Ben Laurie blathering

Phorm Legal Analysis

FIPR‘s Nick Bohm has written a fascinating legal analysis of Phorm’s proposed system. Its nice that RIPA’s effects are not all bad, but it turns out that, in Nick’s opinion, Phorm are on the hook for a number of other illegal acts under various acts…

  • The Regulation of Investigatory Powers Act 2000
  • The Fraud Act 2006
  • The Data Protection Act 1998

He also beats up Simon Watkin of the Home Office (well-known in UK privacy circles for spending a great deal of energy trying to persuade us all that RIPA [then known as RIP] was going to be alright, really), for a note he wrote which suggested that Phorm’s business model was just fine under RIPA. Simon stays true to form by pointing out that the note wasn’t actually advice, and was not based on paying any attention at all to what Phorm were actually proposing. One has to wonder, then, what the point of writing it was?

Perhaps more disturbingly, Nick also talks about what my be the first attempt at enforcement against Phorm. Not surprisingly, the police say they’re too busy and it’s the Home Office’s problem and the Home Office say its not their job to investigate offences under RIPA. Isn’t it lucky, then, that we are doing their investigating for them?

I’m also pleased to see that Nick supports my view that the consent of both the user and the web server must be obtained for Phorm’s interception to be legal under RIPA

RIPA s3(1) makes it lawful if the interception has the consent of both
sender and recipient (or if the interceptor has reasonable grounds for believing
that it does). This raises the question of whose consent is required for the
interception of communications of those using web browsers.

I’m also intrigued by Nick’s analysis of Phorm’s obligation under the Data Protection Act. Where sensitive personal data is processed by Phorm, then the user’s consent must be obtained. Nick argues that Phorm will see information relating to

• their racial or ethnic origin,
• their political opinions,
• their religious or similar beliefs,
• whether they are members of a trade union,
• their physical or mental health or condition,
• their sexual life,
• the commission or alleged commission by them of any offence, or
• any proceedings for any offence committed or alleged to have been
committed by them, the disposal of such proceedings or the sentence of
any court in such proceedings

It occurs to me that Nick has missed a trick here: the user might also view sensitive data relating to a third party – for example, they might participate in a closed web forum where, say, sexual preferences are discussed. In this case, it seems to me, the consent of that third party would need to be obtained by Phorm.


  1. Hi Ben

    id just like to point out Cable Forum Member Alexander Hoff’s PDF paper that covered more broken laws than currently seen here long before this,credit were it due in this fight, its the longest runing ISP/Phorm thread on the net BTW too.

    you might also note know but alexander was also a guest speaker as the peoples rep,at the Phorm PIA and just did a BBC Click! interview the other day for broadcast in the next program this satturday or perhaps the next…

    come join the cable forum thread and contribute, we are collecting lots of information and in contact with many MP’s/MEP’s and house of lords peers.

    capt jamie, another cable forum member made available his unedited Phorm PIA video’s you may have seen as well.

    we are a pritty busy bunch over there 😉 and kurt doesnt like us much or the effect we are having on the Phorm stocks dropping like a stone…

    Comment by popper — 23 Apr 2008 @ 18:43

  2. Hi Ben,

    I’m reading Nick Bohm’s paper over and over again here and loving it. As popper mentioned there is unedited video footage from the PIA meeting at where you can see Dr Richard Clayton’s presentation and Alexander Hanff’s excellent legal, social and historical context speech.

    Comment by "Captain Jamie Hunter" — 23 Apr 2008 @ 20:07

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress