Feeds

Web giants urged to bar Phorm

Google and Microsoft encouraged to opt out

Combat fraud and increase customer satisfaction

Privacy activists have urged top web firms to ensure they tell Phorm not to monitor communications with their users, ahead of BT's proposed deployment of its interception and profiling system.

In an open letter to privacy officers at Amazon, AOL, eBay, Facebook, Google, Microsoft and Yahoo!, campaigners claim the system, which will be branded "Webwise", "may well bring your own system into disrepute". Phorm's technology uses a complex series of traffic redirects and spoofed cookies to scan broadband users' web use for keywords to help target advertising.

It's planned that the search terms entered at the web's top destinations will be grabbed in transit and used by Phorm to judge surfers' interests. Because they strongly indicate intentions, they will be some of the most valuable data fed into the targeting algorithm. When contacted by The Register last year, Google, Microsoft and Yahoo! all declined to comment on the such activity.

The open letter was signed by Open Rights Group executive director Jim Killock, Richard Clayton of the Foundation for Information Policy Research (FIPR), and prominent anti-Phorm campaigners Alex Hanff and Pete John. Last year, with Phorm's cooperation, Clayton, a University of Cambridge security researcher, carried out a detailed analysis of how the system operates.

"We strongly believe that it is clearly in your company's interest, it is in the interests of all of your customers, and it will serve to protect your brand's reputation, if you insist that the Phorm/Webwise system does not process any data that passes to or from your website," the group wrote.

Phorm offers website owners who don't want their traffic to be intercepted the opportunity to opt out. "While we recognise that an 'opt-out' is an entirely second-rate way of dealing with this problem, we would strongly urge you to take advantage of it, in order to immediately reduce the risk of harm to your company and to your customers," the open letter said.

Phorm declined to say whether any of the companies the letter was sent to asked to be excluded from its system. It sought to compare its approach to behavioural advertising to that of Google and Microsoft, which collect targeting data by working with websites.

Phorm said: "We are aware of the letter and note that the vast majority of recipients use or offer interest based advertising. Many of them have, like Phorm, demonstrated their commitment to user privacy as signatories to the IAB UK’s interest based advertising good practice principles."

The Internet Advertising Bureau (IAB), a trade association, published guidelines earlier this month, in a move widely interpreted as an attempt to head off regulation.

FIPR's general counsel Nicholas Bohm has argued that the Regulation of Investigatory Powers Act requires both ends of a communication to consent to Phorm's interception, and so the firm needs to ask the owner of every website it intends to monitor for permission. Phorm and BT have disputed FIPR's analysis, although they have declined to provide details of their legal position.

In response to privacy concerns, Phorm has consistently stated that its technology retains no data and that users remain anonymous. However, at a recent event at Parliament to discuss monitoring of the internet, Sir Tim Berners-Lee, who invented the worldwide web, said he objected to the interception itself. "It is very important that when click we click without a thought that a third party knows what we're clicking on," he said, arguing that Google-style behavioural targeting does not violate privacy in a comparable way.

Phorm executives will appear at a second "Town Hall Meeting" at the London School of Economics on April 7, a year after they mounted a first public defence of their firm. The details are here.

The full text of the open letter is here and there is information for website owners on how to opt out of monitoring here. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.