Is BT still collecting usage data?

After the recent scandal over BT using Phorm (see here and here) is it still possible that BT is still covertly collecting data profiling its user’s internet usage?

I have, as part of my home BT Total Broadband package, a HUAWEI Mobile Connect 3G Modem.  This is a USB dongle that provides internet service.   I rarely use it, but because of the storms last night my internet connection has been very unstable, therefore I plugged it in today.

When I started the “BT Connection Manager” software, it informed me that there was an update to the service and would I like to download it? Yes, ok, and a couple of minutes later it began to install itself.  Then popped up the obligatory EULA which contained the paragraphs:

Installation of this Software will automatically apply a unique identifier to the Software, this identifying feature will only be used in accordance with the BT privacy policy which can be found at www.bt.com.

This software automatically collects session and client parameter Information for all connections made via this Software. This information is automatically transmitted to BT at the start of each session where Internet access is available. This session information will only be used in accordance with the BT privacy policy which can be found at www.bt.com.”

BTConnectionManagerEULA.txt

I also note that the software package uses the Open Source packages libCurl, openssl and sqlite.  Combined they enable the package to record “session and client parameter Information for all connections” in the database (sqlite) and to encrypt (openssl) and transmit the data via a web request (libcurl) back to BT.

At this point I am unable to confirm if such a transmission is taking place as I declined the EULA, but would welcome feedback or comments from others that are able to investigate this more fully.

Update: Even though I clicked “Cancel” to reject the EULA – it did update the application and actually started it up before I exited the installer.  Guess I have this privacy invading feature now.

All content © Paul Gregg, 1994 - 2024
This site http://pgregg.com has been online since 5th October 2000
Previous websites live at various URLs since 1994