Bad Phorm?

6 April 2008 - 17:59

There is a bit of a stink being stirred up at the moment over a new online advertising service called Phorm. It's an online advertising platform that works like this: ISPs will scan the text of content downloaded by web surfers, analyze it and insert relevant ads on participating sites. Presumably ISPs will receive some of the advertising income for their participation in this scheme, which will help keep down the costs of web access. Predictably it is the ISPs with the most aggressive pricing that have signed up for this. But a lot of consumers are not happy about it, saying that it invades their privacy, and some security experts have even claimed it breaches data privacy laws.

Being a pragmatist, I don't see what all the fuss is about. People are already used to the idea of seeing ads related to what they are browsing, thanks to Google AdSense. They are happy to sign up to Google's excellent free email service Gmail, and accept it serving up ads related to the contents of their emails (I love the links to recipes for processed pork that appear when I browse the Spam folder!) without thinking too deeply about the fact that Google must know what their emails about in order to do this.

The only difference is in the way the technology works. Google crawls the websites that participate in AdSense in advance, in order to determine what ads to display. Phorm is actually monitoring the data stream that is being downloaded in real time. This seems a bit inefficient to me, but presumably allows the ads to be more specifically targeted by building up a picture of what a user is interested in over several sites. If I'm going to see ads, I'd rather they were about things I might be interested in. I think that AdSense, used the way we do it on tech-pro.net (i.e. not trying to force people to click on ads by shoving them under their noses) actually complements the content by providing useful extra relevant links for visitors to follow up if they are interested.

A lot of the indignation has to do with the fact that a third party is scanning what you surf. But people forget - or just don't realize - that this is pretty much happening already. You have an account with your ISP, they know when you were online, what IP address was allocated to you at this time, and almost certainly they keep logs showing what sites you visited. Governments require them to keep this information, and can demand to access it. I think it's a good thing. It helps law enforcement agencies to track terrorist activity or get evidence to convict pedophiles. Nobody is going to bother to use this information to compile a profile on ordinary, law-abiding me or you, because nobody is that interested in us as individuals.

If you are really worried about what information people have about you, stop using the web. Don't use the phone (phone companies log the numbers you call) and especially don't use a mobile, because they can track where you are even if you don't use it!

Phorm is just a way for Internet service providers and web site owners to make money, that helps pay for the free services you enjoy and keeps the cost down of others. If you think Phorm is bad form, pay a bit more and switch to an ISP that will pledge not to use it.

Used tags: , , , , , ,

« A matter of trust | Home | Continuous backup »

two comments

Hi. The Phorm system is illegal under the RIP Act according to the FIPR as well as Richard Clayton (Security Research, Computer Laboratory, University of Cambridge).

Furthermore, analogies between Google and Phorm are flawed. People have a choice to use or not to use Google, and Google can only track user’s Google searches and services. Phorm, on the other hand, can track a user’s activities all across the web, no matter what website or service they visit – so long as they do it on the standard port 80 for web activity. Furthermore, you cannot opt-out of Phorm. The ‘Opt-out’ only means that you wont be served targetted ads. Your data is still mirrored to Phorm’s servers – an illegal interception of data.

Phorm’s CEO ran a former spyware company which produce rootkits. Phorm’s PR team are currently all over the web posting lies about the way Phorm works in an attempt to dupe less technical users. Meanwhile, BT carried out secret techincal tries on BT Broadband users without their consent and knowledge. They have now admitted to this.

The whole thing stinks to high heaven, and I don’t trust either company one bit. I have decided to end my contract with BT Broadband.

If you want to find out more professional technical information about what is wrong with Phorm’s technology, here is a good blog from a security professional which explains a lot in clear language:

http://www.djkaty.com/drupal/phorm

Look at the section titled ‘Why I have a problem with Phorm’. I think you’ll find it extremely informative.
NoPhorm! - 6 April 2008 - 18:34

Hi,
I work for Phorm’s comms team People should take a look at the report produced by independent technologist Richard Clayton who has actually seen our system – all the relevant links are on our blog:
http://blog.phorm.com/?p=12
Although we don’t accept the legal conclusions reached in the report or the possible security vulnerabilities mentioned – our system is secure and does in fact comply with the Data Protection Act, RIPA and other applicable UK laws – the report is a reasonable reflection of our system

Phorm Comms Team
Phorm Comms Team () (URL) - 8 April 2008 - 10:04

Trackback link:

Please enable javascript to generate a trackback url

Leave a comment
  
Remember personal info?

Emoticons / Textile
  (Register your username / Log in)

Notify:
Hide email:

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.

Archives

May 2008
April 2008
March 2008
February 2008
January 2008

Topics

Business
Computers
Internet
News
Other stuff
Soapbox
Software
Tips and tricks
Web development
Windows

Today's Bargain Offers