Emergency procedures
PhonepayPlus initiates five Emergency Procedure investigations.
Emergency procedure investigation
2 July 2013
PhonepayPlus, the UK regulator for premium rate telephone services, has launched an Emergency procedure investigation under paragraph 4.5 of its Code of Practice (Twelfth Edition) (the Code), following internal monitoring conducted by PhonepayPlus. This monitoring evidenced affiliate marketing that appeared to utilise a form of malware known as ransomware to lock consumers’ internet browsers and force them to interact with online offers which directed them to the Level 2 provider, Bafona Ltd’s “Zovut” subscription service(s).
Bafona Ltd has been identified as the Level 2 provider responsible for the service. A Tribunal will decide whether the service is in breach of the Code as soon as is reasonably possible after PhonepayPlus has received a response from the Level 2 provider to its Emergency procedure breach notice, which is to be sent to Bafona Ltd in due course. The service has now been suspended pending conclusion of the investigation and a decision by the Tribunal.
In the meantime, other providers are reminded that enabling this service, or any other services that operate in a similar way, may result in breaches being raised against them.
Emergency procedure investigation
2 July 2013
PhonepayPlus, the UK regulator for premium rate telephone services, has launched an Emergency procedure investigation under paragraph 4.5 of its Code of Practice (Twelfth Edition) (the Code), following internal monitoring conducted by PhonepayPlus. This monitoring evidenced affiliate marketing that appeared to utilise a form of malware known as ransomware to lock consumers’ internet browsers and force them to interact with online offers which directed them to the Level 2 provider, R&D Media Europe’s “zemgoogs” subscription service(s).
R&D Media Europe has been identified as the Level 2 provider responsible for the service. A Tribunal will decide whether the service is in breach of the Code as soon as is reasonably possible after PhonepayPlus has received a response from the Level 2 provider to its Emergency procedure breach notice, which is to be sent to R&D Media Europe in due course. The service has now been suspended pending conclusion of the investigation and a decision by the Tribunal.
In the meantime, other providers are reminded that enabling this service, or any other services that operate in a similar way, may result in breaches being raised against them.
Update to Emergency procedure investigation against R&D Media Europe B.V. 2 July 2013 PhonepayPlus, the UK regulator for premium rate telephone services, has launched an Emergency procedure investigation under paragraph 4.5 of its Code of Practice (Twelfth Edition) (the Code), following internal monitoring conducted by PhonepayPlus. This monitoring evidenced affiliate marketing that appeared to utilise a form of malware known as ransomware to lock consumers’ internet browsers and force them to interact with online offers which directed them to the Level 2 provider, Jesta Digital GmbH’s “jamster” subscription service(s).
Update published 30 July 2013
Following the instigation of the Emergency procedure, R&D Media Europe B.V. (R & D Media) requested a review of the decision to prevent access to the service shortcode in accordance with paragraph 4.5.3(b)(ii) of the Code. The Tribunal considered R & D Media’s written and oral submissions in relation to the grounds on which it asserted that access to the service shortcode should no longer be prevented.
Having considered all the information before it, including the measures taken to limit the possibility of future consumer harm, the Tribunal decided that the Emergency procedure should continue pending completion of the normal Emergency procedure process, but concluded that in accordance with paragraph 4.5.3(c) of the Code that access to R & D Media’s service shortcode should be permitted, subject to the following conditions:
i. The Level 2 provider is to immediately cease all promotion of the service through online affiliate marketing of any form or description;
ii. The Level 2 provider is to forthwith provide written confirmation to PhonepayPlus that it has ceased all promotion of the service through online affiliate marketing and provide an undertaking that it will not promote any part of the service using online affiliate marketing until such time as a determination has been made by a Tribunal on the substantive case;
iii. Access to the service shortcodes may only resume once the Level 2 provider has provided evidence that its use of all online affiliate marketing has ceased, to the satisfaction of the PhonepayPlus Executive; and
iv. If PhonepayPlus reasonably suspects that the service is being promoted through online affiliate marketing prior to the Tribunal determination, PhonepayPlus may direct the Level 1 provider to immediately terminate access to all service shortcodes.
Emergency procedure investigation
Jesta Digital GmbH has been identified as the Level 2 provider responsible for the service. A Tribunal will decide whether the service is in breach of the Code as soon as is reasonably possible after PhonepayPlus has received a response from the Level 2 provider to its Emergency procedure breach notice, which is to be sent to Jesta Digital GmbH in due course. The service has now been suspended pending conclusion of the investigation and a decision by the Tribunal.
In the meantime, other providers are reminded that enabling this service, or any other services that operate in a similar way, may result in breaches being raised against them.
Emergency procedure investigation
2 July 2013
PhonepayPlus, the UK regulator for premium rate telephone services, has launched an Emergency procedure investigation under paragraph 4.5 of its Code of Practice (Twelfth Edition) (the Code), following internal monitoring conducted by PhonepayPlus. This monitoring evidenced affiliate marketing that appeared to utilise a form of malware known as ransomware to lock consumers’ internet browsers and force them to interact with online offers which directed them to the Level 2 provider, Gico Europe LLP’s “triviato” subscription service(s).
Gico Europe LLP has been identified as the Level 2 provider responsible for the service. A Tribunal will decide whether the service is in breach of the Code as soon as is reasonably possible after PhonepayPlus has received a response from the Level 2 provider to its Emergency procedure breach notice, which is to be sent to Gico Europe LLP in due course. The service has now been suspended pending conclusion of the investigation and a decision by the Tribunal.
In the meantime, other providers are reminded that enabling this service, or any other services that operate in a similar way, may result in breaches being raised against them.
Emergency procedure investigation
2 July 2013
PhonepayPlus, the UK regulator for premium rate telephone services, has launched an Emergency procedure investigation under paragraph 4.5 of its Code of Practice (Twelfth Edition) (the Code), following internal monitoring conducted by PhonepayPlus. This monitoring evidenced affiliate marketing that appeared to utilise a form of malware known as ransomware to lock consumers’ internet browsers and force them to interact with online offers which directed them to the Level 2 provider, Bitstacker Limited’s “lottobytext” subscription service(s).
Bitstacker Limited has been identified as the Level 2 provider responsible for the service. A Tribunal will decide whether the service is in breach of the Code as soon as is reasonably possible after PhonepayPlus has received a response from the Level 2 provider to its Emergency procedure breach notice, which is to be sent to Bitstacker Limited in due course. The service has now been suspended pending conclusion of the investigation and a decision by the Tribunal.
In the meantime, other providers are reminded that enabling this service, or any other services that operate in a similar way, may result in breaches being raised against them.
Updates to Emergency procedure investigation against Bitstacker Limited published on 2 July 2013
Update published 4 July 2013
Following the instigation of the Emergency procedure, Bitstacker Limited (Bitstacker) requested a review of the use of the procedure in accordance with paragraph 4.5.3(b) of the Code. The Tribunal considered Bitstacker’s written and oral submissions in relation to the grounds on which it asserted that the Emergency procedure should not have been used and, in the alternative, that access to the service shortcodes should no longer be prevented and all withheld monies released. During the course of informal representations Bitstacker withdrew its assertion that the Emergency procedure should not have been used and agreed that its use had been appropriate.
Having considered all the information before it including the particular nature of the service, the Tribunal decided that the Emergency procedure should continue pending completion of the normal Emergency procedure process, but concluded that in accordance with paragraph 4.5.3(c) that access to Bitstacker’s service shortcodes should be permitted, subject to the following conditions:
- The Level 2 provider is to immediately cease all promotion of the service through online affiliate marketing of any form or description;
- The Level 2 provider is to forthwith provide written confirmation to PhonepayPlus that it has ceased all promotion of the service through online affiliate marketing and provide an undertaking that it will not promote any part of the service using online affiliate marketing until such time as a determination has been made by a Tribunal on the substantive case;
- Access to the service shortcodes may only resume once the Level 2 provider has provided evidence that its use of all online affiliate marketing has ceased, to the satisfaction of the PhonepayPlus Executive;
- If PhonepayPlus reasonably suspects that the service is being promoted through online affiliate marketing prior to the Tribunal determination, PhonepayPlus may direct the Level 1 provider to immediately terminate access to all service shortcodes.
The Tribunal also decided, in accordance with paragraph 4.5.3(c) of the Code that the Level 1 provider should be directed to cease to retain all monies in excess of £250,000 held by it under PhonepayPlus’ direction. The Level 1 provider is to continue to retain the sum of £250,000 in accordance with PhonepayPlus’ direction.
Update published 30 July 2013
On 25 July 2013 a Tribunal considered five substantive cases that had been the subject of Emergency procedure action relating to affiliate marketing involving ransomware. Following the Tribunal consideration of these cases, the Executive considered it appropriate to refer the issue of proportionality of the level of the current withhold condition (£250,000) imposed on Bitstacker Limited by the Review Tribunal on 4 July 2013. Having considered the referral from the Executive, the Review Tribunal decided to use its inherent discretion to consider a further review of its earlier decision, and thereby concluded that a withhold of £100,000 would be appropriate and proportionate in all the circumstances, having regard to, among other considerations, the level of any financial penalty (including any refunds) that may be reasonably considered by a Tribunal at the substantive hearing and any administrative charges incurred by PhonepayPlus.
Accordingly, the Tribunal held that the Level 1 provider should be directed to cease to retain all monies in excess of £100,000 held by it under PhonepayPlus’ direction. The Level 1 provider is to continue to retain the sum of £100,000 in accordance with PhonepayPlus’ direction. All other conditions imposed by the Review Tribunal on 4 July 2013 remain unchanged.