"We believe that the Phorm cookies should ... be handled no less favorably than those of existing ad-serving systems such as DoubleClick and Atlas," Phorm's Graham Mosley, vice president, business development, wrote in a memo sent to leading security vendors.
Phorm spokesperson Radha Burgess said the company had reached out to a number of anti-spyware companies in hopes of convincing them to treat Phorm's cookie similar to those of its rivals. "It is important for us to have our software evaluated by these companies, so we have initiated dialogue with them," she said. "It is our belief that our cookies should be treated like other ad-serving cookies."
Many companies that offer anti-spyware software identify ad-serving cookies and give people an option to delete them. At Sunbelt software, one of the companies that received a message from Phorm, Director of Malware Research Eric Howes said the company would treat Phorm cookies the same as others--that is, that the company would detect them and present them to users in scan results so that users can decide whether to remove them.
Phorm segments Web users into marketing buckets based on clickstream data from Internet service providers, and then encodes that information on cookies it places on people's computers. The company also allows people to opt-out of its targeting program, and that information also is stored on cookies on users' computers.
The ad company has alarmed some privacy advocates who argue that clickstream data collected by Internet service providers is potentially far more intrusive than other forms of behavioral targeting, because Internet service providers can capture every site Web users visit and every search query they make. More conventional behavioral targeting companies focus on visits made to sites within their networks.
Phorm is poised to launch a test of its behavioral targeting technology in the U.K. So far, the company has deals with three U.K. Internet service providers--BT, Virgin and Carphone Warehouse.
In the U.K, the nonprofit think tank Foundation for Information Policy Research has said that Phorm should obtain users' consent before deploying its "highly intrusive" data collection methods.