Phorm – back from the dead?

By December 16, 2008Advertising

“Rumours of my death have been greatly exaggerated” is a phrase I believe first used by Mark Twain.  I was reminded of it this morning by reports of Phorm‘s resurgence.

As a reminder, Phorm is a UK based online adveritising business that works by cutting deals with ISPs to monitor your surfing habbits.  In this way they build a profile of individual users and then target ads against that profile.  They have become embroiled in privacy issues when some of the trials they were running didn’t make it easy enough for users to opt out.  As a result their share price has crashed 86% this year.

Until yesterday.

Yesterday, on news that BT was going to take it’s trials to the next stage Phorm’s shares surged 40%.  Now this morning the Guardian is reporting that Virgin Media is still working with the company.

My take on this has been that Phorm’s apparent lack of concern over privacy issues has created sufficient media outcry that life was likely to remain very difficult for them.  That still might well be the case – the BT and Virgin announcements both fall well short of a commitment to use Phorm in anger – but clearly there is still some potential.

Overall I am with Scott McNealy when he says “you have no privacy, get over it”, and the company that is successful in bringing the public to that point of view will do very well.  My belief is that the best way to do this is via the side door, building trust slowly and then asking people if they mind giving up access to their private data.  Phorm’s approach has been more through the front door, with a battering ram, but maybe, just maybe, they will prevail.

If so, that will be good for all of us in this industry as anything that increases the effectiveness of advertising increases the size of the market we are operating in.

  • Phorm does seem to be following Nebuad’s experience in the States (http://www.dslreports.com/shownews/99077), though they (Nebuad) are now the subject of a class action suit… Having said that, in the UK there are also a few who think Phorm is actually demonstrably "illegal" in the way they intercept communication(http://www.lightbluetouchpaper.org/2008/04/04/the-phorm-webwise-system/). Be interesting to see how that plays out.

    Given that four of the six (http://www.clickz.com/3631791) major UK ISPs seem to have decided Phorm’s solution isn’t for them, the question does remain how they are going to find ways of monetising their customers through behavioural targeting. I’m working on a solution in this space, so of course I think I know some of the answers (wish I knew them all)…

    It does seem to me that while we, as individuals, all have less and less privacy, we’re also more and more aware of that fact (partly due to Phorm et al ironically). I now want to see exactly what I’m getting in exchange for my data, and perhaps the most obvious benefits will be measured in time and money. A true, market valuation of me, measured by my data? Not long away, perhaps.

  • Phorm does seem to be following Nebuad’s experience in the States (http://www.dslreports.com/shownews/99077), though they (Nebuad) are now the subject of a class action suit… Having said that, in the UK there are also a few who think Phorm is actually demonstrably "illegal" in the way they intercept communication(http://www.lightbluetouchpaper.org/2008/04/04/the-phorm-webwise-system/). Be interesting to see how that plays out.

    Given that four of the six (http://www.clickz.com/3631791) major UK ISPs seem to have decided Phorm’s solution isn’t for them, the question does remain how they are going to find ways of monetising their customers through behavioural targeting. I’m working on a solution in this space, so of course I think I know some of the answers (wish I knew them all)…

    It does seem to me that while we, as individuals, all have less and less privacy, we’re also more and more aware of that fact (partly due to Phorm et al ironically). I now want to see exactly what I’m getting in exchange for my data, and perhaps the most obvious benefits will be measured in time and money. A true, market valuation of me, measured by my data? Not long away, perhaps.

  • warescouse

    Nic Brisbourne’s shallow view surprises me – “you have no privacy, get over it”.

    Having privacy is what democratic societies are dependent upon. If you have no privacy, you have a state that has the ability to persecute, similar to countries such as China. Is this where you want technology to go?

    Just because new technology has the ability to intercept and manipulate all a persons http data online it does not automatically follow that it to be acceptable to do it.

    What you are saying is no different to stating we live in a gun society – lets get used to it!
    Only ostriches are supposed to bury their heads in the sand.

    I suggest for starters you read “The internal value of privacy” by Bruce Schneier (BT top security specialist)
    http://www.wired.com/politics/security/commentary/securitymatters/2006/05/70886

  • warescouse

    Nic Brisbourne’s shallow view surprises me – “you have no privacy, get over it”.

    Having privacy is what democratic societies are dependent upon. If you have no privacy, you have a state that has the ability to persecute, similar to countries such as China. Is this where you want technology to go?

    Just because new technology has the ability to intercept and manipulate all a persons http data online it does not automatically follow that it to be acceptable to do it.

    What you are saying is no different to stating we live in a gun society – lets get used to it!
    Only ostriches are supposed to bury their heads in the sand.

    I suggest for starters you read “The internal value of privacy” by Bruce Schneier (BT top security specialist)
    http://www.wired.com/politics/security/commentary/securitymatters/2006/05/70886

  • Once again the focus in on Phorm and their behavioural targetting, whereas the protests have come from those of us who object to the illegal interception of communications and the lack of customer choice that is given before that interception occurs. In the recently concluded trial carried out by BT (as well as their two earlier covert trials still being investigated by the CPS), BT carried out an uninvited browser hijack, and customers found that whatever webpage they wanted, they were instead served up, without consent, with a Webwise invitation that majored on antiphishing benefits (with a big green button to accept) with a brief mention of “more relevant adverts”. At no point prior to this illegal interception do BT seek consent.

    Can we make this clear – the issues are – firstly the illegal interception of browsing, and secondly the exploitation of website intellectual property – without consent (I thought ISP’s were into protecting intellectual content nowadays?). The protest is NOT, repeat NOT about behavioural targetting. Got that?
    Thanks for the article.

  • Once again the focus in on Phorm and their behavioural targetting, whereas the protests have come from those of us who object to the illegal interception of communications and the lack of customer choice that is given before that interception occurs. In the recently concluded trial carried out by BT (as well as their two earlier covert trials still being investigated by the CPS), BT carried out an uninvited browser hijack, and customers found that whatever webpage they wanted, they were instead served up, without consent, with a Webwise invitation that majored on antiphishing benefits (with a big green button to accept) with a brief mention of “more relevant adverts”. At no point prior to this illegal interception do BT seek consent.

    Can we make this clear – the issues are – firstly the illegal interception of browsing, and secondly the exploitation of website intellectual property – without consent (I thought ISP’s were into protecting intellectual content nowadays?). The protest is NOT, repeat NOT about behavioural targetting. Got that?
    Thanks for the article.

  • nic

    Guys – thanks for the comments.

    Alex – I’m not sure we will ever see explicit market places in attention – I suspect the values are too small for that. Rather I expect that the trade offs will be more implicit.

    Warescouse – when I write a post like this there is often a trade off between keeping the post short and accessible and simplifying generalisations. You are spot on that the issue is more complex than McNealy’s simple statement implies. I used it because it is directionally correct – I believe that people are more concerned about privacy than they need to be at the moment, and that they will get over it at some point.

    Revrob – what you say is interesting. I had thought that Phorm’s USP was their ability to track surfing and target on the back of that? Surely it is pretty simple for ISPs to make us view a page of their choice en route to the one we are trying to get to? A link to the discussion you mention would be great.

  • nic

    Guys – thanks for the comments.

    Alex – I’m not sure we will ever see explicit market places in attention – I suspect the values are too small for that. Rather I expect that the trade offs will be more implicit.

    Warescouse – when I write a post like this there is often a trade off between keeping the post short and accessible and simplifying generalisations. You are spot on that the issue is more complex than McNealy’s simple statement implies. I used it because it is directionally correct – I believe that people are more concerned about privacy than they need to be at the moment, and that they will get over it at some point.

    Revrob – what you say is interesting. I had thought that Phorm’s USP was their ability to track surfing and target on the back of that? Surely it is pretty simple for ISPs to make us view a page of their choice en route to the one we are trying to get to? A link to the discussion you mention would be great.

  • Anon I mouse

    Privacy & Personal Detail limiting is a CORE VALUE in keeping DPA issues in perspective; especially on a Communication System designed for end to end transmission WITHOUT intrusions from other parties!

    And since this also concerns Section 8 of the Human Rights Act lets make it clear, Phorm YOU have NO AUTOMATIC RIGHT to my or anyone else's PRIVATE DATA!

    (YOU HAVE abused my Trust in my ISP in 2006 & 2007!)

    It is easy to remove a pin from a Grenade, but make sure you throw it away in time, or it will blow up in your face!

  • webbie

    Rumor has it NebuAd laid off the majority of the employees last week; skeleton crew

  • You wrote: Revrob – what you say is interesting. I had thought that Phorm's USP was their ability to track surfing and target on the back of that? Surely it is pretty simple for ISPs to make us view a page of their choice en route to the one we are trying to get to? A link to the discussion you mention would be great.

    Thanks for responding. What lot's of people are missing is that there are at least two halves to the Phorm/Webwise equation. Firstly – the bit the ISP's do with their DPI./Layer 7 kit, intercepting (without user consent) and redirecting the browser of their customer (whether opted in or not) and inspecting for the presence of webwise optin/out cookies – there MUST be a Webwise opt-OUT cookie present or the user will get another Webwise invite – again and again – strange form of OptIN when you have to keep a cookie from the service you don't want to be part of…) – because before you even visit the site or service they are intercepting your browser requests…?

    Then – if the optIN cookie is found – there is copying and profiling of the surfing behaviour – in ISP managed equipment.

    Then, – passing the already collected surfing data and website content data to Phorm managed equipment for channel selction and ad serving.
    Here is the official BT diagram –
    http://webwise.bt.com/webwise/customer_choice.html

    and here are some more reports that make it clear.
    http://www.fipr.org/080423phormlegal.pdf
    http://www.fipr.org/0811SCLarticle.pdf
    http://www.reed.com/dpr/docs/Papers/ReedDPIHear

    Everyone seems to think the protest is about Phorms ad serving. It isn't. It is about the inerception by the ISP's without consent, and the copying and exploitation and making of derivative works (profiles, and forged cookies pretending to come from the visited website) from website copyrighted content without consent for commercial gain. the primary offenders in this are the ISP's – although Phorm designed the system, and are complicit in the breaches of civil and criminal law involved.

    thanks for your attention to this – good blog.

  • Thanks Rebrov. Very interesting. I will take a look at these links.

  • I don't think Phorm will go far as they are not revealing how they get the surfing details.

  • Paul

    Yay! Finally dead, I think? It’s been on life support for many years 😉