British mobile telephone operators Vodafone and O2 have been accused of infringing their customers privacy as they are said to scan the internet surfing activity of their Mobile Broadband users and collect more personal data than necessary. Several Vodafone customers caught their operator actively tracking their online behavior. O2-subscribers complained about a new policy requiring them to hand over personal data before accessing adult websites. 

Vodafone and O2 ensure that they do not mean to spy on their customers or intercept their communication. These actions are in place to protect underage users from harmful internet content.

Vodafone customers noticed that they were being stalked by an automated system, which would load the same website address (URL) an instant after they had requested it. “We use the Blue Coat filter to classify internet sites so that we can apply an adult bar appropriately. This is not a question of intercepting customer communications but of ensuring the safety of our younger customers in a dynamic environment. It is used solely for child protection and to block illegal content and not for any other purpose. Other network operators use the same or similar systems. We are required to do this in order to meet our regulatory and industry obligations.” Vodafone said.

Privacy experts are appalled by Vodafone’s new scanning tools and by their statement that they are acting in compliance with legal obligations. They say the operator is essentially using Deep Packet Inspection (DPI), which is in breach with UK and EU privacy directives. The interception of communication, such as when visiting a website (URL), is illegal, unless consent is given.

Many O2 customers in the UK are worried about their privacy too. O2 has begun enforcing an opt-in policy for access to adult internet content, redirecting customers to a company called Bango to prove their age with a credit card. In this registration process, the operator also finds out the name and address of the customer that is specifically looking for adult content– which is valuable information in itself. O2 received hundreds of questions as to why this additional ID check is required and why the new scheme is implemented so suddenly.

O2 and Vodafone have a responsibility for protecting children against harmful internet content, in common with all UK mobile operators. The operators have agreed to set up the Independent Mobile Classification Body (IMCB) in 2005 and a voluntary scheme to provide a shared database of dodgy content for blacklisting. The phone companies have blocked access to commercial adult content since. But with more data-capable phones, and more free content, the network operators are all tightening up the process, which has led to such unrest among customers.

O2 started the more stringent checks with a small trial group. These clients did not seem to mind handing over details to Bango. On that basis, O2 flipped the switch without warning, forcing everyone who hadn't opted in to adult content to do so.

Experts fear that if mobile operators can demonstrate a viable opt-in system, then fixed ISPs will be asked to do the same thing. Along with a tighter inspection of our serving behavior, we should probably get used to having to register our perversions with our access provider, for the sake of the children of course.

References: The Register, ISPreview