Forums
| BadPhorm - When good ISPs go bad! :: Forums :: Tips & Breaking News :: Tips |
|
<< Previous thread | Next thread >> |
| DPA and the Article 29 Working Party report - Implications for Phorm? | ||
|
Moderators: Jim Murray, narcosis, felixcatuk, Sammy
|
| Author | Post | ||
| Midnight_Voice |
| ||
 Registered Member #180 Joined: Thu Mar 13 2008, 08:51PMPosts: 2 | A kind colleague has pointed me to: Article 29 Working Report on DPA, Privacy and email screening While it mostly talks about email, pretty much everything it says can be extrapolated to web browsing as well, as it relates to electronic communications in general. Particularly interesting paragraphs are: Directive 2002/58/EC of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector (“e-Privacy Directive”) applies to the processing of personal data in connection with the provision of publicly available electronic communications networks in the Community. The provisions of this Directive particularize and complement the Data Protection Directive. The confidentiality of communication is protected, in particular, by Article 5 of the e-Privacy Directive which reads as follows: “…Member States shall ensure the confidentiality of communications and the related traffic data by means of a public communications network and publicly available electronic communications services, through national legislation. In particular they shall prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other then users, without the consent of the users concerned, except when legally authorised to do so…” and Accordingly, the Working Party 29 is of the opinion that, in accordance with Article 5.1 of the e-Privacy Directive, the email providers are prohibited from engaging in filtering, storage or any other kinds of interception of communications and the related traffic data for the purposes of detecting any predetermined content without the consent of the users of the services or they must be legally authorised to engage in such screening in accordance with Article 15 of the e-Privacy Directive as implemented by Member States legislation. Where the reference to email, above, can I believe be generalised to cover other electronic communications including, but not limited to, browsing activity. You can see that the Working Party is positive about spam blocking and the like, but are firmly of the opinion that the sort of thing BT, VM and TT are about to engage on is to be deprecated, if it is not indeed already illegal. And most interestingly, that it does indeed not seem to apply to Phorm; it is the ISPs who will be breaking the rules. Clever Phorm! It's the ISPs that will get the heat. Midnight_Voice (BTW, is it just me, or do these windows not scroll when composing? The typing goes in, and the arrow keys do move the cursor around, but I keep having to Page Down to see what's being typed. I've have to write practically the whole thing in Word and then paste it in :-( Big Brother: a programme people watch, or a program watching people? | ||
| Back to top | | ||
| Sammy |
| ||
   Registered Member #143 Joined: Sun Mar 09 2008, 08:36PMPosts: 115 | It's not just you - I use Notepad and paste in to get round it. Protect your Privacy; Stop Phorm Petition Government to Stop Phorm | Stop Phorm on Bebo | ||
| Back to top | | ||
| RichieISPs |
| ||
 Registered Member #145 Joined: Mon Mar 10 2008, 05:26AMPosts: 33 | I reckon phorm cant prove they dont touch web based email anyway. Think someone put something in the tech forum about it being impossible to blacklist because of the number of work servers and that all email text isnt always in a web form... | ||
| Back to top | | ||
| Quiscustodiet |
| ||
| Registered Member #140 Joined: Sun Mar 09 2008, 02:06AMPosts: 23 | Midnight_Voice wrote ... “…Member States shall ensure the confidentiality of communications and the related traffic data ... without the consent of the users concerned, except when legally authorised to do so…” Bill Thompson pointed out a few weeks ago that almost 800 government bodies are allowed access to communications data traffic. http://news.bbc.co.uk/2/low/technology/7226016.stm And 250,000 requests for data were made in the first nine months of 2007. Phorm/Webwise is only part of the problem. Even without semantic obfuscation 'do no evil' is a pretty wide brief. | ||
| Back to top | | ||
| Oblonsky |
| ||
| Registered Member #132 Joined: Sat Mar 08 2008, 10:59AMPosts: 25 | Great tip! I had a good read through Directive 2002/58/EC and I think it's worth reposting Article 5 in full here. The big questions are: - Is the UK obligated under Article 5 (presume no opt-out!) - How are those obligations met? A patchwork of RIPA/DPA? - How does Article 6 (Traffic Data) apply? Can we take this to mean which sites have been visited, but not the content of the transaction (i.e. communication), which is covered under Article 5? Help anyone? Reproduced Article 5 in full but not 6... Article 5 Confidentiality of the communications 1. Member States shall ensure the confidentiality of communications and the related traffic data by means of a public communications network and publicly available electronic communications services, through national legislation. In particular, they shall prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than users, without the consent of the users concerned, except when legally authorised to do so in accordance with Article 15(1). This paragraph shall not prevent technical storage which is necessary for the conveyance of a communication without prejudice to the principle of confidentiality. 2. Paragraph 1 shall not affect any legally authorised recording of communications and the related traffic data when carried out in the course of lawful business practice for the purpose of providing evidence of a commercial transaction or of any other business communication. 3. Member States shall ensure that the use of electronic communications networks to store information or to gain access to information stored in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing, and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user. | ||
| Back to top | | ||
| Oblonsky |
| ||
| Registered Member #132 Joined: Sat Mar 08 2008, 10:59AMPosts: 25 | [ooops again] [ Edited Fri Mar 14 2008, 09:07AM ] | ||
| Back to top | | ||
| oobayly |
| ||
| Registered Member #24 Joined: Tue Feb 26 2008, 11:01AMPosts: 14 | Oops, mentioned my greasmonkey script to Sammy & Midnight_Voice, but have just found out the textareas have been fixed [ Edited Fri Mar 14 2008, 09:54AM ] There are 10 types of people in the world: Those who understand binary, and those who don't. | ||
| Back to top | | ||
Powered by e107 Forum System