Does this mean the "mere conduit" defence has been well and truly destroyed?

In the article above I was careful to include the point - "The fact that we host the service also means your data never leaves our network and it is never passed to a third party"

Companies like Aladdin are very concious of data security (given their job is to protect customers data they take this very seriously). The architecture means the system doesn't make customer specific data available to anyone else, and what optimisation and debug information is available relates to things like throughput and capacity management reporting and not individuals data.

I hope that puts your mind at rest, but as I say I would be happy to work with you further to give you more detail than I can make available in public if that is of interest.

Ian

"In terms of the legal side, I think it’s important to bear in mind that the elements of RIPA being discussed in relation to Phorm etc relate to the interception of traffic. Interception in terms of RIPA is very clearly defined as being where data is captured and then passed to a third party."

Indeed. However, until I asked there was no assurance from PlusNet that the Aladdin 'platform' doesn't phone-home. Presumably PlusNet will be providing Aladdin with at least some form of (system) profiling data for optimization. Debug information is perhaps more worrying. Though I'm sure no ISP would be naive enough to pass a memory dump (even from the process' local address space) to a 3rd-party

Firstly, as we pay per user for this type of technology it would be rather silly of us to consider giving it to people who don't want to use it. There is no upside for us in doing that at all (it's a very different solution to some of those being proposed by other ISPs in the UK currently).

In terms of the legal side, I think it's important to bear in mind that the elements of RIPA being discussed in relation to Phorm etc relate to the interception of traffic. Interception in terms of RIPA is very clearly defined as being where data is captured and then passed to a third party. As the Aladdin service simply looks at traffic and matches it against rules held within the same platform, nothing like that happens in this implementation and the data is never passed to a third party in any way whatsoever.

Traffic from non Aladdin subscribers won't pass through the platform. Again, that would represent a serious waste of what is a costly resource, with zero gain to our customers or us as a result. I'm happy to share the details of any platform design when that has been finalised, although for competitive and security reasons there will always be some details we can't put in the public domain. For now it's simply a case that we have seperate routing for Aladdin triallists that will pass only their traffic through the trial platform. I would be happy to hear from a small group of customers who had concerns about this, and with use of an NDA, could perhaps share more of the detail about the technology and platform design if they would be prepared to vouch for the fact that nothing underhand was going on to any other potentially concerned customers. Drop me an email (iwild at plus d. net) if that is something you would be prepared to help with Lee.

I'd just finish by saying that we have absolutely nothing to hide on this one. I think this is a potentially brilliant and very beneficial service for customers who want the extra protection the technology can provide, and I hope it can be seen as that by our customers.

Ian

Has PlusNet sought advice from the Home Office before deployment?

Where can I get technical details on the point at which PlusNet discriminates between data streams of users of the technology and users not signed up to the technology?

Do data streams of users not signed up for the technology (after full deployment) pass through any hardware/software supplied by Aladdin?

We've been using DPI as part of our traffic management since November 2004 and we've never hidden that. There is a wealth of information on our portal regarding this.

DPI allows us to ensure that time sensitive traffic like gaming, voip etc is given the correct priority on our network and that bandwidth hungry protocols such as binary usenet and P2P arent allowed to impede on the time sensitive applications. This doesnt mean we inspect what you are downloading, thats not our job.

Since PN have already admitted to carrying out deep packet inspection, why is data being deep inspected twice (once for PN and once for Aladdin?)

BTW Why would anyone need protection from the "Swimwear/Lingerie" category!

I remember Ian talking about Aladdin at the Open Day, and it seemed quite exciting. The points I think I remember, that perhaps need further emphasis:

1) It doesn't send our data to anyone else, and doesn't even allow PlusNet to get at our data
2) It is automatically and regularly updated (with new definitions and filters for data we don't want on our PCs) from one highly reputable source - Aladdin
3) PlusNet themselves are partnering with Aladdin to deliver this service (not just buying it in) so have an ongoing relationship with them
3) It does not slow down our internet connection or reduce bandwidth or affect usage limits
4) It is completely transparent, residing on the PlusNet servers - there is no indication that it is even on and doing anything - even though everything goes through it all the time (which may possibly have it's down sides...?)
5) It is "not the PlusNet way" to have it on for people who have not requested it
6) It is far more advanced and subtle than the techniques of blocking ports, running IP filters, blocking keywords etc. that some ISPs have tried

Please correct me if I'm wrong about any of this.