Mobile Phone News:

The scandal about Phorm and Webwise continues apace, as the EC are now wading into the fray. As a growing number of people have heard or read about, Phorm is an online marketing company, promoting a product, Webwise, to ISP’s in the UK, designed to deliver targeted ads to those ISPs’ customers. However, they target those adverts based on your browsing habits, and they do that by intercepting and monitoring your private web traffic, giving them the potential to see everything you do online, as well as your private details, private emails, your bank details if you bank online, and so on (note, this has been confirmed by their own people, who said in an American press conference that they can, in fact, see the whole internet!)

Plus, let’s not forget that it’s entirely feasible that such a system could easily be applied (and probably would be, if the online version goes ahead) to the mobile phones you’re using, as I’ve stated before. Imagine a system like that; it can read your messages, find out what you like, and send you ads about it. And if your mobile phone has GPS, you could even be sent ads for the local pizza parlour or newsagent, since, hey, they know exactly where you are.

In a society where free speech is supposed to be paramount, and one of our inalienable rights, a situation that scares people into not speaking freely (because Big Brother would be watching you) is simply intolerable. Both the internet and mobile phones are designed to let us freely communicate, to let us express free thought, not to keep us in a cage, afraid of speaking out, lest our words are heard and used against us.

But if you’ve read the title of this post, then you’ll see that there may well be hope at the end of this rollercoaster ride. It’s quite simply the most important thing to happen in the Phorm / Webwise scandal so far. I’ll paste the entire statement from the EC, as it makes for illuminating reading, but to summarise the one, hugely important message in the statement:

According to the European Commission, Phorm and Webwise allegedly breach European laws about privacy and human rights, making them illegal.

I can’t say it any simpler than that. According to the statement from the EC, European laws and directives exist to prohibit “listening, tapping, storage or other kinds of interception or surveillance of communication and the related traffic data by persons other than the users without their consent, which must be freely given, specific and informed indication of the user’s wishes.”

In other words, they exist to stop people spying on you when you use the internet or mobile phones (Needless to say, the same goes for mobile broadband).

Not only are Phorm and Webwise morally and ethically questionable, in my opinion, but according to those EC laws, without EXPLICIT consent (in other words, Opt-Out is NOT good enough), they run the risk of being illegal. Which means the covert trials run by Phorm and any ISP’s involved (let’s face it, there could have been more than one, and we wouldn’t necessarily know) were, following that definition, ‘illegal’, because no matter how much they anonymised the data, people’s private data streams were intercepted without their consent. Hence why it is very easy to interpret from the EC statement, such as commentator Alex Hanff and legal counsel Nicholas Bohm have both done, that those trials were illegal.

That’s obviously a matter for the courts, NOT me, to decide, but let’s not forget that in a recent case in Germany, the high court killed a similar plan by the German government to snoop on people’s online activities (although, I confess, I can’t confirm whether that’s just for online activity, or whether it extends to mobile phones as well). The court’s decision was final: that kind of interception and surveillance was both oppressive and illegal. And if it’s already been ruled illegal in one EU country…

The EC statement goes further, though, clearly stating that if the ICO (Information Commissioner’s Office) does not deal with this situation satisfactorily, then it will step in, and act on the case.

This cannot come soon enough, as it’s a massive worry to me, to you, and to anyone who values both their privacy and security, The only way we can guarantee our privacy and security is if Phorm and Webwise do NOT go ahead. Being in a world where government ministers tell you to keep your identity safe with one breath, whilst actively egging on a system that makes it EASIER to steal your identity (from your internet use or your mobile phones) with the other, is not a world any of us want too live in. Even if Phorm have the best intentions in the world, they can NEVER guarantee our data wouldn’t identify us, and can NEVER guarantee it wouldn’t be hacked into, to let someone use your identity.

But before I conclude , let’s clear something up; I’m not against marketing per se. With opt-in systems, you’ve got a real chance to actually benefit the customer. If I, or you, say YES to a newsletter, then that’s cool, that means we want to be told about products, because there’s a reasonable chance they might make our lives better. Take Technical Markus, for example. He’s signed himself up to LOTS of drumming newsletters, because it benefits him. He’s opted-in, and that’s cool, no-one has any problem with that. There’s a world of difference between marketing to customers because they’ve told you they want that info, and telling your customers they have to have it, and it’s good for them, and they shouldn’t think about it themselves!

So, if I say NO to it, I don’t want my personal life to be watched, monitored, categorised, numbered and sold to the highest bidder. I don’t want my info stored in a database that can be hacked at all (no matter how unlikely hacking it is). I don’t want to lead a life where I’m wondering who’s listening to me speak on my mobile phone, or tracking me with GPS, or reading my emails to a friend, before categorising me as a terrorist, because I said a film ‘bombed’ at the box office.

Do you?

No?

Then we’d all better hope that the ICO and the EC act in the UK’s best interests, indeed the best interests of everyone in the UK’s population, and declare, that Phorm and Webwise are indeed illegal. It’ll start with the internet and mobile phones, but after that, it’s just one long slippery slope to us living in a George Orwell novel…

Full text of EC Statement on Phorm and Webwise (source, plus analysis by Alex Hanff can be found at p2p.net):

“The Comission is aware of the activities of the company Phorm in the UK, concerning the analysis of internet traffic for advertising purposes, the agreement between Phorm and major internet service providers in the UK and the concerns that have been raised about the effects on privacy of these activities.

Privacy and the protection of personal data are fundamental rights of the citizens of the EU. They are enshrined in articles 7 and 8 of the EU Charter of Fundamental Rights, and also protected by the European Convention on Human Rights and the related instruments of the Council fo Europe, to which all EU Member States are signatories.

The general principles of personal data are defined in Directive 95/46/EC and complemented and particularised for electronic communications by Directive 2002/58/EC on privacy and electronic communications (ePrivacy Directive). The ePrivacy Directive obliges Member States to ensure the confidentiality of communications and related traffic data through national legislation.

In particular, they shall prhobit listening, tapping, storage or other kinds of interception or surveillance of communication and the related traffic data by persons other than the users without their consent, which must be freely given, specific and informed indication of the user’s wishes. The data concerned in this particular matter i.e. the content of search queries, constitute communication within the meaning of this Directive and the URLs used in the packets constitute traffic data. This data should therefore be protected appropriately.

The responsibility for the enforcement of national legislation transposing EU Directives is with the competent national authorities. The ICO, the UK data protection authority, has issued several statements concerning Phorm. According to press information, the ICO is also investigating in at least one case, where a formal complaint has been made concerning alleged trials of Phorm technology by BT in 2007[3].

The Comission services will continue to follow this case and possible similar developments and take appropriate action, should the need arise.

The Comission confirms its commitment to the protection of privacy and security of electronic communications as one of its top priorities.”

Following on from last week’s story about Phorm and Webwise, some more info’s come to my attention in this whole debacle. I told you all last week about how we are all sleepwalking our way into a world where we have no freedoms, no liberties, and no right to privacy. Today, I’m going to expand that argument further, and show you, beyond reasonable doubt, that what Phorm and Webwise are doing is morally wrong, ethically bad, and very probably illegal under British and European law.

First, we need to get into the legality (or lack of it, which seems more appropriate… ex-spyware-peddlers, don’t forget…) of Phorm and Webwise. Part of the massive furore over the system has been down to whether or not it will be illegal. And this is where the government got involved, specifically the Home Office, by completely turning a blind eye to it. We’ll forget for a second that the government actively WANT the ability to spy on people legitimately, and that it’s entirely likely they’ll force ISP’s to install something similar to Webwise in their own networks (which, by the way, we’ll never be told about).

No, what we need to concentrate on is the FIPR (Foundation for Information Policy Research) response to the Home Office’s turning of a blind eye. On that link you’ll find a couple of open letters, regarding the technical aspects, and more importantly, the legal aspects. However, I’ll sum up the important point for anyone who doesn’t like long-winded mumbo-jumbo and legalese (ie/ normal people like you and me)

Conclusion, drawn from the FIPR legal analysis
PHORM AND WEBWISE ARE TOTALLY, 100% ILLEGAL UNDER UK LAW. THEY ARE IN BREACH OF DATA PROTECTION LAW, RIPA LEGISLATION AND TRADING STANDARDS/FRAUD LAW.

I’d call that pretty categorical. If one can cite the specific sections of the specific acts Phorm and Webwise are in breach of, one must conclude there are some specific illegalities going on.

Of course, if that’s the case, we all KNOW the government will make amends to data protection law and RIPA to make it not be illegal. They do, after all, want it to happen…

But there’s another aspect to Phorm and Webwise that a forum contributor thought of on BadPhorm (and it’s something I’d never even considered, so my heartfelt thanks go to that guy… well, male or female, and their name, I don’t know, because unlike certain ISP’s I could mention, I respect privacy…), and that’s the very, VERY real possibility that Phorm could put YOUR company out of business.

Let me explain… Say you own an online shop that sells, for sake of argument, mobile phones. A user goes on your site, and Webwise sees (and profiles) that you’re interested in mobile phones. But then, they bombard that user with adverts for mobile phones, and this is the crucial part, FROM SHOPS OTHER THAN YOURS.

So, that user goes off and buys a mobile phone from them, and you lose the sale. Keep that up with every user who visits your site, and very soon, you’ll find that Webwise has turned your profit into loss, and has killed your business.

It’s kind of poignant that this story goes on our blog today, as today is officially the 15th birthday of the internet. 15 years ago today, the first code was laid down in the CERN lab, that would eventually flourish and evolve into the web we have today. Dubbed the creator of the internet, Sir Tim Berners-Lee put down that code 15 years ago, and today, he’s still involved in the web. What does he think of Phorm and Webwise?

No surprise, really, he hates it! And yet Kent Ertugrul, CEO of Phorm, has gone on record to imply Berners-Lee doesn’t understand the technical issues! Erm, hang on, he created the internet, I would imagine he knows a fair bit about it, Kent.

Still, what would you expect from ex-spyware-peddlers? The truth? No, I can’t see that happening.

There are ways to stop Phorm and Webwise (’Section 10 and Section 11 DPA notices served on your ISP’ springs to mind), outlined in some details over at BadPhorm, and the fight to get this illegal (according to the extensive and well-thought-out FIPR research) system stopped for good will go on. If you like your privacy, you’ll stand up and be counted.

And if not, then have fun when every single one of your communications are wiretapped and spied on, and your business has gone bankrupt, because of Phorm and Webwise…

[This blog post is the sole contribution of WinstonSmith, and all views expressed are those of the contributor, and not necessarily the views of MobileShop.com. However, Technical Markus agrees with him, 100%…]

By now, you’ve probably heard about an advertising system called Phorm, a system, that profiles web browsing, in order to deliver people ‘targeted advertising’ (and if not, you NEED to read about it… for full info, check out BadPhorm). But why do I think it’s wrong? And why do I think that Britain, as a nation, is sleepwalking into a state where personal liberties and freedoms mean precisely nothing? By now, people should be aware of the company Phorm and their Open Internet Exchange/Webwise advertising system. But you know what? A lot of people aren’t. And one has to wonder whether this is down to people burying their heads in the sand, or people not understanding the implications, and if it’s the second, is someone deliberately misleading them? Let’s look at the evidence…

Well, first of all, there’s little doubt that people, when they do know the issues involved in something, are smart enough to make an informed choice. Just look at the storm of protest that’s rightly been sweeping across the internet in the wake of the Phorm news. People are saying they don’t want it on their broadband connection, and it’s eminently clear that when it’s explained to them, even people who don’t fully understand it soon go, “Hang on, what the hell are you doing with my internet??”

Which leaves us with the nasty possibility that people are deliberately trying to mislead the entire country, to get it active and watching us, without people having a say in the matter. The worrying thing with that idea is that, quite frankly, it’s the most convincing explanation of what we’ve seen. The companies involved, most notably Phorm and BT, clearly don’t want to give us the chance to say no without a lot of hassle, because Phorm’s whole business model falls down if we do! Only the criminally insane, and irredeemably stupid would say yes to a system THAT ACTIVELY SPIES ON THEM.

I’ll say that again, in case anyone’s missed the point. With the Phorm system, they are spying on us. Plain and simple, no weasel words, no marketing speak, they are taking OUR privacy, gleefully tearing it up, and wiping their nose on it. They don’t care about what we think, because human beings like us are just a commodity to them. And frankly, it makes me sick.

“Oh, but we anonymise it, no-one can tell who you are,” they always say. Well, as dubious as that claim is, I couldn’t give two flying figs whether it’s anonymised or not. You, Phorm, BT and anyone else involved, if you’re reading this, are destroying our freedom, our essential liberty. You seem to think you’re above the law and can do what the hell you like. Your arrogance is both galling and astounding. And then, then, you have the bare-faced nerve to say that you’re spying on us for our own good!

And if you want an easier-to-understand example of the implications, here, imagine it’s not your broadband connection, but your phone, and someone is listening in, without your consent, to every single phone call you make. Once they’ve made notes on everything you talk about, they try to sell you things. All using a unique, non-identifiable ID code, of course. Surely I can’t be the only person who can see that ‘unique’ and ‘non-identifiable’ are completely contradictory?

So, why isn’t the government stepping in and stopping this obvious breach of our human rights? Why are they turning a blind eye to you and me and everyone in the UK being spied on?

Has it never occurred to people that just maybe they want the system to go live as much as Phorm do? Imagine politicians rubbing their hands together in glee at the thought of always knowing exactly what we’re saying, seeing, doing and thinking. Even if they don’t use that power to abuse our essential freedoms, do you really trust a group that seems to lose some more critical and private data every other week?? That’s why we’re sleepwalking into a state where we, as humans, become less than human, become a commodity to be bought and sold. This is the thin end of the wedge, if it happens, and if it’s not stopped, we will have no freedom, no rights, no privacy. We will lose everything that makes us human. The right to free speech will go pretty quickly, I would imagine, so good luck posting articles like this in future.

Of course, another standard argument that Phorm and the ISP’s involved uses is that Google already profiles us, to deliver targetted marketing, as if 2 wrongs somehow make a right. Besides, there is a crucial difference. With Google, if we use it, it’s a free service, and it provides a VERY definite service. We as consumers know not to expect a free lunch. We search on Google, Google monitor what we search for. Fair enough, we have the option of using a different search engine if we don’t like that. At least Google aren’t charging users a monthly fee, then trying to tell them it’s a good idea to sell their details and their entire browsing history onto a marketing company with dubious backgrounds (and whose product is formally classed as Spyware by security vendors, despite the mewling protestations Phorm make to the contrary). And with Google, at least they’re looking at ways to ensue users DO have some privacy, in a clear cut way, according to the Financial Times, using ‘crumbled cookies’ and so on.

Phorm don’t even have the common courtesy to do that.

“Oh, your data is anonymised,” they say. “We can’t see everything online, we can’t see encrypted pages.”

And then, not 3 seconds later, their representative in America smugly boasts that they CAN in fact, see everything online, and steal your bank details and all your passwords if they want. In an age where the government are constantly warning people about the dangers of identity theft, the fact that they themselves have buried their heads in the sand, when a company formally sets up a system that will make it EASIER to steal identities, indicates that maybe, just maybe, the government and Her Majesty’s police force actually want this to happen. They want people to willingly give up their freedoms, to bring round the clock surveillance that little bit closer.

And what, you may ask, has this got to do with mobile phones? Well, come on, do you really think they won’t be next? They’re aiming for our broadband at home first. That’ll be Phase 1 in the grand master plan. Phase 2 will be mobile broadband. Phase 3 will be mobile phones. You want evidence? Look at the Blue Book system run by O2, a system that automatically stores all your messages, contacts and so on online, in a database, so that you can access them later. It may have been set up for the best intentions, but you KNOW it’ll store all our calls, next, and it won’t be so WE can access them later…

In conclusion, our very future is under threat. First, from Phorm (a company who, despite their assertions otherwise, were classified as generating Spyware, by security firms such as F-Secure. To my mind, that makes them Spyware-peddlers, no matter what PR-rubbish they spin. You made Adware? Fair enough, I’ll go with the security companies who say you actually made Spyware, thanks very much).

And then one day, we’re going to wake up, with the secret police banging on our door, and wonder where our freedom went…

Join the debate, and say what YOU think about Phorm, before it’s too late!