Another option re BT and Phorm

James Firth ukcrypto at chiark.greenend.org.uk
Fri, 26 Sep 2008 17:44:58 +0100 

Alexander Hanff wrote:
> I appreciate your comments James but failure to act through the courts
> will have the same effect.  The current situation is that to all intent
> and purposes BT's illegal, covert trials are being reported as legal by
> the press and media as a result of CoL Police refusing to move forward
> with a prosecution.
> 

I think we're all acting at the moment, whether it be writing technical
dissertations for our MPs or participating in debate, but I'm not sure that
seeking punishment for the secret trials will either be easy or have the
effect you desire, even if you win.

Consider how you would defend against BT counsel saying that virus checking
involves scanning messages and telling the jury that no-one intended RIP to
prevent this.  I can see them delivering a nice piece about how relevant
content improves a web user's experience and you're going to have to defend
against all these points and many more on a very limited budget with limited
access to direct evidence.

I'm not for a minute advocating no action, but any action has to be
effective.

As for nipping this in the bud, I agree, but I don't think it's the case
that you need to act before the system is even rolled out.  I've heard that
the servers may already be in place.  We know the contracts are already
signed.  

Whether you try and stop them now or in 2 months or so whenever the system
is live won't make much difference I don't think, but in 2 months you will
be in a position to try and find site owners who may be willing to help
fight.

Plus by then you'll now for sure how the system is deployed, and may be able
to come back to the ICO, e.g. on the technicalities of opt-in/out: I heard
somewhere that BT will be offering a complete account-level opt-out that
would bypass the profiler completely, but reading between the lines I'm
assuming that by default everyone would be passing through the profiler but
not being profiled (except, interestingly I hear, BT business broadband
customers - no corroboration I'm afraid).  

This arrangement would then allow BT to offer an interstitial page to offer
the service whilst attempting to satisfy the ICO's position requiring opt-in
before a profile can be built.  It could be argued that this position does
not satisfy the requirements for opt-in, who knows which way the
commissioner would lean?

It's my view that only after the system has been rolled out will you have
enough evidence to properly weigh-up your options on how best to proceed.
You may for example find that some internet applications malfunction because
of the redirects identified in the Clayton analysis.  This may provide a
pretext for effective legal action.  You see my speculation running wild.

James Firth