UK ISPs To Start Tracking Your Surfing To Serve You Ads

from the pirvacy-please dept

For years now, ISPs have been searching for alternative revenue streams to avoid just being “dumb pipes.” A few years ago, they picked up on the fact that they have a tremendous amount of data about what you (yes, you!) do online. A bunch of ISPs then started selling your clickstream data to companies that could do something useful with it (though, those ISPs probably neglected to tell you they were doing this). Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history — and now we’ve got the first report of some big ISPs moving into this realm. Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm.

While Phorm claims that it keeps your data private “by tracking individual users with an assigned number only,” that’s hardly assuring. After all, remember that both AOL and Netflix have released similar anonymized data where identifying info was replaced with an assigned number… and it didn’t take long for both sets of data to be de-anonymized. While it’s no surprise that ISPs would want to get into the advertising business, and to think that they could better target ads thanks to their knowledge of your entire surfing history, it’s going to freak some people out (and potentially cause some serious privacy problems). All the more reason to figure out how encrypt your traffic and hide your activities from your ISP.

Filed Under: , ,
Companies: bt, carphone warehouse, virgin media

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK ISPs To Start Tracking Your Surfing To Serve You Ads”

Subscribe: RSS Leave a comment
32 Comments
claire rand says:

offended...

wait until something ‘adult’ or otherwise offensive comes through, photograph it and sue them.

of course peoples definitions of offensive vary, make yours wide in this case.

and in this country the #1 crime is to cause offence, e.g. a advert for pork products being seen by a muslim rules out pork product advertising, films? well anything other than a ‘U’ is out.

I dare say it will all be financial type ads.

I can’t think of a better reason to start using encrypted traffic. https:// indeed

no one seems to have twigged, makes ads relevent and target correctly, you know make it stuff I may actually be interested in, not stuff you’ve shown me god alone knows how many times before, or i already have, or plain don’t care about.

also you wanna play hardball? hope your tracking how many images i download or block, cus i’ll turn all media ‘off’ and load images one by one if need be.

oh and change the images on *my* website without me knowing and a court case will be headed your way very soon for copyright infringement.

ISPs.. put down the can of worms and walk away slowly.

Brian Fearns says:

ADVERT TARGETING

THERE MAYBE SOME GOOD POINTS TO BEING TRACKED ON THE
INTERNET, FOR FILTH DOWN LOADERS BEWARE. I HAVE SPENT MUCH TIME ON MY COMPUTER LOOKING AT SPYWARE AND FACINATED JUST
HOW THE PROTECTION INDUSTRY WORKS WHILE MY WIFE IS ACTUALLY ENJOYING HER PC. I CAN’T STAND CREDIT CARD
ADVERTS.”WHAT’S IN YOUR POCKET?” WILL BE “WHAT’S IN YOUR PC?” I FEEL AT ALL TIMES I AM BEING WATCHED, BUT I HAVE SO MANY INTERESTS IN ALMOST EVERYTHING IT COULD BE VERY CONFUSING AS TO WHO AND WHAT I AM. IT IS SO GOOD TO READ A BOOK IN PRIVICY WHO’S GOING TO TARGET ME THEN! WHILE I’M HERE I HAVE TRIED TO UNDERSTAND WHY THE LIKES OF THE SOME WANT TO DESTROY THE INTERNET. OUR BELOVED PET COULD BECOME A MUCH FEARED MONSTER. MUST SAY I HATE ADVERTS ON TV AND PC. SO UNLESS THEY WANT TO PAY ME DON’T BOTHER.

Punter says:

Advert targeting

Surely this model will enable the ISP’s to offer quality broadband for free, totaly susidised by these targeted ad’s. And after all, if the end user doesn’t want that, or is worried about be “de-anonymised” then opt out. it aint rocket science. Pay over the odds for your broadband, and dont take the system.
( And the anonymity of the system has been tested by Ernst & young, and some other privacy group)

To Claire Rand- the obvious adult sectors are ignore ( Gmabling, Viagra, Porn, etc etc)

( I own shares in 1 or more of the companies listed in this article)

KD says:

Another example of why more competition is needed

This is just another example of why more competition in broadband internet service is needed.

When there are only the phone company and the cable company to choose from, or in many place, only one or the other of them, they can get away with all sorts of diddling with your service. We need to find a way to establish true competition in internet service.

If everyone had a choice of ten or so service providers, it is unlikely that all of them would show their customers such lack of respect, and the ones that do would suffer from customers fleeing to more respectful providers.

Flipside says:

I like pirvacy and indulge frequently 😉

Seriously though, I agree that these companies will simply lose their more intelligent customers wholesale, which is good, because it means more responsible ISP will have the brighter browsers and Virgin and BT can deal with situations like ‘I unplugged the modem lead and now my Internet doesn’t work!’

If it had been smaller companies, I’d be more inclined to understand their reasons but for large ISP’s such as this, it is purely greed.

Rupskin says:

hmmm

interesting, i know of these companies and im pretty sure that they dont just hijack pages and insert ads where there were non previously. All advertising is done in conjunction with the publisher who will obviously benefit from the increased prices that advertisers are willing to pay for a more qualified audience.

Techdirt could even benefit from the increased advertising revenues..

Will be interesting to see how this plays out…

Techteam at Phorm says:

Relevance and Privacy protection

Hello Mike,

I’m a member of the Tech team at Phorm. You know – there’s no way the AOL situation would happen with our technology. The OIX throws away raw data instantaneously so there’s no click stream history to be inadvertently released.

I know what we’re doing seems out of the ordinary from what’s been seen previously in the online Ad space – so I just wanted to make a couple of points to clarify how the technology works. After all it is counterintuitive to claim that you can present consumers with more relevant ads without collecting and storing personal information – but that is exactly what our system does.

If a subscriber agrees to participate – maybe because they are tired of receiving ads that have no relevance to the products and services they want to buy – they get a random number. So they are anonymous to the OIX. As they browse anonymously they match advertising channels that have been defined by patterns of URLs, keywords and search terms. But what’s so neat, is that even before each page loads the information observed from that page is deleted. The only data left in the system is just a random number and the channel it matched.

In addition the OIX only looks at information relevant to the ad channels – so it doesn’t scan names, numbers, emails, secure pages and form. Nor does it allow ad Channels to be constructed for a range of sensitive areas like adult content, alcohol, medical – so again browsing behaviour in these areas simply isn’t observed. Since there’s no personal data stored – nothing can be traced to an individual and there’s no information to reverse engineer. There’s no interface or database in the system where a UID can be entered to retrieve profile information.

We understand that even with all these safeguards – users may not want to participate, and that’s alright. There’s a simple option for users to opt out on webwise.com. We even tell them to how to block the domain for a more permanent option.

The team here has really worked hard over many years to build the system from the ground up with privacy at its core. We’ve also worked closely with user privacy groups in the UK to make sure that we did this right, and that user’s privacy is protected. I’d be happy to discuss any further questions you may have. Pop over a note and I’ll send over my contact information.

Cheers,
Tech team

Bob W says:

Re: Relevance and Privacy protection

As a customer of one of the three ISP’s mentioned, I’d be very interested to know how your system can ignore data without first scanning that data to establish it’s relevance. Your employers website contradicts your statement that the system does not scan names, numbers etc.

“Phorm technology does not view any information on secure (HTTPS) pages, and ignores strings of numbers longer than three digits to ensure that we do not collect credit card numbers, phone numbers, National Insurance or other potentially private information.”

It’s a neat trick if your system doesn’t scan the data before ignoring it, enlighten me please.

“If a subscriber agrees to participate” – that would seem to indicate an opt-in system, but what is described on your employers website is an opt-out system, which as I understand it would breach the Data Protection Act in the UK.

IANAL
Bob W

WTF says:

Can't Understand New Technology

Could people please read how the system operates before engaging mouth and spewing rubbish.

The system does not place ads willy nilly, so ISP will not not be placing ads willy nilly.

The system works when you visit a website that serves ads from a Phorm server, and these ads will be the targeted ones instead of untargeted ads.

Now, what really should happen is that there should be an opt-in system, as automatically opting people in is wrong as 99% of those who are automatically opted in will not kbow they have been opted in in the first place.

Pete (user link) says:

Dephormation

See link below for ‘add on’ for FF2 that sets the Webwise ‘opt out’ cookie, overwrites the Webwise UID with a randomised string, and does so after each and every page load.

Download it here
http://www.planetsaturn.pwp.blueyonder.co.uk/dephormation.xpi

Works with FF2, pure Javascript so should work on all FF2 operating systems. Unzip the XPI for code details.

That’s not to say this makes Phorm acceptable. Its not. And to make it opt out using cookies is simply taking the ‘peas’.

Toby Jugg (user link) says:

Regarding the E&Y report on phorm ROFL

excerpt :

quote:

Because of inherent limitations in controls, error or fraud may occur and not be detected.
Furthermore, the projection of any conclusions, based on our findings, to future periods is subject to the risk that the validity of such conclusions may be altered because of changes made to the Service or controls, the failure to make needed changes to the Service or controls, or a deterioration in the degree of effectiveness of the controls.

end quote

Bob W says:

Re: Phorm

“Bob, they can simply scan the data without observing the ID that’s attached to it. If the data is sensitive then they never observe the ID.

They still scan the data, which is the question I posed, trusting them to ignore/ not match to the ID is another matter..

Not exactly a neat trick.”

As I said, it would be if Phorm ignored sensitive data without first scanning.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...