ICO respond to questions about Phorm's registration
Alexander Hanff
ukcrypto at chiark.greenend.org.uk
Thu, 9 Apr 2009 18:23:25 +0100
--001485f7c55c7ab37704672281b2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
2009/4/9 Joel Harrison <joeldharrison@googlemail.com>
> On Thu, Apr 9, 2009 at 5:27 PM, Alexander Hanff <no2dpi@googlemail.com>
> wrote:
> [snip]
> > I was hoping some of you might have some thoughts and suggestions on this
> > one?
> >
> > Regards,
> >
> > Alexander Hanff
> >
>
> Whether Phorm acted as a data controller in the 2006/07 trials depends
> on whether it had access to personal data in the course of those
> trials and the degree of discretion it had in how that data (if any)
> was processed.
>
> I think it is indisputable that Phorm had access to personal data in the
course of the trials. They modified the communications of 10s of thousands
of customers and they did this to every single page which the customer
visited. There was no mention in the leaked BT report that any sites were
ignored or that any exclusions existed for sensitive categories or sensitive
data such as telephone numbers and credit cards.
It is important to remember that the system trialed in 2006 was not the same
technology model that was looked at by Richard last year - the two models
were very different in a number of ways. You can read about it in detail if
you want, the leaked report is available on wikileaks.
Regards,
Alexander Hanff
--001485f7c55c7ab37704672281b2
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<br><br><div class=3D"gmail_quote">2009/4/9 Joel Harrison <span dir=3D"ltr"=
><<a href=3D"mailto:joeldharrison@googlemail.com">joeldharrison@googlema=
il.com</a>></span><br><blockquote class=3D"gmail_quote" style=3D"border-=
left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left=
: 1ex;">
On Thu, Apr 9, 2009 at 5:27 PM, Alexander Hanff <<a href=3D"mailto:no2dp=
i@googlemail.com">no2dpi@googlemail.com</a>> wrote:<br>
[snip]<br>
<div class=3D"im">> I was hoping some of you might have some thoughts an=
d suggestions on this<br>
> one?<br>
><br>
> Regards,<br>
><br>
> Alexander Hanff<br>
><br>
<br>
</div>Whether Phorm acted as a data controller in the 2006/07 trials depend=
s<br>
on whether it had access to personal data in the course of those<br>
trials and the degree of discretion it had in how that data (if any)<br>
was processed.<br>
<br>
</blockquote><div>I think it is indisputable that Phorm had access to perso=
nal data in the course of the trials.=A0 They modified the communications o=
f 10s of thousands of customers and they did this to every single page whic=
h the customer visited.=A0 There was no mention in the leaked BT report tha=
t any sites were ignored or that any exclusions existed for sensitive categ=
ories or sensitive data such as telephone numbers and credit cards.<br>
<br>It is important to remember that the system trialed in 2006 was not the=
same technology model that was looked at by Richard last year - the two mo=
dels were very different in a number of ways.=A0 You can read about it in d=
etail if you want, the leaked report is available on wikileaks.<br>
<br>Regards,<br><br>Alexander Hanff<br></div></div><br>
--001485f7c55c7ab37704672281b2--