The Information Commisssioner's Office (ICO) has said major internet service providers (ISPs) wanting to use the Phorm targeted web advertising system must first ask their customers whether they want to be part of it, otherwise it will breach their privacy.
Phorm profiles the addresses and content of sites visited by web users. It then uses this information to match users against advertising campaigns sent to their PCs.
The ICO says that if these ISPs don't ask their users whether they want their web usage to be tracked, the ISPs risk breaching the Data Protection Act.
Phorm as a company does not have access to the personal identities of an ISPs' customers but instead links their web usage to an individual identifier code.
If this system carried on, said the ICO, Phorm would not be breaking the Data Protection Act.
The potential for ISPs to link the identifier code with the identity of actual users means ISPs would have to ask their customers first about applying the Phorm system to their web usage traffic, said the ICO.