main_icn_My_Vodafone main_icn_Search main_icn_Chevron_right main_icn_Chevron_down main_icn_Close main_icn_Menu social-facebook social-google-plus social-linkedin social-twitter social-youtube main_icn_Community_or_Foundation main_icn_Location main_icn_Network_signal
Menu Toggle
Announcements
Keeping the UK connected is our main priority. Find out how we're doing thishere.
Close announcement

Other broadband queries

Privacy policy update - shady AF. What are my rights?

Highlighted
2: Seeker

I'm sure most Vodafone customers got the same email today, one of the usual 'updates to our privacy policy' messages which most of us ignore and automatically give consent to whoever asks for it.

 

Today, for some reason, I actually read what VF are now collecting from my network..

 

(taken from https://www.vodafone.co.uk/privacy/home-broadband-and-phone)

"For providing end user support and optimizing your WiFi experience we are collecting information about connected devices (MAC address, IP address, Serial Number, user given host names and WiFi connection quality) as well as information about the the WiFi networks (MAC addresses and identifiers, radio statistics)."

 

It goes on to say that its not even VF which is gathering or hosting this info..

 

"This platform is facilitated by a third party provider called Airties A.S.. Through this platform, this information may be accessed by the Customer Service Department in the event that the user calls us to report any type of problem with their Wifi or may be treated by your Network Maintenance and Operations Service to Resolve any issues. This information will be obtained from the Wifi devices or those connected to it. "

 

Sorry but this is not acceptable to me. VF does *not* have the right to poke about to see the devices I connect to my network, the other wifi networks near me or anything else besides providing connectivity to the internet.

 

I'm not one of these people who sit in their bedroom with a tinfoil hat, this is BS.

 

Vodafone - please advise either how I can go about opting out of this or confirmation that I am entitled to end my contract early, free of any fees.

 

View more options
22 REPLIES 22
Highlighted
17: Community Champion

Hi @jeffers_UK 

 

I agree privacy is very important for many reasons.

I would suggest to "call 08080 034 515  (free from all UK landlines and mobiles) with lines open between 8am and 11pm, seven days a week." from 》Broadband-and-Home-Phone-FAQs and they'll officially clarify.

Current Phone > Samsung Note 10+ 5G _256Gb > Model: SM-N976B.

Samsung One Ui 2.1  / Android 10.

 

Samsung Gear s3 Frontier Watch.

Samsung Galaxy Buds.

View more options
Highlighted
16: Advanced member

We can only speculate VF have felt the need to do this, but based on what they keep getting slammed for, it's probably to do with their bottom of class customer services feedback.  I'm still not really sure the way they are doing this is going to fix anything, and if they were to measure all this data ALL THE TIME then it's going to be such a massive amount of data that the monitoring itself could affect users data throughput!

 

 

*It always worries me a little when an organisation goes on the warpath to gather as much info as possible, that once they have it, they don't know what to do with it!  There is also the issue with new policy that at least some minor details in there appear to have been written by someone without a clue, and so would be almost impossible to actually do!

View more options
Highlighted
2: Seeker

I had a web chat with VF this evening and they claim that its been mandated by OFCOM...

 

 

Joseph : We are only taking these details so that we can ensure that your broadband services are working in the correct optimized frequency, just to boost up your broadband experience. These details are only taken for this purpose only. You can be assured that these details are not shared with anyone or kept with us. This is to only ensure that you are getting the best services. These changes are not illegal and these changes are requested to applied by the of-com itself and every other provider has to ensure that these changes to the privacy policy are applied so that all the customer can have the best experience.

 

 

I dont belive this for a minute and have contacted OFCOM for clarification. They have also confirmed that customers are unable to opt-out of this data harvesting..

 

 

Joseph : No, there is no way. Even if you switch to other provider they will also tell you the same thing. We all providers are bound under the rules and regulations of the of-com, so even you change the provider the scenario will be the same. So, you will never be able to get out of the feature, even after changing the provider. You can be sure that none of the provider have been given the authority to monitor your services, the details are only taken so that we all can improve the broadband services according to the devices you are using, so that your broadband services work on best optimized frequency and everyone can have the best experience and lass hassles while using the services

 

 

I really wouldnt normally bother with this but its cheesed me right off. How can a company decide to take private, personally identifiable data from outside a private network, pass it to a third-party and give the customer no option to opt-out.

 

Assuming that OFCOM confirm that its not a policy mandated by them then I guess CISAS is the next option?

View more options
Highlighted
12: Established

In addition to OFCOM, it may be one for ICO too.  Do let us know what OFCOM have to say.

View more options
Highlighted
5: Helper

Another reason for using your own router.

View more options
Highlighted
Moderator

Good afternoon everyone. I totally appreciate all of your concerns in regards to this. You can see our full privacy policy here.  If you do want to opt-out of this - as that is your right to do so, please fill out this form here and our privacy team will investigate your request for you. Any other questions in relation to this, please let me know.

View more options
Highlighted
12: Established

@DaneB wrote:

Good afternoon everyone. I totally appreciate all of your concerns in regards to this. You can see our full privacy policy here.  If you do want to opt-out of this - as that is your right to do so, please fill out this form here and our privacy team will investigate your request for you. Any other questions in relation to this, please let me know.


The bit in bold... what does that mean exactly?  Which bit of 'opt out' needs to be investigated? 

 

I will complete the request as I don't want a random third party (acting for Vodafone) collecting data about devices connected on my side of the router, how or when i use those devices.  My side of the router has nothing to do with Vodafone whatsoever.

 

E.T.A - Done... hopefully my opt out will be implemented without any ado.  

 

 

View more options
Highlighted
16: Advanced member

I've already made a request for access to the network info held against my account - I'd like to see how much info they've actually managed to acquire, especially since I use my own equipment!  To be honest the simple collection of some of the info the talk about shouldn't be possible for those of us with our own equipment, and if they are doing it could be a GDPR breach!  I'm also hoping that the inner workings of my network are pretty secure, so it'd be embarrassing if my network is not as secure as I believe!

View more options
Highlighted
12: Established

I have recently set up a Velop mesh - currently in bridge mode with VF WiFi switched off.  

I have two devices connected to the Velop nodes via their own Ethernet ports plus six, sometimes seven other devices connected through an eight port switch and a raspberry pie DNS server/ pi-hole plugged in to the VF Modem.

 

I am wondering how much they can see on my side of their router... ?  I have been toying with the idea of a Draytek 130 and putting Velop into router mode too... Worthwhile do you think?  

View more options
Highlighted
2: Seeker

It also looks like The Register have picked this up and confirmed with the ICO and that "the of-com" have not mandated this data harvesting :Winking_smiley:

 

Anybody else getting, somewhat ironically, security errors when trying to submit the privacy 'contact us' page?

 

Secure Connection Failed

An error occurred during a connection to new-forms.vodafone.co.uk. PR_CONNECT_RESET_ERROR

 

 

View more options
Highlighted
12: Established

@jeffers_UK wrote:

It also looks like The Register have picked this up and confirmed with the ICO and that "the of-com" have not mandated this data harvesting :Winking_smiley:

 

Anybody else getting, somewhat ironically, security errors when trying to submit the privacy 'contact us' page?

 

Secure Connection Failed

An error occurred during a connection to new-forms.vodafone.co.uk. PR_CONNECT_RESET_ERROR

 I didn't have an issue with the form but whether it is acted upon will be another matter.   Seems to be a material change to the contract T&Cs prevailing at the time I signed up.  

Can data be harvested from the consumer's LAN if a third party modem/router is used instead of the VF modem/router?

 

 

View more options
Highlighted
2: Seeker

Hmm, the problem with the form seems to be related to the type of issue you want to raise. It went through when I listed it as a complaint.

 

As to using a third party router.. it should stop any data collection but it's a bit crap isn't it, having to go out and buy equipment to stop your ISP from doing something it shouldnt be doing in the first place.

View more options
Highlighted
2: Seeker

I filled out the form to ask about opting out and got a fairly blunt email saying "We’ve not changed our terms at all, As a result, we have provided you with more information about the Privacy Policy and want to make you aware the there is no opt-out process and no right to leave."

I guess it's time to contact the ICO. I seriously doubt that this is legal.

For the moment, I've turned off the periodic rescanning on the router which should reduce the data slurpage, and am looking into replacing the vf router with my own. I'm quite glad I didn't take up their recent offer to extend my contract in order to avoid the price rise. This in itself was very shady, and I suspect vf were trying to tie people to longer contracts before the recently announced price caps courtesy of "the of -com" 🙂

View more options
Highlighted
2: Seeker

I'm still waiting for my reply but if thats genuinely the case then that directly contradicts what is said above in this thread by @daneb (a moderator, who I assume works for VF).

 

 

View more options
Highlighted
2: Seeker

Just looking at the email again, it comes from the quite ludicrous sounding "Customer Data Excellence Centre".

I filled out the form on the 11th of this month, and the reply came today, so 16 days to get back to me with some meaningless boilerplate to the effect that  "you've no right to opt out so p*ss off peasant", basically.

View more options
Highlighted
12: Established

I have had no reply yet but I now know what to expect despite a moderator saying that opting out is possible :Confused_face:

 

I've bitten the bullet today and ordered a Draytek Vigor 130 Modem and a Linksys MR8300 tri-band mesh router....   Mostly because I have a three node Linksys Velop mesh network kit that I am currently using as a bunch of semi discrete WiFi extenders instead of a fully integrated mesh network because I can't put the Vodafone THG3000 into bridge mode and partly with the idea of blocking network snooping on my side of the modem by a random third party on behalf of VF.

 

 

View more options
Highlighted
2: Seeker

It's the vf router doing the data slurping, so replacing it should put a stop to them snooping on your network. I routinely use 3rd party dns with every isp I've been with, and my desktop is set up to use dnscrypt. I can troubleshoot my own wifi without need for the unneccessary privacy invasion.

I've wanted my own router for a while anyway, and only 9 months til I can switch to an ISP with a little more respect for my privacy.

 

View more options
Highlighted
16: Advanced member

I should probably have reported that after pointing tech services to Vodafone's own page stating what info they collect, I received a message back pointing me to https://www.vodafone.co.uk/gdpr-sars-form/ which I've filled in already!  You have to use the "other" category, but they should respond within 30 days, which means I should get a reply now within the next few weeks.....

 

I've got to admit though I don't like the way they've approached this.  It'd be far better if it were possible to switch on the collection specifically when needed, and if data sent to a third party were anonymised!

 

*Anyone seen where the T&C clause on user packet interception via hardware and software has gone?....

View more options
Highlighted
2: Seeker

An SAR will let you see what data they've collected, it's not an opt out.

Lots of useful info on the ICO website:-

 https://ico.org.uk/your-data-matters/the-right-to-object-to-the-use-of-your-data/

 

View more options