Earlier this week it was announced that several of the UKs major ISPs, including BT, had signed a new deal with Phorm (
news), an advertising technology company. The deal involved customers anonymous browsing data (visited websites) being passed on to Phorm to help develop targeted advertising campaigns.
Customers naturally began raising concerns about the agreement, which have been broadly ignored.
TheRegister has since revealed that one provider, BT, may have been passing customer data onto Phorm, albeit under another name, since as far back as last summer without users knowledge. To make matters worse, they denied it, and at one point even blamed the unusual tracking on malware:
Worried that his business' financial data might be being monitored, Stephen continued to investigate. A Whois search for
dns.sysip.net revealed the domain was registered by Ahmet Can, an employee of a new online advertising company called 121Media. The address is now registered through a third party private domaining agency. 121Media rebranded itself as - you guessed it - Phorm in May 2007.
BT support stuck firmly to the line that the dns.sysip.net lookups were nothing to do with it, despite further tests Stephen had carried out with a brand new computer. The firm's response, via emails, was: "
sysip.net is a DNS hijacker, similar to a malware therefore your anti virus scan would not have picked this up." After many calls and emails, finally it conceded "
an issue which affected some users that week".
That was when
The Register got involved. We contacted the BT press office in July last year, and were issued with a firm denial that its DNS servers were compromised. Likewise BT had no involvement with 121Media/Phorm, we were assured. The trail went cold.
The curious explanations and activity of last summer have understandably raised further concerns about Phorms relationship with ISPs. BT is currently investigating the report while Phorm itself was not available for comment.