EC Sues The UK Over Phorm Privacy Failure

The government is being sued by the European Commission over its failure to act against BT over its use of Phorm, a scanning software that builds a profile of users habits and interests. The application scans for keywords on websites visited and then assigns relevant ads.

The EC has accused the government of privacy violations through oversight of loopholes in UK legislation. If the government loses the case, it will be fined millions of pounds per day until UK law is brought in line with EC standards.

Home Office In The Dock

The Home Office is now faced with a case referral to the European Court of Justice because the EC’s patience has worn thin after 18 months of negotiations. The full statement from the European Commission has been published.

The problem lies in the fact that that BT performed trials without the consent of its customers and the EC has argued that the failure of the government to take action contravenes the Data Protection Directive and the ePrivacy Directive. The problem is that there is no legal mechanism in place to allow action to be initiated.

BT customers who complained to the Information Commissioner were told that the department had no powers to investigate. The only other body to approach was the Investigatory Powers Tribunal but this only acts when data is intercepted by governments. There is no middle ground.

The EC is highly critcal of the Regulation of Investigatory Powers Act (RIPA). This UK law allows commercial interception of data when a company believes it has “reasonable grounds” to believe that consent has been given. The Commission pointed out that the Act allowed the City of London police to drop their investigation of the BT trials merely because BT said it believed it had customers’ consent.

Jim Killock, executive director of the Open Rights Group, said, “This is great news. Phorm showed there are big holes in the UK privacy laws. We need an official body to deal with citizens’ complaints about illegal commercial interception and enforce our legal privacy rights. More and more technologies can break our privacy rights. UK law needs to provide real protection.”


Eric Doyle, ChannelBiz

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago