Privacy, Web Analytics, Google and Ketchup

Following a recent period of renewed media debate about the legality of tracking website visitors with Google Analytics, Sara Andersson, founder of Search Integration AB and the blog No Ketchup, interviewed me about my opinions…

You can also read the original interview in Swedish.

1. You have worked inside the Google as the Head of Web Analytics EMEA, written books about Google Analytics and worked with the product since it was established. Can you give me your thoughts on how Google look at this product and how they handle data internally?

It was fascinating for me to see the other side of the fence when I joined Google. Prior to working in the field of web measurement, I came from a web development and SEO background, so I must admit to being quite nosey when I joined the company in 2005. Essentially, there were two key reasons for me taking the role:

Google’s clear desire to drive the product forward. By that I mean the acquisition of Urchin was just the beginning of driving the web measurement industry forward (unlike so many acquisitions that fade away following the initial bubble)
Google’s commitment to the end-user. Be it the user experience, priority, new features, or privacy. The advertiser, although very valuable and well looked after in their own right, actually comes after these.

I see no change in Google’s values today.

Google, like any organisation, uses data to understand its business – its products, its users and its customers. It collects data from all its products. As you might expect with Google, that happens at a very, very large scale. So large that you can think of a individual user as a grain of salt dissolved in the ocean. My point is that individuals are such a minutely small “data point” that it is irrelevant to the organisation. Google is interested in trends i.e. the next big thing. When you service hundreds of millions of users every day, focusing on individuals simply does not makes sense.

Also consider that although very popular, Google’s business model is built entirely on trust. Users of Google search, AdWords, Analytics, or any other product do not sign a binding contract. Users are free to go elsewhere at anytime – as you know, that is very easy to do in a digital world. Hence, form the very beginning Google has taken privacy seriously from an end-users point of view. In my experience that is unique – usually an organisation considers privacy issues form their own point of view.

2. The latest discussions on Google Analytics being illegal and the fact that they propose that people should not use GA on their sites, what is your reaction to this? Are the concerns legitimate at ALL?

To be frank, most of the mass media journalism I have seen on this subject has been very poor. It is disappointing because there are legitimate discussions to be had about online privacy. However what I have seen in Sweden (Expressen, Dagen Nyheter) and in Norway (Digi i Norway) is superficial and alarmist.

In short, there is nothing illegal about tracking a visitor to your website anonymously and in aggregate. Both these terms are important, because it is entirely possible for users to configure GA differently.

Here’s my privacy analogy:

A parent standing on a street corner counts the number of cars that drive pass a school gate. They are interested in safety and traffic flow. Hence they count the number of cars passing per minute, note their type e.g. car, SUV, buss, lorry etc., take a note of their speed and any other factors, such as weather and amount of day-light. All users of this particular section of road are effected by such data – the local commune, parents, children, teachers, commuters, shops and business, and delivery companies.

The observer has a legitimate reason to observe and measure traffic conditions and there are no privacy issues with this. No personal identifiable information (PII) is collected and traffic is reported in aggregate. That is, individuals are not tracked. This is how Google Analytics works.

Of course, you can modify my above analogy to make it very scary – and illegal. For example, the observer writes down license plates, takes photographs or videos drivers, stops drivers to ask for their name and address, and then follows them around to find out were else they drive to. In the online world there are tools that do this, but Google Analytics (as it stands now) is not one of them.

3. The latest EU privacy law is trying to stop people from tracking individual information. What is your thoughts on this in relation to Google Analytics as a product?

The EU privacy law covers the scary scenario I describe above. It was introduced in May 2011 across all 27 member states is now quite clear about this. Essentially, it makes is illegal to collect PII without explicit consent. In other words you have to get permission from the visitor first. In addition:

Site owners must have a best practice privacy policy in place describing what tracking is taking place and this must be easily accessible – read my explanation and anatomy of a privacy policy in detail.
If you are tracking anything more than anonymous AND aggregate visitor information, you will also need explicit consent form your visitors.

If all you are using Google Analytics in a benign way, then I say you do not need explicit consent from your visitors as nothing that Google Analytics does is illegal.

The BIG caveat is 3rd party add-ons…

As a website owner you must understand what tracking technologies are deployed on your website(s). It is unlikely that Google Analytics is the only tracking instrument you have. “Add-on” products such as DoubleClick, Adsense, Disqus, YouTube, ShareThis, LivePerson Chat and social plugin buttons (Tweet me, Follow me, Facebook Like, Google Plus, LinkedIn etc.), all set 3rd-party cookies that track individuals. That is, individual browser behaviour is being tracked around the web. If you deploy these you need explicit consent from the visitor.

The bottom line is that you must audit your website to understand the privacy implications to your visitors. I discuss this more in my article: Google Analytics and the new EU privacy law #3.

4. Why does Google Analytics get all the focus in the debate about privacy? Are there other services and tools that in your opinion, website owners should be aware of when it comes to tracking sensitive data?

I guess it makes sense that the market leader gets the most scrutiny. It is estimated that more than half of the web and 45% of Fortune 500 company use Google Analytics. I don’t think G are concerned about the attention itself. Privacy considerations are a big part of all product development – from the ground up. Google may not always get it right, but from my experience the product teams do think long and hard about privacy issues so they are well prepared for this type of scrutiny.

However, focusing only on GA does distract the debate from the other key privacy concerns that I mention in my answer to Q2. That is, the plethora of 3rd-party tools, scripts and plugins that track individuals as they move around the web. That to me is scary stuff. And it gets very personal (and more scary!) when a visitor uses their mobile phone to browse the web.

Remember that Google Analytics only tracks anonymous and aggregated traffic to a specific website for the benefit of the website owner. That information is not passed around the web. Once a visitor leaves a site, the GA tracking on that site ends. Even if the visitor goes on to another website that uses GA.

5. What can website owners do in order to clarify to their visitors how they handle data?

First understand the law in this area – its not too scary, in fact it very much revolves around common sense and best practice, such as transparency and accountability. Take a look at my recent post summarising this: Google Analytics and the new EU privacy law #3. Then audit your website for tracking beacons [ update May 2022 – verified-data.com can do this for you ] . Understand what data your website is collecting and minimise the privacy implications by reducing tracking beacons to the minimum.

If you are collecting Personally Identifiable Information (PII), then stop doing this! I see very little value in tracking specific individuals on the web. Consider the following:

Knowing an existing customer is on your website, and
came to your site originally via a Google search but since via clicking on one of your marketing emails, and
spends most of their time looking at products XYZ on your site, and
has downloaded your special offers PDF, and
has subscribed to your monthly newsletter

The above list contains very valuable information to your business and marketing team. None of that information requires PII. It can also be reported in aggregate i.e. not specific to an individual.

Of course, once a visitor transacts or signs-up with you, they give you their PII. No problem with that, just pass the information into your back-end system along with the above Google Analytics information. That is a transparent to the visitor. However do not pass PII back into Google Analytics as that breaks the Terms of Service.

6. Beyond looking at the concerns of website owners, what should the privacy debate be about?

For me, the important debate is “who is monitoring the monitors?”

The add-ons mentioned in Q3 already have the ability to track visitors around the web. I emphasise ‘around the web’ deliberately as this is joining the dots of individual visitor behaviour. That is, tracking the fact that I visit unrelated websites and what I do on them. This is possible because of the ubiquitous nature of these plugins. Although I find their tracking scary, you can remove their tracking abilities by rejecting 3rd-party cookies. In fact I recommend all users do this by default in their browsers, though the plugin may stop working. Also, it is very easy to remove such plugins by website owners.

However, think of the companies that control the “Internet window” that we all access – Google, Firefox, Microsoft, Apple, Yahoo, Twitter, Facebook (and other emerging companies e.g. Samsung for smart phones and smart TV), all have the capability to join the unrelated data dots. As long as this information remains anonymous and aggregate I see no harm in that. However, data triangulation is a concern I have. That is, tying up anonymous data points until they reveal who I am and what are my habits.

As always, please add your views and feedback with a comment.

← Prev: What is the future direction of analytics? Next: Google Analytics Limits - a reference guide →

Looking for a keynote speaker, or wish to hire Brian…?

If you are an organisation wishing to hire me and my team, please view the Contact page. I am based in Sweden and advise organisations in Europe as well as North America.

4 Comments

Angelfish on February 1, 2013 at 12:03 am

Hi Brian. I completely agree with your assessment of 3rd party tracking and the “triangulation” idea. It will be entertaining to see how the big Internet companies respond as data privacy laws gain momentum.

Between Apple, Facebook, and Google…which do you think will be most affected by PII / privacy regulations in the next few years?
Reply
Matthieu on October 12, 2012 at 11:41 am

> That is right and proper in the free world i.e. where the judiciary is independent. Of course if the judiciary is corrupt or is being threatened, then that is a different matter…

To me, the threat is more than clear: the threat is a reality, I’m afraid. It can be shocking the realize the truth, because not often TV or main stream media will talk about it, but “this” world is now our world…

https://www.eff.org/issues/nsa-spying

We must, as technologists, passionate in helping human civilization strive, we must aim to build the tools that will let Internet users browser without being watched, monitored, record being kept, because such surveillance powers are misused, and will be -secretly- abused by the people in control of the data.

Cheers!
Reply
Brian Clifton on October 8, 2012 at 8:53 pm

@Matthieu: Thanks for the detailed response. I think we are taking about two different issues here, though related.

All organisations are subject to the laws of the land they operate in. For example a court in the UK can order Google, or any other company, to hand over data if it consideres this is required. For example, to allow law enforcement agencies to track criminals. This is the case no matter where the HQ of that company is. I can only speak for the UK, but that can only happen with a court order.

That is right and proper in the free world i.e. where the judiciary is independent. Of course if the judiciary is corrupt or is being threatened, then that is a different matter…
Reply
Matthieu on October 6, 2012 at 1:27 am

I agree with you that Google Analytics is a great tool, which has enabled millions to discover the use of Analytics to improve their websites. Big Kuddos for that Google! 🙂

Thanks Brian for sharing the interesting interview and answers.

There is one other aspect of Privacy and Web Analytics that you did not directly mention: Google is a USA corporation, which has to answer to US legislation including the Patriot Act. The act, as a response to the terrorist attacks of September 11th (which I honestly believe were pre-planned by the US shadow government), significantly reduced restrictions in law enforcement agencies’ gathering of intelligence within the United States.

Google Analytics is used on 50%+ of all websites, and there is some kind of Google service tracking visitors on about 60%+ of all Internet websites. [1]

I’m afraid your “privacy analogy” is inaccurate, because in the case of Google analytics, there is only one “parent standing on a street corner”, monitoring most websites traffic worldwide, and it is Google… or should it be “Big Daddy” in reference to “Big Brother” from the enlightening novel 1984?

Because Google knows a lot of visited websites and pages for any given internet user, one Privacy concern which many users have is to know whether Google may be required to share these detailed visitor logs with Law enforcement agencies.

As a Google user, how do I know for sure that the websites I visited and my Google Analytics/Adsense/Adwords logs are not sent in a readable form to the US (or foreign) law enforcement agencies, as part of the thousands user data requests Google is seeing every month? [2]

Maybe they are not, but because it is proprietary software, we do not know which data Google allow themselves to share with the law enforcement agencies (in particular, does Google ever share the “websites” visited by a “potential terrorist” without needing proof?).

As we move to spend a great amount of our life on the Internet, these questions of sharing our browsing habits & internet usage data with companies and governements becomes an important topic, and I’m afraid the answer to the question “who is monitoring the monitors?” will stay a mystery for users.

If you trust the “monitors”, maybe you haven’t heard of the NSA whistle blower William Binney who leaked that the Spy data center being built in the US will be used for CIVILIAN monitoring [3]… For example, ” NSA gained warrantless access to AT&T’s vast trove of domestic and international billing records, detailed information about who called whom in the US and around the world”. Will they one day gain “special access” to the Google Analytics logs?

I’d like to trust the monitors, but history has proven that we can’t. The Analytics & Privacy debate is here to stay…

[1] http://w3techs.com/blog/entry/google_cant_track_every_single_click_of_your_web_surfing_only_most_of_them

[2] http://www.google.com/transparencyreport/userdatarequests/

[3] http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
Reply