BT are to develop an alternate method to record your opt-out status to Phorm as opposed to the default cookie based system that relies on your computer storing a cookie to indicate you are not a Phorm user. This follows TalkTalk's decision along the same path back in March and is good news for consumers as it will ensure the opt-in or opt-out status of your account is held more reliably, and is also possible to work across multiple computers on the same Internet connection.
Earlier this month the Information Commissioner Office (ICO) announced that ISPs using the Phorm system had to make it opt-in to comply with European law. This is definitely a step forward for the consumer, but ISPs TalkTalk and BT Retail had already pre-empted this to help ensue consumer confidence in the system.
There are, however, still concerns with regards the legality of the opt-in where computers are used by multiple people. Nicholas Bohm of the Foundation for Information Policy Research (FIPR) has indicated in his legal analysis of Phorm (PDF) that the EU law as referenced above by the ICO actually requires consent from the "data subject", which could be any user of the computer / connection, not just the person who ordered or pays the bills (paragraphs 55-58). In a letter to LINX he goes on to explain that ISPs will need to get consent from all users stating that one possible way to do this is to have the subscriber to the service promise that they are authorized to act on behalf of all users. This could well be a flawed approach as it is unlikely to be the case, particularly of unknown future users of the computer. With no easy way to actually identify the person using the computer, time will have to tell what approach is taken towards this by ISPs.
See our news archive for previous Phorm articles.