UK investigators have announced their intent to investigate ISP British Telecom (BT) over the contents of a leaked internal memo that surfaced last June. According to the memo, BT data-mined the web browsing activity of some 18,000 users during a two week period in September/October 2006, and they did so without informing the users. Whether this was illegal under UK law has been a point of contention between privacy advocates and BT; the results of the UK's investigation should settle the matter.
BT was able to mine the data through the use of an online dynamic antiphishing web package known as Webwise. According to the program's website, Webwise offers "a new security feature designed to dynamically warn customers if they visit a fraudulent 'phishing' site. When a user clicks on a link for a known phishing site, Webwise will detect it and automatically show the user a strong warning notice within their internet browser before they reach the fraudulent site." The technical details of just how BT got its data aren't given; presumably it was mined whenever the Webwise service was queried about the safety of a particular site.