Comments on: Phorm WILL go live. Soon. Sort of.

By: admin

admin — Wed, 24 Jun 2009 07:31:34 +0000

Some really good points raised here, and some frankly that we have overlooked in the past.

We’ve always looked at the issue of Phorm as to whether it is an invasion of a users’ privacy.

But of course if you’re a website owner then Phrom will be effectively taking information about which pages on your site a user looks at, in order to build up a picture about who they are.

And surely, when a user is on your site, it is your privilege alone to know what pages they look at?

However, I think the fact that we haven’t raised this point before means that what we say about “the issue of online privacy has be[ing] confused by the media” is more true than ever.

Ken

By: bluecar1

bluecar1 — Thu, 18 Jun 2009 15:05:55 +0000

what has been missed from this article is the information about the DPI system at the backend of the system located in the ISP’s core network

how would your customers feel about their websites on your servers being used to help potential competitors to target their customers?

as the websites permission is not sought prior to scraping / mirroring the content of the pages visitied by the phormed ISP’s customers, phorm rely on “presumed consent” which the EU says is not sufficient

the two opt-out methods are far from perfect

block google or all search engines in robots.txt, this is commercial suicide for companies as they will not get any traffic reffered by search engines. also this method is only available if you run your own domain, if you use a subdomain this is not an option as you do not control the root directory for the domain where the robots.txt resides

the second method informing phorm of your wish to opt-out suffers the same issues, if you use a subdomain this is not an option as you do not control the root directory for the domain and do not have authority to opt-out the domain (one other thing to note, phorm say they only scan the robots.txt once a month)

the other issue is due to the way phorm mirrors traffic there is no way a webmaster can verify that phorm are complying with the robots.txt directives or the opt-out as they do not make a direct request or use a uniques user agent

peter

By: Website Builder

Website Builder — Thu, 18 Jun 2009 13:34:11 +0000

As a website builder, what I object to is having my website content probed, copied and exploited for a 3rd parties commercial gain, without my consent and contrary to copyright law. I permit a vistor to render a copy of my site in their browser, but I do NOT permit them to pass on that copy to Phorm or a Phormed-ISP to be profiled, copied offline, and then used to build a valuable browsing profile which is then commercially exploited by OIX. Nor do I permit them to create cookies containg my domain name or trademark – which purport to come from my site, but actually don’t. For all these reasons Phorm-ISP users are banned from my site and many others. Phorm need my consent and I withold it. Websites are being trawled for the raw content data that Phorm needs to build its profits and they are doing that without consent and contrary to copyright law.

By: Simon J Smith

Simon J Smith — Thu, 18 Jun 2009 12:45:43 +0000

“For our part, we believe the issue of online privacy has been confused by the media”

Well sorry to have to disagree with you here but I believe the issue of online privacy is clear. When it comes to the question of who do I trust on this issue I’d rather believe inventor of HTML Sir Tim Berners-Lee and his views on Phorm and systems like Phorm rather than yours or anyone else’s.

After all Sit Tim and the raft of privacy organisations who’ve spoken out against Phorm have no financial interest in Phorm, whereas Phorm itself has spent millions (look at their recently released accounts) “convincing” the doubters.

I’m sorry but I’m just not comfortable with DPI kit operated by a third party sat inside my ISP. The potential for mischief or risk of data accidents is just too high.That’s why I left BT.