Phorm is an innovative digital technology company focused on creating a more relevant Internet experience for users and more value for advertisers, publishers, Internet Service Providers (ISPs) and others in the online ecosystem. Produced after years of customer research and technological development, Phorm’s proprietary, patent-pending technology offers a paradigm shift in both audience segmenting techniques and online user data privacy.
In February 2008, in conjunction with its UK ISP partners BT, Virgin Media and TalkTalk, Phorm launched the Open Internet Exchange (OIX), an online behavioral advertising platform designed to protect user privacy and anonymity. Unlike other online advertising models popular today, Phorm’s OIX is revolutionary in that it provides direct benefit not just for publishers and advertisers but also for consumers and ISPs without using Personally Identifiable Information (PII) or storing specific browsing information. While other advertising technologies routinely store data such as search terms, IP addresses, login or account details or other information which could be used to derive identity, Phorm stores none of these. In fact, Phorm’s OIX technology records only an anonymous cookie containing a randomly generated user ID and a time stamp in conjunction with a pre-existing interest category.
While the cookie logged to this category or “channel” is completely anonymous, Phorm’s privacy protection does not stop there. The OIX system is built in such a way that there must be multiple triggers for user inclusion in any channel. The result is that end user inclusion in a channel cannot be used to determine which specific event or “trigger” caused membership. OIX cannot determine this because the specific trigger is not recorded – only the membership in the larger channel. This new approach makes it impossible to look at any stored data and to know where a user has browsed on the Internet or what a user searched.
Phorm’s privacy controls work by assigning an anonymous cookie to each consenting customer within a participating ISP. This cookie is in no way related or linked to ISPs’ authentication systems or technology within the ISP that would allow the ID to be made identifiable. Indeed, this cookie is not accessible outside of the OIX system and therefore cannot be linked to external data sources, a problem common to other technologies.
Through partnerships with ISPs the OIX technology is able to determine when a specific cookie has triggered channel membership and assign the anonymous cookie to the appropriate channel. The system is designed so as not to follow an anonymous browser as it traverses certain “sensitive” areas. To avoid encountering potentially identifiable or sensitive information, OIX specifically excludes secure sites and pages (https), non-web traffic (such as email, FTP or VoIP), popular web-based email systems and form submissions. To further avoid potential privacy concerns the OIX technology does not allow targeting or the delivery of ads based upon certain sensitive categories such as adult content, sensitive medical information or alcohol/drug interest. The OIX does not look at numeric content over 3 digits in length which could contain personal information, and is designed to exclude proper names.
In addition, Phorm also has instituted procedural controls and human oversight to prevent the creation of any channel which could inadvertently target or collect information specific to identified individuals. All this is done to prevent even the inadvertent ability for Phorm, our ISP partners or any third party to ever be able to connect even the limited data Phorm stores (anonymous cookie, channel and timestamp) to an identified person. Phorm believes the first tenet of data security is data minimization – data not stored is data not at risk of being misused or misappropriated.
Phorm’s revolutionary approach to online advertising provides numerous benefits to all participants in the Internet ecosystem.
For Consumers
With transparency and choice, OIX allows consumers to receive more relevant advertising, and unlike other systems with lower standards of transparency and choice, OIX is not reliant on knowing who the consumer is to provide relevant advertising.
For Advertisers
Advertisers are able to reach the audience appropriate to their offering. Tailored advertising allows niche advertisers who previously were not able or willing to advertise online to participate.
Online Publishers
OIX allows participating publishers to achieve a premium value for their advertising space. This increased value for publishers offers them the ability to reduce the number of less valuable ads in favor of fewer, more valuable and tailored ads. It also allows smaller (“long tail”) publishers to effectively enter the competitive online market and serve a wider array of advertisers. Also, as time has shown, increased publisher success has led to a richer array of free offerings and a move away from subscription-based content.
ISPs
Phorm’s OIX technology provides a new and much-needed revenue stream to broadband providers facing dramatically increasing bandwidth consumption by subscribers using online video, music, VoIP and gaming. This allows ISPs to invest in their networks without increasing rates for consumers.
In summary, Phorm has built a system from the ground up to respect user anonymity, transparency and consumer choice. This system has been audited by Ernst and Young, and leading privacy consultancy 80/20 Thinking has completed a full Privacy Impact Assessment (PIA) on Phorm’s technology (copies available at privacy.phorm.com). Phorm’s technology has been cleared by the relevant UK regulatory authorities as capable of compliance with the European Data Directive, and as of October 2008, Phorm is in a technical trial phase with British Telecom. As other global ISPs continue to examine the many benefits of Phorm for the Internet ecosystem, Phorm expects many more ISPs to conclude that they too can play a role in creating a new model for a more relevant, yet more private, Internet experience for consumers.
RSS Comment Feed 3 Comments
3 Responses
Leave a Reply
Tags: Add new tag, Advertising, DPI, Inspection, ISP, Packet
It’s always interesting reading articles written by Phorm representatives. If they were all I had read on the subject, I would not know that their system involved the interception of communications, or equipment installed in the heart of the ISP, or the redirection of browser traffic, or even that uniquely amongst behavioural advertising practitioners, Phorm practise Deep Packet Inspection, because they never mention this. I would know nothing about the unavoidable, without consent, processing carried out by Phorm-programmed, and Phorm-supplied equipment within the heart of their partner ISPs. I would know nothing about the placing of misleading cookies containing 3rd party domain names and trademarks, without consent of the 3rd party webmaster, and I would know nothing about the system being unable to cope with recognising (and avoiding) cookie authenticated private web pages such as Friends pages on Facebook. I would not realise that their system operates in several parts, of which the OIX is the only one they seem willing to discuss in public. When you read an article about Phorm, do a page search on “interception”, “redirection”, and “Deep Packet Inspection”. If you get zero hits, you can usually predict that the author works for Phorm. When you debate with Phorm, always ask about what happens in their partner ISPs, in the equipment Phorm program and supply. My ISP is BT, here in the UK, and getting either BT or Phorm to discuss these matters is virtually impossible.
In a nutshell, Phorm is
- Mass communication surveillance
- Mass industrial espionage
- Mass intellectual property infringement
Brook forgot to mention Phorm’s past. They once traded under the name 121Media. Google for 121Media and Apropos.
In 2006, and 2007, Phorm tested communication surveillance on tens of thousand (perhaps hundreds of thousands) of people and the web sites they used without consent.
Protect your right to private personal and commercial telecommunications.
STOP PHORM
Visit Dephormation.org.uk for more info.
While conceding for the sake of argument that DPI may have some legitimate uses, this isn’t one of them. It’s impossible to implement this technology without a fundamental invasion of privacy.
In order to provide this service, they need to not only read all of you communications, but keep it for an unspecified period of time to learn your habits. Not only is this like the post office photocopying every letter you send, or the phone company recording your every conversation, it’s also like someone following you around with a video camera recording your every move. They’re then free to sell this information to anyone they wish.
The fact that it’s recorded makes it open to misuse, both through “permitted” access and unauthorized access. There are no positives to this other than a new revenue stream for Phorm and your ISP. Ultimately, you pay for that too, even if it isn’t in your access fees.
This is just plain scary. Stop this at all costs.