British Telecom Phorm report leaked
An internal British Telecom document was released two days ago on the Wikileak website that provides the results of British Telecom's validation of Phorm, also known as (aka 121Media) Deep Packet Inspection.
According to that report, 18000 users were chosen as test objects without their knowledge or consent. In that 2-week period more than 18 million page requests were intercepted and injected with JavaScript.
Only 15-20 users recognized the interference and reacted negatively to it (out of 18000). The report goes on by suggesting changes to it so that the process will be 100% transparent to the user which simply means that they want a system where the user does not realize that the connection is being hijacked and misused.
Phase two tests include an updated version of ProxySense which reduces the chance that users notice that content is injected on websites that they visit.
I have not had time to read the whole report but it seems like an illegal act to me to inject advertisement on web pages without the consent of customers and operators of such websites. In addition to spying on users about 7000 cookies were dropped as well.
You can read the following two articles posted on The Register website which provide you with additional details about Phorm and the test that BT ran in that time:
BT admits misleading customers over Phorm experiments
ISP data deal with former 'spyware' boss triggers privacy fears
I hope that there will be an unparalleled public outcry and coverage in Britain and world wide. Spread the word.
If you are interested in the report check out the page on Wikileaks which offers an overview of it and downloads so that you can read the full report locally.
There you find extensive information including advertising campaigns that were run during the test phase, criteria and even system compatibility information.
Advertisement
http://content.screencast.com/media/686618b3-bad2-40bc-a9e8-273508a0ddbe_e8b4f9d2-a42b-457d-a422-662f833196ed_static_0_0_2008-06-06_1519.png
^^ look above, although bad it’s not the worst case scenario since I’ve got ad block plus + dephormation