FIPR belives Phorm illegal in the UK

March 19, 2016

The Foundation for Information Policy Research (FIPR) has published an open letter to the Information Commissioner Richard Thomas.

The letter highlights the question of whether the targeted advertising system Phorm is to put into practice and BT Total are about to test is in effect an interception of communications and per se under the Regulation of Investigatory Powers Act 2000 requires unequivocal permission from both the broadband customer and provider. Most interestingly FIPR believes that consent would be mandatory by the host of the web pages, which with the multitude of websites around the world would be impractical to acquire. Exceptions exist that allow filtering for viruses and unwelcome bulk email but would not cover a targeted advertising system.

This most recent twist in the Phorm tale may well see any provider deploying the system having to put into practice an opt-in system, which may weaken the amount of income the system will create. How many consumers will sign-up is anyone’s guess, many might consider the phishing protection is valuable, but with the myriad of built-in and add-in phishing protection tools out there already, that feature is hardly unique.

One part the FIPR does raise is web pages that would otherwise not be found by search engines as they are not linked to any other web page. In these cases the content may possibly not be secured with a password and people rely on it only being a ephemeral page, for instance pictures of a family event, new product pages waiting to be published or a company carrying out market research that it wants a collection of individuals to view. In the same way that viewing your browser history could divulge a sudden interest in party venues if booking a surprise party for someone in the family, if adverts for party venues started to pop-up it could ruin a surprise. Now you can of course clear your browser history, but the Phorm database will have your interest now categorised.