Saturday 6 February 2010

It’s not another Phorm ... so you might like it ...

Off a few evenings ago to the BFI London IMAX cinema for the commercial launch of a new service which is to be made available to people in the advertising community who want to know whether many people have accessed particular websites from mobile devices.

I like IMAX cinemas and make a point of visiting them whenever I'm in a city that has one. Whenever you get the chance, just get yourself over to Waterloo, book one of the 500 seats and marvel at the spectacle. Watching a film at the BFI's IMAX is completely immersive. The screen is more than 20 metres high (that's nearly the height of five double-decker buses!) and 26 metres wide. With 11,600-watts of digital surround-sound and the most sophisticated motion-picture projection system in the world, you will literally feel like you are 'in the picture'. I was last there for a 3D IMAX screening of Avatar a week or so ago, and can’t wait to get back for the next blockbuster. Once you’ve had that experience once or twice, you do get a craving for more.

Anyway, back to the point. A significant challenge in the development of the new mobile measurement service was that of creating a way of giving media owners the opportunity to allow an independent auditing organisation to audit the popularity of particular websites, but in a way that did not compromise the privacy of the people who visited those websites.

The main British mobile network operators, with the guidance of their trade body the GSM Association, played a critical role in designing this service – and after a great deal of careful thought and close liaison with almost everyone you can think of (including the bods at the European Commission), a cunning plan was hatched which ought to work. The media owners will be able to access reports which show how popular various websites are at different times of the day, while the mobile operators will still not be able to know which of their customers visited these various websites at particular times of the day. The trick has involved a special way of irreversibly anonymising mobile phone numbers so that, once you have the final hashed number, you can’t reverse the process and identify the original user. It’s about as privacy friendly as you can get. Especially once you’ve applied other smart rules requiring raw data logs to be deleted quickly, and other rules making it impossible to create reports about small numbers of visitors to particular websites. The service is really designed to generate reports on the most popular websites – as it’s those that advertisers are likely to wish to buy advertising space on. No-one wants their advertising budgets to be wasted by buying space on websites that their potential customers will hardly ever visit.

No doubt the media planners will find it a useful tool as they work out where to allocate their media spend – should it be on television adverts, the traditional press, or internet sites that will be accessed by people from both laptops and mobile devices? And how long do people spend on particular websites, and at what times of the day are the popular websites most popular? If it’s these questions that are being asked, then the service should be capable of providing the answers.

The first published set of statistics (gathered in December 2009 from the mobile phone companies that were the first to participate in the initiative, rather than all the UK operators) revealed that social networking site Facebook dominated mobile internet traffic. It accounted for nearly half of all the time people in the UK spent going online using their handsets. Around 16 million people in the UK accessed the Internet via mobile that month, viewing nearly 7 billion pages of online content.

But, and this is a big but, if a media auditor wants to know exactly what I did when I went on-line, then he’ll be disappointed. He won’t find out – at least not until I give him permission to convert my phone number into the special hashed value. And even when he has my permission, he’ll then have to contact a number of people who each played a separate role in creating the hashing algorithms. These numbers weren’t anonymised just the once. Oh no. You need to unlock the box a couple of times, so to speak. The security measures were good enough for the bods at the European Commission, so they ought to offer a meaningful level of protection for someone like me.

What I am now keen to understand is just how many people might view their “privacy” as a tradable commodity, and “sell” their privacy to an auditor to allow their on-line behaviour to be tracked. We’ve all read stories about how willing people are to share their account passwords, etc, with apparent strangers for a small sum of money. Let’s examine the extent to which people actually value their on-line privacy, by giving them the opportunity to allow their actual behaviour to be tracked for a few pounds – or even just a few pence.

What price privacy? Let’s wait and see.