bbc.co.uk Navigation

Darren Waters

Looking at the Phorm

  • Darren Waters
  • 6 Mar 08, 15:00 GMT

Behavioural advertising through monitoring a user's web habits is an ethical and legal minefield. More and more systems are being developed that can assess our interests and passions from our web surfing habits and then target us with bespoke advertising.

Eye on computer screens, SPLAnd unless there's a radical shift in governmental policy around the world, this certainly seems to be the future of advertising online.

But the debate about what can be done with personal data, how it is used or stored, who does the storing and using, and what control we, as consumers, have is an important one.

In one sense it looks a straightforward proposition - no-one wants to see irrelevant adverts plastered on websites when online.

But take the model offline and it feels different: imagine a marketing man who trailed you through the streets as you shopped at different stores, or watched you as you played in the park with your children, and then came into your home and took notes on the TV programmes you watched, books you read etc.

And then imagine that he pushes adverts through your door, creates advertising hoardings and TV and radio campaigns targeting you directly....

Is that an uncomfortable thought?

Perhaps he says he doesn't know who you really are, that it's just your habits that he knows; perhaps he promises not to tell any of the advertisers about you, and that he will destroy his notes in a few weeks. He says he won't look at your bank statement, or ask your friends for more information.

He also says you can tell him to go away at any stage and he will immediately; but unless you do, he will follow you and note down your habits as a matter of course.

Do you feel more comfortable?

For some people the idea, offline or online, is just not acceptable.

Simon Davies, of Privacy International, told me: "Behavioural advertising is a rather spooky concept for many people."

He has looked at Phorm's privacy measures and has been impressed. I should also make clear he did this not as director of PI but as part of his role with start-up 80/20 Thinking.

But that model of behaviour tracking is being touted by US firm Phorm. It has signed up UK ISPs, BT, Virgin and Talk Talk to trial the technology.

BT told me that each users privacy is 100% secure. And that the service is a "benefit to users" because they get more relevant advertising.

Certainly the deal with Phorm has caused some controversy. The Guardian has an excellent piece here.

We're a bit late to this story - so apologies. But we've got an update live now about campaigner Simon Davies, who was asked by Phorm to look at the firm's personal information protection measures.

He has come away impressed with the steps Phorm has taken. But he does feel strongly that Phorm should be opt in and not opt out.

So what do you think? A threat to our privacy? Or good use of technology for improving services?

UPDATE: If you want to put your queries/concerns direct to Phorm.....

The company's CEO, Kent Ertugrul will be available to answer your questions in a live web chat via the Webwise site at www.webwise.com/chat on 6 March 2008 from 20.30 GMT.

UPDATE TWO: Chris Vallance of Radio 4's iPM has interviewed Kent Ertugrul. You can listen below.

Add IPM Radio4's channel to your page

Comments

  • 1.
  • At 05:22 PM on 06 Mar 2008,
  • John Elvin wrote:

Your analogy is flawed in one respect:

If you opt out the marketing man following you will stop pushing adverts through your door, creating advertising hoardings and TV and radio campaigns targeted at you directly - but he will still keep following you and recording all your habits.

BT have confirmed that the data will be sent to Phorm regardless of whether you are opted out.

  • 2.
  • At 05:57 PM on 06 Mar 2008,
  • Richard Scott wrote:

NOBODY but advertisers want advertising.I am heartily sick of being bombarded with advertising panels and pop-ups and if I could opt out of all advertising forever I would.I do not want ANYONE snooping around in my internet browsing to glean information about me my family or friends unless I am seriously breaking the law and a threat to society,regardless of the promises of 100% security of information gathered.Its mind-boggling arrogance of the companies concerned that they should subject their customers to being part of this sinister Phorm scheme even more so since Phorm used to be People on Page,the spyware producers.It makes no odds if you opt out of the Phorm or not, all the broadband traffic of those companies signed up will go through the Phorm servers and be harvesting information, you just wont get advertising if you opt out and you still have no idea what details you are being relieved of or where its all going.It also contravenes this act http://www.opsi.gov.uk/acts/acts2000/ukpga_20000023_en_2

and I wouldnt doubt the European Union Human rights charter.
Its insidious immoral and illegal and its about time people woke up to what these big corporations are doing for their own ends.

As an IT consultant with many years' experience in telecommunications for both military and civilian customers I am horrified not by the concept of profiling, nor by the bulk of Phorm's specific implementation, but by the precedent this sets: giving a third party access to a highly sensitive and personal stream of data. It's more analogous to the Royal Mail opening every letter, writing down your preferences, resealing the letter and sending it on again. An ISP is in a uniquely trusted position and the blueprint for the planned system, which I've seen in leaked documents, provides an infrastructure capable of much more sinister applications. Most countries have had laws governing interception of communications for many years and to my mind for good reason. It amazes me how privacy advocates can endorse a system that uses at it's heart technology frighteningly similar to that used by oppressive regimes to track its subjects' every web transaction.

  • 4.
  • At 09:04 PM on 06 Mar 2008,
  • Huw Jars wrote:

Let me get this right - Phorm wants me to use my money to pay for my bandwidth for them to bombard me with adverts "tailored to my requirements" - I have news - my requirements are that I get no adverts.

I will actively seek out an ISP that doesn't pimp my browsing habits and I'll go off-line before I accept this insidious intrusion regardless of the platitudes offered by Privacy International and Phorm themselves.

They are intercepting communications - will they be publicising the relevant sections of RIPA that they want people to acquiesce to? (Or rather that they want them to opt out from - ie. passive acceptance of it's terms - frittering away your rights).

Unless and until it's opt-in this should be stopped in it's tracks and any ISP using it be closed down by the regulator.

As John Elvin and many others have said in other posts on the internet you maybe able to select to opt out of the adverts however BT will still be passing your personal and private information to Phorm, this will include the content of all emails you view online that are not covered by a secure connection (SSL).

So far I have been unable to get a definitive answer regarding the legality from BT via the office of ben.verwaayen@bt.com the CEO of BT.

A number of articles and comments can be found on theregister website.

http://www.theregister.co.uk/2008/02/29/phorm_roundup/

  • 6.
  • At 09:37 PM on 06 Mar 2008,
  • William Nagle wrote:

This raises several concerns and I heartily agree with James Firth. One wonders if this could be compared to stalking?
Stalking all our children online? Going by the information I have found so far, the Phorm system is open to abuse and the company from past performance with spy ware untrustworthy, to put it politely. Even opting out is no protection for your information.
Everyone should sign the petition at
http://petitions.pm.gov.uk/ispphorm/

  • 7.
  • At 09:45 PM on 06 Mar 2008,
  • Nigel Aves wrote:

Although I fully understand the desire of companies to advertise on the Internet I have often wondered just how effective it really is.

I have yet to meet a single person who has ever bought from an on-line advert. Typically most people know what they want, do a search, and buy it; providing it is cost effective (have to include that S&H) from buying locally.

The problem with all these "tracker" programs (and strangely they are all basically the same) you must "Opt Out". Ever wonder why? All of these types of programs that invade privacy, even if they don't collect private information, should be legally forced to be "Opt In".

To me, this is just another "Spyware" program disguising itself as something useful.

Funny how the ISP's and Phorm get paid. Maybe they would be better off paying the user if they "Opt In" rather than the ISP who is doing the spying.

  • 8.
  • At 09:51 PM on 06 Mar 2008,
  • Jim-uk wrote:

Can someone tell me the difference between this and BT allowing ad companies to tap your phone? I don't care if I can be identified or not, my communications should be private unless I pose some kind of security risk and a judge has agreed I should be monitored. If I visit BTs webwise site and find this thing switched on I'll be calling them up for my mac code there and then.

  • 9.
  • At 09:45 AM on 07 Mar 2008,
  • Iain Henderson wrote:

Are there any ISP's who have committed to never send data to Phorm or any similar entity?

They should be onto a winner.

  • 10.
  • At 11:02 AM on 07 Mar 2008,
  • Andrew X wrote:

Nigel - Be aware this isn't just a program or a single piece of software. This is an entire system set up to capture your browsing habits. This is why opting in or out doesn't work. The system is embedded in the technology that takes your request for a page to the page host and back.

ALL information goes through the system whether or not all of it is analysed.

In addition (and may have been stated elsewhere here), how does Phorm know that you've opted out? By linking your request for a webpage against a list of people who've opted out! So they still know who you are, they have to, to 'turn off' the targeted advertising.

  • 11.
  • At 11:19 AM on 07 Mar 2008,
  • Paul Thomas wrote:

Those concerned about online advertising and protecting their privacy can take a few easy steps to deal with it. And yes, Mr Scott, you can "opt out of all advertising forever" (or most of it, at least)!

Use the Firefox browser instead of IE, and install the NoScript, AdBlock and CookieCuller add-ons and, hey presto, the ads are gone... forever! I haven't seen ads online, or had my surfing behaviour tracked, for many years. Of course, I'm glad I have that choice but, if everyone did it, ad revenue would dry up and we'd have to pay to access content. So, keep it to yourself ;-)

I'm puzzled about Simon Davies' strong endorsement of this product. Every webpage a BT user views will be diverted - whether the user opts in or out makes no difference. Many webpages include personal information: this one I am writing my comment on includes my email address and my name (or in this case my preferred nickname). No way is this anonymous.

It's worth noting as well that BT are pushing this as security protection, because it checks for phishing sites, even though Internet Explorer 7 already does that check.

  • 13.
  • At 02:13 PM on 07 Mar 2008,
  • Jason Ansell wrote:

Everyone seems to be complaining about advertising online...the reality is that sites need a business model for all that "free content" available. Even the BBC acknowledges it needs to recoup its costs incurred by its international audiences having unfettered acess. I'd rather see some ads that are more inline/useful to my needs then irrelevant ones. Advertising online is here to stay and its part of the medium, if you don't want to be grouped and have targeted relavant advertising delivered to you simply dont use the internet and accept that all that free info/data you've been mooching off is now out of your reach. If your privacy outweighs the value of/need for information the internet isn't for you as by its nature every PC accessing the internet can be traced back insome form for the average user.

I'm puzzled about Simon Davies' strong endorsement of this product. Every webpage a BT user views will be diverted - whether the user opts in or out makes no difference. Many webpages include personal information: this one I am writing my comment on includes my email address and my name (or in this case my preferred nickname). No way is this anonymous.

It's worth noting as well that BT are pushing this as security protection because it checks for phishing sites, even though Internet Explorer 7 already does that check. So the advertising of the service is less than straight - a warning sign in itself.

  • 15.
  • At 06:28 PM on 07 Mar 2008,
  • BigDaveB wrote:

Paul Thomas (Post 11) writes: "Use the Firefox browser instead of IE, and install the NoScript, AdBlock and CookieCuller add-ons and, hey presto, the ads are gone... forever! I haven't seen ads online, or had my surfing behaviour tracked, for many years. "

I use IE7 pro and don't see ads either, but you're sadly mistaken if you think Phorm won't still be tracking your behaviour just because you can't see the end result.

Anybody with even the most passing interest in their privacy should be making a formal request under the Data Protection Act to their ISP requesting that they do not share data with a third party such as Phorm.

  • 16.
  • At 06:52 PM on 07 Mar 2008,
  • BigDaveB wrote:

Paul Thomas (post 11) writes: "Use the Firefox browser instead of IE, and install the NoScript, AdBlock and CookieCuller add-ons and, hey presto, the ads are gone... forever! I haven't seen ads online, or had my surfing behaviour tracked, for many years."

I use IE7 and IE7Pro and don't see any ads either, but I'm afraid you're grossly mistaken if you believe Phorm won't be tracking your online behaviour just because you don't get to see the end result.

I'd advise anybody with the slightest interest in their privacy to serve a formal request under the Data Protection Act to the Data Controller of their ISP requesting that data is not passed to a third party such as Phorm.

  • 17.
  • At 04:39 PM on 10 Mar 2008,
  • NB wrote:

I'm absolutely appalled by this action taken by the afore mentioned ISPs and as such will never be using any of their services. We are sleep walking into a surveillence society in which, not just the Govt, but corporations as well, are monitoring every facet of our lives in order to control us.

In order to protect my online browsing habits I have taken to using Firefox, running through a socks5 proxy via an ssh tunnel to a remote server that is also not served by any of the these ISThieves, further to that I use GNU/Linux as my primary OS and have set up a rather paranoid security policy because I simply have no faith whatsoever in the Govt or the corporations to have any regard for my rights.

This blatant disregard for the rights of customers and use of pathetically circular logic to justify it is unforgivable.

What these ISPs are asking their customers to do is pay them for the right to receive ads and have their personal web browsing habits shipped to third party companies who are known to have dubious links with spyware.

Good going guys, you've completely sold out your customers.

This post is closed to new comments.

The BBC is not responsible for the content of external internet sites

BBC.co.uk