EU starts legal action against UK over Phorm ad service

Europeans must have the right to control how their personal information is used, says commissioner Reding

Phorm allows ads targeted on users' web behaviour

The European Commission has launched legal proceedings against the UK government for alleged breaches of EU data protection laws caused by controversial internet advertising company Phorm.

In a video posted on her web site, Viviane Reding, the European Union's Commissioner for Information Society and Media, said that Europeans must have the right to control how their personal information is used.

She said the Commission would take action wherever EU member states failed to ensure that new technologies such as behavioural advertising respected this right.

The move follows months of informal communication between Brussels and the Information Commissioner's Office (ICO) about Phorm's controversial behaviour-targeted advertising technology.

Phorm enables internet service providers to analyse what their users are doing, to build up a profile of their interests which can be used by advertisers to serve more relevant adverts.

A year ago, BT admitted it had tested the technology in 2006 and 2007 without informing customers involved in the trial.

The technology has since been tested and cleared by the ICO.

But the European Commission believes UK law needs to be strengthened to ensure that users are asked to give their consent before their data is intercepted – known as an "opt-in" rather than an "opt-out" system.

The rules are clear, said Reding.

"A person's information can only be used with their prior consent. We cannot give up this basic principle, and have all our exchanges monitored, surveyed and stored in exchange for a promise of 'more relevant' advertising. I will not shy away from taking action where an EU country falls short of this duty," she said.

The EU directive on privacy and electronic communications requires EU member states to ensure confidentiality of communications by prohibiting unlawful interception and surveillance unless the users concerned have given their consent.

Under UK law, it is an offence to unlawfully intercept communications, but interception is allowed when the interceptor has "reasonable grounds for believing" that consent to interception has been given – for example if a consumer had failed to opt out of a system.

The UK has two months to reply. If it does not or provides an inadequate response, the Commission may decide to issue a "reasoned opinion" calling for changes to the law.

If that fails the UK could be taken before the European Court of Justice and forced to change the law.

Jim Killock, executive director of campaign group the Open Rights Group said: "There are big legal questions surrounding BT's use of Phorm, so we welcome the EU taking the government to task. It's a pity our own government hasn't had more backbone and stood up for its voters’ rights."

And Linda Weatherhead from consumer rights group Consumer Focus said: "While phone tapping is clearly illegal and unacceptable, it seems that spying on digital communications and activity is not. Information is being collected on our internet viewing habits ‘behind the screens’ and few of us have any choice. It seems that by simply turning your computer on we are consenting to the collection of your personal information.

“Consumers need options to protect their privacy. The government must take the lead so consumers can trust and have confidence in the digital world. Consumer Focus would like to see a set of digital rights - a basic set of protections for consumers to operate in the digital world.”