The controversial deep-packet inspection service offered by Phorm has been making the news again. But despite some of the hostile coverage that Phorm has received, there are possible benefits as well.
Controversy has followed Phorm since their early trials were uncovered by Internet users who accused them of monitoring their usage without consent. An independent Privacy Impact Assessment was slated for not condemning the service, and the ICO concluded that the service is not illegal following a formal complaint. Now the European Commission has announced its intention to take action against the UK government for failing to intervene to stop Phorm. Questions have been asked about the independence of Phorm’s directors.
The Open Rights Group has written to a number of major websites to urge them to opt out of Phorm’s profiling, with some considerable success: first Amazon, then Wikipedia have asked Phorm not to profile their traffic. With big names such as these refusing to permit profiling, it seems inevitable that others will follow suit. Meanwhile, whilst Facebook has not opted out, their CPO Chris Kelly has suggested that users who are unhappy with Phorm’s profiling should complain to their ISPs.
Throughout this, Phorm have argued that their approach is the future of the Internet: that current ISP pricing levels are unsustainable as online advertising revenues fall, and unless users want to see cost hikes for Internet access, they have to accept that targeted advertising is a necessary reality. Whilst I’m not familiar with the economics of the situation, there would appear to be some legitimacy in this. In fact, I’d really like to get a bespoke Internet experience, where the content, links and advertising are selected to be of greater interest to me than they are now. A ‘bespoke’ Internet would be a great user experience.
However, if I’m allowing my browsing habits to be profiled, then I want to own that profiling service: I want it on my machine (or at least somewhere in the Cloud where I feel I have control over it), set up according to my wishes, with the ability for me to edit or erase any or all of the history at the click of a button. In fact if I trusted the system, I’d be willing to populate it with basic data about me to help it in its decision making: my age, gender, address, interests, and equally importantly, things I don’t want to read about. But I won’t volunteer that information to a third party over whom I have no control, and who is acting with a purely commercial interest.
And it is there that the trustworthiness of Phorm’s approach slips up. In trying to build and dominate a market for behavioural online advertising, the company has, arguably, lacked transparency in some of its actions, and the resulting media coverage has left sufficient doubt in people’s minds that many individuals and companies are unwilling to participate. Phorm has announced a trial of its service in technology-savvy South Korea, and it will be interesting to see how people react there. Culturally, many Asian countries appear to have less privacy – after all, to British eyes, everyone’s packed in together with little personal space – but my experience is that because of this the individuals guard the privacy of their thoughts even more closely than the British generally do.
So Phorm’s premise that they can deliver the bespoke Internet is arguably valid, but they will have a lot of work to do if they wish to build public trust. After all, a bespoke suit is doubtless preferable to an off-the-peg, but I’d need to trust my tailor before I’d be comfortable about letting him measure my inside leg.