Well, I'm Chris Cheale, a 31 year old graphic designer come web-developer ... something of an oddity really since I'm as "at home" delving into the PHP/AJaX/DHTML that's running this site as I am mooching about in InDesign, Illustrator or Photoshop creating designs either for print or for the web.
Or I could bore you to tears explaining why 96dpi RGB images are utterly useless when it comes to designing for print, or how to convert spot colours to process (and why) and how, actually, Pantone colour charts really are quite useful... but I'll spare you that, for now anyway.
What else? Well I live in Wolverhampton (UK) with my partner of (more than) 10 years, work for a company called CJ WildBird Foods just outside Shrewsbury, don't own a dog nor do we have 2.2 children (or even 1.0 for that matter) and I've just replaced my slightly beaten up 1.7 Vauxhall Corsa diesel - some muppet crashed into the back of us on the A1 over Chrimbo, buckled up the footplate at the back - with a newer shinier model - nothing much else to say really.
Oh, unless you happen to have been taught by one of my parents, both of whom were teachers; one in Chatteris the other at Peterborough Tech. My dad was an art teacher and my mum computing - I seem to have fallen right in the middle somehow.
Or you may have run into my brother; goes by the net handle Say_Ten, now works for McCann Erikson - and he's just become a daddy, so congrats to him and Sarah.
Aside: this site has nothing to do with a German death metal band of the same name - I think I owned this domain before they even formed - I'll see if they're any good one day; can't beat a bit of teutonic metal when you're in an angsty kind of mood.
If you've been living in a cave for the last year, you may not have heard about Phorm. Basically it's a system that ISPs can implement whereby they route every web-page you visit (http:80 traffic only... probably) through the Phorm analytics server.
That server then examines the content and creates a profile of your browsing habits. They then use this profile to create targeting for their advert server. In theory this means you get more "relevant" adverts served up to you (from sites hosting their ads), which should give a better click rate. This means the ads are worth more and the ISPs get a back-hander from Phorm for profiling their customers... everybody wins.
Except they don't. There are issues... and these are:
- RIPA legislation: the Regulation of Investigatory Powers Act is about codifying surveillance measures to ensure that they are warranted and reasonable. This means any organisation can only "spy" on someone if they have reasonable cause to believe that person is committing, or intends to commit, a criminal offence. They cannot arbitrarily profile your browsing habits without your explicit prior consent; the Phorm system, as it stands, is no more legal than tapping a phone-line without judicial process.
- Copyright infringement: to profile a web-page Phorm must make a copy of it (this is beyond the scope of simple browser caching) and as such should require the explicit consent from the owner of every web-page visited by a Phorm profiled victim customer. Otherwise they're making an unauthorised copy of other people's intellectual property... even the Google news service fell foul of this (in Belgium of all places). Search engines generally avoid this problem by only indexing sites that have opted-in to their database (and a robots.txt file can provide rules on how sites are searched). Web-masters give consent for the site to be copied for indexing in return for the traffic it results in (in theory).
- Privacy invasion: it is claimed that your profile is anonymised as it's only identified by a tracking cookie. However they'll have more than enough data, in many cases, to identify the user. Many people search on their own names, or those of family members or put their own postcodes into Google maps (or similar). Get enough of that data and you could easily figure out who the "anonymous" profile belongs to and where they live. Better yet, anyone who logs into a geneaology site, such as ancestry.co.uk could unwittingly be providing Phorm with their whole family tree, including their mother's maiden name. AOL made this anonymous user mistake when they publicly posted user searches, there was enough information to potentially identify at least some of the users from their search queries. Phorm will have a lot more data to work with. They'll have every public web page you visit plus everything you see on the non-public internet; that's everything in (non-encrypted) password protected areas such as all your emails (if you use web-mail) or your Facebook.
- Inability to opt out: opting out of the Phorm system (in it's current format) won't actually opt you out, it merely places a cookie on your machine that says "don't use this data" it still sends all the data to Phorm though. Also, it has still not been adaquetly explained what happens if, like me, your browser is set to delete all cookies on shut-down. Does the deletion of that cookie mean you're suddenly opted back in?
- Lack of information: because all web traffic would be routed through a Phorm proxy, does the request originate on your PC, get sent to you (by your ISP), intercepted and sent to Phorm, analysed and then sent back to you again? If that's the case and you download a 100meg movie trailer over http will you be actually be transferring 200megs worth of data? Will this affect your download limits? Does the Phorm system intercept non-standard ports such as those used for gaming? If so, will this massively increase the latency? Who is the Data Controller (required by the Data Protection Act) at Phorm? There are just too many unanswered questions.
- This is more of a footnote, an interesting aside if you will. Phorm used to be 121Media and they created a piece of software called "PeopleOnPage" - it basically does much the same as what they're trying to do now, profiling for adverts. The only real difference was that PeopleOnPage installed on your machine rather than at the ISP. Many virus-checking companies labelled that software as intrusive adware (read spyware) and added it to their malware databases. Virus checkers removed it. One of the worst parts with the new system is the fact that it's just as bad but there's nothing you can do to avoid it short of changing to another ISP that isn't in bed with Phorm.
So, which ISPs are implementing this (probably) illegal, intrusive software? At the moment, none; although BT did run a technology trial of it in 2007 without informing their customers... this was totally illegal*.
The worry is that BT, Virgin Media and Carphone Warehouse have all been in talks with Phorm about implementing it; thankfully after the shitstorm that's been raging in the tech quarters about it, these ISPs are beginning to distance themselves from Phorm...
That being the case; why am I writing this? Well this is my de-Phorm-ation notice.
I am hereby explicitly withholding permission, from Phorm, the right to copy, in whole or in part, any of the data on this site for any purpose including user profiling. If I discover that any of the data on this site has been copied, by Phorm, in any way or for any purpose (including merely holding the data long enough to read the opt-out cookie), I may have to seek legal recourse.
Basically, on top of everything else, I don't see why the phuckers should profit from the hard work of other people by stealing their intellectual property for their own marketing machinations... bastards.
*totally illegal... yes, although no-one seems to be going to jail over it, or even losing their jobs. The interesting thing about the RIPA legislation is that breaking it is actually a criminal offence; ergo, doing so should result in a criminal sentence.
As a slight aside about RIPA - Poole borough council used RIPA legislation to spy on a family who may have been lying about living in the catchment area of a certain school. They were working within the Directed Surveillance part of the legislation. This is, and I quote:
Directed surveillance is a type of covert surveillance where police, intelligence agencies and other public authorities follow an individual in public and record their movements.
Directed surveillance can be lawfully undertaken to obtain private information about a person if public authorities reasonably suspect that a person has committed, or intends to commit, a crime.
The question is... even had they been lying about living in the catchment area (which they weren't, lying that is), would it have been a crime? An actual criminal (or possibly civil) offence? If not, then the person who ordered the surveillance definitely did commit a criminal offence, namely a breach of RIPA legislation and they should be doing jail time about now. Funny old world, ain't it?