My Photo

Your email address:

Powered by FeedBlitz

Add to Social Networks, Blog, Bookmark

AddThis Social Bookmark Button

« The FTC Privacy Report - A Web Analytics Perspective | Main | Is Omniture Stepping into a Privacy Morass with Demdex Acquisition? »

February 06, 2011



Thank you Phil. Another very informative and comprehensive article!

Regarding your thoughts on "Is It the Beginning of the End of Web Analytics as We Know It?" please check this discussion here as well:

Brian Clifton

Nice article Phil (as always!). Here's my take...

I was disappointed with the FTC Privacy report for only tackling the issue of PII. To my knowledge, all developed countries have good data protection laws on this already. Essentially, this means, you can only store PII data with the explicit person's permission, and you must reveal this to the person concerned should they request it. See for example the UK Data Protection Act (

What I was hoping for from the FTC, was a position on non-PII data collection. That is, collecting data that does not DIRECTLY identify the individual. I emphasise directly, because with so many data points available from an anonymous user, it is possible for an organisation to triangulate non-PII data and build up a pretty sophisticated profile of the person - ultimately identifying them.

A classic case of this happening was the AOL data scandal of 2006:

I think (hope!) web users are pretty savvy when it comes to sharing their PII data on the web - in the same way you wouldn't share your PII with a stranger in the street.

IMO tracking individuals as "individuals" on the web (as opposed to in aggregate), even when anonymous, poses a greater privacy threat.

That may sound strange coming from an advocate of web analytics such as myself. However, if we as an industry do not sort this issue out, there is a real danger that web analytics as we know it today will disappear completely.

Brian Clifton
Author, Advanced Web Metrics with Google Analytics
Former Head of Web Analytics, Google EMEA

Meg Gordon

This article did a really nice job of framing this issue in real concrete terms. Thanks.

Michael Dickey

Most of the attention now appears to be centered on the (third-party) advertising industry, and most particularly on behavioral targeting. Even Mozilla in their FAQ ( says that their new header is meant to "...allow the user to let a website know when they would like to opt-out of third-party tracking for behavioral advertising..."

How much of an impact all this will have on web analytics is yet to be seen, but I'm a big believer that the industry should adopt standard policies (such as the WAA Code of Ethics) and also advocate to distinguish itself from advertising to diminish the risk of becoming collateral damage. For example, it would be a big mistake for browsers to treat a SiteCatalyst tag the same as a advertising tag because for most people counting their session in an aggregate report is quite different from linking it with PII or historical activity across many different websites.

Personally, I believe that Mozilla's DNT solution is the best because neither Chrome's extension nor IE9's new features address the problem of keeping up-to-date with a comprehensive list of advertisers. The latter two are just too cumbersome, while the Mozilla approach is simple and elegant while allowing for future flexibility. Although it requires compliance, I believe that all the major networks are honest and would adhere to it and you'd ultimately end up with more universal compliance than any list-based approach could offer.

The comments to this entry are closed.