Phorm by any other name

May 18, 2008 at 9:54 am 3 comments

It seems that Phorm, who have created a huge rumpus in the UK and Europe with their system for tracking a user’s browsing habits and allowing partner websites to serve up relevant ads, are not the only people in the game.

A recap… Phorm’s WebWise product relies on installing a device in an ISP’s network that ‘sniffs’ individual user’s browsing activity (albeit anonymously), and then when the user visits one of Phorm’s partner publisher sites, uses the accumulated history to select an appropriate ad to show. For example, if the user had been looking at motoring websites recently, they might see an ad for cars when another user who looks at sports sites might see an ad for sports coverage on pay TV.

The benefits claimed for various parties are thus:

  • This ad will be more relevant to the user than a default ad would be, thus enhancing the user’s experience and annoying them less – peoples’ tolerance for relevant ads is higher than their tolerance for irrelevant ones
  • An anti-phishing filter is built-in (not sure how this integrates with the rest of the service)
  • A more relevant ad should provide a better click-through and conversion rate for the advertiser, increasing their ROI
  • As a result the publishers of the website on which the ad was shown should get a better return on their ad inventory.
  • The ISP, normally not party to the advertising model, can start to share in ad revenue
  • Phorm invented it and make money at all stages.

This all seems like a win-win until the P-word is mentioned… Privacy, of course. The whole thing only works when a user’s ISP collects data about them and allowing other parties to access this data. Depending on your sensitivity to online privacy issues, this is somewhere on the scale from innocuous to the work of the devil. Phorm’s initial ISP customers in the UK (BT Retail, CPW and Virgin Media) have indicated that they’ll provide the ability for a user to opt-out of using Phorm, but since many won’t even notice it’s there, privacy campaigners have suggested that the whole thing should be opt-in instead… this would mean a significantly lower penetration for all parties and perhaps make the whole thing unviable. The ISPs will be very sensitive to anything that might cause their users to consider churning to a rival service.

Phorm’s response to the privacy issue is robust; they’re confident they don’t breach any privacy legislation and are pushing ahead.

So, back to the plot… Phorm are not the only players in this area, and not the only ones causing controversy, either. In a Wired article, Ryan Singel writes about a plan by Charter Communications, one of the largest US broadband providers, to roll out technology from NebuAd. This appears to be similar to Phorm’s product. Charter’s plans have already come to the attention of 2 high-profile Congressmen as reported elswhere on Wired, who are not going to  be fobbed off with anything less that cast-iron guarantees of user privacy and compliance with relevant US legislation. The Congressmens’ question centres around the nature of a user’s consent to the service – just like Phorm, the Charter/NebuAd scheme offers an opt-out to each individual user, although there appears to be confusion about the technical nature of this – NebuAd’s opt-out page tells the user that they have to accept an ‘opt-out cookie’ – and by the nature of cookies, some part of the user’s traffic has to have hit a NebuAd server before they can act on it. So what is the user opting out of? Certainly the display of targetted ads, but the privacy issue is around the collection and sharing of data, and the jury’s out on that part.

Users have been shown targetted ads for years – a large site selects ads based on its own knowledge of the user’s behaviour on that site. A site which is a member of one of the large ad networks allows the network to track users with cookies to help target ads. Google shows ads related to the search terms you typed, and AdWords ads based on the content of the page you’re looking at. Gmail shows you ads based on the content of your email inbox. None of this is new. But what’s different here is the collection of data within the ISP network, without the explicit consent of the user, and sharing with unknown parties. It’s probably the way of the future – it’s not going to get un-invented, but it’s not going to be deployed without a fight.


Entry filed under: Uncategorized. Tags: , , , , , , , , .

End of the line for Google Mini-appliance? Possibly the most stupid Government proposal ever

3 Comments Add your own

  • 1. Pete  |  May 19, 2008 at 7:42 am

    The other end of a web page request is the web site and the content owner who’s content is being abused, and used to profile readers.

    Systems like Phorm and Nebuad make the bogus assumption that all unencrypted communication is public. Its not. Its copyright apart from anything else.

    If you run a web site, and an ISP implements Phorm/Nebuad, this means you will be unable to conduct unencrypted private communication with your readership, and all your content will be used to profile your readers (how do you opt out?).

    Why is that a problem? If you run an ecommerce site, you will now have to bear the cost of implementing SSL certificates and encryption to avoid your customers being profiled, and may find your words being used to market your lazier competitors.

    If you’re an author, the time you invest writing interesting articles will be exploited, without royalty payments, to sell advertising for other web sites.

    If you’re a charity, the words on your web page will be used to market commercial services, and distract readers away from the free charitable services that might benefit them.

    Suppose everything becomes encrypted in two years time. Where is that going to leave Phorm/Nebuad? Looking for another source of information (email?), or broke.

    Even if there are consumers stupid enough to opt in to this rubbish, the other end of the wire cannot be ignored… I’m expecting will not allow itself to be ignored.

  • 2. peeebeee  |  May 19, 2008 at 9:03 am

    That’s an interesting viewpoint from a further party to the transaction – the one providing the content that gets profiled. On the face of it, it does seem to remove choice from the content publisher to control the commercial use of their copy. My blog carries no ads (yet), that’s my choice, but if one of my readers was a customer of a Phorm ISP, my words will be used to trigger ads on other sites that the reader visits.

    Another form of opt-in needed, then.

  • 3. BT to push ahead with Phorm « Peeebeee’s Blog  |  June 3, 2008 at 9:43 pm

    […] and is determined to go ahead with its rollout of the controversial OIX technology from Phorm. My earlier post describes what the Phorm solution is all […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Recent Posts

RSS My Twitter feed

  • An error has occurred; the feed is probably down. Try again later.


Supporting FOWA UK Tour 2009

%d bloggers like this: