Gallery

Is Phorm really that bad?

Posted on 3 Sep 2008 at 12:54

So could this be more to do with a feeling of injustice rather than invasion of privacy? After all, Gmail is providing a useful service for free, and anti-spam software performs a valuable function. Yet we pay our ISPs for a service and they are then looking to make more cash by selling our browsing data. Would you sign away your personal data and your shopping habits through a supermarket loyalty card if you didn't get "points" that equate to a discount on your shopping in return? Of course not, and consumer anxiety over privacy issues could be quelled at a stroke if it was coupled with a discount on their broadband bill.

Past history

One area that hasn't had much exposure in the Phorm debate is its past. Before last year, Phorm was called 121Media - a company that did nothing illegal, but did little to win friends either. Security specialists F-Secure took an interest in 121Media, reporting that it was behind the PeopleOnPage brand used as a "friendly wrapper" around the ContextPlus advertisement engine. "Another wrapper was called Apropos," F-Secure stated, "one of the most widespread malicious rootkits of 2005."

F-Secure goes on to suggest that DNS registrars and website content showed they were all one of the same. "Using multiple brands and not having full disclosure is common in the adware business," F-Secure said. "Renaming a company to clear a bad reputation has also been seen before." In a posting on its News from the Lab blog, F-Secure concluded that the Phorm effect is "similar to most adware solutions today, except it's installed on your ISP instead of your home computer". The company even goes on to suggest that antivirus vendors can create a signature for Phorm, and wipe tracks of monitored interests, hinting, "we lean towards creating such a detection signature for the cookie".

At some point, though, you have to ask whether Phorm really is a threat to our privacy or just the victim of a media witchhunt? Phorm is quick to point out that it doesn't store personally identifiable information or browsing histories, when most major search engines do. Andrew Girdwood, head of search at Europe's largest independent digital marketing company, Bigmouthmedia, suggested: "It seems incredibly hard to draw a clear line between Phorm and some other ISP data services or cookie-tracking services."

Just how far will this debate go, and who will be left standing at the end of it? Scott McNealy, then CEO of Sun Microsystems, infamously told a group of reporters who were questioning him in 1999 about safeguards in Sun Java technologies: "You have zero privacy anyway, get over it."

There's a similar air of inevitability about the evolution of advertising technology. Few want to pay for online content, and even with the advent of user-generated content, the delivery of that information to the public comes with a cost - a cost usually met by advertising revenue. Those are the facts of online life in the 21st century. So to paraphrase McNealy: "If you want free content, you need advertising - get over it." Whether users are prepared to get over Phorm's chequered past remains to be seen.

Author: Davey Winder