We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

TalkTalk failed to alert ICO over anti-malware trial

ISP insists service doesn't snoop on customers

The Information Commissioner's Office (ICO) said it's "disappointed" with TalkTalk after the ISP failed to inform the ICO about a trial of new anti-malware technology.

In a letter to TalkTalk, which was published by the What Do They Know website following a Freedom of Information Act request by Peter White, Information Commissioner Christopher Graham said: "I am concerned that the trial was undertaken without first informing those affected that it was taking place".

He added that keeping the ICO alerted was important "in light of the public reaction to BT's trial of the proposed Webwise service".

BT conducted an internal trial of Phorm's controversial technology, which monitored a person's web browsing and search terms in order to serve up related advertisements, in September and October 2006. However, it failed to inform its customers they were taking part in the trial. As a result the telecom giant faced a lot of criticism and a potential legal investigation after it was suggested BT broke privacy laws with the trial.

"You will be aware that compliance with one of the underlying principles of data protection legislation relies on providing individuals with information about how and why their information will be used. You will also be aware that these principles are not suspended simply because the information is being used for the purposes of a trial," the Commissioner added.

TalkTalk's technology records and scans URLs for viruses and malicious code. Those that are found to be clean are placed on a whitelist, while those that pose a threat appear on a blacklist for seven days.

TalkTalk said the service was opt-in and free to use. The ISP also confirmed the service doesn't record which customers is attempting to connect to the URLs.

"These lists are recorded in a temporary electronic state and not in conventional accessible storage. When the anti-malware service goes live to customers, these lists will in future be used to alert customers to websites suspected to have malware or viruses," said Clive Dorsman from TalkTalk in a blog.

"Importantly, the anti-malware system does not record or scan any secure 'https' website URLs."

Mark Schmid, communications director at TalkTalk, agreed that the ISP should have informed the ICO about the trial, but was quick to point out the new technology is in no way related to Phorm.

"We do not look at people's web-browsing habits and use them to serve up targeted advertising," he said.

TalkTalk plans to roll out the anti-malware technology to all of its customers by the end of the year.

See also: TalkTalk to increase line rental by 55p


IDG UK Sites

Best January sales 2015 UK tech deals LIVE: Best New Year bargains and savings on phones, tablets,...

IDG UK Sites

Chromebooks: ready for the prime time (but not for everybody)

IDG UK Sites

Best Photoshop Tutorials 2014: 10 inspiring step-by-step guides to creating amazing art,...

IDG UK Sites

Mac tips tricks & hacks: 10 things you didn't know your Mac could do