Updates to this story
TalkTalk's proposed anti-malware system, which was under fire for installing itself and logging information without the consent of users, is similar to that of phenomenal baddies Phorm, the ICO has suggested.
The finger pointing comes after Peter White submitted a Freedom of Information request to the watchdog, fearing that the ISP's anti-malware service was invading people's privacy.
The service on TalkTalk's network looks at the websites users visit to check for malware, adding URLs to a white or black list. However, Mr White put the request forward claiming that the company had not sought permission from users while undertaking the trials. This raised red flags for anyone with half a brain on privacy, while TalkTalk carried on defending its snooping.
In a letter sent to the ISP, which was posted by Mr White on the What Do They Know site, it was revealed that the watchdog had asked the ISP for full details of the system, following concerns that consumers hadn’t been warned before the trial started.
The Information Commissioner Christopher Graham said he was “disappointed” the trial wasn’t mentioned by TalkTalk at recent meetings between the two organisations, especially “in light of the public reaction to BT’s trial of the proposed Webwise service”, referencing the behavioural advertising system from Phorm.
“I am concerned that the trial was undertaken without first informing those affected that it was taking place,” he said in a letter to TalkTalk.
“You will be aware that compliance with one of the underlying principles of data protection legislation relies on providing individuals with information about how and why their information will be used," he added. "You will also be aware that these principles are not suspended simply because the information is being used for the purposes of a trial.”
TalkTalk is having none of it. We spoke to Mark Shmid, communications director for TalkTalk, who said to us: "There were no parallels with the Phorm trials".
He went as far to say that the "blogging industry had got it mixed up."
"All the ICO has said is that it was concerned we had not informed our users of the trail. This story is a red herring and we're more than happy that the [watchdog] has released this information."
He said that the system bore no resemblance to Phorm as it looks at websites, not user data, and said the vast majority of the queries TalkTalk has fielded about the system were from website owners wondering why their sites were being scanned, not from the ISP's customers.
However he admitted that the company "didn't think it needed to tell customers," using the excuse that the system "didn't access personal information."
Similarities behind TalkTalk's bonkers idea and Phorm are easier to spot than a leopard. Both farm data and up until recently Talk Talk has done its trials without permission. Phorm's Webwise service uses deep-packet inspection to tailor adverts based on the user's surfing habits, while Talk Talk views sites under the guise of security. Whether Talk Talk has good intentions or not is beside the point - it still logs data that a user has not expressly given it permission to.
In this day and age when privacy's top of the agenda it's baffling to see such an established brand act so gung ho about privacy.
Why is it that these people choose to continually obfuscate and then dump on Phorm by trying to excuse there own activities by misrepresenting what Phorm does? They have done this on the TTMF, TalkTalk Members Forums where there are certainly lots of questions from their customers asking what the company thinks they were messing about at..
http://talktalkmembers.net/forums/showthread.php?t=46287
You will notice a distinct lack of any meaningful answers from TalkTalk to their customers questions.
If Phorm had any money left I'm sure they would be happily asking TalkTalk to modify their claims. What TalkTalk are doing is effectively the same as Phorm. That is scanning pages visited by their customers. The only difference is that they are not doing it in 'real' time but rather a few seconds later.
They might not use DPI a la Phorm in order to do so but the result and implications are exactly the same. Also on the point of DPI how are TalkTalk extracting these URLs if they are not using DPI to do so?
As far as I am aware my browser will request a DNS server for the IP of a site I wish to visit based on it's name and top level domain, example.com, then it will send the URL request embedded along with that IP routing information in a communication through the network.
The only way TalkTalk will gain access to the URL for replay is by performing Deep Packet Inspection on my communications. In order to be certain that they catch all the URLs they have to do so on the full content of all my communications or the packets those communications are comprised of.
Somewhere in that thread on the TTMF forums one of the OCE's mentions that this system is not only for the purposes of identifying MalWare but it is also for Parental Controls. That means TalkTalk must be 'profiling' the pages for content.
Equipment from Huawei..? Might it have something to do with this patent.
Patent Family
http://v3.espacenet.com/inpadoc?DB=EPODOC&locale=en_GB&FT=D&CC=WO&NR=2009006813A1&KC=A1
European Version
http://v3.espacenet.com/publicationDetails/biblio?DB=EPODOC&adjacent=true&locale=en_GB&FT=D&date=20091230&CC=EP&NR=2139181A1&KC=A1
http://v3.espacenet.com/publicationDetails/originalDocument?CC=EP&NR=2139181A1&KC=A1&FT=D&date=20091230&DB=EPODOC&locale=en_GB
PopUp to download full document,
http://v3.espacenet.com/espacenetDocument.pdf?flavour=trueFull&locale=en_GB&FT=D&date=20091230&CC=EP&NR=2139181A1&KC=A1&popup=true
A system that profiles webpages for content, perhaps cameras or cars or holidays, being fed URLs for replay from TalkTalk Customers. And then TalkTalk claim that they have no means of linking this with other data they might have from their customers.... unless.
Well, we know that the original scanning requests were coming from radius servers. That's about as close as you can get to login and passwords maintained by TalkTalk linking things directly to their customers.
Of course we have the 'Opt-In' scenario being offered to customers who wish to make use of the system... so that will be OK as long as it is used for the purposes claimed which suddenly seem to have lost any reference to 'Parental Control' or indeed any other sort of screening or profiling of websites beyond malware. You know... something like Behaviourally Targeted Advertising in exactly the same way that Phorm was attempting to do things. Cough.
On the other hand it is not Opt-Anything, in, out, shake it all about for the rest of TalkTalks customers. Nice free service... So how does it get paid for?
Have we missed out anything that does not sound like this might be ever so easily adapted to perform the same function as Phorms system? Let's see..
Deep Packet Inspection
Website Profiling
Linking to Customers
Covert trials
Free Malware/Anti-Phishing protection.
Lots of misplaced and incorrect mumbling after the event.
Walks, Quacks and TalkTalks