Donald Cran reviews recent privacy developments arising out of ISPs' use of Phorm
The European Commission (EC) has begun infringement proceedings against the UK for failure to implement properly the EU Directive on protection of personal data. The action follows complaints that UK internet service providers had trialled behavioural advertising technology developed by Phorm, Inc. without users' knowledge or consent.
Phorm technology analyses site visits by internet users to determine their interests, and then delivers targeted advertising to those users when they visit certain websites.
Such advertising may benefit both vendors and customers by better matching the former's products with the latter's needs. However, its use in the UK must comply with:
● The Data Protection Act 1998, implementing the EU Data Protection Directive 95/46/EC; and
● The Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426), implementing the EU Privacy and Electronic Communication Directive 2002/58/EC on processing of personal data and protection of privacy in the electronic communications sector.
Monitoring or interception
Monitoring or interception of communications in the UK must also satisfy:
● The Regulation of Investigatory