Phorm Storm: Ertugrul speaks
p2pnet news view Freedom | Advertising:- The Phorm Storm is raging on p2pnet.
Well, not raging, exactly.
Rather, it’s generating a lot of interesting input, including a missive from spyware pioneer and Phorm boss Kent Ertugrul, who earned his wings, so to speak, promoting air flights over Russia.
He says, via Benjamin Usher, “P2P Net [p2pnet, Kent, not P2P Net] claims that Phorm ‘lifts people’s personal and private data for resale to advertisers’ (link to http://www.p2pnet.net/story/21033) P2P Net does not seem to understand how Phorm’s technology operates. We only process data where we have a user’s consent, and we cannot and do not share personal or private data with anyone because we do not store it.”
User’s consent, eh? Like someone rushed up to Kent and said, ‘Please use my data?’
Nope.
“The term opt-out refers to several methods by which individuals can avoid receiving unsolicited product or service information,” says the Wikipedia. “This ability is usually associated with direct marketing campaigns such as telemarketing, e-mail marketing, or direct mail.”
In Phorm’s case, it means you have to actively tell Kent & Co you DON’T want them to in some way employ your data — which they already have, or soon will have. Otherwise, why would they be asking you to tell them they can’t use it?
In other words, Phorm doesn’t say, ‘We plan to collect your data for [fill in the blank ]. Please give us permission to do so.’
As far as they’re concerned, you’ve already said Yes by default. Now it’s up to you to say No. And not by default.
Anyhow, Kent (sorry, Benjamin) goes on »»»
“P2P net [p2pnet, Kent, not P2P net] makes the following inaccurate claims in this article, (although Phorm CEO Kent Ertugrul says he quite likes the picture of him asCaptain Jack Sparrow).”
The p2pnet post Kent (sorry, Benjamin) refers to is this »»»
Phorm launches anti- Anti-Phorm site
p2pnet news view P2P | Advertising:- Deep Privacy Invasion pirate Kent Ertugrul is trying to take the high ground with a new site designed to out-anti Alex Hanff’s NoDPI and the BadPhorm sites.
This is somewhat like George W. Bush trying to claim he had absolutely nothing to do with the world-wide recession.
Ertugrul runs Phorm, a company whose Web Wise technology lifts people’s personal and private data for resale to advertisers for use in ‘behavioural targeting’ and other kinds of unfriendly persuasion.
He’s made personal attacks on Hanff and on his new site, called StopPhoulPlay (No! Really!), says »»»
Over the last year Phorm has been the subject of a smear campaign orchestrated by a small but dedicated band of online “privacy pirates” who appear very determined to harm our company. Their energetic blogging and letter-writing campaigns, targeted at journalists, MPs, EU officials and regulators, distort the truth and misrepresent Phorm’s technology. We have decided to expose the smears and set out the true story, so that you cthough itan judge the facts for yourself.
StopPhoulPlay looks “incredibly unprofessional,” says The Guardian, going on:
It’s, “also referenced Privacy International head Simon Davis in its introduction, which is a whole other can of worms.”
“Unless I’m sorely mistaken, something here smells rotten,” says Ertugrul on the site.
He isn’t, and it does.
Phorm is, “under scrutiny after a Freedom of Information requests revealed that the [British] Home Office apparently offered ‘informal guidance’ to the company on the legality of its ad-targeting service,” says The Guardian, continuing »»»
Correspondence back to August 2007 shows Phorm asked the Home Office for guidance and asking several times if it had “no objection to the marketing and operation of the Phorm product in the UK”.
The Home Office has previously denied providing any advice to Phorm over any possible criminal liability for the service, but the exchange revealed by the FOI request shows the ministry asking for Phorm’s opinion on its targeted advertising guidance and how it related to Phorm.
A Home Office official said in an email in August 2007: “My personal view accords with yours, that even if it is ‘interception’, which I am doubtful of, it is lawfully authorised under section 3 by virtue of the user’s consent obtained in signing up to the ISPs terms and conditions.”
Another, in January 2008, shows an official attaching guidance notes and asking Phorm for its opinion. The official later thanked Phorm for suggesting comments and deletions to the Home Office’s notes.
“If we agree this,” wrote the official, “and this becomes our position do you think your clients and their prospective partners will be comforted.”
Don’t buy shares in Phorm and if you already have, sell them immediately for whatever you can get.
Network-based opt-out system
Back to Kent (sorry, Benjamin) »»»
Phorm lifts people’s personal and private data
This data is then sold to advertisers
The Truth – Addressing the explicit and implicit claims
The Phorm technology does not ‘lift’ i.e. steal data. Your traffic will only be analyzed with your consent given via unmissable notice and a clear choice.
In addition to browser-based options, the ISPs will operate a network-based opt-out system. If you do not wish to participate, this ensures that none of your traffic will be passed to or be analyzed by the ISP-operated profiling equipment.
Personal data is [sic] not stored. The Phorm system only ever ‘knows’ a browser as a random number in a cookie. It never attempts to link to any external database or source of personal information. It works by creating a ‘digest’ of each page you view consisting of the URL, search terms (if it is a major search engine) and up to 10 repeated keywords from the page. Potentially personal keywords are excluded from this list by ignoring form fields, names, numbers longer than three digits and email addresses. This digest is then matched against advertiser-created categories e.g. Sport, Travel and if a match is found, only the name of the category, the random number and a timestamp are stored. All other data is instantaneously discarded. Most importantly, the advertiser categories are controlled and may not contain any personal or sensitive matching terms such as medical conditions. This means that personal data cannot be stored by the system. To be clear, no IP address, browsing history or personal data is stored by the system.
No personal data is resold to third parties such as advertisers. Because Phorm’s system does not store personal data, it cannot be resold. In fact even the non-personal category matching information is never shared with any third party, but stays in the ISP network on the Phorm-supplied computers that show the advertisements in your browser.
It can only be used for one purpose: to provide targeted ads; and only to the single browser that holds the original cookie. No-one else (not Phorm, not the ISP) can query the system to reveal your matching information.
Reference:
http://www.p2pnet.net/story/21033
Stay tuned.
generating a lot of interesting input – DPI is GOOD for you: ‘Um – crap’, May 2, 2009
spyware pioneer – ISP data deal with former ’spyware’ boss triggers privacy fears, February 25, 2008
air flights over Russia – 121Media/Phorm and Wings over Moscow, April 15, 2009
Use free p2pnet newsfeeds for your site. It’s really easy! Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
May 5th, 2009 at 10:19 am
Jon, they have the same stuff on PhoulPhorm
– http://www.stopphoulplay.com/2009/05/no-stealing-storing-or-selling-of-personal-data/
May 5th, 2009 at 3:19 pm
Kent, when are you going to realise that it is wrong, morally wrong, unethical and a whole load of other words meaning WRONG, as well as illegal to use other peoples content for your advertising model!
Unless you actually contact EVERY SINGLE website owner in the world, there is no way people can opt-out of their website content being used for your advertising system. It is simply a breach of RIPA, nothing less. And…. It shouldn’t eve be opt-out! It should be opt-in!
Where do people claim their royalties for you using their content? Hm? Where? It is wrong in every way. Whats next Kent? You going to be using my e-mail content too? Then my snail-mail?
May 5th, 2009 at 3:59 pm
Kent should just phuk off and take Phorm with hiim
May 5th, 2009 at 6:17 pm
Jon – you evil privacy pirate you…let me know if you want p2pnet@privacypirates.net
Alex
May 5th, 2009 at 7:45 pm
Hey Alex.
Like Pirate2Pirate.net?
Cheers!
May 5th, 2009 at 11:53 pm
Actually, what Phorm is doing is more like somebody standing in the middle of a public shopping-mall, noting how many people go into Radio Shack, and asking them if they’re into electronics afterward.
Why?
1. A lot of people have distorted notion of what constitutes “private” data. I’m all for REAL privacy protection, not some kind of “Youtube knows I searched for Miley Cyrus videos! Oh my god, they know I like Miley Cyrus!!!!”
Booooooring.
Phorm is a shit company to the extent that one of their earlier programs was spyware, and wouldn’t uninstall itself fro people’s systems.
But all this “Kent, when are you going to realise that it is wrong, morally wrong, unethical and a whole load of other words meaning WRONG, as well as illegal to use other peoples content for your advertising model!” — so now at least SOME of us (when we need something to get offended about) — decide that people really DO “own” content?
What’s next? A global movement against people who put together those funny “odd search terms that lead to my site” lists?
After all, by the thinking exhibited here, I “own” everything I type into Google, so how DARE that son of a bitch use my “nuns-being-spanked-by-midgets” query for HIS OWN amusement? Heaven Forfend!!!!!)
Nope.
May 6th, 2009 at 2:00 am
My only question here is: why do we still assume that it’s “your” data?
Getting huffy about what Phorm did is like accusing somebody of “stalking” you, simply because they’re standing around counting how many people went into the local Radio Shack.
Where do the absurd accusations end?
One of the funniest things out there right now (and this tells you how crappy my life is lately), are those lists of “odd search terms” that some people get from their site logs. Does THAT constitute a violation of “privacy?” After all, if everything that happens to originate from you is your “property” such that YOU get to stipulate what happens to it, then there’s obviously grounds for suing websites that dare to publish search strings.
I really want to know where the difference is, here. Is there any kind of “fair use” exemption for this stuff?
You think I’m crazy in how I’m interpreting this one?
Look at
I could maybe see this making sense, IF Phorm was still installing spyware on people’s computers without their consent, that wouldn’t remove itself. But getting all weirded out over what amounts to passive observation?
You think I’m misinterpreting here?
Look at AdelF’s comment earlier in the thread:
“Kent, when are you going to realise that it is wrong, morally wrong, unethical and a whole load of other words meaning WRONG, as well as illegal to use other peoples content for your advertising model!
Unless you actually contact EVERY SINGLE website owner in the world, there is no way people can opt-out of their website content being used for your advertising system. It is simply a breach of RIPA, nothing less. And…. It shouldn’t eve be opt-out! It should be opt-in!
Where do people claim their royalties for you using their content? Hm? Where? It is wrong in every way. Whats next Kent? You going to be using my e-mail content too? Then my snail-mail?”
I just LOVE double standards, folks, I really do.
This whole site is about defending p2p and the folks who use it to “share” with one another, and we also spend a significant amount of time questioning (or outright repudiating) “Intellectual Property” monopolies.
We get all preachy about how awful it is for big-name celebrities and corporations to complain about what they consider unauthorized use of “their” content, but then when Phorm even LOOKS at “our” packets, the catterwauling doesn’t end.
Ya gotta love the double standard here, folks.
If you “own” the packets that Phorm was observing, the did that spammer posting as “Jon” to tell me to shut up “own” the reply YOU edited?
Please don’t misunderstand me here: I’m not trying to start another flameout (I’m trying to be a good little boy, everybody.)
It’s just — I can’t quite wrap my mind around this stuff lately.
We complain about the “issues” raised when a company injects “highly relevant advertising” into websites, but then some of us cheer when the RIAA site gets “punked”. What’s the deal?
I’m really genuinely perplexed, now.
May 6th, 2009 at 2:05 am
Great example of what I’m talking about:
Wikipedia’s article about http://www.textfiles.com:
http://en.wikipedia.org/wiki/Textfiles.com
Salient part of the thing:
“According to Jason Scott, the site has frequently been threatened with legal action. Its legality is questionable, because most of the material that it hosts archives of are presumably copyrighted by their original creators. Its legal status depends on interpretation of fair use provisions in copyright law. Scott argues that the records of the BBS era would be lost, were it not for his and others’ preservation work. As of 2004, most of the files in the archive are not expected to legally pass into the public domain for decades (since most files originated in the US, where copyright is for the lifetime of the author plus 70 years), and the continued public availability of the archives could be considered electronic civil disobedience if not fair use.”
So I gotta ask again: if we don’t like the current IP scheme, and we recognize that such monopolies are bad, then why do some of us suddenly fall back on this “It’s MINE!” line of thinking when Phorm or somebody does something we don’t like?
I’m not accusing anybody of anything here, and I’ll leave this alone now (lest I be accused of being obsessive again).
But somebody clarify this, because it’s really making me ask questions I’d really rather not be asking.
May 6th, 2009 at 2:19 am
“Unless you actually contact EVERY SINGLE website owner in the world, there is no way people can opt-out of their website content being used for your advertising system. It is simply a breach of RIPA, nothing less. And…. It shouldn’t eve be opt-out! It should be opt-in!”
Musicians/labels didn’t have to “opt in” to having “their” stuff linked from the Pirate Bay.
Apples and oranges? I dunno, I honestly don’t.
I’m still aware that corporations are entirely too powerful (corporate “personhood” is bullshit).
I’m also still firmly aware that copy”right” and patents are coercive monopolies granted by the state.
But if that last one is true, the how do you “own” your search habits? Is this like how the Amish don’t want to be photographed because they figure it “steals their soul”? Somebody clarify this, because I’m really puzzled.
May 6th, 2009 at 4:38 am
The UK government should be ashamed of its dealings with Phorm, for it should be protecting its citizens liberties and rights to privacy, not supporting parasitical companies like these.
May 6th, 2009 at 5:14 am
Who is this Benjamin Usher?
May 6th, 2009 at 6:46 am
@Henry Emrich
“Musicians/labels didn’t have to “opt in” to having “their” stuff linked from the Pirate Bay.”
I don’t know about Pirate Bay – I have heard that they are a search engine that finds music and video files on the internet.
They don’t sound any different from a lot of other search engines that find a lot of images and videos on the internet and make them easy to find.
I do know how to opt in to having images harvested off the internet: don’t add the following line to robots.txt
Disallow: /images/
When it comes to something like Phorm harvesting content off the internet it would be quiet useful to have a mechanism that content providers can use to opt in as well, i.e. by not adding the following lines to the robots.txt file:
Useragent: phorm
Disallow: /
Now, Phorm claim that they won’t harvest content if the robots.txt contains the lines:
Useragent: Googlebot
Disallow: /
What Phorm have not explained is how a browser requests the robots.txt file when the header data is asking for a completely different file off the server.
Don’t you wish you had not asked about website opt in?
May 6th, 2009 at 7:59 am
You’ve probably made your point about DPI, Phorm, etc and so on.
Several times over.
Cheers!
May 6th, 2009 at 9:01 pm
“You’ve probably made your point about DPI, Phorm, etc and so on.”
Who, me? (Or the other people who’ve come in clarifying — or is it muddying — these issues?)
“What Phorm have not explained is how a browser requests the robots.txt file when the header data is asking for a completely different file off the server.”
For Robots.txt to work at all, it would HAVE to be “seen” by anything — somebody’s web-browser, or an automated crawler like Phorm was using.
Otherwise it would be completely useless.
Moreover, it’s not UP to Phorm to “explain” how Robots.txt works, in that the information is freely available elsewhere.
Jon:
”
“Several times over.
Actually, I’ve made several different points about several different issues. It just so happens that they all “dovetail” nicely together.
Plus (and this is probably the root of the whole deal) I’m on one of my weird obsessive kicks again.
“The UK government should be ashamed of its dealings with Phorm, for it should be protecting its citizens liberties and rights to privacy, not supporting parasitical companies like these.”
Heh. Governments may be good for a lot of things (providing critical infrastructure like roads and public utilities and such), but they don’t have — and never have had — a particularly good record either at “protecting their citizens privacy” (”Patriot Act”, anyone?) OR about not supporting “parasitical companies like these” — or (in the case of the U.S.) repressive regimes that just happened to call themselves “anti-communist”.
Not to mention that the UK opted to be part of Bush’s “coalition of the willing”. What does THAT tell you?