Simon, another thought. Profiling is needed for better-targeted and more relevant content. I can accept that argument. Data in profiles needs to be secure and protected, and I accept your expertise in advising companies in how best to achieve this.
Why not work with browser manufacturers to implement a unique browser ID function (that can be turned off and on) or talk about allowing true global cookies (with the user’s permission) to operate across all domains?
Profiling can then be achieved by paying website owners to insert a simple script that classifies the content being visited and reports this alongside the unique ID back to the profiler, and webmasters get paid a small sum per report.
The problem of course being that browser manufacturers, the W3C etc have all resisted any calls on the grounds of privacy.
So instead the net effect is that Phorm will still provide the unique ID, which can be
solicited anyway, and on top of that introduce unknown performance and security risks by installing kit in to the ISP.
I can see the logic, that by limiting the players to those who can get kit into ISPs allows the privacy impact to be manageable, but this assumes a flawless implementation, not one that leaks UIDs.