It would seem that the chorus of disapproval about the "targeted advertising scheme" (a cute euphemism for spyware that) developed by Phorm is gathering pace somewhat. There is this from The Register - for me a clear indication of how disingenuous, if not mendacious, BT are being about the product. And, as The Register reports here, FIPR (for the uninitiated, the Foundation of Information Policy Research) has written an open letter to the Information Commissioner outlining their concerns and maintaining that the scheme is illegal.
I note too Tim Berners-Lee's comments, reported here. I can't help feeling that this intervention is especially significant, essentially because it reaches beyond the narrow confines of the Phorm issue. He makes the crucial point about his data and web history that: "It's mine - you can't have it. If you want to use it for something, then you have to negotiate with me. I have to agree, I have to understand what I'm getting in return." It will come as no surprise that I agree wholeheartedly with this. No doubt in common with Tim Berners-Lee I also believe that the principle should be applied to all data that is held about an individual wherever it is held, not just to their web-browsing history. But, as the law stands, it simply does not give effect to this. Ergo, returning to one of my more persistent themes, what is urgently required in the interests of both data privacy and data security is a radical overhaul of the current legal provision in this area to re-cast the law back in favour of the individual's data rights.