Re: TalkTalk tracking you, phorm?
I won't get out my dictionary (phew!) but don't forget that CPW/TalkTalk were the subject of an ICO enforcement notice dated January 2009,
http://www.ico.gov.uk/upload/documen...telecom_en.pdf associated press release: http://www.ico.gov.uk/upload/documen...talk_final.pdf which gives an important contemporary legal and regulatory context to the current ICO comments. CPW/TT are currently subject to active ongoing monitoring of their DPA/PECR compliance as part of an ongoing investigation of earlier breaches that are officially of the type that could lead to them being charged with an offence/offences or the ICO or other authority instituting criminal proceedings. To put it bluntly, TT/CPW are already officially in the ICO's naughty corner, with penalty points on their license, and any rune-reading of what the civil service language might mean, as the ICO expresses "disappointment" and "concern" in an official letter, should be done with that in mind (as well as an awareness of the understated way civil servants generally express themselves in writing - for assistance - turn to the "Yes Minister!" archive of Sir Humphrey's advice on such matters). It isn't the sort of "squeaky clean" behaviour you would normally expect during a probationary/monitoring period following breaches which included: a) failure to comply with subject access requests b) unfairly and unlawfully processing data c) failing to take appropriate technical and organisational measures to ensure there was no unauthorised or unlawful processing d) processing inaccurate and/or out of date data That is the official and on-the-record background that informs MY interpretation of the civil service language used by the ICO in his recent letter to TT, and perhaps suggested the word "reprimand" to the BBC journalist, in connection with TalkTalk's lack of candour with the ICO (and their customers) on a DPA related matter, only eighteen months later, while that oversight and enforcement monitoring was ongoing, as it still is now. The Register preferred "chides". http://www.theregister.co.uk/2010/09/06/ico_stalkstalk/ The BBC suggested "rapped" and "reprimanded" http://www.bbc.co.uk/news/technology-11213488 PCPro used "mild rebuke" http://www.pcpro.co.uk/news/security...trial-to-phorm eWeek Europe uses "unhappy" http://www.eweekeurope.co.uk/news/ic...-snooping-9477 I've read rather a lot (too much...!?) of ICO correspondence over the last two years, attended their conferences and training, and sat in meetings with their representatives. I think I have got fairly good at reading between the lines of their public statements and private correspondence. |
Re: TalkTalk tracking you, phorm?
Quote:
if viewed as a whole, the ICO is far from happy with Talk Talk, compare it to the published exchanges with other companies like BT over phorm and it is far more scathing, if you actually talk to the ICO you find they want to do more but the "statutory instruments" (powers to you and me) whilst on the books have never been activated so he can't use them, so he can see his teeth, just can't put them in and use them |
Re: TalkTalk tracking you, phorm?
OK if everyone who doesn't want me to visit their sites would just give me the URLS and I promise NEVER to visit them and if I inadvertently do so I'll arrange to have my eyeballs turfed out with rusty spoons...;)
Now what was the topic?Because to be perfectly honest I lost the plot ages ago. What exactly is this thread about?..And the explanation had better be in the language stupido or thicko so I can follow it.. I ask this because I notice that there is very little input from anyone else apart from a very few very technically minded and it has occurred to me that this might be because hardly anyone knows what this thread is about.The legalese has certainly baffled the hell out of me.. |
Re: TalkTalk tracking you, phorm?
Quote:
bottom line the topic is about Talk Talk creating a system that follows users to web pages to scan them for malware problem is that presents a number of legal issues which are quite technical in nature ranging from 1:- probable breaches of PECR (EU legislation on privacy of electronic communications, 2:- the old favourite RIPA as the information they are gather (web page / URL instead of just host name) means it falls foul of definitions of communications data, for those who do not know the difference, host name is like www.bbc.co.uk but a web page / url identifies a single page or area on a website like http://www.bbc.co.uk/news/technology-11213488 3:- possibly fraud act as well as the system appears to reply full URL string including session information in the query string part of the URL (after the ? in the URL) so some claim it fraudulently trys to impersonate the ISP customer to gain access to the website pages and the fact it is designed to operate covertly / invisble to the ISP customers and websites |
Re: TalkTalk tracking you, phorm?
TalkTalk were scanning websites (without informing anyone) in what they said was a trial for malware scanning software. Some people were very unhappy about this (as they believed TalkTalk were breaking various laws and statutes) so made comments about "caching being illegal" and "charging TalkTalk £10 per time for accessing their websites".
Most of the discussion since then has been differing viewpoints on the legality of what TalkTalk were doing, and the provenance of the some of the sites quoted as being the source of these "attacks", and also differing technical interpretations of some other stuff. hth ---------- Post added at 22:41 ---------- Previous post was at 22:39 ---------- Quote:
Most of the discussion since then has been differing viewpoints on the legality of what TalkTalk were doing, and the provenance of the some of the sites quoted as being the source of these "attacks", and also differing technical interpretations of some other stuff. hth Edit; funnily enough, bc1, Quote:
|
Re: TalkTalk tracking you, phorm?
Quote:
---------- Post added at 22:54 ---------- Previous post was at 22:52 ---------- Quote:
|
Re: TalkTalk tracking you, phorm?
Quote:
as to the differing view points that is what a forum is designed for, to share and debate ideas and topics i watch with interest and post occasionally when i feel i can add value or to correct waht i percieve to be an incorrect statement or assumption |
Re: TalkTalk tracking you, phorm?
Quote:
|
Re: TalkTalk tracking you, phorm?
Quote:
Quote:
|
Re: TalkTalk tracking you, phorm?
Quote:
What laws?Whose laws?Will the Chinese like it? |
Re: TalkTalk tracking you, phorm?
there are two sides to this issue,
one is at face value TT seem to be trying to do something to protect people from malware and driveby attack on the internet making things hopefully safer for everyone i for one have often said that the isp's should be able to do more to stop infected machine from sending out spam, being used for hosting dodgy websites etc BUT the way TT seem to have gone about this makes me very suspicious as to their motives on one hand TT want to make the system covert so that sites hosting malicious content don't know about it so can't block the probes and monitoring system but on the other hand you have legisilation that protect certain rights of both websites and users that this system seems to breach it is a fine balance which TT do not seem to have got right the obvious place to put this system would be on a transparent proxy (a computer that all web traffic passes through covertly) then so long as the processing takes place on the fly purely to detect viruses and malware it should be ok problem is to do this in real time the amount of computing power is prohibatively high, hence i think they have gone for the off line / after the visit option which causes its own potential problems, as many web pages are now what is known as dynamic so they are created on the fly as a one off page then dumped once viewed and the TT system could never scan them |
Re: TalkTalk tracking you, phorm?
Quote:
What rights? And you are losing me again in the last two paragraphs...Complete and utter thicko about such matters. |
Re: TalkTalk tracking you, phorm?
The way the system appears to be working at the moment is that it is just recording the URLs visited by Talk Talk customers. The system will then visit those URLs itself. Based purely on what Talk Talk have said, I would suggest it will then check the site for malware, but (at this stage) do nothing else.
I suspect (again this is speculation) that in the future, TT will use the system to either warn visitors to those sites, or stop them visiting the site totally. The arguments against it are that it possibly violates our right to privacy along with various EU regulations (the same ones that Phorm violated), and that it could violate the webmaster's copyright. My own opinion on the system is that *if* it works as I state, it *could* be a good thing in the fight against Malware. However, I am rather concerned that Talk Talk have not been a lot more open about this. The fact they haven't suggests to me that they are either worried about the reaction in the light of the Phorm PR disaster or they are planning something they aren't telling us. |
Re: TalkTalk tracking you, phorm?
http://www.whatdotheyknow.com/reques...e%20tt.pdf.pdf has a diagram showing how the finished product will work.
It's intended to offer both malware protection and parental controls on an opt-in basis. |
Re: TalkTalk tracking you, phorm?
Quote:
Quote:
|
All times are GMT +1. The time now is 10:12. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.