However online data tracking is not limited to companies who engage in Behavioral Targeting. Any companies which collects users’ web surfing data or user provided data needs to make sure do not compromise user privacy (actual or perceived). They need to clearly state how they are collecting data and how that data will be used.
Enterprise web analytics tools like Omniture, WebTrends, Coremetrics etc and free tools like Google Analytics and Yahoo IndexTools have made it very easy for website owners of any size to track users’ online behaviors. Most of the web analytics tools use a first party anonymous cookie to track users and their behaviors on any given site.
Side Note: The data is called anonymous because it mainly uses a cookie value to indentify a user (there are other ways which I am not covering in this post) without knowing who the actual user is. Say John Doe arrives on AnilBatra.com, a web analytics tool will drop a cookie with a random id say 123ASXBA12. This cookie id is not tied to any personally identifiable information (see below) of John Doe. So Web Analytics tools (in most cases) do not know who the person is, they just know that cookie id 123ASXBA12 came to the site. They use this id to track current and future site visits.
It does not matter who is collecting the data. The data is collected on your site and is collected on your behalf so you are responsible for clearly stating how you are collecting and using the data.
Those who use Google Analytics, need to be aware that Google Analytics requires such disclosures. Here is what Google Analytics states in its Terms of Service
Tracking Personally Identifiable Data
I am a big supporter of giving users an opt-in option before using PII data for tracking and targeting. If you do decide that opt-in is not the right for your business model then at least provide an easy way for users to opt-out from being tracked and targeted using PII information.
Note: Google Analytics does not allow any Personally Identifiable information to be tracked via Google Analytics, period. Here is what Google Analytics Terms of Service says:
You will not (and will not allow any third party to) use the Service to track or collect personally identifiable information of Internet users, nor will You (or will You allow any third party to) associate any data gathered from Your website(s) (or such third parties' website(s)) with any personally identifying information from any source as part of Your use (or such third parties' use) of the Service.
Google Analytics even considers IP address as PII. It uses IP address to populate Geo Report but will not show IP address in any report. Other tools such as Omniture, WebTrends etc. can display IP and other PII data.
Optimization and Privacy
Examples of good privacy policies
As marketers and web analysts lets do our part, let’s make sure to be clear and forthcoming in our privacy policies.
Also see Jim Stern’s view on giving users the control on privacy.
Looking to fill your Web Analytics or Online Marketing position? Try WebAnalytics Job Board
(Web Sales) Conversion Marketing Manager at Hewlett Packard (American Fork, UT)