May 2008

Bad Behavior

This month’s bad behavior pick is a subject that has been stirring up heated controversy about online advertising and privacy – Phorm. Keep reading for more information so you can weigh in on the debate.

Understanding the Threat
With the Phorm debate, we’re dealing with what many users and privacy advocates consider a privacy invasion – user behavior being monitored, by default, at the Internet service provider (ISP) level for marketing purposes.

What is Phorm? Phorm Inc., formerly known as 121Media, is an online marketing company that is trialing a new system in the United Kingdom to target relevant advertising at participating Internet users.

Participating UK ISPs, which currently include three of the UK’s largest providers – Virgin Media, BT and TalkTalk – are set to deploy this system at the ISP level. Therefore, if all goes as Phorm planned, anyone using these providers would be subject to this service unless they opt-out.

The Bad Behavior
Phorm targets its advertising based on your browsing history, which it gathers from your ISP. In other words, as a Virgin Media, BT or Talk Talk customer, your browsing history, by default, will be sent to Phorm in order to feed you targeted advertising. This differs from the way a program like Google’s advertising works, as its advertisements are based on the content of the page viewed; Google does not use browsing history unless users specifically opt-in. Phorm’s method of being opt-in by default is considered highly suspect.

As stated in our Lavasoft Research blog, in an in-depth post on this subject, “User behavior is being monitored and the quality and reliability of choices available to the user in opting-out is questionable. One could argue that people are being used as subject for cheap, real-time market research.”

What information is able to be seen? According to, a site dedicated to setting the facts on Phorm straight, “Phorm doesn't just see the URL of every page you visit, they see the entire content of every single web page…they can read your mail if you use most types of webmail, view all the posts you make or read on web forums, obtain the content of most webforms you complete, in fact just about anything you do on the web that is not encrypted can be hoovered up by Phorm.”

While Phorm maintains that its system’s privacy controls are sound, privacy advocates have protested this gathering of information, and critics maintain that the program violates data protection laws. As this controversy has heated up, the European Information Commissioner Office (ICO) has stepped in with a warning to Phorm. European data protection laws demand that users must choose to enroll in Phorm’s controversial proposed system, according to a recent BBC News article.

Winning Strategies
While the ICO is set to monitor the trials and rollout of the Phorm system, as a consumer, learn more and decide for yourself as the issue unfolds. Keep in mind, Lavasoft cannot do anything to detect Phorm’s products; this new system is set to be deployed at the ISP level.

If you do not want this service, it’s up to you to contact your ISP to make your voice heard. With that said, our Lavasoft Research team is keeping a close eye on how Phorm’s system evolves. Check the Lavasoft Research blog for updates on this and other privacy and security concerns.

Promo: Ad-Aware 2007 Plus and Pro (15% off discount) Buy Pro Learn More Buy Plus

$240 Million Amount of US dollars lost to web-based crime and fraud during 2007, as reported to the Internet Crime Complaint Center.
Source: 2007 Internet Crime Report

Identity theft is the fraudulent use of an individual’s personal information to steal money or get other benefits by pretending to be someone else.

It’s springtime and that means it’s the proverbial time to tackle the grime that’s built up in our homes over the past months – don’t leave out your PC! Get easy spring cleaning tips.

“I would like to thank you. I have been using Lavasoft’s Ad-Aware for several years…I have and continue to value your support in not allowing my machine to become a "zombie" that becomes a risk to other computer users within Australia and globally. Along with other security capabilities, it forms an integral part of my personal defenses.”
Harry in Adelaide, Australia

Lavasoft AB Lilla Bommen 1, 411 04 Gothenburg, Sweden | |