ISPs playing ISPy

July 8, 2008

Vista busy cursor How would you feel if your ISP allowed a third party to install equipment at their datacentre which intercepted all your Internet traffic, (secretly so you wouldn’t notice) so that your browsing could be tracked, webpage by webpage, entirely without your knowledge?

In this scenario, the ISP is paid by the above-mentioned third-party (an advertising company) for allowing the spy equipment to be installed. This advertising company uses your browsing record to profile you so you can be presented with targeted ads when you visit any website that uses their advertising system.

This is happening right now in the UK. A company called Phorm (who do have “phorm” in the spyware business) have signed up three of the UK’s largest ISPs: BT, Virgin Media and Carphone Warehouse. This looks like the start of a very worrying trend. Its legality in the UK looked like being challenged but the challenge has died away so how long before every ISP in the UK signs up with Phorm or any of a number of other companies entering this market? They get money, presumably lots of it, just for letting someone wire up a few boxes. It must be very tempting.

How soon before this is the norm in the US, then the whole world? Phorm the norm …

If you want to learn more about this, The Register has been following developments and there are a number of relevant articles here.

For the propeller-heads, tech guru Steve Gibson gave us an insight on Security Now! into the fiendishly clever use of technology that underpins how browsing is tracked.

Steve makes the excellent point that there is a fair way and an unfair way to do this sort of thing. The ISP’s customers should be told openly about the tracking/profiling and be given an option to opt in or opt out. Some customers may not care about having their browsing monitored or being fed targeted ads, and may be quite happy to accept a discount off their broadband fees for participating in the scheme, in effect getting a cut of the ISP’s earnings from it.

Other customers, who are uncomfortable with such an invasion of privacy, could opt out and forego the discount. So, does the fact that this choice is not being offered suggest that Phorm and the ISPs expect most broadband users would opt out if given the choice? Perhaps the ISPs are too mean to share the earnings.

Or maybe the ISPs are scared their customers would be so outraged by the very thought of the scheme that they would lose confidence and switch ISP. If it was my ISP then I would most definitely switch. I just hope I would be left with a non-spyware riddled ISP to choose from.

It may be harder for US broadband users when this insidious practice crosses the pond because there are so many local ISP monopolies.

Phorm used to be called 121Media and became notorious for an earlier tracking technology which worked by inserting Javascript into web pages displayed on the customer’s browser. As if that wasn’t bad enough, the insertion often caused an error so that the browser froze up.

This is the “phorm” I referred to above.

AddThis Social Bookmark Button


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: