A new company named Phorm has sprung up in the United Kingdom and is trying to insert themselves into the bitstreams in and out of ISPs (Internet Service Providers). The implications are: Phorm could modify pages and even spoof pages, all so that they can push advertisements in front of web browsers’ eyes. I’m surprised that they’re trying first in England, since England’s electronic privacy laws are stronger than those in the U.S. Here‘s Wikipedia’s up to date information on Phorm. (An “opt out” Phorm may be ruled by courts as illegal interception of communications.)
The NY Times had a good blog entry in April regarding Phorm. These sentences are significant: “Phorm installs equipment at the I.S.P. that intercepts the user’s browser when it visits a Web site for the first time. It redirects the browser to Phorm’s own site. That way it can place and read its own cookie with a Phorm identification number. It then appends this number onto the cookie of the other site, say Google or Yahoo. It does this without the permission of that other site.” Apparently this redirection will be invisible to the person who’s browsing(!).
It appears that the UK government will require that if Phorm goes into production, it must be an “opt-in” “service”. (Why would anyone in their right mind opt in to have ads pushed at them?)
So far, Phorm is in the UK only. But . . .
I’m sure that Phorm will try to push their foot in the doors of American ISPs — where our weaker electronic privacy laws and more profit-motivated ISPs may allow Phorm right through those doors and into their data centers. Phorm is pitching their scheme as a way for ISPs to increase their incomes, as Phorm would share their ad revenue with the ISPs. This would be bad news for user privacy.
P.S. Ever hear of Doubleclick? They already watch your browsing and are bad enough. Phorm is just the next logical step.