Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK ISPs To Start Tracking Your Surfing To Serve You Ads

Posted by ScuttleMonkey on from the weak-anonymizers-and-other-fun-party-tricks dept.

TechDirt has an interesting article about a UK-based company that is trying to work with ISPs to make use of user surfing data to serve targeted ads. "Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history -- and now we've got the first report of some big ISPs moving into this realm. Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm."

54 of 238 comments (clear)

  1. hmm by RMH101 · · Score: 5, Insightful

    So it's bad when ISPs do this, but OK when Google does it?

    1. Re:hmm by N7DR · · Score: 5, Informative
      So it's bad when ISPs do this, but OK when Google does it?

      Yes. It's part of the data returned by Google. The ISP has to snoop the data stream and insert its own traffic into it.

      ISPs should be forbidden from altering the data stream unless they own the content that's being transferred.

    2. Re:hmm by NMagic · · Score: 3, Interesting

      Yeah, most of your search pages already do logical banners. You search for something and they post up related products next to it. Hell, even most of your free webmail providers do it. As long as the ISP isn't dropping cookies on your box, I don't have too many problems with it... However, the one problem I see here comes when the ISPs start charging for bandwidth, and your browsing becomes as fast as using a 56k, due to the sheer amounts of tracking being done. Why should I have to pay for their ads?

    3. Re:hmm by pembo13 · · Score: 2, Interesting

      Well the ISP is an internet provider. Google is as advertisement provider... I don't think they've ever been secretive about that fact.

      --
      "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
    4. Re:hmm by corsec67 · · Score: 4, Interesting

      Wouldn't copyright law already cover that?

      You can't take a copy of my website, insert a little bit, and then serve that. Couldn't google sue any ISP that alters their pages in any way?

      --
      If I have nothing to hide, don't search me
    5. Re:hmm by BSAtHome · · Score: 2, Interesting

      Use tor... Sure, it is slower, but it bypasses the ISP tracking.

    6. Re:hmm by moderatorrater · · Score: 4, Insightful

      It's the difference between a company advertising to you when you call them (or trying to upsell, etc) and the phone company listening into your calls and breaking in when they have something to sell you. You're dealing with the company on the other side (google, in this case) as an equal. Your ISP holds a lot of power over you, and abusing it's wrong.

    7. Re:hmm by STrinity · · Score: 3, Interesting

      Use tor... Sure, it is slower, but it bypasses the ISP tracking.
      However the last node in the chain can see anything you do that isn't using HTTPS/SSL, and if anything you do gives away your identity, they can figure out who you are.

      Oh, and some of them may be run by governments and criminal organizations.
      --
      Les Miserables Volume 1 now up with my reading of
    8. Re:hmm by Dan541 · · Score: 2, Interesting

      Is there no Privacy act in the UK?

      Im surprised this is even legal.

      --
      An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
    9. Re:hmm by internewt · · Score: 2, Insightful

      DSL competition is a fucking joke in the UK. Almost all the DSL services you can buy are still over BT's hardware, and BT charge other ISPs by the byte transferred: this means that unless you use an ISP that has their own kit in exchanges you will be playing by BTs rules. And even those ISPs that do have their own kit in exchanges barely undercut BT because charging/byte is very profitable.

      I should think there are a few towns in the UK that maybe do have some real competition and inturn good fast 'net access, but for most people the choice is BT, someone else over BT (like me on Zen), or an unbundled ISP..... like fucking Murdoch's Sky!

      --
      Car analogies break down.
    10. Re:hmm by rolfwind · · Score: 5, Informative

      I can CHOOSE to use google to surf the net. There are many search engines. I can also use Tor to access Google anonymously if I'm paranoid.

      My ISP choices are limited, and I can't change them as fast as a search engine either. Plus once I click onto a site, google pretty much loose track where I am, especially if I block ads.

      ISP can know every place I go.

      Moreover, I don't pay google to use their service. I do pay an ISP. They have an revenue stream.

      So I think your analogy is flawed.

    11. Re:hmm by Anonymous+Brave+Guy · · Score: 4, Insightful

      ISPs should be forbidden from altering the data stream unless they own the content that's being transferred.

      IMHO, ISPs should be forbidden from even snooping on your data stream. They've no more business monitoring your on-line activities than the Royal Mail has opening all your letters.

      The data protection implications of this development are alarming, and frankly I don't care what some big accounting firm says about them. The day my ISP (which is not one of the three mentioned) says it will adopt a similar policy will be the day that I start the process of moving elsewhere, and I'd probably send a letter to the Information Commissioner expressing my concern as well.

      But hey, if the ISPs are spying on where I go and what I do (actually, they're legally required to record it anyway these days — another draconian privacy invasion, this time mandated by our terrorist-fearing government) and acting on the data they have, presumably that absolves them of any immunity they might otherwise have had when they supply files to copyright infringers, kiddie porn to sickos, and the like. May the money-grabbing lawsuits and company-killing PR sink them quickly.

      --
      If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
    12. Re:hmm by Anonymous Coward · · Score: 5, Interesting

      No, I don't think so. Transparently altering data is permissible according to RFC 2616 (the HTTP specification) unless you include the Cache-Control: no-transform header, which virtually nobody has ever heard of. Thus, if intermediate alteration is part of the protocol you are using and you haven't availed yourself of the opportunity to deny that action, it can be argued that the permission is implicitly granted, just the same way it's implicitly granted that they can cache it at all.

    13. Re:hmm by William-Ely · · Score: 2, Interesting

      I don't pay Google to provide me with a service. If an ISP wants to inject ads into your browser they should at least give you a discount.

      --
      Mod me down with all of your hatred, and your journey towards the dark side will be complete!
    14. Re:hmm by palegray.net · · Score: 2, Interesting

      I predict a large number of technically savvy people (a) creating new tunneling networks to allow for encrypted surfing to an Internet endpoint not controlled by traffic-sniffing ISPs, and (b) a large number of technically savvy people making use of the provisions described in (a). It could be as simple as buying a router with the functionality built in. Speaking of which, why hasn't anyone marketed such a device to consumers? While it might be expensive compared to "plain vanilla" home routers, it would certainly have a devoted following of geeks.

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
    15. Re:hmm by delinear · · Score: 2, Insightful

      More to the point it comes down to money. I "pay" Google for its service by viewing their ads. I pay for my ISP with money. I don't expect to have to pay them twice.

    16. Re:hmm by Jaseoldboss · · Score: 3, Informative
      They're using cookies to track behaviour. OIX.net is the address you need to block by the looks of it. Link

      I delete my cookies regularly, and I want to keep Webwise switched off. How do I do that?

      If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add [OIX.net] to the Blocked Cookies settings in your browser.
  2. ISPUK apparently by Anonymous Coward · · Score: 5, Insightful

    does this not break privacy laws? for that matter, why can an ISP snoop on what you're doign when the government can not?

    1. Re:ISPUK apparently by glesga_kiss · · Score: 5, Informative

      does this not break privacy laws?

      I think so! Under my understanding of the UK Data Protection Act (IANAL), this would have to be an opt-in scheme via a tick box on the contract. It used to be opt-out but this was changed.

      Under the terms of the law an organization may not share personal data to another party without your consent. It's a pretty decent law, I don't know how the hell it got passed.

  3. So who's paying the extra bsandwidth used? by trolltalk.com · · Score: 5, Insightful

    After all, if your ISP is serving you ads you don't want, they shouldn't be charging you the bandwidth used ...

    --
    Kevin Smith on Prince
  4. Classy, very classy by FireballX301 · · Score: 4, Insightful

    All you have to do is also lower prices, and you'll see how many 'citizens' are willing to sell their privacy.

    And it's interesting how three big ISPs banded together like this. It's almost like they're trying to shut out alternatives...

    1. Re:Classy, very classy by ATMD · · Score: 3, Informative

      I'll be sticking with UKFSN. No throttling, no traffic shaping, no "fair use" - and no stream tampering for the foreseeable future, I'll bet.

      I'd recommend them to anyone.

      --
      Nobody else has this sig.
  5. nice by R3N3G4D3 · · Score: 5, Funny

    so now my family can enjoy the advertisements based on the porn I was watching earlier that week?

    1. Re:nice by moderatorrater · · Score: 4, Funny

      Everybody likes horses and other farm animals, right?

    2. Re:nice by Mr.+Roadkill · · Score: 3, Funny

      Everybody likes horses and other farm animals, right?
      Maybe his kids will appreciate seeing pictures of others their own age with similar interests. Plus, most kids these days don't get to see anywhere near enough of Grandma.
  6. Porn ads? by PIPBoy3000 · · Score: 5, Funny

    So if my wife starts getting a lot of ads for porn, do you think she'll put two and two together?

    1. Re:Porn ads? by Wandering+Wombat · · Score: 2, Funny

      Will she put two and two together? Probably not... http://www.xkcd.com/

      --
      I like to place meaningful quotes in my sig, so people will know that I know what meaningful quotes are.
    2. Re:Porn ads? by edwardpickman · · Score: 4, Funny
      So if my wife starts getting a lot of ads for porn, do you think she'll put two and two together?

      She may just assume it's because of her own porn surfing?

  7. Reason Number by Smordnys+s'regrepsA · · Score: 2, Insightful

    Just reason #86 to switch to Firefox with Adblock Plus (lets 86 those adds)!

    --
    Just -1, Troll talking to another.
    1. Re:Reason Number by STrinity · · Score: 2, Insightful

      Unless the ISP stores the ads in random directories with random names, it'll be possible to construct an Adblock filter for them. The bigger concern is that even if I block the ads, the ISP is still aggregating information about my surfing habits and distributing it to third parties.

      --
      Les Miserables Volume 1 now up with my reading of
    2. Re:Reason Number by STrinity · · Score: 2, Informative

      An ISP can't just insert an ad in a page -- if they just send you a .jpg or flash file when you open a site, the browser won't know where to put it and discard it. They'd have to modify the HTML so it contains a tag that says "place http://isp.com/ad.jpg here," and once that happens you can nuke it with Adblock.

      --
      Les Miserables Volume 1 now up with my reading of
    3. Re:Reason Number by Allicorn · · Score: 2, Informative

      Not exactly, since they can modify your HTTP responses at will and detect every HTTP request, regardless of target host, they need not insert...

          [img src=http://isp.com/ads/somead.jpg]

      into the stream at all. They could instead insert...

          [img src=http://thesiteyouwereonalready.com/randomappearingnumber.jpg]

      and then sniff your subsequent requests for that specific URI. Not easy to block with a plain old regular expression unfortunately.

      Alli

      --
      OMG!!! Ponies!!!
  8. Power corrupts by Statecraftsman · · Score: 4, Insightful

    Please oh please, can we start working on an open source(wimax) router with two bands(backbone and local) so we can build our own huge mesh network and say buh-bye to ISPs forever? We don't need your email address, we don't need your antivirus software, we do not need your bills, and finally we don't need you messing with our connections. That is all.

    1. Re:Power corrupts by FooAtWFU · · Score: 4, Insightful

      Please oh please, can we start working on an open source(wimax) router with two bands(backbone and local) Hooold up there, buddy. Where exactly are you going to get the money to buy the spectrum you need for your precious WiMAX to work?
      --
      The World Wide Web is dying. Soon, we shall have only the Internet.
    2. Re:Power corrupts by Dunbal · · Score: 3, Insightful

      This would work great inside urban sprawl, but you'll still need the telcos for rural and inter-continental stuff and that's where they will bite you in the ass. Unless of course you make enough money to lay your own trans-ocean cables.

      --
      Seven puppies were harmed during the making of this post.
    3. Re:Power corrupts by Statecraftsman · · Score: 2, Interesting

      We shouldn't need to purchase spectrum. We should purchase some lobbyists and maybe start some kind of calling campaign so the next useful chunk of spectrum will not be sold to the highest bidder. Instead it should be reserved like a national park for the public good...except instead of allowing us to enjoy the outdoors take hikes, collect our thoughts, this resource will grease the wheels of business, society and innovation.

    4. Re:Power corrupts by wall0159 · · Score: 2, Insightful

      Uhh... It's our spectrum - all we need to do is not sell it...

      (privitisation is not always automatically a good thing)

  9. In other news.... by maillemaker · · Score: 3, Funny

    ...advertisements for KY Jelly skyrocket...

    --
    A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
  10. Mmm bad summary? by saikou · · Score: 5, Insightful

    When people say "Insert relevant ads" it usually means ISP hacked the page you got from remote server and inserted and ad that wasn't there, or replaced one on the page with something else. Bad thing. Here, they organize new ad platform. Any site that uses it will be showing something Phorm servs up, and it, in turn, will try to figure out what to show by using ALL of your surfing history, no matter what sites you visit. So, if you go to golf sites A, B, C (that serve ads via yahoo, for example), and then to Phorm-using site M that has articles on electronics, site M will show you golf ads, due to your click-stream.

    Of course advertisers will be disappointed to find out, that many people actually use one connection for a household. So, while from the point of view of ISP user clicked Cooking A, Cooking B, Valentine's day, Heavy metal band, Banking, Myspace ... in reality it's 2-3-4 individual users. And showing wife an ad for a new heavy album won't make CTR go through the roof. And teenager might actually barf at the sight of the cooking ads.

    p.s. ISPs sell the data anyways, not usre how this opt-out would work...

    --
    Hyperom.com
  11. it's actually very very illegal by QX-Mat · · Score: 2, Insightful

    Privacy, Art 8 and 10 aside, its actually very very illegal contractually. No doubt they will find a way of avoiding the contractual obligations through a shrink wrap, but there are issues here with the laws of confidence, the duty of care bestowed on the ISP etc. Not to mention cartel practice.

    No no no no. This is BAD captialism. Stop. Think. Or I will sue.

  12. I wish they'd stop calling it "serving ads" by Butisol · · Score: 2, Interesting

    When I think of getting served, my mind's eye conjures images of roast beef dinners and roving gangs of street dancers. "Serving you ads" makes it sound like they're providing a valuable service when in fact they are wasting our time.

    We need a more user-centric term that better describes the process of having ads jammed in our faces at every possible opportunity. "Buggering you ads" or something along those lines.

    Furthermore, the users pay for the ISP's infrastructure, right? Should the ISP be allowed to hijack that infrastructure for such self-serving ends? Will ad revenue lower subscription fees or pay for higher speed/quality bandwidth?

  13. I can has SSL? by fuzzyfuzzyfungus · · Score: 3, Informative

    Wow. It's almost like they want to see SSL used absolutely everywhere. Have they considered the fact that, once website operators feel the need to switch to HTTPS to keep other people's ads off of their pages, they won't even be able to sell clickstream data anymore? (Not that I mind, of course. I really hate to see ISPs doing things like this; but if it drives greater adoption of crypto, it isn't all bad.)

    In broader terms, though, this sort of thing is a (minor) example of what is really a huge problem. The internet is the biggest, newest, most disruptive medium in quite some time. But it flows over pipes largely controlled by people who would be much happier if it had never existed. That is a dangerous state of affairs. We need to exterminate the cable and telco guys, with their dreams of the old days when the endpoints were dumb and the network was all powerful, and get some new people who understand that internet access is a basic, cheap, boring commodity like cement or potatoes. It is occurrences like those above that make me seriously consider the idea of having municipal data pipes, just as we have municipal water pipes.

  14. I don't get it by Dunbal · · Score: 4, Insightful

    So how come it's not okay for the phone company to barge into a voice communication in the middle of a conversation I am having with someone in order to tell me of the sale at my local shopping mall and the low low prices on mattresses, but when it's DATA they feel they have the right to alter the communication between myself and the party I am communicating with?

    Plus are the websites going to be compensated for their loss? Because presumably if the visitor is reading a 3rd party ad instead of the ads on the website, the value of the ad space on said website is diminished.

    --
    Seven puppies were harmed during the making of this post.
  15. Disgusting by scoot80 · · Score: 2, Insightful

    These people should be castrated. ISPs should not be inserting ads in your webpages - we pay them for a service, one that has not been altered in any way. If we choose to go to a site with ads, or one without, it is up to us, but your own ISP inserting ads is taking it way too far.

  16. Uhhh. Have I got this right? by EddyPearson · · Score: 2, Interesting

    "...trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history."

    Am I to take it that this means Virgin Media will be injecting Ads into Slashdot (for instance)? Apart from the obvious privacy issues, unless their algorithm is extremely clever, surly this is going to break a lot of pages?

    I WILL switch ISPs if this happens, I don't like the privacy implications, and I don't like interference.

    I don't like the fact that ISP keep pushing the line further and further. First, its bandwidth monitoring, then its bandwidth throttling, then injected ads, then its censorship, and eventually we have a government approved white list. Then we'll wonder how it happened.

    --
    You feel sleepy. Close your eyes. The opinions stated above are yours. You cannot imagine why you ever felt otherwise.
    1. Re:Uhhh. Have I got this right? by OldBus · · Score: 2, Informative

      Am I to take it that this means Virgin Media will be injecting Ads into Slashdot (for instance)? Apart from the obvious privacy issues, unless their algorithm is extremely clever, surly this is going to break a lot of pages?
      No. What will happen is that Virgin Media will monitor your visit to Slashdot and include that in your profile. Any sites which sign up to serve Phorm adverts will be including adverts to you based on your profile.
  17. Wait a minute... by ricebowl · · Score: 3, Insightful

    UK ISPs To Start Tracking Your Surfing To Serve You Ads...

    I could've sworn we had a story recently in which ISPs were resistant to monitoring users; what happened..?

    Oh! That's right; they were resisting legislative impetus to monitor traffic, but now they have a financial impetus. Tch; if only the government had thought through the remuneration aspect...

  18. ISP's who do this by MeNeXT · · Score: 3, Insightful

    May open the door to being sued. When they choose what can come through then they will be under obligation to stop thing like child pron, XXX to minors, BiTorrent downloads...

    What gives them the right to choose?

    --
    DRM? No thanks, I'll just get it somewhere else...
  19. ...until now by phorm · · Score: 3, Insightful

    Methinks that if this becomes commonplace, then perhaps that little header bit might become a whole lot more popular.

    p.s. looks like those UK bastards stole my nick too...

  20. Adblock now easy by flyingfsck · · Score: 2, Insightful

    Cool, this can only make Adblocking easier since all ads will appear to come from the same place.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  21. European privacy protection at its best by nguy · · Score: 3, Interesting

    Not only does your ISP record your surfing data and keeps it around to give to the police, he sells it to other companies, too.

  22. Not quite! by johannesg · · Score: 2, Interesting

    Even if something is possible according to a protocol description, that still doesn't make it legal.

    A copyrighted work remains a copyrighted work, even if it is technically possible to violate that copyright (same as how a torrent of a new movie is not actually legal just because it is technically possible and in compliance with its own specification). Thus, an ISP still has no right to mangle those works for their own profit.

    Of course the answer is easy: use encrypted protocols, and nothing but encrypted protocols. It is utterly unclear to me why anyway would even need unencrypted protocols for *anything* you do online.

  23. Hmmm... by VoltageX · · Score: 2, Insightful

    Say I pay for a membership to a website specifically to remove ads, and then this ISP goes and inserts more ads, rendering my membership useless, what then?

    --
    "Anonymous could not immediately be reached for further comment." - International Business Times
  24. Phorm by Fluoxetine+Freak · · Score: 3, Informative
    From Phorm's website:

    "With OIX and Webwise, consumers are in control: they can switch relevance 'off' or 'on' at any time at Webwise.com. There's no small print and no catches: it's completely up to the consumer."

    In the comments on the Techdirt article somebody is saying that Phorm are the latest incarnation of 121media which made the contextplus rootkit. A quick search later and indeed they are the same company.

    Anybody got any more dirt on them?