A report from The Wall Street Journal has gotten numerous people talking recently. The article says that network neutrality is losing major supporters. One of the prominent figures that the WSJ says is losing support for network neutrality is Google because, allegedly, they are negotiating with internet service providers for preferential treatment. Other claims include Microsoft and Yahoo withdrawing from a coalition to keep the network neutral, that Lawrence Lessig is also “shifting gears” on the subject and that advisers to President Elect Barack Obama who support network neutrality are now changing their views on the subject. Quite a news story and certainly news to many including some of the figures that were mentioned in the story.

Epicenter points to a Google blog posting which didn’t exactly fill the posting with praise for the Wall Street Journal. Richard Whitt called the news article “confused” and denied making comments about Obama advisers, suggesting that the Obama teams stance really hasn’t changed. Whitt also said that the company is currently setting up caches for ISPs to help speed up web page loading times, improving the network by delivering content closer to the user – not interfering with competing traffic.

BoingBoing points to Lawrence Lessig’s blog posting. Lessig said that the story was a “made-up drama” and that his views on network neutrality isn’t new. His view is that internet service providers have a right to charge different rates for different services.

BoingBoing updated the posting to include a blog posting explaining in depth why the Wall Street Journals article is “bogus”.

What makes this story so scandalous is the fact that the Wall Street Journal has been around for years and, as such, collected so much credibility that pretty much everything printed in the Journal is perceived as fact. These people go from casual readers all the way up to University scholars which have used articles from the Journal to write scholarly articles (which works its way down to essay pieces written by College and University students) No doubt that the accuracy of the Journal is currently being brought into question by some, though it’s also possible that the Journal is written by human beings who will eventually screw up sooner or later.

Imagine every bit of information you receive being analyzed before it even reached it’s intended destination. It’s a thought that helped caused an uproar in the United States with the debates over telecom warrentless wiretapping. Mix advertising from the Internet Service Provider and you may be moving towards the debates the British are having to deal with.

The Open Rights Group points us to new information being released. Various groups including ORG and the foundation for information policy research were invited by Phorm and the Information Commissioner’s Office to take a look at the system that has caused an uproar in Britain.

Clayton then blogged about his findings, offering an introduction to what he found:

Phorm explained the process by which an initial web request is redirected three times (using HTTP 307 responses) within their system so that they can inspect cookies to determine if the user has opted out of their system, so that they can set a unique identifier for the user (or collect it if it already exists), and finally to add a cookie that they forge to appear to come from someone else’s website. A number of very well-informed people on the UKCrypto mailing list have suggested that the last of these actions may be illegal under the Fraud Act 2006 and/or the Computer Misuse Act 1990.

Phorm also explained that they inspect a website’s “robots.txt” file to determine whether the website owner has specified that search engine “spiders” and other automated processing systems should not examine the site. This goes a little way towards obtaining the permission of the website owner for intercepting their traffic — however, in my view, failing to prohibit the GoogleBot from indexing your page is rather different from permitting your page contents to be snooped upon, so that Phorm can turn a profit from profiling your visitors.

Overall, I learnt nothing about the Phorm system that caused me to change my view that the system performs illegal interception as defined by s1 of the Regulation of Investigatory Powers Act 2000.

The full analysis of the controversial technology can be found here (PDF)

“We now know that BT have already conducted secret trials of this technology, testing the effectiveness of snooping on their customers’ Internet activities. They claim to have received extensive legal and other advice beforehand, but have failed to give the reasoning on which this advice is based.” Nicholas Bohm, General Counsel for the Foundation for Information Policy Research, said in a FIPR press release, “As we pointed out in our letter, the illegality stems not from breaching the Data Protection Act directly, but arises from the fact that the system intercepts Internet traffic. Interception is a serious offence, punishable by up to two years in prison. Almost incidentally, because the system is unlawful to operate, it cannot comply with Data Protection principles.”

Meanwhile, Open Rights Group points out, “By coincidence, the Information Commisioner has released an updated statement on Phorm. From the looks of things, they have declined FIPR’s invitation to consider the lawfulness of Phorm’s data processing under legislation other than the Data Protection Act (such as RIPA). They have also failed to address the news that BT trialled Phorm without seeking consent from its users in 2006.”

In spite of the concerns surrounding the technology, the Information Commissioner issued the following statement (PDF)

The ICO has received a number of queries concerning the recent announcement by Phorm that 3 major UK Internet Service Providers have agreed to allow them to use technology, developed by Phorm, to present adverts to their customers based on the nature of the websites they visit.

Understandably, this has provoked considerable public concern. We have had detailed discussions with Phorm. They assure us that their system does not allow the retention of individual profiles of sites visited and adverts presented, and that they hold no personally identifiable information on web users. Indeed, Phorm assert that their system has been designed specifically to allow the appropriate targeting of adverts whilst rigorously protecting the privacy of web users. They clearly recognise the need to address the concerns raised by a number of individuals and organisations including the Open Rights Group. We welcome the efforts they are making to engage with sceptical technical experts
and believe that it is only by allowing their technology to be subject to detailed scrutiny by independent technical experts that they will be able to prove their assertions regarding privacy. The ICO strongly supports the use of technology in ways which enhance rather than intrude upon privacy, and plans to produce a report on “Privacy by Design” later this year.

It may lead one to wonder if the opposition to this technology is currently falling onto regulatory deaf ears.

digg_url = ‘http://digg.com/tech_news/Phorm_Analysis_by_Richard_Clayton_Released_Trials_Continue’;