Slashdot Log In
BT Silences Customers Over Phorm
Posted by
Soulskill
on Sat Nov 22, 2008 01:06 AM
from the lalala-i-can't-hear-you dept.
from the lalala-i-can't-hear-you dept.
An anonymous reader writes "The Register reports that BT, the UK's dominant telecom and internet service provider, has 'banned all future discussion of Phorm and its "WebWise" targeted advertising product on its customer forums, and deleted all past threads about the controversy dating back to February.' Phorm is a controversial opt-out system for delivering targeted advertising that intercepts traffic passing through an ISP in order to profile subscribers via an assigned unique ID based on their online activities. Subscribers can opt-out at the Webwise website but are opted-in again if the Phorm cookie is cleared. Firefox users can install Melvin Sage's Firephorm add-on to manage their interaction with Phorm and Webwise."
Related Stories
[+]
UK ISPs To Start Tracking Your Surfing To Serve You Ads 238 comments
TechDirt has an interesting article about a UK-based company that is trying to work with ISPs to make use of user surfing data to serve targeted ads. "Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history -- and now we've got the first report of some big ISPs moving into this realm. Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm."
Firehose:BT Silences Customers Over Phorm by Anonymous Coward
[+]
Technology: Google To Monitor Surfing Habits For Ad-Serving 219 comments
superglaze (ZDNet UK) writes "Google is gearing up to launch cookie-based 'interest-based' advertising, which involves monitoring the user's passage across various WebSense partner sites. The idea is to have better-targeted advertising, which is not a million miles away from what Phorm is trying to do — the difference, it seems at first glance, is that Google is being relatively up-front about its intentions."
[+]
Rights Groups Speak Out Against Phorm, UK Comm. Database 102 comments
MJackson writes "The Open Rights Group (ORG) has issued a public letter to the Chief Privacy Officers (or the nearest equivalent) for seven of the world's largest website giants (including Microsoft and Google), asking them to boycott Phorm. The controversial Phorm system works with broadband ISPs to monitor what websites you visit for use in targeted advertising campaigns. Meanwhile, the Joseph Rowntree Reform Trust has issued a new report slamming the UK government's plans for a Communications Database. This would be designed to intercept and log every UK ISP user's e-mail headers, website accesses and telephone history. The report warns that the public are often, 'neither served nor protected by the increasingly complex and intrusive holdings of personal information invading every aspect of our lives.'"
[+]
BT Drops Phorm, Citing More Pressing Priorities 94 comments
Tom DBA notes a story up at The Register that begins "BT has abandoned plans to roll out Phorm's controversial web monitoring and profiling system across its broadband network, claiming it needs to concentrate resources on network upgrades... BT's announcement comes a day before MPs and peers of the All Party Parliamentary Communications Group are due to begin an investigation of Internet privacy. Their intervention follows the EU's move to sue the UK government over its alleged failure... properly [to] implement European privacy laws with respect to the trials, drawing further bad publicity to the venture." We've discussed Phorm many times in the past.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Heuristic: (Score:5, Insightful)
Re:Heuristic: (Score:5, Insightful)
[Adam Liversage, BT's chief press officer] said the fact that BT had chosen not only to close the threads but delete them entirely was insignificant. "It doesn't matter either way because the people who are following this will have the threads backed up in multiple copies," he said.
Wow, that's something only a PR man could say with a straight face.
Seems they don't want to admit the difference between stopping speech and suppressing it.
Parent
Re:Heuristic: (Score:5, Insightful)
And I'm not talking about just the last eight years.
Parent
Re:Heuristic: (Score:5, Insightful)
If BT is a government-owned company
It isn't.
then the government may be in violation of its own laws.
They're not.
Too bad the U.K. doesn't have some "supreme law of the land" to act as a contract which the government must follow
It does.
and provides guarantees such as free speech which cannot be over-ruled by a politician.
It does. It could be over-ruled by a whole lot of politicians working together, of course. Can you say "constitutional amendment"? Or maybe "Patriot Act" is easier (at least, it was for the politicians).
Parent
Re:Heuristic: (Score:5, Insightful)
Another question is if they by injecting information into the HTML stream is violating the copyright of the original content.
Otherwise this is also a good motivation for sites and users to use HTTPS more.
Parent
Re:Heuristic: (Score:5, Insightful)
It surely violates the webowners' rights, who PAID to have their ads appear on your screen, but instead British Telecom is blocking them: "BT Webwise also personalizes the online advertising you see when browsing on participating websites by linking ads to your interests. For example, if you search for a weekend trip to Paris or visit pages related to Paris, BT Webwise would replace the standard ads....."
I know if I was Google, Apple, Microsoft, or some other website, I would not be happy.
Ads are what pay my bills. How dare BT remove my revenue-source and jeopardize my ability to continue providing a Free website to my customers?
Parent
Is this really how it works? (Score:5, Informative)
It is my understanding that BT won't be removing your ads. Instead, "WebWise" will be a competing advertising provider to the likes of Google, Microsoft, etc. You can elect to put Phorm ads on your site instead, and in theory, those ads will be behaviorally targeted at the people browsing your site. (Or at least, the people who haven't opted out.) If you don't use Phorm, whatever provider's ads you sign up for will be shown.
The shitstorm, as I understand it, isn't that website owners' ads won't be displayed. It's that people using this WebWise thing while browsing your site will be reporting what they're doing to a third party, and since it's opt-in, many (most?) probably won't even know that they're doing it.
Worse, because WebWise now knows that Joe Schmo is interested in whatever it is your web site is advertising, say, cars, then it will start displaying car ads from your competitors on sites that have contracts with Phorm because Joe browsed your site.
All in all, pretty scummy, but I'd genuinely be surprised if it actually removes ads from sites that have nothing to do with it. Especially since they're talking about making it opt-in, I can't imagine that wouldn't be unquestionably illegal.
Parent
As a BT customer (Score:5, Funny)
I'm concerned about how they're hiding the history of ***** use. Deleting post on ***** is quite extreme, and who knows what they'll do next? Start censoring the use of ***** on their network?
Re:As a BT customer (Score:5, Funny)
Parent
Not a tech support issue? (Score:5, Insightful)
Our broadband support forums are designed to be a place where customers can discuss technical support issues and offer solutions.
And someone hijacking and modifying your data isn't a technical support issue?
Re:Not a tech support issue? (Score:5, Interesting)
This seems to be the tactic of the day. Apple does the same thing in their forums, delete any posts mentioning things they don't want mentioned on the grounds that it is a user to user technical support forum.
Yet you can post gushing praise of Apple without asking for help or offering to help and the moderators leave those fanboy posts alone.
This is a good reason to start an independent forum on any one of a number of forum hosting sites, preferably out of the reach of BT.
Parent
Re:Not a tech support issue? (Score:5, Insightful)
Parent
Re:Not a tech support issue? (Score:5, Informative)
Hmm, here in Australia we have Whirlpool [whirlpool.net.au] for exactly that. The forums are very active, and all of the major ISPs have employees who get involved to at least refute rumours and clarify information about their services. It's being able to get unfiltered comments from customers which is the most valuable, though. It's a very useful resource.
Parent
Re:Not a tech support issue? (Score:5, Insightful)
Not just hijacking and modifying data, but an active classic man in the middle attack.
Imagine this ad server being compromised, and instead of "just" adding random ads to pages and logging customer activities for sale, picture it redirecting to phishing sites or just grabbing passwords sent to sites that are not SSL protected.
Parent
Wasn't Google working on something against this? (Score:5, Insightful)
I remember Google was working on something on the app layer that would guard against this type of connection hijacking but without the setup and teardown overhead of full blown SSL.
Its probably in Google's best interest to get something like this widely deployed -- a lot of ISPs are frothing at the mouth to get Phorm/NebuAd on their networks for more revenue streams, and it won't be long before a Google query would not route to Google (even if done at www.google.com), but to wherever the ISP desires.
Re:Wasn't Google working on something against this (Score:5, Interesting)
I remember Google was working on something on the app layer that would guard against this type of connection hijacking but without the setup and teardown overhead of full blown SSL.
Sounds like you're thinking of the obfuscated tcp [slashdot.org] story. Wasn't so much a Google project as someone who happened to work at Google iirc.
Parent
What about wget ? (Score:5, Insightful)
That's just plain discusting anyways.
Re:What about wget ? (Score:5, Insightful)
Plus, if they are basing opt-out on a cookie, they are still doing deep packet inspection, since the cookie isn't in the TCP/IP packet headers (being an application layer thing and all).
I would think that people would want to opt out of Phorm interacting with their data at all, not setting a flag that is essentially "don't use this data for marketting purposes."
Parent
Re:What about wget ? (Score:5, Insightful)
Thats really the key of this all. The cookie prevents it from showing you ads. It does not stop the DPI, and tracking.
Parent
You don't need BT at all (Score:5, Informative)
Perhaps an Enterprising Brit could make cash? (Score:5, Insightful)
What a company could do, assuming it had the cash for reasonable Internet peering, would be to make a VPN service. Give directions for novice BT users to set up and route through. It doesn't have to be an "anonymous" service, however it would be a boon for privacy if TCP/IP logs are held just long enough in case of a security issue (or to make the UK government happy), and then promptly deleted. This service would be hosted physically in the UK to ensure decently fast connections, as opposed to other services located elsewhere around the world where packets would possibly have to cross through high latency overseas lines.
It could offer the usual PPTP services. It can also offer a SSL proxy (plain or using stunnel) for Web traffic so only the Web browser would have to be configured if the user doesn't have administrative rights. For users using ssh, it can offer PPP over ssh.
Then, this company can provide some decent instructions for people to set up a VPN to its site with the usual operating systems (Linux, OS X, BSD, Windows.)
Of course, BT could try to block or throttle the packets, but that is starting a type of legal battle with another company that may not be in BT's interest.
Re:Perhaps an Enterprising Brit could make cash? (Score:5, Informative)
I personally know an enterprising Scot making a decent stack on this concept.
https://www.vpntunnel.co.uk/ [vpntunnel.co.uk]
Parent
Central point of failure? (Score:5, Interesting)
What would happen if the webwise.net domain (which shares an IP with phorm.com) was to accidentally get DDOSed?
Going by the Phorm diagram on wikipedia, it would seem that webwise.net is a central point of failure for the system.
Re:Just a thought... (Score:5, Insightful)
The difference is that my TV doesn't track what I watch, who I watch it with, who I talk to, what mail I send and when I go to the bathroom.
Parent
Re:Copyright Infringement? (Score:5, Interesting)
There is absolutely no way in which this isn't copyright infringement. Any web page is copyrighted. This comment is copyrighted and owned by me. The Slashdot terms of use say that they get a nonexclusive distribution right to them. No one else has the right to reproduce them or modify them. The complete page is also copyrighted and owned jointly by all of the posters and by Slashdot.
A carrier has an implicit license to distribute exact copies to their customers and, if the correct headers are set, to cache a copy. Inserting adverts, however, is creating and distributing a derived work from the copyrighted material. Since they profit from the adverts, it counts as commercial infringement, which typically has much larger financial penalties.
The maximum fine for online copyright infringement in the UK is now £5,000 per offence. Every single page that is modified counts as an instance of infringement. The total fines would come to more than the market capitalisation of BT at the moment.
Parent