Gallery

Is Phorm really that bad?

Posted on 3 Sep 2008 at 12:54

Phorm contends that one of its most ardent critics, the aforementioned Dr Clayton, "publicly acknowledged there is no data protection issue with Phorm, after he had conducted an in-depth analysis of the technology". Phorm even selectively quotes from his published report, choosing the bit that said: "Its system does not permit it to identify individuals and it meets and exceeds all necessary Data Protection regulations - producing a system that is superior to other advertising platforms that profile internet users." Yet, if you actually read the 11-page document you will discover a rather different message, that data protection and privacy are not the same thing at all. Indeed, Clayton said: "Overall, I learnt nothing about the Phorm system that caused me to change my view that the system performs illegal interception as defined by s1 of the Regulation of Investigatory Powers Act 2000." He concluded by disputing Phorm's claims that if people understood all the technical details then they would be happy. "I have," he said, "and I'm still not happy at all."

Clubcards & cookies

While privacy advocates get hot under the collar about Phorm, experienced marketing hands say it's no worse than other schemes, both on and offline. "No-one makes a fuss about the rich levels of data provided to Tesco through its Clubcard and how this is used to target you, or the fact that when media is planned and bought, the demographics and readership are taken into account," said Farhad Koodoruth, managing director at media agency Blowfish Digital.

Koodoruth suggests Phorm is being made a scapegoat, that other media owners create profiles based on browsing behaviour, and target by page content or your interaction with a site. "If anything, DoubleClick and Google pose more of a threat, simply because of the huge reach they have across search and advertising, and the ability they have to extend that data through Google Analytics penetration, which would give them the first widescale holistic view of a user's behaviour from advert to site."

The notable difference is that while most behavioural-tracking systems work by gathering data directly on the end-user machine, Phorm is taking the data directly from your ISP. But Simon Norris, director of paid search specialists Periscopix, is quick to point out that they "are not the only people to do this. Hitwise has been purchasing and reselling consolidated (not user-specific) data for years". And then there are the email campaign services that allow sending organisations to see the names and email addresses of subscribers who click on individual links in newsletters.

Gmail has been on and off the privacy radar since it first used contextual advertising. It does, in effect, read your email messages and uses a keyword-driven system to serve up contextually appropriate advertising. There is, Google has always maintained, no human involvement and the fact that Gmail is free, works very well and offers plenty of storage space helps offset consumer concern. Also, consider that anti-spam services "read" your email in order to analyse the content. Because of the value of the service, the privacy argument never raises its head. "Personally, I don't mind if Google's software scans my Gmail account for keywords to display ads," said Struan Robertson, an IT lawyer at Pinsent Masons. "It's a small price to pay for a great webmail service. Provided companies are transparent about their privacy practices, there's rarely a problem: the users can decide whether or not to use their services."