UK ISPs To Start Tracking Your Surfing To Serve You Ads

TechDirt has an interesting article about a UK-based company that is trying to work with ISPs to make use of user surfing data to serve targeted ads. "Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history -- and now we've got the first report of some big ISPs moving into this realm. Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm."

Re:hmm

[N7DR]

So it's bad when ISPs do this, but OK when Google does it?

Yes. It's part of the data returned by Google. The ISP has to snoop the data stream and insert its own traffic into it.

ISPs should be forbidden from altering the data stream unless they own the content that's being transferred.

Re:ISPUK apparently

[glesga_kiss]

does this not break privacy laws?

I think so! Under my understanding of the UK Data Protection Act (IANAL), this would have to be an opt-in scheme via a tick box on the contract. It used to be opt-out but this was changed.

Under the terms of the law an organization may not share personal data to another party without your consent. It's a pretty decent law, I don't know how the hell it got passed.

I can has SSL?

[fuzzyfuzzyfungus]

Wow. It's almost like they want to see SSL used absolutely everywhere. Have they considered the fact that, once website operators feel the need to switch to HTTPS to keep other people's ads off of their pages, they won't even be able to sell clickstream data anymore? (Not that I mind, of course. I really hate to see ISPs doing things like this; but if it drives greater adoption of crypto, it isn't all bad.)

In broader terms, though, this sort of thing is a (minor) example of what is really a huge problem. The internet is the biggest, newest, most disruptive medium in quite some time. But it flows over pipes largely controlled by people who would be much happier if it had never existed. That is a dangerous state of affairs. We need to exterminate the cable and telco guys, with their dreams of the old days when the endpoints were dumb and the network was all powerful, and get some new people who understand that internet access is a basic, cheap, boring commodity like cement or potatoes. It is occurrences like those above that make me seriously consider the idea of having municipal data pipes, just as we have municipal water pipes.

Re:Classy, very classy

[ATMD]

I'll be sticking with UKFSN [ukfsn.org]. No throttling, no traffic shaping, no "fair use" - and no stream tampering for the foreseeable future, I'll bet.

I'd recommend them to anyone.

Re:hmm

[rolfwind]

I can CHOOSE to use google to surf the net. There are many search engines. I can also use Tor to access Google anonymously if I'm paranoid.

My ISP choices are limited, and I can't change them as fast as a search engine either. Plus once I click onto a site, google pretty much loose track where I am, especially if I block ads.

ISP can know every place I go.

Moreover, I don't pay google to use their service. I do pay an ISP. They have an revenue stream.

So I think your analogy is flawed.

Re:Reason Number

[STrinity]

An ISP can't just insert an ad in a page -- if they just send you a .jpg or flash file when you open a site, the browser won't know where to put it and discard it. They'd have to modify the HTML so it contains a tag that says "place http://isp.com/ad.jpg [isp.com] here," and once that happens you can nuke it with Adblock.

Re:Reason Number

[Allicorn]

Not exactly, since they can modify your HTTP responses at will and detect every HTTP request, regardless of target host, they need not insert...

    [img src=http://isp.com/ads/somead.jpg]

into the stream at all. They could instead insert...

    [img src=http://thesiteyouwereonalready.com/randomappearingnumber.jpg]

and then sniff your subsequent requests for that specific URI. Not easy to block with a plain old regular expression unfortunately.

Alli

Re:Uhhh. Have I got this right?

[OldBus]

Am I to take it that this means Virgin Media will be injecting Ads into Slashdot (for instance)? Apart from the obvious privacy issues, unless their algorithm is extremely clever, surly this is going to break a lot of pages?

No. What will happen is that Virgin Media will monitor your visit to Slashdot and include that in your profile. Any sites which sign up to serve Phorm adverts will be including adverts to you based on your profile.

Phorm

[Fluoxetine Freak]

From Phorm's [phorm.com] website:

"With OIX and Webwise, consumers are in control: they can switch relevance 'off' or 'on' at any time at Webwise.com. There's no small print and no catches: it's completely up to the consumer."

In the comments on the Techdirt article [techdirt.com] somebody is saying that Phorm are the latest incarnation of 121media which made the contextplus rootkit. A quick search later and indeed they are the same company [121media.com].

Anybody got any more dirt on them?

Re:hmm

[Jaseoldboss]

They're using cookies to track behaviour. OIX.net is the address you need to block by the looks of it. Link [webwise.com]

I delete my cookies regularly, and I want to keep Webwise switched off. How do I do that?

If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add [OIX.net] to the Blocked Cookies settings in your browser.