You can find other people campaigning against Phorm at Badphorm.co.uk or NoDPI.org.

Open Rights Group are also campaigning for communication privacy/security/integrity.

Other useful sites include;
http://www.inphormationdesk.org
http://www.donottrustwebwise.org

it seems like the bbc have been looking at this issue for some time and one man at the bbc describes the technicalities of the phorm system as “evil” which is quite shocking

the bbc people are obviously looking to stop phorm and there are a lot of comments on the bbc sites and others on the internet where this is being discussed including references to the hamsterwheel person above and a phorm website which is also quite nasty about people who disagree with what phorm is trying to achieve

i had a search and hamsterwheel is used a few times directly connected with phorm and might be a shareholder who has lost a lot of money
http://www.google.co.uk/search?q=%22hamsterwheel+phorm%22&hl=en&safe=off&filter=0

the phorm anti-campaigner website is here but from what i read it is more dodgy spin of pr details whilst it claims to tell the truth
http://www.stopphoulplay.com/

so it looks like what capaigners are saying are true while there is a lot of untruth out there from phorm and the people they are paying to spread untrue pr information

does anyone know of a central campaign against phorm and plans they have for the internet???

El

The EU has already begun infringement proceedings against our government for their Phailure to act on the BT trials and any ISP foolish enough to deploy Phorm will most definately end up in court. That’s the reality of the situation, no matter what hand waving Phorm PR staffers engage in.

Unfortunately their ‘corrections’ also need correcting since they rather helpfully omit certain important points.

One the subject of opt-in vs opt-out they are being far from clear. Phorm’s technology as trialled relies on a browser cookie to record the user’s preferences. There are obvious problems with this :

- Programs which use the web (port 80) and don’t support cookies will be blocked from accessing the internet. All they’ll ever get is Phorm’s ‘choice page’. Yes, Phorm claim they will use the browser’s version-string to detect these situations but as many applications use the IE engine (though not all of it’s functionality) that’s highly problematic.

- No DPI-based system relying on cookies can ever be truly opt-in. Traffic MUST be monitored and intercepted simply to read the cookie in the first place! Only by making the choice at account level and designing the ISP network in such a way as traffic from users who don’t opt-in is NEVER intercepted can true opt-in be achieved.

On the subject of what Phorm stores or doesn’t store :

- No, they don’t store browsing history as such. They do however store a profile of a user’s interests. By their very nature such profiles can be extremely revealing, if they weren’t they’d be no use to advertisers, would they?

- They say they don’t store personal information. That is in the strictest sense true but it’s also grossly over-simplified. Quite apart from anything else, Phorm force upon users a unique identifier which allows Phorm to track them. In certain circumstances that identifier could become available to others, allowing it to be paired with other information and making it identifiable (I won’t go into details of how here, it’s long, technical and boring!).

Finally, we have the issue of consent. This is probably by far the most relevant to this blog and it’s users since it could potentially impact on revenue streams for them. Consider for a moment the situation of a small, independent music publisher. Their website is visited by a user who has Phorm on his connection. That user’s searches and musical interests are profiled by Phorm, information which Phorm can then use to target that user with advertisements for the publishers (probably far larger) competitors. Advertisements which are _specifically tailored_ to that user’s interests, interests Phorm obtained thanks to the hard work of the small publisher while providing NO BENEFIT OR RECOMPENSE WHATSOEVER to them!

Does that sound fair? Right? Not to me it doesn’t and not to many others. Phorm is, quite simply, wrong. It’s unwelcome on the internet, unwanted by genuinely informed users and unfair to the majority of small content providers who make the internet what it is today.

Jim.

The system is still opt-out - therefore your point still stands. Every sample page we’ve ever seen that presents the option to the victim to disable Phorm has been highly disingenuous, stopping just short of actually making the “please turn this off” button invisible, and making very minimal efforts to present a clear and balanced picture of what the victim is actually signing up to.

And let’s not forget that the various advice that has said that Phorm *could* be legal has insisted that it must be opt-in. Opt-out just does not cut it.

Re opt-in/out, what Mr Usher failed to tell you was that whether you opt-in or opt-out ALL your data still passes through the Phorm-supplied equipment operated by the ISP. And if you block the relevant domain WEBWISE.NET in your HOSTS file, then you don’t get any internet access whatsoever.
He also fails to tell you that the Information Commissioner told BT that their 3rd Trial Invitation page failed to satisfy the ICO’s conditions for providing customers with fully-informed consent.
Beware of what anyone from Phorm says.

>Users will be provided with unmissable notice of the service

People who operate websites won’t be given any notice at all. Their unencrypted but private communications with their visitors will be intercepted and exploited without consent.

>The most recent BT trial was conducted on a completely opt in basis

In the most recent trial, user communications were intercepted to present an advertisement for the ‘webwise’ system. Communications were intercepted regardless of a user’s preference.

Thereafter, those users who declined were forced to perpetually retain an opt out cookie indicating that they did not wish to participate.

Being forced to retain an opt out cookie isn’t an opt in at all, its an opt out.

Ben skipped over the trials Phorm/BT conducted in 2006 and 2007, in which neither the user nor web sites they visited were invited to consent. Those trials affected hundreds of thousands of people. Phorm weren’t so concerned about consent then.

Phorm is mass personal surveillance, mass industrial espionage, and copyright infringement on an epic scale.

>Phorm does not store the web sites users visit

Advertisers get a different story. They are told they can target users by specific URLs.

Phorm receive the URLs you have viewed verbatim; you have to trust Phorm that they won’t store that data (now, and in the future).

>no personally-identifying data or detailed browsing data can be retroactively provided to anyone

Kent Ertugrul claims the data passes ‘the publish test’. So we asked him to publish the data, but for reasons unknown he declined.

Evidence from other supposedly anonymous datasets is that with sufficient data accumulated it is possible to determine someones identity.

The user id Phorm assign to you is more personally identifying than your name, your address, or your telephone number (all of which might be shared). Your unique user id is personal to you (globally).

>Phorm want consumers to be safe online

Phorm may comply with the data protection act (though they didn’t bother to register until 2008 after the trials) but that isn’t the same thing as respecting privacy.

In Phorm’s DPA registration they state that they process personal data, and trade that data with ‘traders in personal data’, who may be located ‘worldwide’.

If Phorm don’t store personal data they don’t need to register under the data protection act. If they don’t exchange that data with traders in personal data worldwide, they don’t need to register that intention either.

So I think Sir Tim’s fears are well founded.

As time goes by the pressure for scope creep will grow; Phorm as it stands is the thin end of a very ugly abd unpleasant wedge that will deprive us all of the right to communicate privately.

The people in BT/Phorm who conducted trials of these systems in 2006 and 2007 must face prosecution.

And Phorm must never be operated on UK soil again.