Phorm, privacy, RIPA and interception
Ian Batten
ukcrypto at chiark.greenend.org.uk
Wed, 27 Feb 2008 14:24:19 +0000
On 27 Feb 08, at 1417, David Hansen wrote:
> On 27 Feb 2008 at 13:38, Ian Batten wrote:
>
>>> http://www.phorm.com/user_privacy/EY_Phorm_Exam.pdf
>>> (a target rich environment for EU DP folk)
>>
>> ``For as long as a user retains the Phorm opt-out cookie, the system
>> will not collect or store data on their browsing behaviour''.
>
> All my cookies are deleted at the end of a session. If I was a
> customer
> of British Telecom I would certainly be having words with them about
> this.
Moreover, the question is `prove it'. If, as appears likely from the
links I posted, this is transparent proxying [[ which, by the way,
will provide a goldmine of RIPA issues from its logging ]], then
irrespective of the cookie the traffic is still being re-routed. It
is then merely the assurance of the tracking company, best known for
spyware, and its customer, who have limited access to the systems
involved, that data is in fact not being collected.
ian