Page last updated at 16:07 GMT, Friday, 7 March 2008

Phorm: Your questions answered

Eye on computer screens, SPL
Some privacy campaigners have defended the technology

The controversial online advertising company Phorm has come under fierce criticism for its tool that tracks users' online surfing habits.

Many people argue that the firm's Webwise technology breaches customer's privacy.

We put your questions about the software to the company.

Q: What transparency is there? How can I check that Phorm is doing exactly what it claims it is doing? If I opt out, how can I assure myself that the opt out means just that - my data is not being harvested at all?

A: The claims we make as regards our systems, policies and procedures are regularly audited by the privacy audit department of Ernst & Young. But perhaps more importantly, our ISP partners take their customers' privacy very seriously and they have conducted immense due diligence on our technology and internal controls.

Q: Given Phorm's history (as 121media) in the murky world of adware and spyware, how can we trust it today? Why should we trust it?

A: It's true that we have a background in adware, not spyware. Part of the reason we decided to get out out the adware business was because we realised it was very difficult for people to distinguish between the two. We also think that we should be judged on our transparency and our actions. Firstly, when we realised the desktop model was taking us away from our core vision for the business of personalising the internet, we took the unprecedented step of shutting the desktop business down: voluntarily, transparently and under no pressure from anyone else. It was our choice and one that meant we cut ourselves off from revenues of $5-6 million a year in order to concentrate on developing a network based solution, where we find ourselves today.

Q: What fees (or other gifts/gratuities) were paid to Simon Davies and Gus Hosein when they were "invited" to assess Phorm's privacy protection measures? Does Phorm, or any of its directors, agents or employees have any interests in 80/20 Thinking

A: Phorm, its directors, agents or employees have no interests whatsoever in 80/20 Thinking. 80/20 Thinking is a consulting business founded and run by Managing Director Simon Davies, who is also a director of Privacy International, one of the leading privacy advocacy bodies. Phorm has retained 80/20 Thinking to conduct a Privacy Impact Assessment on its technologies, systems and policies and we will work with them on an ongoing basis throughout the year. We chose 80/20 Thinking because Simon Davies has spent the best part of thirty years championing consumer privacy and railing against infringements. We wanted our systems and policies to be open to the kind of unforgiving scrutiny Simon brings.

And yes, 80/20 Thinking does charge for its services, as conducting audits takes time and resources.

Q: Does the service modify web-pages you receive via http if they do not contain adverts by participating companies? Does the service ever modify web-pages you receive if you have opted out, even in ways that (shouldn't) be noticeable?

A: No, we do not modify web pages or inject ads. We only serve ads to the websites we partner with. In order to participate, websites have to insert a tag into their own page. If you have opted out, will still see ads as you browse - just as you do today - but they won't be from the OIX and they won't be relevant to your browsing.

Q:Would they consider hiring an external agency to audit the provisions for opt-out?

A: Yes. We already have an external auditor -- Ernst & Young, and 80/20 Thinking is conducting a Privacy Impact Assessment, but we would welcome suggestions for additional auditing.

Q: If two people use a shared computer - how will Phorm ensure that a surprise, e.g. a partner researching wedding venues, is not ruined when the other partner next uses the computer and is bombarded with adverts for dresses and rings?

A: Most people have a separate login if they are sharing a computer and they will therefore have a separate random number. But also, advertisers using our system can choose to show ads based on the page they are visiting, recently visited, or a longer term basis. Only the last of these would be affected if the computer and the login were share, so this scenario if possible but not that likely. If the person really wants to hide a surprise, they can switch webwise off!

Q: I would like to better understand the strict demarcation of ownership of equipment to be installed in the ISP to really understand the full content of the stream received at the point of entry to equipment under the control of Phorm. Bloggers purporting to be from BT claim that this is the FULL browsing (http - port 80) stream with IP addresses obfuscated in some way. Is this true? And if so, what safeguards over employee recruitment do Phorm have since they will be in an extremely powerful and trusted position, being able to read 10m peoples' web traffic.

A: No, this is not true. IP addresses are not passed in any form, even obfuscated, to Phorm. All that is passed is a limited digest of page data from each navigation. This data is never stored on disk and is immediately deleted from memory as soon as a product category match has been made.

Q: The same report also mentions detailed (but anonymous) logs that will be removed from the closed loop onto Phorm servers and kept for up-to 14 days. Why do they need these logs since the very thing that impressed 80/20 was the lack of need to store detailed personal information nor remove it from the closed loop

A: The logs mentioned in the E&Y audit report concern system health and error logs, not anything to do with users.

Q: Do phorm intend to resell any data, such as "clickstream" trends, perhaps even split by demographic, and if so, are they aware of the possibility that this data would be "de-anonymized" as reported on techcrunch and numerous sites with the AOL and Netflix "anonymous" releases.

A: Clickstream data is never stored. Therefore is cannot be sold on or 'deanonymised'. The AOL / Netflix situation cannot occur because the clickstream data has been deleted in real time as the page loads.

Q: Even if you do opt out your web traffic will still be intercepted and analysed, you just wont see the ads. Is this true?

A: No this is not true. If you opt out no data is passed from the ISP to Phorm. The ISP controls which data is passed to Phorm and its systems check for the presence of an opt-out cookie. Opting out means that you will not see relevant ads from the OIX (Open Internet Exchange - the platform developed by Phorm) and that none of your data is analysed. You will however continue to see untargeted ads, just as you do today.

Q: Plus how will Phorm serve you the "correct" ads unless the traffic they have analysed can be traced back to your computer / IP address. Either Phorm are connected or they aren't, in which case the system can't work. Just replacing the IP with a "unique ID" doesn't make Phorm unconnected if there is a direct relationship between the two.

A: It's important to understand there are two distinctly separate processes in the Phorm system: data capture and ad serving. The data capture system only stores one item of information on your computer -- a random number. The random number is the only thing that distinguishes your browser from the millions of others on the internet. It does not contain any information about you or your computer. The only person able to make that connection is you, as you have that cookie in your browser.

As you browse your browsing behaviour is matched against pre-defined advertiser categories for everyday products e.g. travel or sport.

No urls, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time -- by the time the page loads. There is, in essence, no data other than the categories and the random number stored in the system and so it's impossible to know (or indeed reverse engineer from that) who you are or where you've been.

In the ad serving phase, when your computer requests an advert from the OIX (because a website has included our tag in their page), the browser sends the random number and the categories are used to deliver the targeted ad, not the details of your browsing, or anything about you or your computer.

Q: You maybe able to select to opt out of the adverts however BT will still be passing your personal and private information to Phorm, this will include the content of all emails you view online that are not covered by a secure connection (SSL).

A: No, that's not correct. If you opt out no data is passed from the ISP to Phorm. Furthermore, Phorm technology does not analyse SMTP mail or the content of webmail sites.

Q: What safeguards are there to ensure that in the future Phorm doesn't alter or add to the amount and types of information/data is passed to and from ISPs?

The keynote is transparency: we will communicate any changes and our claims will continue to be subject to external scrutiny by formal audit, partner due diligence, customer vigilance and media interest.

Q: Does the opt out from Phorm satisfy the Data Protection act's provision that individuals can write to the Data Controller of the ISP in writing removing their permission for processing of personal information beyond that necessary in providing the service?

The ISP will not be passing any personal information to Phorm. We do not tie into their authentication systems or use any subscriber information.

Q: And does the service ever modify information you receive via http that might not be a web-page, i.e. is it possible for it to accidentally break applications that rely on http for communication, especially if those applications work in a way that Phorm didn't anticipate?

We operate a whitelist of user-agents corresponding to major browsers (e.g. Firefox, IE, Opera). Other user-agents are ignored.

Q: There are inconsistencies appearing. Phorm told The Register that data is still passed to the "Profiler" even if people opt-out, but apparently the "Profiler" is owned by the ISP, which is how they claim no personal data is sent to Phorm, as per the reply to the BBC.

A: This isn't inconsistent. The Profiler is owned by the ISP. If someone opts out no data is passed from the ISP to Phorm.

Q: However, I would like to know who provides the software for the "Profiler" and if it's not written by the ISP, how does the ISP check that it does what it's meant to?

A: Phorm provides the software for the profiles, just like Cisco, for example, provides software for an ISP router. The ISP can see exactly what data is being passed in and out of its systems and has complete control over it.

Q: I still want answers to my cookie question. Part II Section 11 "Right to prevent processing for purposes of direct marketing". Is this direct marketing - well as is clear to all concerned there HAS to be some link between the profile and the target computer else the ads would not get served. Opt out by cookie is insufficient in my mind.

A: It's important to understand there are two distinctly separate processes in the Phorm system: data capture and ad serving. The data capture system only stores one item of information on your computer -- a random number. The random number is the only thing that distinguishes your browser from the millions of others on the internet. It does not contain any information about you or your computer. The only person able to make that connection is you, as you have that cookie in your browser.

As you browse your browsing behaviour is matched against pre-defined advertiser categories for everyday products eg travel or sport.

No urls, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time - by the time the page loads. There is, in essence, no data other than the categories and the random number stored in the system and so it's impossible to know (or indeed reverse engineer from that) who you are or where you've been.

In the ad serving phase, when your computer requests an advert from the OIX (because a website has included our tag in their page), the browser sends the random number and the categories are used to deliver the targeted ad, not the details of your browsing, or anything about you or your computer.

If you clear your cookies regularly or if you'd like to ensure that Webwise is permanently switched off, simply add "www.webwise.net" to the Blocked Cookies settings in your browser.




RELATED BBC LINKS

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites


FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

BBC navigation

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific