Laws
against unauthorised wiretaps should not be used to prevent ISPs
providing targetted advertising services, provided ISPs users consent
and the service has the highest respect for the users’ privacy,
according to a Home Office memo released to the ukcrypto mailing list.
The memo analyses the legality of Phorm and similar services in detail,
and concludes with a policy statement that:
The purpose of Chapter 1 of Part 1 of RIPA is
not to inhibit legitimate business practice particularly in the
telecommunications sector. Where advertising services meet those high
standards, it would not be in the public interest to criminalise such
services or for their provision to be interpreted as criminal conduct.
The section 1 offence is not something that should inhibit the
development and provision of legitimate business activity to provide
targeted online advertising to the users of ISP services.
The memo’s legal analysis also provides comfort for Phorm in three key
areas. It suggests that there are arguments that Phorm’s service might
not constitute an interception under RIPA:
Where the provision of a targeted online
advertising service involves the content of a communication passing
through a filter for analysis and held for a nominal period before
being irretrievably deleted - there is an argument that the content of
a communication has not been made available to a person.
It suggests that even if Phorm’s services does constitute an
interception, it might still be lawful provided the ISP user consents to
it, as the required consent from a web site operator might be inferred
from the fact that they’re publishing content on the public Internet
A question may also arise as to whether a
targeted online advertising provider has reasonable grounds for
believing the host or publisher of a web page consents to the
interception for the purposes of section 3(1)(b). It may be argued
that section 3(1)(b) is satisfied in such a case because the host or
publisher who makes a web page available for download from a server
impliedly consents to those pages being downloaded.
It also suggests that ISPs might be able to redefine their service from
being “Internet access” to “Internet access with value-added targeted
advertising", and by so doing take advantage of wiretap exemptions
originally intended to protect routers and web proxies.
Regardless of the legal debate, it is highly significant that the
government has decided that as a matter of public policy RIPA should not
stand in the way of Phorm and similar services, provided user consent is
obtained through the ISP’s Terms and Conditions of Service. This implies
that even if the legal arguments remain contested, ISP prosecution is
unlikely and the government might contemplate legislative reform to
clarify the legal situation in favour of Phorm and their ISP partners.
FIPR Consider Phorm to be Illegal
See
full article from The Register
See
also
Open Letter to the Information Commissioner
The
Foundation for Information Policy Research (FIPR), a leading government
advisory group on internet issues, has written to the Information
Commissioner arguing that Phorm's ad targeting system is illegal.
In an open letter posted to the think tank's website today, the group
echoes concerns voiced by London School of Economics professor Peter
Sommer that Phorm's planned partnerships with BT, Virgin Media and
Carphone Warehouse are illegal under the Regulation of Investigatory
Powers Act 2000 (RIPA).
The letter, signed by FIPR's top lawyer Nicholas Bohm, states:
The explicit consent of a properly-informed
user is necessary but not sufficient to make interception lawful.
The consent of those who host the web pages visited by a user is also
required, since they communicate their pages to the user, as is the
consent of those who send email to the user, since those who host
web-based email services have no authority to consent to interception
on their users' behalf.
Phorm claims that all sensitve data will not be profiled, but FIPR
argues its "restricted sites" blacklist system will be ineffective
because of the vast array of webmail and social networking sites web
users now visit.
Bohm uses the letter to urge the Information Commissioner, Richard
Thomas, to ignore the conclusions of the Home Office, which advised BT
and the other ISPs that Phorm's technology is legal.
Earlier today web inventor Sir Tim Berners-Lee said he would personally
not want his traffic to be profiled by Phorm, and called on BT, Virgin
Media and Carphone Warehouse to make the "service" opt-in only.
He also raised concerns that what a person looked at online could be
used for other purposes. He said: I want to know if I look up a whole
lot of books about some form of cancer that that's not going to get to
my insurance company and I'm going to find my insurance premium is going
to go up by 5 per cent because they've figured I'm looking at those
books.