The forthcoming British Telecom annual general meeting of shareholders at the Barbican in London on July 16th, could be interesting, with a planned protest by furious BT broadband customers who were secretly snooped on for the controversial Phorm advertising interception secret technical trial - see the NoDPI.org campaign website ("Watching them watching us" - a familiar slogan !)
It seems that there has now been a leak of the internal British Telecom Retail report, dated January 2007, which highlights the technical issues and performance of the illegal 2 week secret technical trial which British Telecom inflicted on thousands of its unsuspecting broadband internet customers, for two weeks in September 2006.
The report confirms that that none of the BT customers were consulted beforehand, and they did not grant their permission for their port 80 web traffic to be intercepted and modified by British Telecom and 121Media (as Phorm were then known)
They tested out the substitution of banner adverts from a range of British based advertising agencies, mostly relating to Motoring, which were substituted in place of some charity adverts e.g. from Oxfam. It is unclear from this report whether Phorm had paid for the charity adverts, but, given the sneakiness of this commercial espionage test, it seems unlikely that any charity would have been consulted or agreed.
The BT report highlights the obvious "web cookie dropping" problem and its incompatibility with informed consent.
The effect on static IP address customers by the sneaky imposition of the proxy servers is also recognised in the report.
The report does not mention the Regulation of Investigatory Powers Act 2000 section 1 criminal offence legal implications of intercepting web based emails, but the engineers do seem to be passing the buck over to the BT legal department, to get the terms and conditions of the broadband customer contract changed.
The other interesting part of the report are the figure for the scalability of the standard proxy server and channel server equipment required. The BT report estimates that over 300 servers would be required to cover all of British Telecoms 9GB/s broadband web traffic.
This gives an idea of the scale and cost of similar Deep Packet Inspection web content snooping schemes envisaged by the Labour Government and the European Commission, for "anti-terrorism" purposes.
See Alexander Hanff's report and analysis of this leaked BT report,:
BT covert trials in 2006 - The FACTS about PageSense
Also see Dr. Richard Clayton's technical analysis of the Phorm infrastructure - The Phorm "Webwise" System
A couple of Questions for BT's senior managers -
- Who were the BT managers who authorised this secret snooping on thousands of broadband customers ?
- Was the Phase 2 Commercial viability test promised in this report ever conducted, also, presumably, in secret ?
- When will BT publicaly apologise and pay financial compensation to the few people who were tearing their hair out, and wasting their time and energy trying to track down the non-existent computer virus or spyware which they assumed had infected their systems during this secret test of the Phorm scheme ?
- Will BT bow to the inevitable and drop this pernicious Phorm plan altogether (unless they create a completely separate, free or very cheap, clearly up front advertising funded broadband service) ?
A copy of the BT report (17Mb .pdf) also now resides on the supposedly uncensorable Wikileaks.org website in Sweden.
You may want to consider the security and privacy implications of the fact that the SSL Digital Certificate for https://wikileaks.org expired on 16th May 2008.
See WikiLeakS.org - secure.wikileaks.org - Secure Sockets Layer Digital Certificate has Expired
Well written article.
>free or very cheap, clearly up front advertising funded broadband service
Free? Its the valuable web content that Phorm scam to drive their advertising system. That content is not 'free'.
Some of it is not priced, but it is not 'free' (in the 'public domain' sense of 'free').
That's what copyright law is supposed to protect.
So where is the consent from the web site creator for their web traffic to be intercepted to support a free service? Where is the consent for copying to support a free service?
Remember the net comprises wide range of unencrypted but not public data. eCommerce. Personal non-public sites. Web mail services. Stocks & shares. Family sites. Charity sites.
You can't drive a 'free' internet by stealing private and copyright content from web site owners.
And if its difficult to get consent? Unfortuneatly for BT that's tough baps.
That's *yet another* reason why what they have done is illegal.
Pete
...and it could have been far far worse!
Phorms inspection and replacement technology is juvenile and amateurish in comparison to a theoretically perfect design of someone who understands higher layer Internet physics.
(This'll be a Bar assisted conversation next time I meet Richard for sure ;))
I bet it'll be under a year before we see a Phorm friendly EULA from a tight-tight ISP *and* the systems infrastructure adjusted to be much less detectable.
You only have to look at the adoption of (the very shitty) Bearfruit system to see how secondary monetization schemes are becoming part of ISP's business plans.