Computers, Privacy & the Constitution

View   r10  >  r9  >  r8  >  r7  >  r6  >  r5  ...
JulianM_Paper-I 10 - 14 Jan 2015 - Main.IanSullivan
Line: 1 to 1
Changed:
<
<
META TOPICPARENT name="WebPreferences"
>
>
META TOPICPARENT name="FirstPaper2013"
 

Phorm Over Function

Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country's broadband users, to deliver a "Behavioral Targeting" advertising system to track surfer’s habits using "Deep Packet Inspection." They compete with NebuAd, Front Porch, Adzilla, and Project Rialto. Unchecked, they represent an ugly development for privacy on the Internet.

JulianM_Paper-I 9 - 16 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

Changed:
<
<
Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country’s broadband users, to deliver a "Behavioral Targeting" advertising system to track surfer’s habits using "Deep Packet Inspection." They compete with NebuAd, Front Porch, Adzilla, and Project Rialto [hereinafter, collectively "Phorm"]. Unchecked, they represent an ugly development for privacy on the Internet.
>
>
Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country's broadband users, to deliver a "Behavioral Targeting" advertising system to track surfer’s habits using "Deep Packet Inspection." They compete with NebuAd, Front Porch, Adzilla, and Project Rialto. Unchecked, they represent an ugly development for privacy on the Internet.
 
Changed:
<
<
* DISCLAIMER * Please note, this is a work in progress, and not intended for review (just yet). I'm just experimenting with the editor, and using this to collect links/extracts which might be helpful. I'll remove this notice as soon as it is complete!
>
>
Targeted advertising is nothing new. Offline advertisers have run focused campaigns for decades, and their online progeny have long used persistent cookies to track repeat visitors to their sites, geodata from IP addresses to approximate a user's location, and the data from search histories, emails, and the content of requested pages to provide "Contextual Adverts." Phorm, however takes this to several new lows. Co-hosted by a partner ISP, the software monitors a user's entire browsing activity over time, building a comprehensive pattern of behavior, which they attempt to screen for Personally Identifiable Information ("PII"). When a user subsequently requests a page from a participating site, Phorm automatically intercepts the request, and inserts adverts based on their unique profile. A schematic of the multi-tiered architecture is available here.
 
Deleted:
<
<
Targeted advertising is nothing new. Offline advertisers have been focusing campaigns for decades, and their online progeny have long used persistent cookies to track repeat visitors to their sites, geodata from IP headers to approximate their location, and data from search histories, emails, and the content of requested pages to provide contextual adverts.
  • Cookies, search data, geodata
  • Deep packet inspection
  • Be careful to distinguish between 'anonymous' tracking, and tying to personal data
  • Distinguish behavioral from contextual, demographic, geographic,
  • Difference between site-based, and network based behavioral tracking
  • Leaks UID’s to https sites
  • Distinguishing between 'anonymous', personal, and sensitive data
 
Added:
>
>
Proponents argue that these behavioral tracking systems provide several benefits to consumers. First, they point out that Phorm's servers provide some protection from fraud and 'phishing' by blocking access to a blacklist of sites known to be harmful. Second, targeted adverts are offered as the quid pro quo required for keeping content free, when revenue from more traditional advertising is drying up. Third, it is suggested, users may 'prefer' targeted to random adverts, an analogy being drawn to the referral systems employed by NetFlix and Amazon to recommend DVDs based on past viewing history, and complimentary or substitute products based on the shopping history of customers with similar tastes. Fourth, much of this information is already being retained or monitored by ISPs in compliance with legislation like the EU Data Retention Directive, or the Communications Assistance for Law Enforcement Act. Similarly, browser add-ons such as the Yahoo! Toolbar have been aggregating and reporting on browsing history for some time. Finally, we are told that users can opt-out an anytime, by downloading a simple cookie onto their machines, and that at any rate, consumer outrage—as was recently expressed over the Facebook Beacon system—should mitigate against any egregious conduct on their behalf.
 
Changed:
<
<
Proponents argue that these behavioral tracking systems provide several benefits to consumers. First, they point out that Phorm's servers provide some protection from fraud and "phishing"; by blocking access to a blacklist of sites known to be harmful. Second, targeted adverts are offered as the quid pro quo required to keep content free, when revenue from more traditional advertising is drying up. Third, it is suggested, users may prefer targeted to random adverts, an analogy being drawn to the referral systems employed by NetFlix and Amazon to recommend DVDs based on past viewing history, and complimentary or substitute products based on the shopping history of customers with similar tastes. Fourth, much of this information is already being retained by ISPs in compliance with legislation like the EU Data Retention Directive, or the Communications Assistance for Law Enforcement Act. Similarly, browser add-ons such as the Yahoo! Toolbar have been aggregating and reporting on browsing history for some time. Finally, we are told that users can opt-out an anytime, by downloading a simple cookie onto their machines, and that at any rate, consumer outrage—as was recently expressed over the Facebook Beacon system—should mitigate against any egregious conduct.
>
>
However, these 'justifications' are little more than irrelevant distractions—the rhetorical equivalent of being told to "look at the monkey" before being jabbed with the business end of a blunt needle.
 
Changed:
<
<
The rhetorical equivalent of being told to “look at the monkey” before being jabbed with a needle, these ‘justifications’ are little more than irrelevant distractions.
>
>
First, whether or not these platforms incorporate an anti-phishing layer is of no consequence. Not only is this already a standard feature of most modern browsers, but search engines like Google flags these sites with similar warnings. At any rate, given the availability of client-based solutions, is it by no means clear that filtering should be provided at the server level. What's worse, is that this feeds into a larger complaint about the complete lack of transparency with regard to which sites will appear on these lists (and the process for removing yourself from them), the lexicon of the so-called 'sensitive terms' which will be precluded from profiling, and the lack of details about the 'anonymizing algorithm' or 'profile categories' which will be used. Bland assurances from their auditors Ernst & Young, that Phorm are 'basically good blokes,' are an inadequate safeguard.
 
Changed:
<
<
First, whether or not these platforms incorporate an anti-phishing layer is of no consequence. Not only is this already a standard feature of most modern browsers, Google’s search engine flags these sites with similar warnings. Given the availability of client-based solutions, is it by no means clear that this should be done at the server level. This feeds into a larger complaint about the complete lack of transparency with regard to which sites will appear on these list [controversy over blackballed domains], the lexicon of the so-called ‘sensitive terms’ which will be precluded from profiling, and the lack of details about the ‘anonymizing algorithm’ or ‘profile categories’ which will be used.
>
>
Secondly, most consumers are likely to be completely unaware that any of this is happening, even if they blithely click through an EULA. Ironically, the proposed opt-out method, accepting a cookie from faireagle.com, means that privacy savvy users who have disabled third party cookies (as everyone should), will not be opted-out, nor will any user who has blacklisted that domain using DNS, Adblock and so forth. Attempts by providers to assure us that these 'services' somehow inure to our benefit, smack of "cigarette manufacturers telling us that their new brand is a turning point in the fight against cancer."
 
Changed:
<
<
Secondly, most consumers are likely to be completely unaware that any of this is happening, even if they blithely agree once to a EULA. Ironically, the proposed opt-out method, accepting a cookie from faireagle.com, means that privacy savvy users who have disabled third party cookies (as everyone should), will not be opted-out, nor will any user who has blacklisted that domain using DNS, Adblock and so forth.
>
>
Third, the notion that the threat of consumer outrage is sufficient to prevent future abuse is absurd. Privacy statements change overnight, and failed companies have an unpleasant to tendency to offer their clients records free of such encumbrances to the highest bidder. Aggregation of information on this scale just compounds the problem, as there is no way notify consumers of an updated policy ex post, and in the absence of reliable data that advertisers will value this information that much more than less invasive contextual adverts, there must be a huge temptation to expand the uses of this information—the oft quoted example being insurance companies filching the search histories of people interested in expensive illnesses. The ethical integrity of a firm known to rewrite its own Wikipedia entry, and to conduct secret trials of tens of thousands of unwitting customers, is nill.
 
Changed:
<
<
Third, the notion that the threat of consumer outrage is sufficient to prevent future abuse is absurd. Privacy statements change overnight, and failed companies have an unpleasant to tendency to offer their client records free of such encumbrances to the highest bidder. Aggregation of information on this scale just compounds the problem, there is no way notify consumers of an updated policy ex post, and in the absence of reliable data that advertisers will value this information that much more than less invasive contextual advetrs, there must be a huge temptation to expand the uses of this information. [search for cures and your premium goes up]. The ethical integrity of a firm known to rewrite its own wikipedia entry, and conduct secret trials of tens of thousands of unwitting customers, is zero.
>
>
Fourthly, we need to recognize the unique role of ISPs as the gatekeepers of the Internet, one which between application specific bandwidth throttling and a walled garden approach to mobile services, is increasingly questionable. Knowingly trading a degree of privacy in exchange for gigabytes of email storage, or online photo tools is one thing; unwittingly granting carte blanche to record, analyze every aspect of one's digital alter ego, is both quantitatively and qualitatively a different beast. Although worst case scenarios require that 'anonymous' behavioral history is associated with PII data, glibly assuming that a combination of user-based ad-blockers and internal 'security measures'; will prevent this from happening, is a folly. As is, Phorm's systems already leaks identifiable information to secure sites, and ad-blockers are being undermined by javascript hacks.
 
Changed:
<
<
Finally, we need to recognize the unique role of ISPs as the gatekeepers of the Internet, one which between application specific bandwidth throttling and a walled garden approach to mobile services, is increasingly questionable. A comparison with
>
>
Finally, it is worth noting a bill currently pending before the New York legislature. The Brodsky Billsomething similar is brewing in Connecticut—is significant because if passed, will be tantamount to a de facto national standard. Supported by Microsoft (probably as "one in the eye" to Google), it tracks very closely to self regulations proposed by the National Advertising Initiative (a body representing about a quarter of the industry), some eight years ago, and has been criticized as inadequate and out of date. However, while disappointingly opt-out based, it does represent something of a positive step, in that it would prohibit third parties from tracking information from websites with which it does not have a contractual relationship, and prohibiting the collection of certain sensitive information online. One to watch.
 
Deleted:
<
<
  • Industry self regulation * Opt-in / Opt-out, and transparency * Differences in approach between Phorm and its competitors
  • New York Bill * Supported by microsoft, probably as a dig against Google (but potential acquisition of yahoo?)
  • FTC Proposed Guidelines
 
Changed:
<
<
Word Count: ??? (ex. Abstract / Further Reading)
>
>
Word Count: 997 (ex. Abstract / Further Reading)
 

Further Reading

Deleted:
<
<
The Register, The Phorm Files: All Yer Data Pimping News in One Place
 Phorm: Official Site
Added:
>
>
Ernst & Young Privacy Audit of Phorm
 Wikipedia, Diagram illustrating how Phorm Works
Changed:
<
<
New York Times, Louise Story, A Push to Limit the Tracking of Web Surfers’ Clicks, Mar. 20 2008
>
>
Nicholas Bohm (FIPR), The Phorm 'Webwise' System - A Legal Analysis, Apr. 23 2008
 
Changed:
<
<
Cornell Law School, Right To Personal Information
>
>
Richard Clayton (Cambridge Computer Laboratory), The Phorm 'WebWise' System, Apr. 23 2008
 
Deleted:
<
<
Louise Story, How Do They Track You? Let Us Count the Ways, New York Times, Mar. 9 2008
 
Deleted:
<
<
Neil McIntosh, Letting it all hang out, The Guardian, Mar. 18 2008
 Third Party Internet Advertising Consumer's Bill of Rights Act of 2008
Changed:
<
<
Blog, James Edwards, Unblocking Adblock, Feb. 5 2008

Blog, Tim Tobin (Partner at Proskauer Rose), Privacy Law Blog, Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content, Mar. 27 2008

>
>
Conn. HB05765 (2008) (somewhat narrower than the New York bill)
 Text of the Dec 2007 FTC Statement
Added:
>
>
Cornell Law School, Right To Personal Information

Blog, Tim Tobin (Partner at Proskauer Rose), Privacy Law Blog, Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content, Mar. 27 2008

 David Bender (Senior Privacy Counsel and DLA Piper), Do Behavioral Ads Endanger Your Privacy?, Law.com, Apr. 2 2008
Deleted:
<
<
Conn. HB05765 (2008) (somewhat narrower than the New York bill)
 
Deleted:
<
<
Greg Sandoval, Failed Dot-Coms May be Selling Your Private Information, CNET, June 29 2000
 
Changed:
<
<
US Companies which Meet EU Safe Harbor Provisions
>
>
The Register, The Phorm Files: All Yer Data Pimping News in One Place
 
Changed:
<
<
Richard Clayton (Cambridge Computer Laboratory), The Phorm 'WebWise' System, Apr. 23 2008
>
>
Louise Story, A Push to Limit the Tracking of Web Surfers' Clicks, New York Times, Mar. 20 2008
 
Changed:
<
<
Google Watch
>
>
Louise Story, How Do They Track You? Let Us Count the Ways, New York Times, Mar. 9 2008

Neil McIntosh, Letting it all hang out, The Guardian, Mar. 18 2008

 Paul Boutin, You Are What You Search: AOL's Data Leak Reveals the Seven Ways People Search the Web, Slate.com, Aug. 11 2006
Changed:
<
<
Ernst & Young Privacy Audit of Phorm
>
>
James Edwards, Unblocking Adblock, Feb. 5 2008
 
Changed:
<
<
Nicholas Bohm (FIPR), The Phorm 'Webwise' System - A Legal Analysis, Apr. 23 2008
>
>
Greg Sandoval, Failed Dot-Coms May be Selling Your Private Information, CNET, June 29 2000

US Companies which Meet EU Safe Harbor Provisions

 
Changed:
<
<
Foundation for Information Policy Research
>
>
Google Watch
 
 
<--/commentPlugin-->

JulianM_Paper-I 8 - 16 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

Changed:
<
<
[Whether Industry Self Regulation, or Proposed Rules akin to the New York Bill are more appropriate]
>
>
Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country’s broadband users, to deliver a "Behavioral Targeting" advertising system to track surfer’s habits using "Deep Packet Inspection." They compete with NebuAd, Front Porch, Adzilla, and Project Rialto [hereinafter, collectively "Phorm"]. Unchecked, they represent an ugly development for privacy on the Internet.
 * DISCLAIMER * Please note, this is a work in progress, and not intended for review (just yet). I'm just experimenting with the editor, and using this to collect links/extracts which might be helpful. I'll remove this notice as soon as it is complete!
Deleted:
<
<
Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country's broadband users, to deliver a "Behavioral Targeting"; advertising system to track surfer's habits using "Deep Packet Inspection"; It competes with NebuAd, Front Porch, Adzilla, and Project Rialto. [one line summary of my argument].

How Do Phorm et. al Work?

 Targeted advertising is nothing new. Offline advertisers have been focusing campaigns for decades, and their online progeny have long used persistent cookies to track repeat visitors to their sites, geodata from IP headers to approximate their location, and data from search histories, emails, and the content of requested pages to provide contextual adverts.
  • Cookies, search data, geodata
  • Deep packet inspection
Line: 18 to 15
 
  • Distinguishing between 'anonymous', personal, and sensitive data
Deleted:
<
<

The Case For Behavioral Advertising

 Proponents argue that these behavioral tracking systems provide several benefits to consumers. First, they point out that Phorm's servers provide some protection from fraud and "phishing"; by blocking access to a blacklist of sites known to be harmful. Second, targeted adverts are offered as the quid pro quo required to keep content free, when revenue from more traditional advertising is drying up. Third, it is suggested, users may prefer targeted to random adverts, an analogy being drawn to the referral systems employed by NetFlix and Amazon to recommend DVDs based on past viewing history, and complimentary or substitute products based on the shopping history of customers with similar tastes. Fourth, much of this information is already being retained by ISPs in compliance with legislation like the EU Data Retention Directive, or the Communications Assistance for Law Enforcement Act. Similarly, browser add-ons such as the Yahoo! Toolbar have been aggregating and reporting on browsing history for some time. Finally, we are told that users can opt-out an anytime, by downloading a simple cookie onto their machines, and that at any rate, consumer outrage—as was recently expressed over the Facebook Beacon system—should mitigate against any egregious conduct.
Deleted:
<
<

The (Much) Stronger Case Against

 The rhetorical equivalent of being told to “look at the monkey” before being jabbed with a needle, these ‘justifications’ are little more than irrelevant distractions.

First, whether or not these platforms incorporate an anti-phishing layer is of no consequence. Not only is this already a standard feature of most modern browsers, Google’s search engine flags these sites with similar warnings. Given the availability of client-based solutions, is it by no means clear that this should be done at the server level. This feeds into a larger complaint about the complete lack of transparency with regard to which sites will appear on these list [controversy over blackballed domains], the lexicon of the so-called ‘sensitive terms’ which will be precluded from profiling, and the lack of details about the ‘anonymizing algorithm’ or ‘profile categories’ which will be used.

Line: 33 to 27
 Finally, we need to recognize the unique role of ISPs as the gatekeepers of the Internet, one which between application specific bandwidth throttling and a walled garden approach to mobile services, is increasingly questionable. A comparison with
Deleted:
<
<

Proposed Solutions

 
  • Industry self regulation * Opt-in / Opt-out, and transparency * Differences in approach between Phorm and its competitors
  • New York Bill * Supported by microsoft, probably as a dig against Google (but potential acquisition of yahoo?)
  • FTC Proposed Guidelines
Deleted:
<
<

Conclusions

[.]
 
Added:
>
>
Word Count: ??? (ex. Abstract / Further Reading)
 

Further Reading

Line: 90 to 80
 Foundation for Information Policy Research
Deleted:
<
<
Word Count: (ex. Abstract / Further Reading)
 
 
<--/commentPlugin-->

JulianM_Paper-I 7 - 15 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

Changed:
<
<
[abstract goes here]
>
>
[Whether Industry Self Regulation, or Proposed Rules akin to the New York Bill are more appropriate]
 * DISCLAIMER * Please note, this is a work in progress, and not intended for review (just yet). I'm just experimenting with the editor, and using this to collect links/extracts which might be helpful. I'll remove this notice as soon as it is complete!
Changed:
<
<
Theme: Whether Industry Self Regulation, or Proposed Rules akin to the New York Bill are more appropriate
>
>
Phorm, formerly 121Media, is a technology company based in Moscow which became the subject of much scrutiny upon announcing that it was in talks with three UK ISPs representing 70% of the country's broadband users, to deliver a "Behavioral Targeting"; advertising system to track surfer's habits using "Deep Packet Inspection"; It competes with NebuAd, Front Porch, Adzilla, and Project Rialto. [one line summary of my argument].
 
Changed:
<
<
Phorm, formerly 121Media, is a digital technology company which drew attention to itself when it announced it was is in talks with several major UK ISPs to use deep packet inspection to deliver a "Behavioral Targeting" advertising system which trackers surfers habits. It competes with apple and cat.

How do Phorm et. al Work?

>
>

How Do Phorm et. al Work?

Targeted advertising is nothing new. Offline advertisers have been focusing campaigns for decades, and their online progeny have long used persistent cookies to track repeat visitors to their sites, geodata from IP headers to approximate their location, and data from search histories, emails, and the content of requested pages to provide contextual adverts.
 
  • Cookies, search data, geodata
  • Deep packet inspection
  • Be careful to distinguish between 'anonymous' tracking, and tying to personal data
  • Distinguish behavioral from contextual, demographic, geographic,
  • Difference between site-based, and network based behavioral tracking
Added:
>
>
  • Leaks UID’s to https sites
  • Distinguishing between 'anonymous', personal, and sensitive data
 
Changed:
<
<

Proposed Solutions

  • Industry self regulation
    • Opt-in / Opt-out, and transparency
    • Differences in approache between Phorm and its competititors
  • New York Bill * Supported by microsoft, probably as a dig against Google (but potential acquisition of yahoo?)
  • FTC Proposed Guidelines
>
>

The Case For Behavioral Advertising

Proponents argue that these behavioral tracking systems provide several benefits to consumers. First, they point out that Phorm's servers provide some protection from fraud and "phishing"; by blocking access to a blacklist of sites known to be harmful. Second, targeted adverts are offered as the quid pro quo required to keep content free, when revenue from more traditional advertising is drying up. Third, it is suggested, users may prefer targeted to random adverts, an analogy being drawn to the referral systems employed by NetFlix and Amazon to recommend DVDs based on past viewing history, and complimentary or substitute products based on the shopping history of customers with similar tastes. Fourth, much of this information is already being retained by ISPs in compliance with legislation like the EU Data Retention Directive, or the Communications Assistance for Law Enforcement Act. Similarly, browser add-ons such as the Yahoo! Toolbar have been aggregating and reporting on browsing history for some time. Finally, we are told that users can opt-out an anytime, by downloading a simple cookie onto their machines, and that at any rate, consumer outrage—as was recently expressed over the Facebook Beacon system—should mitigate against any egregious conduct.
 
Added:
>
>

The (Much) Stronger Case Against

The rhetorical equivalent of being told to “look at the monkey” before being jabbed with a needle, these ‘justifications’ are little more than irrelevant distractions.
 
Changed:
<
<

The case for allowing it:

>
>
First, whether or not these platforms incorporate an anti-phishing layer is of no consequence. Not only is this already a standard feature of most modern browsers, Google’s search engine flags these sites with similar warnings. Given the availability of client-based solutions, is it by no means clear that this should be done at the server level. This feeds into a larger complaint about the complete lack of transparency with regard to which sites will appear on these list [controversy over blackballed domains], the lexicon of the so-called ‘sensitive terms’ which will be precluded from profiling, and the lack of details about the ‘anonymizing algorithm’ or ‘profile categories’ which will be used.
 
Changed:
<
<
  • More revenue in exchange for free online content
    • BUT, 10% of Americans and 1/3 of Europe
    • Adblock (and unblocking it)
    • Contextual v Behavioural advertising systems
  • Benefits from recommendation systems like Amazon and NetFlix?
  • Consumer outrage curtails the worst abuses, e.g. Facebook Beacon
  • Classic should the law follow or lead technology problem
  • Haven't Google/Yahoo!, especially with their toolbars been doing this for a while?
>
>
Secondly, most consumers are likely to be completely unaware that any of this is happening, even if they blithely agree once to a EULA. Ironically, the proposed opt-out method, accepting a cookie from faireagle.com, means that privacy savvy users who have disabled third party cookies (as everyone should), will not be opted-out, nor will any user who has blacklisted that domain using DNS, Adblock and so forth.
 
Added:
>
>
Third, the notion that the threat of consumer outrage is sufficient to prevent future abuse is absurd. Privacy statements change overnight, and failed companies have an unpleasant to tendency to offer their client records free of such encumbrances to the highest bidder. Aggregation of information on this scale just compounds the problem, there is no way notify consumers of an updated policy ex post, and in the absence of reliable data that advertisers will value this information that much more than less invasive contextual advetrs, there must be a huge temptation to expand the uses of this information. [search for cures and your premium goes up]. The ethical integrity of a firm known to rewrite its own wikipedia entry, and conduct secret trials of tens of thousands of unwitting customers, is zero.
 
Added:
>
>
Finally, we need to recognize the unique role of ISPs as the gatekeepers of the Internet, one which between application specific bandwidth throttling and a walled garden approach to mobile services, is increasingly questionable. A comparison with
 
Deleted:
<
<

The (stronger) case against

  • Lack of awareness
  • Future abuse (government collection - the 'search for cures and your premiums rise) argument
  • Unique role of ISP's as gatekeepers (tie with arguments about bandwidth throttling?)
  • Privacy statements change overnight; bust companies whose sole assets are customer data
    • aggregation compounds these problems, no way to notify consumer ex post
  • This data can't be that much more useful for just targeted ads, can it? Temptation to expand uses
  • Self regulation doesn't reach wide enough - NAI covers less than 25% of advertisers
  • See criticism from Cambridge Researcher
  • Distinguishing between 'anonymous', personal, and sensitive data
  • We're going to waive all manner of rights away in EULA legalese
 
Added:
>
>

Proposed Solutions

 
Changed:
<
<
- read cambridge research doc - need to read the FIRP criticisms of Phorm
>
>
  • Industry self regulation * Opt-in / Opt-out, and transparency * Differences in approach between Phorm and its competitors
  • New York Bill * Supported by microsoft, probably as a dig against Google (but potential acquisition of yahoo?)
  • FTC Proposed Guidelines
 
Added:
>
>

Conclusions

[.]
 
Deleted:
<
<

References

 
Added:
>
>

Further Reading

 
Changed:
<
<
FN 1 - The Register, The Phorm Files: All yer data pimping news in one place
>
>
The Register, The Phorm Files: All Yer Data Pimping News in One Place
 
Changed:
<
<
FN 2 - Phorm: Official Site
>
>
Phorm: Official Site
 
Changed:
<
<
FN 3 - Wikipedia, Diagram illustrating how Phorm Works
>
>
Wikipedia, Diagram illustrating how Phorm Works
 
Changed:
<
<
FN 4 - New York Times, Louise Story, A Push to Limit the Tracking of Web Surfers’ Clicks, (Mar. 20, 2008)
>
>
New York Times, Louise Story, A Push to Limit the Tracking of Web Surfers’ Clicks, Mar. 20 2008
 
Changed:
<
<
FN 5 - Cornell Law School, Right To Personal Information
>
>
Cornell Law School, Right To Personal Information
 
Changed:
<
<
FN 6 - New York Times, Louise Story, How Do They Track You? Let Us Count the Ways, (Mar. 9, 2008)
>
>
Louise Story, How Do They Track You? Let Us Count the Ways, New York Times, Mar. 9 2008
 
Changed:
<
<
FN 7 - The Guardian, Neil McIntosh, Letting it all hang out, (Mar. 18 2008)
>
>
Neil McIntosh, Letting it all hang out, The Guardian, Mar. 18 2008
 
Changed:
<
<
FN 8 - Third Party Internet Advertising Consumer's Bill of Rights Act of 2008
>
>
Third Party Internet Advertising Consumer's Bill of Rights Act of 2008
 
Changed:
<
<
FN 9 - Blog, James Edwards, Unblocking Adblock (Feb. 5, 2008)
>
>
Blog, James Edwards, Unblocking Adblock, Feb. 5 2008
 
Changed:
<
<
FN 10 - Blog, Tim Tobin (Partner at Proskauer Rose), Privacy Law Blog, Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content (Mar. 27, 2008)
>
>
Blog, Tim Tobin (Partner at Proskauer Rose), Privacy Law Blog, Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content, Mar. 27 2008
 
Changed:
<
<
FN 11 - Text of the Dec 2007 FTC Statement
>
>
Text of the Dec 2007 FTC Statement
 
Changed:
<
<
FN 12 - Law.com, David Bender (Senior Privacy Counsel and DLA Piper), Do Behavioral Ads Endanger Your Privacy?, (Apr. 2, 2008)
>
>
David Bender (Senior Privacy Counsel and DLA Piper), Do Behavioral Ads Endanger Your Privacy?, Law.com, Apr. 2 2008
 
Changed:
<
<
FN 13 - Conn. HB05765 (2008), which is somewhat narrower than the New York bill. -- JulianM - 30 Apr 2008
>
>
Conn. HB05765 (2008) (somewhat narrower than the New York bill)
 
Changed:
<
<
CNET, Greg Sandoval, Failed dot-coms may be selling your private information (June 29, 2000)
>
>
Greg Sandoval, Failed Dot-Coms May be Selling Your Private Information, CNET, June 29 2000
 US Companies which Meet EU Safe Harbor Provisions
Changed:
<
<
Richard Clayton (Cambridge Computer Laboratory, The Phorm 'WebWise' System,(Apr. 23, 2008))
>
>
Richard Clayton (Cambridge Computer Laboratory), The Phorm 'WebWise' System, Apr. 23 2008
 Google Watch
Changed:
<
<
Slate: Paul Boutin, You Are What You Search: AOL's data leak reveals the seven ways people search the Web (Aug. 11, 2006)
>
>
Paul Boutin, You Are What You Search: AOL's Data Leak Reveals the Seven Ways People Search the Web, Slate.com, Aug. 11 2006
 Ernst & Young Privacy Audit of Phorm
Added:
>
>
Nicholas Bohm (FIPR), The Phorm 'Webwise' System - A Legal Analysis, Apr. 23 2008
 
Changed:
<
<
FIPR, Nicholas Bohm, The Phorm 'Webwise' System - A Legal Analysis, (Apr. 23 2008)
>
>
Foundation for Information Policy Research
 
Changed:
<
<
http://www.fipr.org/
>
>
Word Count: (ex. Abstract / Further Reading)
 
 
<--/commentPlugin-->
\ No newline at end of file

JulianM_Paper-I 6 - 01 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]

JulianM_Paper-I 5 - 01 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]
Line: 101 to 101
 Slate: Paul Boutin, You Are What You Search: AOL's data leak reveals the seven ways people search the Web (Aug. 11, 2006)
Added:
>
>
Ernst & Young Privacy Audit of Phorm

FIPR, Nicholas Bohm, The Phorm 'Webwise' System - A Legal Analysis, (Apr. 23 2008)

http://www.fipr.org/

 
 
<--/commentPlugin-->

JulianM_Paper-I 4 - 01 May 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]
Line: 9 to 9
 Phorm, formerly 121Media, is a digital technology company which drew attention to itself when it announced it was is in talks with several major UK ISPs to use deep packet inspection to deliver a "Behavioral Targeting" advertising system which trackers surfers habits. It competes with apple and cat.
Changed:
<
<
* How do Phorm et. al Work?
>
>

How do Phorm et. al Work?

 
  • Cookies, search data, geodata
  • Deep packet inspection
  • Be careful to distinguish between 'anonymous' tracking, and tying to personal data
  • Distinguish behavioral from contextual, demographic, geographic,
  • Difference between site-based, and network based behavioral tracking
Changed:
<
<
* Proposed Solutions
>
>

Proposed Solutions

 
  • Industry self regulation
    • Opt-in / Opt-out, and transparency
    • Differences in approache between Phorm and its competititors
Line: 25 to 29
 
  • FTC Proposed Guidelines
Changed:
<
<
* The case for allowing it:
>
>

The case for allowing it:

 
  • More revenue in exchange for free online content
    • BUT, 10% of Americans and 1/3 of Europe
    • Adblock (and unblocking it)
Line: 36 to 42
 
  • Haven't Google/Yahoo!, especially with their toolbars been doing this for a while?
Changed:
<
<
* The (stronger) case against
>
>

The (stronger) case against

 
  • Lack of awareness
  • Future abuse (government collection - the 'search for cures and your premiums rise) argument
  • Unique role of ISP's as gatekeepers (tie with arguments about bandwidth throttling?)
Line: 49 to 57
 
  • We're going to waive all manner of rights away in EULA legalese
Added:
>
>
- read cambridge research doc - need to read the FIRP criticisms of Phorm

References

 

FN 1 - The Register, The Phorm Files: All yer data pimping news in one place

Line: 63 to 76
 FN 6 - New York Times, Louise Story, How Do They Track You? Let Us Count the Ways, (Mar. 9, 2008)
Changed:
<
<
FN 7 - The Guardiam, Neil McIntosh, Letting it all hang out, (Mar. 18 2008)
>
>
FN 7 - The Guardian, Neil McIntosh, Letting it all hang out, (Mar. 18 2008)
 FN 8 - Third Party Internet Advertising Consumer's Bill of Rights Act of 2008
Line: 79 to 91
 FN 13 - Conn. HB05765 (2008), which is somewhat narrower than the New York bill. -- JulianM - 30 Apr 2008
Added:
>
>
CNET, Greg Sandoval, Failed dot-coms may be selling your private information (June 29, 2000)

US Companies which Meet EU Safe Harbor Provisions

Richard Clayton (Cambridge Computer Laboratory, The Phorm 'WebWise' System,(Apr. 23, 2008))

Google Watch

Slate: Paul Boutin, You Are What You Search: AOL's data leak reveals the seven ways people search the Web (Aug. 11, 2006)

 
 
<--/commentPlugin-->

JulianM_Paper-I 3 - 30 Apr 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]
Line: 13 to 13
 
  • Cookies, search data, geodata
  • Deep packet inspection
  • Be careful to distinguish between 'anonymous' tracking, and tying to personal data
Changed:
<
<
  • Distinguish behavioural from contextual, demographic, geogrphic,
  • Diferrence between site-based, and network based behavioural tracking
>
>
  • Distinguish behavioral from contextual, demographic, geographic,
  • Difference between site-based, and network based behavioral tracking
 * Proposed Solutions
  • Industry self regulation
    • Opt-in / Opt-out, and transparency
Changed:
<
<
    • Differences in approache between Phorm and its competitiors
>
>
    • Differences in approache between Phorm and its competititors
 
  • New York Bill
Changed:
<
<
* Supported by microsoft, probably as a dig against Google (but potential acquistion of yahoo?)
>
>
* Supported by microsoft, probably as a dig against Google (but potential acquisition of yahoo?)
 
  • FTC Proposed Guidelines
Line: 33 to 33
 
  • Benefits from recommendation systems like Amazon and NetFlix?
  • Consumer outrage curtails the worst abuses, e.g. Facebook Beacon
  • Classic should the law follow or lead technology problem
Added:
>
>
  • Haven't Google/Yahoo!, especially with their toolbars been doing this for a while?
 

* The (stronger) case against


JulianM_Paper-I 2 - 30 Apr 2008 - Main.JulianM
Line: 1 to 1
 
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]

* DISCLAIMER * Please note, this is a work in progress, and not intended for review (just yet). I'm just experimenting with the editor, and using this to collect links/extracts which might be helpful. I'll remove this notice as soon as it is complete!

Added:
>
>
Theme: Whether Industry Self Regulation, or Proposed Rules akin to the New York Bill are more appropriate
 Phorm, formerly 121Media, is a digital technology company which drew attention to itself when it announced it was is in talks with several major UK ISPs to use deep packet inspection to deliver a "Behavioral Targeting" advertising system which trackers surfers habits. It competes with apple and cat.
Added:
>
>
* How do Phorm et. al Work?
  • Cookies, search data, geodata
  • Deep packet inspection
  • Be careful to distinguish between 'anonymous' tracking, and tying to personal data
  • Distinguish behavioural from contextual, demographic, geogrphic,
  • Diferrence between site-based, and network based behavioural tracking

* Proposed Solutions

  • Industry self regulation
    • Opt-in / Opt-out, and transparency
    • Differences in approache between Phorm and its competitiors
  • New York Bill * Supported by microsoft, probably as a dig against Google (but potential acquistion of yahoo?)
  • FTC Proposed Guidelines

* The case for allowing it:

  • More revenue in exchange for free online content
    • BUT, 10% of Americans and 1/3 of Europe
    • Adblock (and unblocking it)
    • Contextual v Behavioural advertising systems
  • Benefits from recommendation systems like Amazon and NetFlix?
  • Consumer outrage curtails the worst abuses, e.g. Facebook Beacon
  • Classic should the law follow or lead technology problem

* The (stronger) case against

  • Lack of awareness
  • Future abuse (government collection - the 'search for cures and your premiums rise) argument
  • Unique role of ISP's as gatekeepers (tie with arguments about bandwidth throttling?)
  • Privacy statements change overnight; bust companies whose sole assets are customer data
    • aggregation compounds these problems, no way to notify consumer ex post
  • This data can't be that much more useful for just targeted ads, can it? Temptation to expand uses
  • Self regulation doesn't reach wide enough - NAI covers less than 25% of advertisers
  • See criticism from Cambridge Researcher
  • Distinguishing between 'anonymous', personal, and sensitive data
  • We're going to waive all manner of rights away in EULA legalese

 FN 1 - The Register, The Phorm Files: All yer data pimping news in one place

FN 2 - Phorm: Official Site

Line: 17 to 60
 FN 5 - Cornell Law School, Right To Personal Information
Changed:
<
<
FN - 6 New York Times, Louise Story, How Do They Track You? Let Us Count the Ways, (Mar. 9, 2008)
>
>
FN 6 - New York Times, Louise Story, How Do They Track You? Let Us Count the Ways, (Mar. 9, 2008)

FN 7 - The Guardiam, Neil McIntosh, Letting it all hang out, (Mar. 18 2008)

FN 8 - Third Party Internet Advertising Consumer's Bill of Rights Act of 2008

FN 9 - Blog, James Edwards, Unblocking Adblock (Feb. 5, 2008)

FN 10 - Blog, Tim Tobin (Partner at Proskauer Rose), Privacy Law Blog, Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content (Mar. 27, 2008)

FN 11 - Text of the Dec 2007 FTC Statement

FN 12 - Law.com, David Bender (Senior Privacy Counsel and DLA Piper), Do Behavioral Ads Endanger Your Privacy?, (Apr. 2, 2008)

 
Added:
>
>
FN 13 - Conn. HB05765 (2008), which is somewhat narrower than the New York bill.
 -- JulianM - 30 Apr 2008

JulianM_Paper-I 1 - 30 Apr 2008 - Main.JulianM
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="WebPreferences"

Phorm Over Function

[abstract goes here]

* DISCLAIMER * Please note, this is a work in progress, and not intended for review (just yet). I'm just experimenting with the editor, and using this to collect links/extracts which might be helpful. I'll remove this notice as soon as it is complete!

Phorm, formerly 121Media, is a digital technology company which drew attention to itself when it announced it was is in talks with several major UK ISPs to use deep packet inspection to deliver a "Behavioral Targeting" advertising system which trackers surfers habits. It competes with apple and cat.

FN 1 - The Register, The Phorm Files: All yer data pimping news in one place

FN 2 - Phorm: Official Site

FN 3 - Wikipedia, Diagram illustrating how Phorm Works

FN 4 - New York Times, Louise Story, A Push to Limit the Tracking of Web Surfers’ Clicks, (Mar. 20, 2008)

FN 5 - Cornell Law School, Right To Personal Information

FN - 6 New York Times, Louise Story, How Do They Track You? Let Us Count the Ways, (Mar. 9, 2008)

-- JulianM - 30 Apr 2008

 
<--/commentPlugin-->

Revision 10r10 - 14 Jan 2015 - 22:44:39 - IanSullivan
Revision 9r9 - 16 May 2008 - 20:45:59 - JulianM
Revision 8r8 - 16 May 2008 - 18:39:16 - JulianM
Revision 7r7 - 15 May 2008 - 19:43:22 - JulianM
Revision 6r6 - 01 May 2008 - 05:25:36 - JulianM
Revision 5r5 - 01 May 2008 - 04:21:02 - JulianM
Revision 4r4 - 01 May 2008 - 02:56:00 - JulianM
Revision 3r3 - 30 Apr 2008 - 21:19:29 - JulianM
Revision 2r2 - 30 Apr 2008 - 16:24:50 - JulianM
Revision 1r1 - 30 Apr 2008 - 04:45:12 - JulianM
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM