p2pnet - rss feed: DPI firm Phorm had secret US op: report
p2pnet news view | Advertising:- Phorm, once described by The Register as a company with “roots in the murky world of spyware,” uses Deep Packet Inspection (DPI) technology to track people online so it can sell what amounts to user profile data to advertisers, who then use them to ‘target’ people.
But, “Even before the London-based outfit first tracked thousands of British Telecom customers as part of its grand scheme to target online ads from inside the world’s ISPs,” it was “operating a number of public commercial services” on US networks, says The Register in a current story, going on »»»
According to a Phorm spokesman, these so-called services were rolled out by a handful of “emerging Wi-Fi network services providers,” including EthoStream, a Milwaukee, Wisconsin-based operation that provides wireless access for hotels.
Phorm says that it’s no longer working with these ISPs and that it now has “no business partnerships in the States.” But in the spring, rumor had it that AT&T and Qwest were on the verge of deploying the company’s ad technologies.
Phorm won’t say when its Wi-Fi deployments occurred, but they date back to at least November 2005, when the company was still known as 121Media and was still using an early version of its ad targeting technology dubbed PageSense. Like the company’s current technology - Webwise - PageSense targeted ads by tracking the browsing activity of ISP users.
To ‘retrieve’ targeted ads, “PageSense inserted JavaScript tags into every page visited by an ISP user,” says The Register, continuing:
“Webwise doesn’t use JavaScript, and according to a BT report obtained by The Reg, Phorm dropped the JavaScript technique because it meant ISP users were more likely to realize they were being profiled.”
A Phorm spokesman says the US “trials” were, “transparent to users and information such as how to opt out, who provided the service and the privacy policy was easily accessible.
The story goes on »»»
Congressman Ed Markey, chairman of the House Subcommittee on Telecommunications and the Internet, and other high-ranking lawmakers have questioned whether an opt-in-less third-party behavioral ad targeter runs afoul of the US Communications Act of 1934, the Cable Act of 1984, the Electronic Communications Privacy Act, and other wiretapping-related US statutes.
Here in the States, companies such as NebuAd http://www.p2pnet.net/story/16330 and Front Porch have deployed similar ad targeting systems. But Markey and his cohorts have asked all US ISPs to freeze such partnerships while Congress investigates their legality.
Like Phorm, Front Porch has run its system on Wi-Fi hot spots - all of them of the free, ad-supported variety. Users were notified during sign-up that the service served up targeted ads, and if they didn’t want targeted ads, they could choose a for-pay version of the service.
“If you’re traveling through one of our airports or hotel chains or whatever, and it’s offering free internet access, in that first page there’s a clear part that says we will give you targeted advertising while you’re on this network,” Front Porch CEO Zach Britton has told us. “This is a free service, so if you don’t want targeted advertising, you just say no to the free access.”
We can (partially) forgive Phorm for its deployments on free networks. But for-pay networks are another matter. In either case, it’s unclear whether - or how - users were notified at sign-up.
Phorm’s nefarious activities
Says the BadForm blog:
“Simply put, three of the UK’s largest ISPs (Virgin Media, BT and TalkTalk) have decided to sell your private browsing history to an advertising broker.
“Yes, the entire content of every web page you visit gets sent to Phorm in real time, as you click. A personal profile is created, allowing Phorm to send you ‘targeted advertising’.
“Naturally the ISP’s are not too keen on telling their users this, they’d much rather feed us all platitudes about how it’ll help combat phishing and how the targeted adverts will be so much better than the random ones we see today.”
In the UK, Phorm nemesis Alex Hanff has spent a lot of time in his own money bringing details of Phorm’s nefarious activities to public attention.
He analysed a wide range of legislation including but not limited to: Regulation of Investigatory Powers Act 2000, Fraud Act 2006, Privacy and Electronic Communications (EC Directive) Regulations 2003 and Data Protection Act 1998 to investigate the requirements with regards to consent, the core issue of this debate.
“After careful analysis of relevant EU and UK laws, statutes and directives it can be interpreted that fundamental legal requirements were not met, making the covert trials illegal under criminal law and unlawful under common law,” he said.
In our post on Hanff’s paper on Phorm and DPI, we said »»»
DPI is short for Deep Packet Inspection, an almost harmless seeming term which in Canada is being forcefully thrust into public attention by the Bell Canada throttling scandal.
DPI (and filtering), “enables advanced security functions as well as internet data mining, eavesdropping, censorship, etc,” says the Wikipedia >>>
Advocates of net neutrality fear that DPI technology will be used to privatize the Internet.
It’s also cited by CAIP (Canadian Association of Internet Providers) which, in its attempts to have Bell’s activities curtailed, said in a submission to Canadian regulators, “Bell is using DPI to sequester or ‘hijack’ certain data packets as they pass through the network, and hold these packets hostage until certain pre-conditions are met …”
CIPPIC (Canadian Internet Policy and Public Interest Clinic) wants the Canadian privacy commissioner to launch an investigation saying Bell has not only, “failed to obtain the consent of its retail and wholesale internet customers in applying its deep-packet inspection technology, which tells the company what subscribers are using their connections for,” it’s using Deep Packet Inspection to, “find and limit the use of peer-to-peer applications such as BitTorrent, which it says are congesting its network,” says the story.
Plans by ISPs to use Phorm were also sharply attacked by Sir Tim Berners-Lee, the man who invented the World Wide Web.
Seriously twanged a nerve
Sir Tim Berners-Lee is Famous as the father of the web, “and his criticism of Phorm has seriously twanged a nerve,” p2pnet said , going on:
“Berners-Lee says his data are his, and only his, prompting a challenge from Phorm as part of its ‘your info is safe with us’ phallacy.
“If you want to use it for something, then you have to negotiate with me,” the BBC had him as saying.
“I have to agree, I have to understand what I’m getting in return.”
Said a Phorm spokesman in a p2pnet Reader’s Write:
“We look forward to speaking to Tim Berners Lee to explain how our technology is a ground breaking advance in delivering targeted ads while protecting privacy online and consumer choice, as we have with other experts.”
In Britain, the Foundation for Information Policy Research contacted the country’s information commissioner, which was planning to monitor a BT trial.
Among other things, the FIPR declared »»»
We understand that you are investigating the targeted advertising service offered by Phorm through co-operation agreements with BT, Talk Talk, Virgin Media and other Internet Service Providers.
The provision of this service depends on classifying Internet users to enable advertising to be targeted on their interests. Their interests are to be ascertained for this purpose by scanning and analysing the content of traffic between users and the websites they visit.
This activity involves the processing of personal data about Internet users. That data may include sensitive personal data, because it will include the search terms entered by users into search engines, and these can easily reveal information about such matters as political opinions, sexual proclivities, religious views, and health.
Users are apparently to be allocated pseudonyms for some of the processing, but at various processing stages the personal data can be linked to the pseudonym, the pseudonym can be linked to the IP address used, and the IP address can be linked to the user. Although we understand that this linkage will not be standard operating practice, it can nevertheless be performed.
Many users will also be identifiable from the content of the data scanned, since it will include email sent or retrieved by users of web-based email, and messages viewable by those authorised to gain access to individual pages of social networking sites.
Stay tuned.
Jon Newton - p2pnet
.
.Stumble It!
Use free p2pnet newsfeeds for your site. It’s really easy!Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.
August 14th, 2008 at 3:54 pm
and the NSA had how many holes in XP and HOW MANY IN VISTA?
August 17th, 2008 at 6:30 pm
I, personally, would pay good money to watch PHORM speak with Tim Berners Lee in order to explain how this “is a ground breaking advance in delivering targeted ads while protecting privacy online and consumer choice” — because Tim Berners Lee would fucking eat these people for breakfast.
Tim would smite these marketing-centric dipshits in front of the entire universe, and I, personally, would enjoy this greatly.
Phorm, seriously: You want to debate this issue with the _father of the internet_? You seriously want to sit down and let him know how you’re dodgy, clandestine, and illegal behavior isn’t completely contrary to its whole purpose? Perhaps you’d like to dig up Alexander Gram Bell while you’re at it and explain how telemarketing was the penultimate use for the phone system, you twats.
Tim, if you’re out there, please press them on this. Please. Seriously. I’d pay good money to see this happen.