Monday 17 March 2008

Attempt to report a crime

At 19:50 this evening I phoned New Scotland Yard to fulfil my civic duty and report a crime. Based on BT's admission to carrying out secret trials of this technology last summer without obtaining customer consent first, and in accordance to the guidance given by FIPR and the Home Office; I attempted to report BT for multiple criminal breaches of Regulation of Investigatory Powers Act 2000 (RIPA).

New Scotland Yard refused to issue the complaint a Crime Reference Number as they knew nothing about the issue and were "sure higher bodies are dealing with this" (in actual fact they don't know they were just trying to fob me off). They also claim that despite BT's admission reported in the press today; I need to know where the crime took place.

So basically what we need are victims of BT's criminal activities, to come forward and file a complaint with the police themselves. If you know you were part of the secret trials phone your local police station and make it very clear that you wish to file a complaint for criminal breach of RIPA against BT. The crime will have taken place in your local exchange as far as I am aware but we may need some clarification as to where the actual Phorm technology was (geographically) on BT's network before the police will act on these complaints.

So please, if you are a victim, come forward, make the call and start the criminal investigation rolling on BT.

Alexander Hanff


Anonymous said...


Data Protection Act:

Part 2 Section 11 reads:

Right to prevent processing for purposes of direct marketing

(1) An individual is entitled at any time by notice in writing to a data controller to require the data controller at the end of such period as is reasonable in the circumstances to cease, or not to begin, processing for the purposes of direct marketing personal data in respect of which he is the data subject.

Anonymous said...

I am a security analyst. I wish to remain anonymous, I'm not in it for any glory. I will be affected by this directly and so it is in my interests to know. Here's what I see so far with Phorm/Webwise. Please evaluate and confirm the following:

Fundamental Point 1:

Here's the use case (unintended consequence?) where it all falls down:
1. I sign up to insurance web site.
2. I google for cancer information sites
3. See an advert on one of those sites which seems to be holy grail for cancer, so I click it.
4. The advert actually links back to the insurance site I happen to be a member of by sheer luck.
5. The insurance people match up their own advert referal with my existing site cookie for their web site and prove to themselves that I've been searching for cancer and they up my premiums.

Fundamental Point 2:

ISPs should remain disinterested in the traffic that passes through them, if they control or monitor it, they become responsible for it. ISPs have been fighting for ages to keep the right to not be held responsible for what their users do on the Internet. This would destroy that safe harbour in an instant.

Fundamental Point 3:

Whether Phorm is opted in or out, regardless of existence of cookie, the ISP has to tap your TCP connection to deep packet inspect for the presence of the cookie, regardless of what web site you're going to (i.e. all web sites). This is illegal as per RIPA.

Mistrust point:

Phorm claimed in their FAQ: "I delete my cookies regularly, and I want to keep Webwise switched off. How do I do that?
If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add "" to the Blocked Cookies settings in your browser." (11 Mar 2008 14:01)

However, their javascript uses domain (note: not .net!):
"document.cookie = name+"="+value+expires+"; path=/;";" (18 Mar 2008 11:10am,

So regardless of whether you followed their FAQ or not, they sneakily had you opted in.

You may freely quote and propagate this summary without the need to give credit.

Anonymous said...

See also evidence of BT having deployed Phorm's WebWise (link verified at 2008-03-18 14:20):

Anonymous said...

As a server operator, I'm worried about Phorm monitoring my data without *my* permission. After all, it's not just end users but website owners that are monitored, even though we're not the customer of BT, TalkTalk or Virgin Media!

I've set my .htaccess file with the following to add a header to every web page and graphic served to explicitly say I don't consent to Phorm monitoring traffic from my server. We need to get every webmaster to do the same!

Header add Phorm "Phorm Inc, All Subsidiary Companies of Phorm Inc, OIX Network, Internet Service Providers using the technologies provided by the former mentioned companies; We specifically deny permission for the former mentioned companies to intercept any communication between a remote user accessing content on our Server and that person's Internet Web Browser, or any other Interface that such a remote user may use to obtain our data."

Header add Phorm-Consent "No"

Anonymous said...

Do Phorm comply with the following, does it apply?

Anonymous said...

I am an intended Victim, BT tried to "Phorm" my connection about 6 months ago, but I very quickly realized something was amiss!

The BT Webwise Site flashed up, when I connected to the Internet, as if I had rogue "spyware" on my computer offering me a "PHISHING FILTER".
"I Immediately shut this Down"
I also noted the now infamous "" instead of a BT DNS Server!

I "HAVE" asked the Police both on a National level & a local level to investigated via their WEB Forms.
"Anonymously" because I am still using BT as my ISP!"

So the Police stating they have not had complaints that they are obliged to investigate, IS EYEWASH & denotes something very "Fishy" happening at a higher level!!

I also note via my TCP/IP monitoring software the extra DUP/ACK's etc when "iframes forms etc" & other such parts are being accessed on the "Web Pages etc served by the WWW.

I formally ask BT to stop intercepting my traffic & the police to investigate wire-tapping of Legitimate communications on the BT Network of Non Business Customers!

Anonymous said...


I'm a Webmaster who would like to deny Phorm Ltd. and it's subsidaries the opportunity to unlawfully intercept communication between my website(s) and my visitors, of which would be illegal as I would be denying consent forthwith.

Could you write a practical guide for website owners to implement and deny Phorm Ltd. the opportunity?

Anonymous said...

The main talk seems to be about BT illegally intercepting people's traffic, and they seem like a tough target that plod and hmg prefer not to take on. Did Phorm commit a crime under RIPA in the trials? Perhaps they would be a softer target than BT.