Phorm Did Track IP Addresses, Replaced Charity Ads With Behavioral Ads
from the how-nice-of-them dept
Phorm, the extremely controversial former adware company that reinvented itself as a behavioral advertising firm that would work with ISPs to look at your clickstream data and serve you special ads instead of the ones you were supposed to see, has been working overtime to defend its program as being perfectly legitimate and no risk to anyone's privacy. Of course, that's not satisfying many, as it later came out that, despite claims of openness, BT and Phorm had secretly tested the service without letting anyone know their clickstream data was being used this way. Even worse, after this news came out, BT and Phorm downplayed the test, only to later have it come out that it was quite extensive.And, now, it gets even worse. More information has been leaked out about that test. As for it being super duper secret without your IP address ever being compromised? Well, not so much. It turns out that an internal BT analysis found that IP addresses were likely used as the identifier, which is the exact opposite from what Phorm has insisted.
Update: A representative of Phorm has gotten in touch to note that there were some incorrect statements in the original report on this. Specifically, it appears that Phorm purchased the original charity ads that were replaced -- so it's not as though the charity lost anything here. It's easy to understand why the original interpretation of the BT report would make one think this was not the case, as it stated: "The advertisements were used to replaced [sic] a 'default' charity advertisement (one of Oxfam, Make Trade Fair or SOS Children's Villages) when a suitable contextual or behavioural match could be made by the PageSense system." It does not appear to say that the ads were purchased by Phorm -- at least not in that same section. At this time, there is still no indication whether or not the charities knew their ads were going to be "covered up" in this manner. None of this, of course, answers the questions about whether or not this test was legal.
Update 2: And now BT has also gotten in touch with us to complain -- though they falsely accuse us of making false statements, saying that the headline still says they "hijacked" charity ads. It does not and has not. It has always said "replaced" which, I'll remind BT, is the exact word used in their own report. Unless BT was falsifying its own report, the word "replace" is correct. The mistake was in suggesting that Phorm had not purchased that ad space -- and that has already been corrected quite clearly. BT also is upset that we accused them of "misleading ICO." The only problem: we made no such statement. Finally, BT complains that no personal information was used in the trials -- which is a point that is still disputed. The original researcher who researched the report claims that IP addresses were passed to Phorm's proxy server and that personal info was requested on a web form. BT notes that the IP addresses were not stored -- but that doesn't mean they weren't used, which was what was in question. Also, to both Phorm and BT, the comments on this post are open, and you are free to make your case here where anyone else can see it. Contacting me personally, with vague, slightly threatening and sometimes incorrect statements is certainly less effective that making your case to the public. Part of the reason you're in this PR situation is because of your secrecy. Being a bit more open might help.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: advertising, clickstream tracking, ip addresses, isps, privacy, uk
Companies: bt, phorm
Reader Comments
Subscribe: RSS
View by: Time | Thread
How would this work?
The better question is why do I have to ask this. No one should ever have to ask that specific question because no one should ever have to deal with hidden behavioral advertising.
[ link to this | view in chronology ]
Re: How would this work?
So who even sees advertising any more? Oh, I guess it's those 80% of people too powerless or ignorant to move away from Internet Explorer. Their loss.
And before a bunch of you whine in shrill voices about how advertising is the backbone of the Internet, I will respond that it's not my responsibility to support someone else's flawed business model. If advertising eventually collapses (and I believe it will in the next decade), I will happily either pay for content or do without.
[ link to this | view in chronology ]
Re: Re: How would this work?
[ link to this | view in chronology ]
How can this be legal?
[ link to this | view in chronology ]
Re: How can this be legal?
[ link to this | view in chronology ]
Re: Re: How can this be legal?
[ link to this | view in chronology ]
Re: How can this be legal?
I just posted an update, based on a message sent from Phorm. It appears that the ads that were replaced were also purchased by Phorm -- so I would imagine the plan would be to simply buy ad space, and put in the "most relevant" ad. So rather than replace someone else's ad, you still buy the ad slot, but dynamically place the ad based on the user.
[ link to this | view in chronology ]
what
some ISPs in the UK change IP address every 2 mins.
[ link to this | view in chronology ]
Re: what
[ link to this | view in chronology ]
Legality of replacing ads
[ link to this | view in chronology ]
ISPs have no business altering ads on sites
Those original ads pay to be displayed on that site, so the ISP has NO business changing them, because that would bereave the website of their income.
It'd be a bit weird for a magazine stand to replace the ads in a magazine for other ads from companies that pay the magazine stand.
[ link to this | view in chronology ]
Re: ISPs have no business altering ads on sites
The illegal part should surely be that you can't legally monitor channels of communication in a free society. Its an argument ISPs always fall back on whenever a copyright group wants them to check for infringement on their networks, and utter hypocrisy that its now being ignored when the circumstances switch to the ISPs favour (I suppose what’s right is only worth noting when its in line with your commercial interests).
And I’d seriously question Phorms definition of ‘anonymous’. From my understanding it means “a person who can’t be identified”, but Phorm seem to think it means “a person who is identified by number rather then name”. For Phorms system to work clearly it needs to be able to connect an individual’s clickstream data back to them, so by what definition could it be considered anonymous?
It doesn't matter what system you use. If it were letters rather then numbers would it be any different to me calling myself SteveD here rather then my full name? Its still a manner by which I may be identified.
My bank knows me first through my account number, and the government knows me first through my national insurance number. Sure they know my names too, but even if they didn’t I’d hardly consider myself anonymous to either body.
The only hope is that privacy groups (which gain a great deal of attention in the UK) can sink this before it gets too far.
[ link to this | view in chronology ]
Further Disruptions
[ link to this | view in chronology ]
Spammers and a-holes...
[ link to this | view in chronology ]
In the UK you have a choice
Therefore there is a good selection of competing broadband suppliers you can change to. If Uk customers do not want to be profiled by Phorm, they can simply change. There are already some broadband suppliers advertising as Phorm free.
Obviously there are those that are not tech savvy, these are the money machines BT/Phorm are hoping to cash in on.
Hopefully with sites like http://www.DoNotTrustWebwise.org we can reach these people and stamp out this use of DPI early on.
[ link to this | view in chronology ]
They still screwed some ISP customers and they want to expand their form of "business".
It would be fun to pollute their database with bogus websearch and site browsing via software running while you are elsewhere.
[ link to this | view in chronology ]
re: update 2
[ link to this | view in chronology ]
Update, still screwing the charities
Those charities paid for eyeballs to actually see their banners. Not someone at a telecom or adware firm to replace them. Genuine users who saw a charity banner may have actually clicked on it to donate money far in excess of what BT/Phorm paid to replace it.
[ link to this | view in chronology ]
Advertising funds the internet
More effective advertising = better web
Just my thought for all you luddites.
[ link to this | view in chronology ]
Lava Bar at Hot Rocks
[ link to this | view in chronology ]