I think it’s easy to get distracted by the rhetoric, opportunism and mis-information that accompanies a “hot button” issue like the release of The FTC Privacy Report. No sooner did the report hit the streets than the concept of “Do Not Track” became the big headline. That the FTC intended the report to be more of a brainstorming document than policy, with the final draft to be written after the public comment period ends was lost on many, as was their discussion about first party marketing, contextual advertising and “commonly accepted practices.” (See my 12/9/10 summary of the major points)
Knowing that the report was coming down the pike and pumped up by veiled threats of regulation by the FTC Chairman at the release of the report, it was only a matter of time for the Web browser triumvirate - Google, Mozilla, Microsoft – to show that they are good citizens and trot out their DNT solutions. Microsoft announced their DNT solution the day after the report was released. Google and Mozilla announced their solutions a few weeks ago.
As in many things having to do with the Internet, there’s a predilection to complicate rather than simplify, exaggerate rather than plainly-speak and obfuscate rather than be transparent…and the current solutions being offered by the Web browser triumvirate are no exception. Sure, the sole object of the exercise is not consumer choice; it is to balance choice with pacifying/mollifying/currying favor with the FTC and providing advertisers with the data and technical framework they need to make Internet advertising a high value marketing channel.
So, with all of this as a back drop, my colleague, Breen Baker, and I decided to take a closer look at these options from both the perspective of consumer privacy and web analytics:
1. Mozilla (Firefox)
Privacy Grade: D
This solution offers a persistent, flexible approach, but is years away from becoming useful. As it currently is designed the way this works from a user perspective is very similar to how you’d currently opt out. It is more persistent than cookie solutions because it provides for permanent storage of the user preferences. The down side is that the details of transferring user preferences and configuring systems to respond are not nearly close to being worked out.
Analytics Grade: B
We think it will be too much effort for most users to go through the trouble of dealing with their opt-out preferences; just as it is now. If users don’t do anything they will be considered opt-in.
2. Google (Chrome)
Google has proposed a new extension to its browser called ‘Keep My Opt-Outs’ which uses a blacklist for online advertisers and direct marketers. The extension provides users with the ability to opt out of being tracked by anyone on their list, which is currently focused on US based online ad companies (Google plans on including the same functionality for European and international companies soon). As it is currently, all you can do is opt-out of all the companies that are a part of the list; it is an all or nothing option. Interesting to us because this is similar tactic on how users may also opt-out of being tracked by Google Analytics, an option I reviewed when it was released in June, 2010. The upside to this new extension is that the setting will persist through multiple browser sessions; the downside is that there is no middle ground. Users will not have the ability to allow certain online advertisers while blocking the rest (although they state that level of granularity will come soon). Additionally, maintenance of this list would be in the hands of Google or some other regulatory or industry group. The conflict of interest opportunities and regulatory challenges that come out of this arrangement will fund a new fleet of yachts purchased by the Washington lawyers and lobbyists feasting on this deal.
Privacy Grade: D
The solution itself is persistent, but is currently incomplete and inflexible. Future enhancements however look promising. Additionally, users will have to seek out the feature and then download a plug in…something that most visitors probably won’t know how to or be comfortable doing. Additionally, you can bet that there will be an increasing number of extensions available with DNT capabilities (there are already a few), further confusing site users and leading many to not bother using these settings at all.
Analytics Grade: B
Like the Mozilla option, the level of effort to set the plug in is likely more than most users want to do. In its current form, this should have little impact on Web analytics.
3. Microsoft (Internet Explorer)
Microsoft’s method of dealing with this issue is more flexible, or more confusing than its competitors from a consumer perspective. Microsoft’s intends IE9 to include both an ‘Opt-In’ option for users as well as a set of opt-out lists in its Tracking Protection feature. It is somewhat similar to the Google Chrome solution, but for one significant difference, you can de-select marketing organizations whose advertising you’d like to see. Where the concept starts to fray from our perspective is in the development of these lists. Anyone can develop a list and provide it for others to use. Envision hundreds of lists that one can choose from. We envision a nice little cottage industry of list consultants who tailor one just for your needs or someone who can vet lists and make recommendations.
Privacy Grade: C-
Sounds good on paper, but the use of the solution by many could be a stretch. If it does catch on, this would create the greatest level of privacy and user control of the three browsers and would also enable the user to see the benefit of being tracked by entering into an agreement with the site itself. The upside to this is that marketing is more targeted and efficient, sending offers only to prospects with a high conversion rate.
Analytics Grade: B-
Like the Mozilla and Chrome options, the level of effort to set list options could be too many and too confusing with only savvy users spending the time to opt-in or out, thereby having little influence on data collection
What We Have Here, Is a Failure to Communicate
In our opinion, none of these solutions provide the “Do Not Track” functionality Holy Grail. What we see so far are companies who are trying to solve the problem with imperfect technology rather than consider a communications, design and user interface strategy that might have greater odds for success at a much lower cost and overall market impact.
For example, in Firefox why not simply add a label to the browser header called “Privacy” and have that go to the Privacy settings that are hidden in the Tools tab? Or in IE, call it “Privacy” instead of “Safety”? Or follow the paradigm of ‘Permission Marketing’, the default would keep the users data private, only exposing it after the user expressly allows it.
It seems to us that these web browser solutions fly in the face of one of the major points of the FTC Privacy Report, “Commission staff proposes that companies provide choices to consumers about their data practices in a simpler, more streamlined way than has been used in the past.”
Is It the Beginning of the End of Web Analytics as We Know It?
Maybe, if these solutions mature and become viable. However, as we’ve pointed out in our assessment, the current convoluted nature of this current crop will likely be too much work for most consumers.
For the sake of discussion, what if these solutions do become easier to use, and functionally effective? For the practice of Web Analytics, this is just another day on the job. Let’s face it; the pursuit of complete data collection has always been quixotic. Outside of ensuring that your data is being collected, there are too many factors beyond your control…proxies, bots, spiders, reliance on third party vendors to tag their sites, use of spyware, constant purging of cookies, low rates of site registration vs. anonymous visitors, and so on.
Will more folks opt out of tracking? Perhaps, but by how much? Will it really have such a huge impact? Hard to say. And ultimately, what tracking will an opt-out option target? It seems clear by the FTC language that the target is online advertisers, not websites themselves. Of course, it seems possible that browser based solutions may end up making first party marketing collateral damage.
That being said, it seems to us that the lesson here is to innovate rather than run for the exits. Our current way of thinking about how to use web analytics insights is perhaps in need of re-evaluation. Instead of bemoaning less data, what about thinking about how to do a better job of complementing web analytics data with other data sets, then test, evaluate and make decisions?
Providing more opt-out options for users increases the chances that you’ll collect less information, but isn’t it possible that these were the people who weren’t highly qualified visitors anyway? Of course, creating more convoluted ways to enable opt-out or control is also going to confuse site visitors more thoroughly than before. Now, in addition to legalese strewn privacy policies, site visitors will have a myriad number of ways to define opt out…not only from their browsers, but from ad networks, as is already the case on Yahoo Ad Networks and in line with efforts by associations such as the Digital Advertising Alliance.
Perhaps this self selection actually helps you qualify valuable visitors. And, if this is the case, then instead of spending so much time on trying to figure out what the anonymous visitors do, you focus on what the qualified visitors are doing, and in turn, what caused them to become registered. Maybe you need to offer more and better incentives to register. People will give you their information if you give them something in return. Nothing new about this, but all opt in does is force you to come up with innovative ideas to capture data.