Analytics & Digital Marketing Tips
As data collected through the web, mobile devices, and the Internet of Things (IoT) increases exponentially, managing and respecting data privacy is a serious concern for consumers and a challenge for organizations.
The good news, is technology currently exists that allows customers to control their online privacy settings.
Unfortunately, most consumers are unaware of this, and most companies do not respect those settings.
Consumers have an increasing desire to not be tracked or control what is tracked. Data privacy is a far-reaching issue and consumers do care, as:
For organizations, privacy is too often a low priority because there is not a perceived urgency or upside.
However, the risk of major damage is high and underestimated, as a single privacy issue will cause major brand damage and other potential legal ramifications. Organizations also underestimate the upside of increased user confidence as they recognize that you care about user privacy.
As we discuss how companies should improve their consumer data privacy efforts, let’s take a step back and look at how companies are tracking consumer information today. There are a variety of ways that companies collect data using 3rd party cookies, 1st party cookies, local storage, browser fingerprinting, and IP address.
You can test your own browser fingerprinting results here.
Companies track you in order to gain information that will help them increase revenue and profit.
Advertisers want to know more about you so they can increase the relevancy of their ads and reach more potential customers who look like you (and buy like you). They also want to know when not to show you ads and save money. So, next time you complain about seeing a display ad for that product you bought the day before, maybe they don’t have the data they need to stop from showing you that ad.
Analytics, user experience, and personalization teams want to collect data about you to understand what’s working well and what isn’t to make websites, apps and other interfaces easier to use. Ideally, they want to create an experience that is easy to use and personalized to your interests, which will make you want to share your data.
A plethora of information about you can be tracked including:
Want to know more about what advertisers know about you? Here are some sources:
There is an opportunity for companies to differentiate based on how they handle their customers’ data and privacy.
Companies who choose to take privacy seriously, and provide real value to their customers based on what they know about them, will rise above others who do not.
As a quick aside, many marketers worry that if they provide privacy features and opt-out options to customers they’ll lose data accuracy. This is a fallacy, as digital data is not meant to be 100% accurate and marketers should instead focus on trends and segments of data to identify opportunities for improvement.
Other areas of focus should include:
Let’s focus on the last bullet since that’s where companies tend to fall woefully short. Imagine if we lived in a world where your customer could have better control of their data privacy. There are a few specific ways to provide them with that control.
“The signal sent MUST reflect the user’s preference, not the choice of some vendor, institution, site or network-imposed mechanism outside the user’s control; this applies equally to both the general preference and exceptions.” -W3C Standards on DNT
There are issues with DNT though, including the fact that there is no legislation in the United States to enforce it and most advertisers do not honor the DNT setting. Overall, it has good intentions but accomplishes little.
Enablement of DNT is low, with 4% in the United States (Source), but among visitors to the Blast website in 2016 it was 18%.
An alternative technology is Opt-Out, which is available via plugins, browser settings, or website controls. When a customer explicitly opts out of technology it is expected to be honored 100%. Opt-Out can also be set at a granular level and tied to a single technology or specific website.
Opt-Out is robust, as it targets both 3rd-party advertising technology and web analytics tools.
The overall message is to be a better marketer by proactively increasing your customers’ access to their privacy options. Your users are real people like you and me who care about their privacy.
We suggest you do it before you get bad PR that is sure to damage your brand.
At Blast Analytics & Marketing, we recently went through this very process of increasing privacy controls for consumers for one of the most visited sites on the internet. Healthcare.gov, the flagship site of the Affordable Care Act, had previously received negative press in the area of consumer privacy and therefore made transparency and consumer options a high priority.
Although HealthCare.gov met the privacy standards, they wanted to provide their customers with an extra layer of security in addition to DNT.
This extra security would ensure that DNT tracking was honored, and offer their customers further peace of mind that their information was secure.
Theoretically, a third-party website could match up information unknowingly provided to them by a referring website with an already extensive amount of information they had collected about a user. This could result in a detailed profile of a user’s online reading habits, buying preferences, medical conditions, salary, etc.
HealthCare.gov wanted to ensure this did not happen to their users.
To meet security standards set by HealthCare.gov, we recommended the use of Tealium iQ tag management.
By migrating all site tags from Google Tag Manager (GTM) to the Tealium iQ tag management solution, HealthCare.gov could give users control over what tracking and data collection takes place during their visit. Leveraging Tealium iQ capabilities and a Tealium Privacy Extension option, a new Privacy Manager was built and implemented across both the English and Spanish sites.
When opted out of specific tracking categories, the Privacy Manager blocks third-party tools from ever loading (regardless of your cookie settings), preventing cookies, web beacons, and local storage objects from being placed on a user’s device.
This provides users with an additional layer of privacy, and HealthCare.gov retains a user’s desired settings for 3 years from the date of their most recent visit.
The Privacy Manager is also unique in that it provides users with the choice to opt-in or opt-out of entire classifications of tags, rather than individual tags.
The three classification categories of third-party tools used by HealthCare.gov that can now be managed by users are:
Furthermore, Tealium does not see, collect, or store a user’s data either. By building a set of instructions for the browser to execute, the management and routing of data is completed within the browser itself, rather than through the Tealium servers. User IDs stored in its cookies are different on each website, and they do not use any sort of browser fingerprinting or supercookies.
These safeguards make it virtually impossible for Tealium to track HealthCare.gov users.
Lastly, users who have turned on the DNT feature in their browser will have advertising-related tracking disabled by default.
Shortly after launching the new privacy opt out and DNT option, EFF, the previous news organization that wrote about the privacy concerns, had a follow up story with positive press about healthcare.gov’s 3rd party privacy practices.
This forward thinking approach to online consumer privacy protection was a first for any U.S. Federal Agency.
Blast helped Healthcare.gov evaluate technologies, select Tealium, create a strategy, and implement to deliver enhanced consumer privacy and choice.
Using the Tealium iQ Privacy features we helped Healthcare.gov:
We used the following features of Tealium iQ:
As a result of the data privacy efforts using Tealium technology, Centers for Medicare and Medicaid Services (CMS) was able to achieve the following:
Having achieved these consumer privacy objectives, there is always an opportunity for ongoing improvement. CMS and Blast continue to work together to educate internal stakeholders on the importance of data privacy and to ensure its place in the overall data governance efforts.
Read the full CMS Healthcare Data Privacy Case Study
Let’s keep the conversation going. Please share your questions or thoughts on Internet/Digital consumer data privacy.
Share this Post
Charles is the Vice President, Solutions and a Partner at Blast Analytics & Marketing. He is an entrepreneur at heart and thrives on working with clients to understand the most important details of their business. He is also a member of the Digital Analytics Association and serves on the Awards Gala Organizing Committee and as co-chair of the San Francisco Bay Area Chapter.
Add Charles to your circles on Google+ Charles Davis has written 12 posts on the Web Analytics Blog.
We're here to help with tips and insight on the following topics:
Optimize your website and marketing campaigns