prince charming
Ridicule is nothing to be scared of


Kent Ertugrul vs Amy Winehouse

They tried to make me change to opt-in but I said 'no, no, no'
Yes I've been bad but now we're named Phorm I'm white as snow, snow, snow
I ain't got the time - if BT Retail thinks I'm fine
They tried to make me go for opt-in but I won't go go go

[Bonglet]

I would advise any bt user thinking of being trialed to not partake in any of the bt beta of phorm just to get the message across that its not wanted.

[popper]

as a change of pace, its interesting that when you go to the copyrighted webwise name site, and ask bruce about Phorm he doesnt know about it!

http://www.bbc.co.uk/webwise/


the terms on that page are also werth a read (but you have done that already right?)
http://www.bbc.co.uk/terms/

funny how stepping away and looking at other related things brings you to other possibilitys,i was looking for the webwise Amiga clips of years gone by and came across yet another new Classic animation by the much revered Eric Schwartz of Amiga Animation and Graphics fame

you really must see this new classic Added: April 03, 2008

"Still Alive" 'We Do What We Must, Because We Can...'
http://www.youtube.com/watch?v=9mg6wrYCT9Q
"Animated Amiga Tribute by Eric Schwartz"

there are several re-mixes of this now, and it seems its a very good fit for the Users/ISP/Phorm fight.

heres one idea for the creative users talents collected here, how about you take the Eric Schwartz Still Alive soundtrack and inspiration and adapt it to a CF/phorm "Still Alive" Information video Remix?

heres another good remix example in the informative format im thinking of,and some more remixes on its related video's.
http://www.youtube.com/watch?v=IIhOj...eature=related

something to pass the time constructively for those that want to do something, but dont know what, to help get the word out in a creative way, while we wait for the click! on tuesday.

perhaps if your work is good enough it might find a link into the click website alongside the CF thread ( i asume they will link in to here and ElReg right, giving credit and all that?)

[popper]

this is an interesting laymans read and something thats not been talked about regarding Phorm in the internal network as yet
http://complianceandprivacy.com/News...at-source.html
Dam Data Leakage at Source

---------- Post added at 07:13 ---------- Previous post was at 06:59 ----------

perhaps someone to chat with....
http://complianceandprivacy.com/blog...ker-index.html
"Rebecca Wong's "DP Thinker" Blog

Rebecca has a commentary on Data Protection, usually with a United Kingdom bias. She is a Lecturer in law at Nottigham Trent University. Recent works include assisting the European funded project, PRIVIREAL , which aimed to examine the implementation of the Data Protection Directive 95/46/EC in relation to medical research and the role of ethics committees.
DP Thinker is a UK based cyberblog by a legal scholar, specialising in privacy and data protection developments (be it within Europe or the US). Any feedback/views to postings on DP Thinker are always welcome.
Currently exploring the implications of outsourcing and data protection. If you have views on this subject, please email her.
Publications to Date

• Wong, R. The shape of things to come: Swedish developments on the protection of privacy, Script-Ed , (2005), 2.
• Wong, R. Privacy: charting its developments and prospects In: Klang, M. & A. Murray, Human Rights in the Digital Age , January 2005.

"

[Rchivist]

Quote:

Originally Posted by Bonglet

I would advise any bt user thinking of being trialed to not partake in any of the bt beta of phorm just to get the message across that its not wanted.

I understand the argument Bonglet, but some of us will attempt to get on the trial just to find out what happens if we get the invite page (which I consider an interception in itself depending on when and how it appears - if it is while visting a bt page fair enough, but if it is when I am visiting any other page then its an illegal interception of my browser) then we will opt out (and then block all the relevant domains) and see what happens - does that break our browsing? What is in the logs? etc etc.

Some will opt in and do a few tests of a similar nature - for example I'd like to opt in and then visit my own website and inspect the access logs to see what happens there. It's the only way of finding out technically what they are actually DOING - because let's face it - they have a history of non-disclosure when they do trials. Non-disclosure is my polite word you understand?

And of course you can bet that if there is anything we don't like, about the trial, we'll be making a fuss with BT and publicly. It's important there are some people on the trial that care - otherwise it will just be 10,000 bits of live bait who swallowed Ertugrul's phishing hook.

[popper]

for easyer search reference later...pecr_guidance
http://www.ico.gov.uk/upload/documen...part2_1206.pdf

"
There may be different interpretations of the requirement that the user or subscriber should be 'given the opportunity to refuse' the use of the cookie type device. At the very least, however, the user or subscriber should be given a clear choice as to whether or not they wish to allow a service provider to continue to store information on the terminal in question. "

"
The fact that an 'opportunity to refuse' such storage or access must be provided imposes a greater obligation on the relevant party than simply making refusal a possibility.

The mechanism by which a subscriber or user may exercise their right to refuse continued storage should be prominent, intelligible and readily available to all, not just the most computer literate or technically aware.

Where the relevant information is included in a privacy policy, for example, the policy should be clearly signposted at least on those pages where a user may enter a website.

The relevant information should appear in the policy in a way that is suitably prominent and accessible and it should be worded so that all users and subscribers are able to easily understand and act upon it. "


"

3.2 Purposes for processing
Traffic data may be processed only for the restricted purposes outlined in the Regulations.
• To provide value added services to the subscriber or user
A value added service means any service which requires the processing of traffic data or location data beyond that which is necessary to transmit a communication or the billing of that communication. For example, a service which locates the driver of a broken-down vehicle. There is no restriction on the type of service that can be provided but such processing may only take place with the prior consent of the subscriber or user. "

hence the value added webwise anti phishing value added service requirement to allow for the extra processing permission Obviously they require in the act... it doesnt have to be great just there to conform with the 3.2 or so they think

"3.3 Consent to process for the above purposes

Where traffic data is processed for the above purposes, the prior consent of the subscriber or user of the line or account must be obtained. In the case of a corporate subscriber, it is reasonable for the communications provider to accept at face value the assurances of a person giving consent on behalf of the company unless the communications provider has reasonable grounds to believe otherwise.

The Regulations do not prescribe how service providers should obtain this consent.

However, in order to obtain valid informed consent, the subscriber or user should be given sufficient clear information for them to have a broad appreciation of how the data is going to be used and the consequences of consenting to such use (see

Legal Guidance paragraph 3.1.7).

In light of this the service provider will not be able to rely on a blanket 'catch all' statement on a bill or a website but rather will need to obtain specific informed consent for each value added service requested and to market their own electronic communications services.

Where, for example, a value added service is provided by a communications provider by using a third party, in the interests of transparency the person who will be seen to be responsible for providing that service should obtain the consent to process for this purpose.

Whether this will be the service provider, the third party or both will depend on the specific circumstances.

If the communications provider offers a value added service jointly with a third party, the user should be made aware of both parties.

The point is that the way in which a service is provided should be consistent with the expectations of the subscriber or user.

Where the user provides consent to one party to provide a particular service, they should not then be surprised when they are contacted by another party relating to the provision of that service.

The Regulations also specifically require that the subscriber or user is provided with information regarding the types of traffic data which is to be processed and the duration of such processing.

The subscriber or user may withdraw any such consent given to process related traffic data at any time. "

[Dephormation]

Please can someone PM me the link to the 'dodgy' Phorm site, so I can review?
Thanks

[fidbod]

Copied and pasted from The Register comments section

"We've now blocked all access from BT IP ranges to our websites
By Steve Roper
Posted Friday 18th April 2008 06:52 GMT

As the IT Manager for our company and an admin for 22 commercial domains, I have now circulated the following letter to all our clients who are operating eCommerce websites on our system:

-------------------------------------------------------------------------------------------------------

Dear [CLIENT_NAME],

It has recently come to our attention that BT, a major ISP in the United Kingdom, has allegedly been engaging in illegal interception practices possibly for the past few years. These practices involve intercepting traffic between your hosted website and any viewer of that site who is a residential customer of BT, and passing this intercepted information to a company known as Phorm, a known purveyor of spyware and malware. According to some reports, the possibility exists that even SSL encrypted traffic, such as credit card payment pages, may be intercepted due to the way ISP servers operate.

Obviously, this presents a serious fraud risk both for you and your valued customers. Consequently, we have put in place a system to prevent any person using BT as their ISP from accessing your website. Such persons will instead be redirected to a warning page advising them of the fraud risk and suggesting they use a different ISP. We believe that the loss of some visitors to your site is more than offset by the mitigation of the fraud risk presented by this situation.

If you disagree with our action, please advise us as soon as possible, and we will remove the anti-BT blocking at your request. However, should you choose to remove the blocking, you must agree to assume any and all liability for loss and damage as a result of credit card fraud on your website, since we cannot guarantee the security of your data in the face of such interception. In this case we will provide you with an amended Hosting Agreement which you would need to sign and return to us in order for us to continue hosting your website.

If you agree with our action, however, you need do nothing further, and your current Hosting Agreement and all data security guarantees will continue in full force and effect.

Should BT discontinue this practice and provide evidence that they are no longer intercepting their customers' traffic we will of course restore full access to your website for their customers.

Please do not hesitate to contact us if you have any further inquiries concerning this matter.

Regards,

Steve Roper

IT Manager,

[company details redacted "

I salute you Mr Roper.

This is the kind of action that will really get things moving.

[popper]

ohh, alexander and other interested readers of the http://www.chiark.greenend.org.uk/pi...il/084332.html for instance ( i cant be bothered to sign up and you dont make it easy to post one off comments, but your reading this thread as you quote it)

did you see and read the

The Directive on Privacy and Electronic Communications (2002/58/EC)

DTI Consultation – The Information Commissioner’s Response

(yack, i have to split the url to stop it scrolling off the page, cut and past it back and remove the carrage returns to use)
http://www.ico.gov.uk/upload/documents/library/privacy_and_electronic
/detailed_specialist_guides/privacy_and_electronic_communications_regulations
_dti_consultation.pdf

very interesting clarification in support of users regarding cookies, consent, and even perhaps (through a loophole that doesnt seem to state only phonelines/voice/audio communications that i can find) CLI value added services providers.

"Should service providers be under a stronger requirement to provide a full range of CLI services as proposed?
In our view, subject to any genuine technical impediments there may be, service providers should be under a clear obligation to provide the full range of CLI services that the directive requires. "

[roadrunner69]

Quote:

Originally Posted by popper

for easyer search reference later...pecr_guidance
http://www.ico.gov.uk/upload/documen...part2_1206.pdf

Did the ICO not read their own guidence document before their original statement on phorm?

This document is absolutely unequivocal on the rights of the users in the BT trials.

It seems that BT/phorm didn't make the slightest effort to comply with privacy regulations in these
trials and it does seem very suspicious regarding the lack of will to take this further by the police, home office and other bodies.

[Heed]

Quote:

Originally Posted by Heed

Hey all.

I've noticed something weird tonight. I'm having real problems connecting to most websites when I have phorm.com and associated IP's blocked via my firewall (Comodo). If I unblock them I get normal operation.

It looks like a DNS issue and that's what I thought it was (hangs on "looking up hostname"), but unblocking the phorm addresses solves it.

Anyone else seeing this?

I should add that if I unblock the addresses and visit a site which was unreachable with the addresses blocked, then after visiting I can visit again no problem with the addresses blocked.

I have the following blocked:

88.208.248.102 - 88.208.250.85
phorm.com

Hmm, I can't even get to my modem configuration page (192.168.100.1) with those blocks.

Not just http, but ftp as well.

I'm still seeing this behaviour today.

I've narrowed it down to the blocking of phorm.com.

Is no one else seeing this?

Does no one else have phorm.com blocked?

Seriously, no internet connectivity unless phorm.com is not blocked -- what else can that mean but all my internet activity is passing through, or relying upon a response from, phorm.com at some point?

Tracert to bbc.co.uk:

Without phorm.com blocked

Tracing route to bbc.co.uk [212.58.224.131]
over a maximum of 30 hops:

1 6 ms 5 ms 6 ms 10.157.4.1
2 8 ms 7 ms 5 ms midd-t2cam1-b-ge914.inet.ntl.com [213.106.239.20
9]
3 7 ms 6 ms 5 ms midd-t3core-1b-ge-010-0.inet.ntl.com [195.182.17
6.113]
4 16 ms 10 ms 11 ms ren-bb-b-so-300-0.inet.ntl.com [213.105.75.49]
5 11 ms 11 ms 11 ms man-bb-a-so-010-0.inet.ntl.com [62.253.185.170]

6 18 ms 17 ms 17 ms gfd-bb-b-so-200-0.inet.ntl.com [62.252.192.94]
7 18 ms 19 ms 20 ms redb-ic-1-as0-0.inet.ntl.com [62.253.185.78]
8 172 ms 223 ms 31 ms 212.58.238.189
9 20 ms 19 ms 17 ms 212.58.238.133
10 20 ms 20 ms 20 ms rdirwww-vip.thdo.bbc.co.uk [212.58.224.131]

Trace complete.

With phorm.com blocked

Tracing route to bbc.co.uk [212.58.224.131]
over a maximum of 30 hops:

1 5 ms 5 ms 6 ms 10.157.4.1
2 6 ms 5 ms 5 ms midd-t2cam1-b-ge914.inet.ntl.com [213.106.239.20
9]
3 * * * Request timed out.
4 12 ms 49 ms 11 ms ren-bb-b-so-300-0.inet.ntl.com [213.105.75.49]
5 13 ms 12 ms 11 ms man-bb-a-so-010-0.inet.ntl.com [62.253.185.170]

6 18 ms 17 ms 18 ms gfd-bb-b-so-200-0.inet.ntl.com [62.252.192.94]
7 20 ms 20 ms 20 ms redb-ic-1-as0-0.inet.ntl.com [62.253.185.78]
8 20 ms 19 ms 20 ms 212.58.238.189
9 18 ms 19 ms 17 ms 212.58.238.133
10 20 ms 20 ms 20 ms rdirwww-vip.thdo.bbc.co.uk [212.58.224.131]

Trace complete.

The third hop seems to be the culprit. Times out on:

midd-t3core-1b-ge-010-0.inet.ntl.com

[popper]

Quote:

Originally Posted by roadrunner69

Did the ICO not read their own guidence document before their original statement on phorm?

This document is absolutely unequivocal on the rights of the users in the BT trials.

It seems that BT/phorm didn't make the slightest effort to comply with privacy regulations in these
trials and it does seem very suspicious regarding the lack of will to take this further by the police, home office and other bodies.

apparently not.

---------- Post added at 10:20 ---------- Previous post was at 10:12 ----------

Quote:

have the following blocked:

88.208.248.102 - 88.208.250.85
phorm.com

Hmm, I can't even get to my modem configuration page (192.168.100.1) with those blocks.

Not just http, but ftp as well.

Quote:

Originally Posted by Heed

I'm still seeing this behaviour today.

I've narrowed it down to the blocking of phorm.com.

Is no one else seeing this?

Does no one else have phorm.com blocked?

Seriously, no internet connectivity unless phorm.com is not blocked -- what else can that mean but all my internet activity is passing through, or relying upon a response from, phorm.com at some point?

that doesnt make sense... i cant think of any reason why blocking web routed IPs would effect local LAN IP routing

[kt88man]

Quote:

Originally Posted by Heed

I'm still seeing this behaviour today.

I've narrowed it down to the blocking of phorm.com.

Is no one else seeing this?

Does no one else have phorm.com blocked?

Seriously, no internet connectivity unless phorm.com is not blocked -- what else can that mean but all my internet activity is passing through, or relying upon a response from, phorm.com at some point?

Err... I think you've blocked a little more than just phorm.com the range you indicated (88.208.248.102 - 88.208.250.85) is virtually all of the fasthosts network.

At the moment these are how phorm/webwise/oix resolve:

phorm.com 88.208.250.66
webwise.com 88.208.250.66
oix.net 207.44.186.90

Try just blocking those (2) IPs...

[Heed]

I just have phorm.com blocked at the minute and am seeing the same behaviour.

I should add that I've had those blocks up for over a week with no problem until about 10 pm last night when I noticed some sites were unreachable. I shutdown the computer after poking around for a few minutes and when I booted up about an hour and a half later there was no connectivity. That's when I decided to unblock those addresses just to see -- to my surprise, all connectivity returned.

Same for today.

---------- Post added at 10:30 ---------- Previous post was at 10:26 ----------

Quote:

Originally Posted by kt88man

Err... I think you've blocked a little more than just phorm.com the range you indicated (88.208.248.102 - 88.208.250.85) is virtually all of the fasthosts network.

At the moment these are how phorm/webwise/oix resolve:

phorm.com 88.208.250.66
webwise.com 88.208.250.66
oix.net 207.44.186.90

Try just blocking those (2) IPs...

I have phorm.com as: 88.208.250.85

http://www.hcidata.info/host2ip.cgi

[roadrunner69]

Quote:

Originally Posted by Heed

I just have phorm.com blocked at the minute and am seeing the same behaviour.

try blocking a different site on its own eg. google or bbc instead of phorm and see if you get the same result