Phorm and consent

[Ian Batten]

On 11 Mar 08, at 1457, Richard Clayton wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <aJlHFBn58m1HFAca@perry.co.uk>, Roland Perry  
> <lists@internetp
> olicyagency.com> writes
>
>> Perhaps the website should be more careful about who it thinks it's
>> sending things to? There seems to be a general consensus that it  
>> will be
>> easy to spot that a request has come from Phorm.
>
> I've no idea why :(
>
> There's nothing in the detail to suggest that is absolutely definitely
> what is happening.
>
> The first connection from the browser must be detected and responded  
> to
> by a local (to the ISP) system in a way that must arrange for the  
> cookie
> to be delivered up.
>
>     Mind you Phorm say that it doesn't slow up browsing, so this
>     process must be better than instantaneous! or they're being
>     economical with the verite. Again.


Which means that the ISP must terminate and act upon data which was  
never destined for them.  Interception.  They can't claim to be a mere  
conduit, because their next move will be different depending on the  
_content_ of the cookie.

Of course, another piece of entertainment for BT is that their excuse  
as to why they couldn't offer full-scale content filtering was  
performance --- hence the current hybrid model where IP numbers which  
are potentially serving IWF-tagged material are taken sideways into a  
filter, but the rest are passed through.  As the Phorm product does  
exactly what they claim was impossible --- it examines every URL --- I  
wonder what they'll say to the various select committees pushing for  
content regulation?

ian