Phorm Goes On The Offensive To Defend Its Ad Program On Privacy Questions
from the but-do-you-believe-them dept
Last month, we wrote about the plan by a variety of UK-based ISPs to use all of your clickstream data to target ads to you as you surfed. That is, if you were surfing a golf site and then went and checked CNN, the system would still know that you liked golf and might serve up golf ads on CNN. At least that’s the benign version of it. There are some serious questions raised by this. First of all, many people are likely to be uncomfortable with the idea that their ISP is watching what they do and then using it to target ads. Even worse, the company that the ISPs were partnering with to do all of this had previously been known as a spyware firm.
Phorm is now aggressively defending its reputation, insisting once again that it will keep all of the data it collects anonymized. However, while it says this and explains how it will try to anonymize the data, the company fails to address the fact that just about every time a company has tried to create an anonymized data set, it doesn’t take long for someone to de-anonymize it. The company just assumes that it really can keep the data anonymous, when there are serious doubts as to whether or not that’s really possible.
To its credit, the company isn’t ignoring some of the complaints and has just done interviews with both the BBC and The Register to answer some of the concerns raised. Thankfully, both interviews do probe fairly deeply and ask some tough questions, and the Phorm execs answer each question directly. They claim that they were never “spyware” providers, only adware, but admit that the definition got blurred, which was why (they claim) they got out of the business. That sounds good until you look at some of the details about the company’s former products, and the fact that it made a rather nasty rootkit injector.
That said, the execs do answer a bunch of questions about the privacy issues, noting that they’re being audited by two separate firms to ensure they live up to the privacy promises. The clickstream data is immediately deleted and all the profiling is done at the ISP, not by Phorm, who is merely serving up the ads based on the profile kicked back by the ISP. While it’s good to see the execs from Phorm willing to answer these questions, the company’s history and the entire concept of what’s being done still seems rather questionable. Phorm’s insistence that this will actually decrease advertising seems like little consolation (and difficult to believe).