April 23, 2008 | Becky Hogge

FIPR calls on Home Office to withdraw misleading advice on Phorm

The Foundation for Information Policy Research (FIPR) has today sent the Home Office in-depth legal analysis [pdf] of the Phorm behavioural advertising system. The analysis has been produced by FIPR's General Counsel (and ORG Advisory Council member) Nicholas Bohm, and complements the technical analysis produced by Richard Clayton earlier this month [pdf]. The analysis shows that Phorm's systems involve interception of communications contrary to the Regulation of Investigatory Powers Act, fraud, contrary to the Fraud Act, and therefore unlawful processing of personal data, contrary to the Data Protection Act. It states that individual directors and managers of the Internet Service Providers involved could be criminally liable for these offences, if roll out of Phorm goes ahead.

FIPR want the Home Office to withdraw informal advice they issued in February, which FIPR say wrongly concluded the system is lawful, creating "an obstacle to the just enforcement of the law". At the public meeting attended by Phorm and their critics last week, Simon Davies of 80/20 Thinking Ltd identified the legality of Phorm under RIPA as a legitimate issue, but urged participants not to get bogged down in a question which, in the end, can only be decided in a court of law. Hopefully, FIPR's legal analysis will bring UK citizens one step closer to an answer to the question "Is Phorm legal?". As Richard Clayton observes:

"The Home Office's superficial analysis said that the system would be lawful. Given their batting average at the High Court, relying upon their opinion was always unwise - this new paper spells out the errors they have made, and makes it essential that their report is withdrawn."


Previous posts on Phorm:

Comments (12)

  1. The Open Rights Group : Blog Archive » 4 good reasons not to take part in the BT Webwise trial:
    Sep 30, 2008 at 11:08 AM

    [...] FIPR calls on Home Office to withdraw misleading advice on Phorm [...]

  2. VPN:
    May 09, 2008 at 02:19 PM


    If Private data is processed then such Data "does" become part of the D.P.A when it is published without express permission!

  3. Jonah:
    May 14, 2008 at 04:47 PM

    The Problem is if D.P.I Interception is deemed legal then it is also Open House for everyone else to use!


  4. Privacy?:
    Apr 27, 2008 at 05:51 PM

    According to Phorm & FIPR this system leaks UID details when connected to a HTTPS/SSL Website, this enables any unscrupulous Website owner to gather the UID & depending on the Website setup, link it to an individual IP or any E-mail Address which may have been provided.

    This in itself makes the Whole System flawed from a Privacy, Data Protection Prospective 0r Fraud Prospective Angle!

    This is irrespective of the Wire-tap imposed on the Customer, without due Consent of Law, where both parties need to consent or Proper Legal Process for any wrong-doing has been observed!

  5. Analysis:
    Apr 25, 2008 at 05:33 PM

    Analysis of the Phorm (Webwise) & Nebuad systems, are not as Rosy as may at first be assumed!

    If these systems, despite the Severe Privacy, Data Protection & Fraud Issues, manage to get approval, they would appear to be a fairly short lived prospect.

    I will elaborate.

    First Commercial Websites, not wishing to be an OIX partner & who wish to protect their advertising space will SSL Certificate their Websites.

    Social Websites will inevitably follow suit to also protect their clients confidentiality.

    Private & Business Websites will also follow suit to protect Copyright & Trade Secret Issues.

    Museums, Government Sites, Libraries, would also need to SSL in order to protect against Copyright Infringement.

    Other Advertising Groups of course will not stand idly by & will lobby for more stringent regulation & at the same time alter their own systems to make them much more robust!

    Security Groups will find ways to block or impede the gathering of such data, in the manner proposed!

    As a result over a few years the ISP & Phorm would then once again be in a poor business model Scenario!

    Society would be the Main Loser, due to the Loss of the necessary, Privacy, Data Protection & Fraud Laws which are at this time still in place!

  6. VPN:
    Apr 24, 2008 at 05:41 PM

    Another update to this Saga.


  7. David Pollard:
    Apr 24, 2008 at 02:52 AM

    Nicholas Bohm and his colleagues deserve congratulation for the effort they have put into producing this paper to make their arguments clear, straightforward and comprehensible.

  8. VPN:
    Apr 24, 2008 at 06:24 PM

    Just looking at the Graph for Phorm Share Dealing over the past year, given the Two Spikes, during the BT covert tests & just before the announcement of possible deals, gives me a strong sense of Insider Trading!

    I could be wrong but given their apparent track record???

  9. VPN:
    Apr 25, 2008 at 10:12 AM

    The Hype!!


  10. Open Rights Group Newsblog : Blog Archive » Leaked BT report details secret Phorm trials:
    Jun 05, 2008 at 03:44 PM

    [...] internal BT report on their trials of the controversial Phorm advertising system has been leaked. Alexander Hanff of the No DPI blog has the details: I recently acquired an [...]

  11. FIPR calls on Home Office to withdraw misleading advice on Phorm « We can rebuild her.. but don’t spend a lot of money.:
    Apr 23, 2008 at 07:59 PM

    [...] http://www.openrightsgroup.org/2008/04/23/fipr-calls-on-home-office-to-withdraw-misleading-advice-on... Posted in Uncategorized. [...]