The ICO has just had a go at TalkTalk for snooping on their customers. Hmm. I wouldn’t be a TalkTalk customer if they paid me so I’m not bothered on that score. But I’m also not worried because I can’t see they’ve actually done anything wrong in this instance.
What they’re accused of is harvesting the URLs of web sites visited by their punters. Reality check: networks log traffic anyway. It’s necessary for maintenance and optimisation. All managed networks do it, all the time. The system the ICO is making a fuss about simply collects the URLs and then sends a malware scanner to the site to check for dodgy stuff so it can blacklist the URL in future.
You can’t scan the whole web for malware; it’d take too long by a spectacular margin. Scanning the relatively small subset of URLs your customers are actually accessing is as good a way of directing your effort as any.
So why’s the ICO making the headlines? Just to show they’re on the ball, I suppose. And TalkTalk makes an easy target. This is probably the first time ever I’ve defended them on any issue.