As Phorm Inc. built a system that watches consumers' Web surfing in order to deliver targeted advertising, CEO Kent Ertugrul believed the British company was doing everything possible to respect, and actually enhance, Internet privacy.
Phorm even won approval from a noted privacy activist. And in the meantime, NebuAd Inc., a company with a similar technology, started working in the U.S. without much furor.
Yet guess what greeted Phorm's emergence this year: A privacy outcry.
Blogs with names like BadPhorm and Dephormation sprung up to advocate boycotts of companies working with Phorm. Internet policy analysts argue that it violates British wiretap laws.
The opposition probably won't stop Phorm. British officials have affirmed its legality. But the underlying story is a cautionary tale. As marketers try to pinpoint Internet advertising more effectively, Phorm's experience indicates how deeply privacy perceptions matter.
Phorm and NebuAd have a high bar to acceptance, because their technologies sound intrusive.
Although these companies operate in slightly different ways, both work with Internet service providers to scan their customers' Web traffic. By analyzing the consumers' surfing patterns, Phorm and NebuAd determine which advertisements are likely to interest them.
So if you visit several sites with reviews and prices for Jaguar autos, NebuAd or Phorm can consider you a potential Jaguar buyer. Then sites that participate in the ad networks created by NebuAd or Phorm can be triggered to show you an ad for Jaguars or competing cars, while someone else sees a different ad.
Both companies say that while their Web detectors are attuned to whether someone is interested in, say, a Jaguar, they don't register visits to sites related to "sensitive" subjects like health or sex. They also don't read e-mails, banking sessions or postings on social networking sites.
Also, NebuAd and Phorm do not track consumers by name, but rather by long strings of digits that are considered impossible to reverse-engineer so as to determine their source. NebuAd generates its number by running a consumer's Internet Protocol address through a cryptographic system known as a one-way hash. Phorm uses another approach that creates a random string that changes from session to session.
Privacy advocates point out that with enough data, even anonymous profiles can be exposed as belonging to particular people. After all, there are only so many people who have plumbed the Web for information on cats, Chevrolets, porch swings, pool tables and trips to Zanzibar.
But Phorm doesn't let consumer fingerprints get that detailed. It will discard a marketing profile that isn't shared by at least 5,000 other people, Ertugrul said. NebuAd says it also has a cutoff but won't disclose it.
Phorm's protections pleased Simon Davies, founder of watchdog Privacy International. After Phorm hired Davies' consulting business, 80/20 Thinking Ltd., to review its practices, Davies pronounced the technology "privacy friendly."
In contrast, Davies noted, search engines retain detailed logs of their users' queries, often for years. "Google and other companies have deployed technologies far worse than anything Phorm could have ever dreamt up," he said.
One difference is that search engines provide a clear service, while the purported consumer benefits of personalized ad networks are hazier. NebuAd and Phorm argue that people are tired of being bombarded with irrelevant ads. The companies also contend more free content would flourish if better targeting made Web advertising more lucrative.
While Davies found Phorm's technology itself inoffensive, he said Internet service providers should clearly disclose the system to their customers and get their permission.
British regulators have reached a similar conclusion, clearing ISPs with 70 percent of the country's broadband market — British Telecom, Virgin Media and Carphone Warehouse — to soon deploy Phorm's technology. It remains to be seen whether excluding users unless they opt in will dramatically limit Phorm's reach.
Still, opponents vow to keep fighting. They question whether ISPs will adequately explain the service when seeking subscribers' consent. The critics also say that even with customers' agreement, Phorm could violate British surveillance laws because parties sending communications have to consent as well.
Meanwhile, NebuAd's system is already scanning the traffic of 10 percent of the United States' broadband subscribers. NebuAd won't list the ISPs it's working with, other than CenturyTel Inc., which serves 530,000 broadband subscribers. NebuAd's system runs unless subscribers specifically opt out, and it's unclear how the ISPs are informing customers it exists.
Why relatively little fuss about it?
Richard Clayton, a Phorm critic with the Foundation for Information Policy Research, detects cultural differences. "Americans are used to having their personal data bought and sold in a way that is entirely unlawful within Europe," he noted in an e-mail.
NebuAd has also kept quieter than Phorm, which is a publicly traded company.
Yet there's a bit more going on. In a now-abandoned incarnation, Phorm was 121 Media Inc., a provider of ad technology commonly derided as spyware. Also, British Telecom's initial trials with Phorm weren't disclosed to customers.
Deserved or not, those strikes against Phorm's reputation haven't helped a technology with a potential creepiness factor.
The hurdle was apparent when Davies' firm gave Phorm its first privacy assessment.
"There is a serious risk that the product will be perceived as invasive," the report said. "The fact of having one's Web activity analyzed will, in the minds of some, be an intrusive act, regardless of legal analysis."