DIAGRAM KEY
Rules Engine
- Only HTTP traffic is processed within the Rules Engine and thereafter in the rest of the system.
- The Rules Engine looks to see if the user's browser already has a Webwise cookie
- If an Opt-Out Webwise cookie is present, the user's request immediately passes through to the Internet
- If an Opt-In cookie is present, the user's request is passed via the Data Mirror to the Internet
- If no cookie is present, and the user has set their browser to block cookies from the Webwise.net domain, the request is passed through to the Internet
- If no cookie is present, and cookies are not blocked for Webwise, the user is passed to the Customer Choice Module
Customer Choice Module
- The Customer Choice Module presents a web page to the user giving them the option to participate in the trial (opt-in) or not participate in the trial (opt-out)
- If the customer chooses to opt-in, a User ID (UID) cookie containing a random number is placed in the user's browser. The user's request is then sent back to the Rules Engine.
- If the customer chooses to opt-out, the UID cookie is set to the opted-out value and the user's request is sent back to the Rules Engine
Data Mirror
- The data mirror makes a copy of the user's request as it passes through to the Internet. This copy is forwarded to the Profiler and Anonymizer.
- Only opted-in traffic is mirrored
Profiler & Anonymizer
- The Profiler & Anonymizer cleans personally identifiable information from the data and then generates a summary of the remaining data to be passed to the Channel Server
- To
clean the data, the following are removed:
- IP address
- Form fields
- Email addresses
- Numbers
- The
summarised, non-personally-identifiable data passed to the Channel Server
consists of the following:
- UID
- Requested URL
- Search terms (if the requested page is a major search engine)
- The top 10 repeated keywords from the page content
- All other data is deleted and is not stored to disk during the process.
Advertising Channel Database
- This stores the templates for advertising product categories, called Channels.
- Channel definitions are regulated and must not contain triggers in sensitive subject areas such as Pornography, Gambling, Tobacco
Channel Server
- The Channel Server receives the summarised and anonymized data from the Profiler & Anonymizer, analyses it for matches against the available advertising channels and stores a record of any successful matches.
- The data received from the Profiler & Anonymizer is deleted immediately after the matching process.
- Where a successful match is made, the only data stored is the UID, the channel matched and a timestamp
- Each individual channel match is deleted when it becomes older than the matching period set for each advertising channel. The maximum allowed matching period is 6 months.
Other notes
- All equipment is owned by BT and located within BT data centres.
- BT has operational control of the Profiler and Anonymizer, and Phorm has no operational access to these systems
- Phorm have no access to other BT-managed systems
- BT's Operational Support personnel have full access to Phorm-managed systems via Firewall rules to enable operational monitoring
- All
operational application flows are initiated by BT-managed systems