Phorm and The Privacy Problem

big-brother.pngIf you’ve got nothing to hide then you’ve got nothing to worry about. So say those who wish to intrude on our lives in so many varied and insidious ways. It’s an argument that, on the face of it, is hard to counter.

Phorm is the new Internet monitoring system that is about to be installed on about 90% of all UK broadband lines. British Telecom, Virgin Media and Carphone Warehouse have done a deal with this Phorm outfit that will see all regular web traffic pass through servers Phorm have provided. A unique ID will be assigned to your computer in the form of a web browser cookie. Every web page you then go to will be categorised and put against your unique profile in the Phorm system. This profile will be used to target adverts at you.

Such ‘consumer profiling’ is not new. Every shop loyalty card you have is all about building a profile of you. Of course the difference between what type of tea you buy and what you do online is vast. Do you do Internet banking? Do you use web based email? Do you run a blog? Social networking sites? Ever looked up medical advice? Car or home insurance? Forums? Wikipedia searches? Online shopping? The list can go on and on. Still got nothing to hide?

We’ve all heard stories of people having their identity stolen simply by people looking through their rubbish. We are all warned to shred important documents instead of just bin them intact. At least with our rubbish we can be fairly confident that the local authorities aren’t systematically sifting it to build up a picture of who everyone is (that would be a massive manual task that simply could no remain hidden, even conspiracy theorists must surely agree). The difference with Phorm is that we absolutely do know they are sifting through our online activities and there is almost certainly a lot more to be learnt from it than could ever be determined by our refuse. That’s their business model – find out all they can about us. It is, in effect, a wiretap on our Internet usage. How about now, still nothing to hide?

Public outrage has prompted Carphone Warehouse to promise an ‘opt-in’ for this service. BT and Virgin Media have made no such promise, so we assume the standard ‘opt-out’ mechanism will be used – you will be tracked unless you specifically opt out. What’s more in both scenarios it is still less than clear what this will mean on a hardware level. It currently appears that either way your traffic will go through a Phorm provided computer, the difference is that we are told that someone who has opted-out (or not opted in, in the case of Carphone Warehouse) will have their activities ignored. For many people this is not good enough, they don’t want their traffic going anywhere near Phorm computers. Not surprising, given that 121Media (the people behind Phorm) have in the past been accused of distributing spyware. Many Anti-Virus companies are also publicly considering classing the Phorm identity cookie as adware and automatically blocking it. Of course this doesn’t stop the traffic from entering the black box Phorm computers.

How much money is 121Media paying BT, Virgin Media and Carphone Warehouse? How can we trust these people as our ISPs, selling their customers activities to a third party? Is this just the beginning of a nasty trend? It is almost unbelievable that they’d take money to install third party computers between their customers and the wider Internet. All regular web traffic passing through Phorm, without exception. Big brother in a box that the Russian 121media own and administer remotely. It beggars belief. It speaks volumes as to value they put on their customers privacy. How can they ever be trusted again?

There is much more to be said on this yet. The limitations of the Phorm spying (both claimed and the certain (as in https should always be immune)). The potential ways around it. The legal questions the whole thing raises – does this constitute illegal ‘interception’ under the Regulation of Investigatory Powers Act 2000 (RIPA)?

More information can be found via the ever useful Wikipedia Phorm page. The BBC News Phorm coverage is also pretty good. The Register is probably the most vocal on Phorm news.

Certainly sign the Phorm Petition on the 10 Downing Street website, while you still can (before it expires I mean, I’m not suggesting that the new Phorm systems would ever block access to such protest sites…)

In future you may have to be very careful where you go on the Internet, even accidentally…

Leave a Reply

You must be logged in to post a comment.