Phorm and PI

[Simon Davies]

(with apologies if this also appears subsequent to my subscription to
uk_crypto)

There's been some commentary on this list - and much bile expelled -
concerning Privacy International's alleged endorsement of Phorm.

I have made it absolutely clear in numerous news outlets that PI does not
endorse Phorm. Any claim by the company or anyone else that PI has signed
off on the technology, its legal compliance or the Phorm process, is
absolutely incorrect. PI does not endorse products or services.

The controversy arose because Gus Hosein and I (both from PI) created a
privacy startup called 80/20 Thinking Ltd, which was asked by Phorm to
review and assess the company's privacy claims. We were not tasked to
investigate compliance aspects under RIPA.

I haven't had chance to review the uk_crypto archive, but if you haven't
done so already, perhaps you should be asking Simon Watkin for his take on
the matter. He has been consulted by Phorm, and as you probably know, has
produced an assessment of the compliance aspects. My own view is that
compliance is largely in the hands of the ISP's.

FWIW, we do believe the company has created some extremely interesting and
privacy friendly technology. And in my view the company has gone above and
beyond the norm to expunge personal data from its system. Of course, that
only deals with one of several controversial aspects of its deployment.

There are dozens of discussion/argument points that I'm happy to address,
but PI's endorsement is not one of them.

Simon Davies