Digital spying

Published 27 March 2008

The ways of tracking our behaviour online are becoming more sophisticated.

Today I visited Amazon.co.uk. The website recognised me from the cookies it has left on my browser - there was no need to log in. At the top of the page are my recommendations: the Time Out Guide to Stockholm (clever, I want to visit Sweden again and Time Out is one of my favourite guidebook series); Free Culture by Lawrence Lessig (which I read several years ago); and an introduction to property valuation.

Perhaps, given the looming housing-market crash, this last recommendation was Amazon's little joke. More likely it stemmed from some books I bought six years ago when I was working for a property developer.

Amazon can recommend books to me because it knows what I have bought in the past. It also knows about the books I have browsed but not bought.

The web excels at this sort of automated tracking. But, as the purveyor of new web-tracking technology Phorm has found out over the past two months, that does not mean we're happy to have everything tracked.

Phorm's technology can dial direct in to your ISP's network and track your surfing habits as a user in order to deliver targeted ads. While Google serves up ads based on the page you are looking at now, Phorm will serve ads based on what you've looked at in the past. So if you've been looking up holidays lately, expect to see travel ads next time you're on your favourite news site.

BT, TalkTalk and Virgin are all signed up to trial Phorm's technology. But given the barrage of bad press it has received - culminating this month in virtual excommunication by the high priest of the worldwide web, Sir Tim Berners-Lee, they would be crazy to pursue this plan.

The public outcry over Phorm has been intense. What would a complete record of your surfing habits for the past week say about you? The data vapour trails we leave behind us as we navigate through the digital world are creating an ever more complete picture of our lives. BT, TalkTalk and Virgin obviously believed this picture belonged to them - that they were within their rights to use it to sell ad space. But the public backlash shows that somehow, fundamentally, we disagree with this analysis.

Over in Germany, the constitutional court has just delivered a landmark decision on data privacy that backs up this instinct. In essence, the decision accepts an individual's online behaviour as an "expression of personality", an activity whose integrity and confidentiality are fundamentally protected in German constitutional law.

The more sophisticated the tracking and analysis of our behaviour in the digital world becomes, the greater the detail about our lives that commercial and state bodies could have access to. The outcry over Phorm suggests it is time for a serious debate about who can gain access to our data in the digital age.

Post this article to

5 comments from readers

simonP
27 March 2008 at 11:29

If only the UK Government would step in and protect it's citizens privacy for once.

captainjamiehunter
27 March 2008 at 12:00

Excellent points made here. I should like to add (before they get here themselves) that Phorm have employed a number of PR staff including Citigate Dewe Rogerson to visit websites and forums covering the Phorm issue seemingly with the remit of spinning any negative or critical coverage.

Technical questions posted in forums and on sites such as The Register are ignored and spun out standardised responses are plastered all over such forums.

Phorm's arrogance is such that they argue that Sir Tim Berners-Lee needs to be re-educated in issues of web privacy.

The Register reported yesterday that "The Guardian has pulled out of its targeted advertising deal with Phorm, following a public outcry over plans for the UK's three largest ISPs to report the browsing habits of their customers in exchange for a cut of revenues."

The Guardian's rationale for this decision was telling and as polite a severe humiliation as I have ever seen:

"..we have concluded at this time that we do not want to be part of the network. Our decision was in no small part down to the conversations we had internally about how this product sits with the values of our company."

Note that last line - "how this product sits with the values of our company".

That's a withering rejection. It says "we don't trust you" in very large letters.

Of course, Phorm's PR offensive ignored this part of the statement, preferring to spin that Guardian Newspapers was still signed up to OIX.

Informed customers are rejecting Phorm and everything it stands for.

IAmTheLaw
27 March 2008 at 13:47

"BT, TalkTalk and Virgin obviously believed this picture belonged to them -"

they can believe all they like , it doesnt make it so.

also, Phorm can maintain all it wants that it retains no information etc, as PR phorm have said elswere,

but again,it doesnt make it true.

infact their very own Coo to the us market, says the exact oposite as already pointed out in Charles tech blog.

for those that didnt see the quote yet.

http://www.nytimes.com/2008/03/20/business/media/20adcoside....

“”As you browse, we’re able to categorize all of your Internet actions,” said Virasb Vahidi, the chief operating officer of Phorm. “We actually can see the entire Internet.”

and their Patent confirmed this very same extensive capability.

here is Phorm’s patent application to read for yourself

http://www.freshpatents.com/Targeted-advertising-system-and-...

for a change heres some less talked about facts:

theres the fact a customers key entrys and click stream data are their copyright property.

its not for any ISPs or any profiling companys that think they can commercially use and own your copyright, without written permission or a signed contract, and pay you the usual licencing fees.

they are in law considered committing ‘commercial piracy’ if they use your date copyright(and we are talking companys using these ISPs as well as home workers/users)to make profit,with all the implications that brings .

then theres the ’safe harbor’ question, did the UK ISPs in question, infact give up their legal protection in EU law as a mear conuit,by freely signing up and agreeing to ‘a general monitoring of the network’ in that contract for profit.

…now back to the usual DPA, and RIPA comments…

phormwatch
27 March 2008 at 14:28

The Phorm PR team has been all over the web distributing misleading and incomplete information about Phorm's OIX technology and the way it works.

Phorm's 'CommTeams' is currently comprised of five, yes, five PR outfits, including: Citigate Dewe Rogerson, Freud Communications and Manning Gottlieb OMD.

The Phorm 'CommTeam' was formerly known as the Phorm 'TechTeam', until they were found to be unable to address the technical issues which were raised by technically-literate users. They should now just be honest and post as the Phorm 'PR' team instead.

In any case, the Phorm PR team are spreading cookie-cutter responses over the net, in blogs and web forums which sidestep the issues and mislead people.

For example, Phorm's PR team states that the system is entirely voluntary, and that you can 'opt-out' if you wish. The problem is, you can't, really. You can opt-out of targeted advertising, but your data will still be intercepted.

They also state that the intercepted data will be anonymised. Problem is, 'anonymising' data is no guarantee that the data can in no way be tracked back to users -- the AOL debacle where the company published so-called 'anonymous' data shows this very clearly.

They claim that: 'Phorm technology does not analyse SMTP mail or the content of webmail sites'. This is also nonsense: Nonsense. How will they know what websites are webmail sites? Only an intelligent human can determine that. They can block some of the bigger names, but there is no way you can possibly block every single webmail provider on the web.

Finally, Phorm uses Ernst & Young auditing as a badge of honor. Yet that fail to mention that FIPR judged the system intrusive and illegal. It is also noteworthy that Ernst & Young audited Enron, right before the Enron scandal and subsequent collapse of the company.

And so on, and so forth. The Phorm PR team has carried on obfuscating and misleading people like this all over the web. They are not to be trusted one bit.

phormwatch
27 March 2008 at 14:30

Please sign the 10 Downing Street Petition against allowing Phorm OIX technology to go ahead:

http://petitions.pm.gov.uk/ispphorm/

We want to encourage people to comment on our content and to exchange views with other readers and hope this will be done on a courteous basis. However, if you encounter posts which are offensive please let us know by emailing comments@newstatesman.co.uk and we will take swift action where necessary.

About the writer

Becky Hogge is a writer and technologist. She was formerly the technology director of award-winning current affairs website openDemocracy.net, and Executive Director of the Open Rights Group, a grassroots digital civil liberties organisation.

Also by Becky Hogge

See everything from the Reboot column
See everything from this week's magazine

Vote!

Will China rule the world?

Tools & Services

PDF version PDA version RSS Podcasts Email updates Special Supplements Stockists

Digital spying

5 comments from readers

Post your comment

About the writer

Also by Becky Hogge

Read More

Subscribe

Vote!

Tools & Services

Digital spying

More related to internet

5 comments from readers

Post your comment

About the writer

Also by Becky Hogge

More in internet

Read More

Vote!

Tools & Services