Phorm Storm Continues to Ravage British Users

Last week, we briefly covered the Phorm controversy facing British uses. This week, the controversy continues with other players jumping in on the action.

Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes

Imagine a time when every site you go to was remotely monitored. The data from every site visited was intercepted by an entity who, on the official side of things, has the purpose of dropping “targeted ads” into your browsing experience. This entity isn’t Google’s ads, which is an ad system that puts ads on the site through a script, but much rather, an ISP-level ad system. It isn’t difficult to imagine that when prospects of this scenario become a step closer to being real, controversy closely follows in big ways.

These days, it seems like everything to do with controversy on the internet is ISP-related. If Phorm intended on implementing their technology in a quiet and non-controversial manner, there could have been many better times to implement it at the very least. The news comes right smack in the middle of times where record labels are suing Irish ISPs, China is busy blocking P2P, Japan is banning p2p users, Swedish lawmakers rejecting the idea of banning P2P users, and Italian P2P users dodging a P2P spying program.

A report earlier today points to the Foundation for Information Policy Research saying that Phorm is “intrusive and illegal”. It was only yesterday that the organization issued an open letter on the matter saying, “The provision of this service depends on classifying Internet users to enable advertising to be targeted on their interests. Their interests are to be ascertained for this purpose by scanning and analysing the content of traffic between users and the websites they visit.”

The letter goes on:

This activity involves the processing of personal data about Internet users. That data may include sensitive personal data, because it will include the search terms entered by users into search engines, and these can easily reveal information about such matters as political opinions, sexual proclivities, religious views, and health.

Users are apparently to be allocated pseudonyms for some of the processing, but at various processing stages the personal data can be linked to the pseudonym, the pseudonym can be linked to the IP address used, and the IP address can be linked to the user. Although we understand that this linkage will not be standard operating practice, it can nevertheless be performed.

The letter goes on to say that the technology is intrusive on users privacy and that the system must be an opt-in system. As it stands, three of the major British ISPs, BT, Talk Talk, and Virgin Media, are currently set to roll out this technology.

Bad Phorm, one of a number of sites decrying the technology says, “Naturally the ISP’s are not too keen on telling their users this, they’d much rather feed us all platitudes about how it’ll help combat phishing and how the targeted adverts will be so much better than the random ones we see today. In fact, they didn’t even announce it to the UK press, we had to find out about it from the New York Times!”

It may not be a surprise that a petition has been started regarding the manner. The petition, as of tonight, has collected over 7,000 signatures of people demanding that ISPs should not breach privacy through advertising technologies. Perhaps the only good news to come out of this is that now, at least, the British and US users have something in common.

Today, the BBC also reported on the controversy where Simon Davies and Gus Hosein of 80/20 Thinking Ltd said that the technology should go further and “Information from websites and queries regarding sexual content, political preferences, medical health, racial origin should be blocked from processing.”

The Open Rights Group have already issued their own update on the controversy. Among other things, they say, “The ISPs which propose to use Phorm are yet to respond to ORG’s call to publish the privacy impact assessment they commissioned from 80/20 Ltd (whose Director, Simon Davies, is also Director of Privacy International), as well as full details of how Phorm will work. Until we can all see for ourselves exactly how Phorm works – and across whose networks our data will flow – speculation about the privacy implications of Phorm will only continue.”

Drew Wilson on Twitter: @icecube85 and Google+.

1 Trackback or Pingback

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: