BT and Virgin Media to press ahead with Phorm

Stock prices of Phorm, a controversial targeted advertising company, rose as much as 40% in trading yesterday.

Phorm
deliver targeted advertising based on user browsing habits by using deep packet inspection. The method has been widely accepted as controversial and has involved the UK police and UK Government.

BT has been trialing the system for some time with the latest 4 week trial concluding recently. The Phorm system allows BT to track and monitor every website that a user visits. BT puts this information into a database and is then able to insert its own advertising onto web pages that is targeted specific to those users.

In a joint statement from BT and Phorm yesterday BT said "Following the successful completion of analysis, both of the trial results and of any changes required for expansion, BT's expectation is to move towards deployment."

Yesterday Virgin Media launched their 50mbps service, Virgin Media CEO Neil Berkett was questioned by the Guardian regarding the possibility of Phorm - "There will be a point in time when we use the intelligence in our network for targeted advertising," he said. Whether it will be through Phorm or some variation of Phorm's technology, however, he said it is still too early to tell.

In October, Orange ditched Phorm due to privacy concerns.


Phorm stock, courtesy of Google Finance

Report a problem with article
Previous Story

Palm launches Software Store

Next Story

Serious security flaw found in IE

46 Comments

Commenting is disabled on this article.

I think its very brave of Virgin. A lot of us left their Cable TV subscription when they lost Skyone ages ago but kept their broadband. If this is launched I will be leaving their broadband service as well.

I wonder if there is any code I can add to my websites so that any visitor that attempts to load the sites from an internet connection that is infected with phorm will get a nice "Sorry, your internet provider is using Phorm. Access Denied"?

It could be used to alleviate people's ignorance about what their ISP is doing with their privacy.

TCLN Ryster said,
I wonder if there is any code I can add to my websites so that any visitor that attempts to load the sites from an internet connection that is infected with phorm will get a nice "Sorry, your internet provider is using Phorm. Access Denied"?

It could be used to alleviate people's ignorance about what their ISP is doing with their privacy.

Email the guys at the URL above. Our company uses BT, and we don't get full access to their site, we get a message stating that we are using PHORM.

Edit: Everytime I choose new "Boolean", it lets me put in extensions.checkUpdateSecurity then changes to "string value" rather than boolean value? using FF 3.0.4

Im sick and tired of hearing about phorm, it is wrong and against our privacy and rights. It should be opt in, it should not be forced on customers.

as all ISP's on normal phone lines purchase via wholesale from BT, does this mean ISP's that are using the BT network would be subject to phorm as well?

Well if you are only concerned about ads .. no problem!

But as the diagram shows ALL your traffic is intercepted and analyzed. Phorm say that privacy is assured, but do you really trust a company that has a murky past with servers based god knows where and programming done by russians??

Pikey said,
Well if you are only concerned about ads .. no problem!

But as the diagram shows ALL your traffic is intercepted and analyzed. Phorm say that privacy is assured, but do you really trust a company that has a murky past with servers based god knows where and programming done by russians??


Only the traffic on port 80 (and only http traffic on port 80) is analysed. i believe it should be opt-in because there will be programs that may end up breaking due to this

Believe me I'm 99.9% against and 1% agree with Phorm but at the end of the day its coming and there is nothing you can do to stop it. Phorm is here and it's here to stay and there is nothing anybody can do to stop it, unless McAfee and Symantec create AntiPhorm software which I doubt, although a small third party organisation might create software to block phorm from accessing your browser. If however you do not understand how Phorm works then maybe this link will give you a better understanding. As with everything there is an advantage and disadvantage, will Phorm be an invasion of privacy? Will it be against your statutory rights as a customer? Phorm has been in place in America for a number of years now and they have learned to live with it. Does it mean the police will come knocking on my door for downloading illegal software...? NO the information collected is anonymous. A step by step guide to how PHORM works http://www.phorm.com/about/introducing/phorm_priv_rev4.html

How PHORM works in diagram form

A server which is not under the direct control of Bebo.com and masquerades as Bebo.com without Bebo.com's permission is committing a fraud under the Misuse of Computers Act. Or, for the simple minded: this is click hijacking. You wouldn't deliberately accept a fake Paypal.com would you?

The only difference between this and DNS poisoning is that it the ISP doing it, not some hacker group.

Perhaps all those links in emails that attempt to obfuscate their true destination can now be legitimised.

Oh, and I hope that the excess traffic to and from your PC doesn't count towards your bandwidth cap.

And not just that, this WILL increase ISP traffic by 40% by the looks of it, I hope all the people related to phorm and those in the ISPs wanting it all get hit by a bus or something, scum money greeds really **** me off, especially when they moan about 'reducing traffic' yet use something that will increase it.

That looks like it'll increase latency by a lot and make web pages load a lot more slowly.

Also because all this seems to be to do with DNS, would using OpenDNS stop Phorm?

No, because the IP for (say) Bebo.com doesn't change by using different DNS. The request for the page is intercepted at the ISP, just like their cache systems do at present and they inject a man-in-the-middle redirection as an added bonus.

How do they do this? Track via IP/mac address? With most people on BT having dynamic IP's the ads wont be targeted no?

Im so glad ive switched to Zen, i even got tech support on a Saturday by someone who had a clue and didnt just tell me the problem is at my end and route me though 18 call centres in India.

lol@how many customers they are going to lose.

I had to enqure with BT as our business broadband is with them, and they said that phorm is only going to residential broadband 'AT THE MOMENT'. I'm pretty sure that they will do the business customers at some point too.

**** companies the pair of 'em.

how does this effect site owners who will be having there advertising campaigns removed and replace by that of what BT is pushing via Phorm or does it not work like that and presents additional advertisements on site pages?

Sleeper said,
how does this effect site owners who will be having there advertising campaigns removed and replace by that of what BT is pushing via Phorm or does it not work like that and presents additional advertisements on site pages?

I would guess that websites will need to add code onto their pages to show Phorm adverts. They couldn't by law intercept and modify web pages from people who don't want to show Phorm adverts on their page.

My biggest concern, consider the following scenario:

1. Gentlemen often visits a bondage site at night time, phorm picks up his browsing tastes and records it against him.
2. Child is surfing the net the next day, and hey presto! An advert pops up for a double-ended d**do.

Not good.

Pikey said,
It's going to happen sooner or later! .. and there's nothing we can do about it!

Of course there is, don't subscribe to an ISP that uses it. Vote with your feet.

Midgetman said,
im sure i read somewhere in another article it will be opt out.... i hope so

So, you hope that everyone will have their privacy invaded by default and have to remember to opt-out?

TCLN Ryster said,
So, you hope that everyone will have their privacy invaded by default and have to remember to opt-out?

Better than not being able to opt-out at all, which I believe was his actual point.

bmaher said,
If they do it, it better be opt-out - I'm pretty sure there's some UK privacy law that prevents this - there must be.

It should really be opt-in, anything like this should be opt-in...

And I certainly wouldn't opt-in for anything like this...

Antaris said,
And I certainly wouldn't opt-in for anything like this...


Thats exactly why they would make it opt-out. No one would opt-in to it so its wouldnt work would it??

Disgusting. They are 100% ignoring the public feeling towards this. They deserve to have their customers walk out on them!

My sentiments exactly. The sad fact is most people will be none the wiser that it's going on though. BT isn't going to tell everyone the impact it will have on their privacy.

The cookie opt-out method also seems deliberately poor to ensure you accidentally (and unknowingly) opt back in again.

Phorm should be an *opt-in only* service, it's the only fair way it can work imo.

If I could walk out I would, but I suspect there'd be some kind of charge to pay as we only opened the VM account about 3 months ago; wish I'd known they were planning on this back then

I know BT quietly rolled out a cessation charge to all their wholesale customers. I'm with Plusnet so when I cancel my account I now have to pay £20 for the privilege, despite being on a monthly contact.

JoeC said,
If I could walk out I would, but I suspect there'd be some kind of charge to pay as we only opened the VM account about 3 months ago; wish I'd known they were planning on this back then :/

If they change anything that seriously affects you (as this would), and there is no clause in the Terms of Use / Agreement / etc. telling you otherwise you are able to terminate a contract at anytime - it is a uk requirement to allow you to do this else companies could change there contracts without your agreement.

If you want out of a contract for a reason due to an issue with a compnay, if you read your contract you can usually get out of them early with no penalty. Mobile and internet contracts are classic examples as the companies change lots of things often - they will inform you when this happens (norm is via non recorded post so they cant proove you recieved it) - contracts usually specificy after you have been informed you have a time frame to cancel else they assume you agree to the new contract.