*** Note we are not lawyers and any comments made in this blog post are of no legal standing when it comes to privacy, GDPR, etc ***
Ayima hosted the most recent Digital Analytics meetup on the 17th Sept, on the topic of GDPR, ITP and other privacy issues that will affect businesses' ability to gather data. The meetup was prompted by a recent article from the ICO which states that analytics is not strictly necessary, that websites can operate without these tools and, therefore, analytics requires consent before any tracking code can be fired.
(If you know what ITP is, feel free to skip the rest of this paragraph) ITP stands for Intelligent Tracking Prevention and it’s a feature developed for iOS (Firefox is also looking to implement a similar solution). One of the main points of ITP is that it limits first party cookie expiration dates to 7 days, no matter what they are set as initially. For Google Analytics, which uses the _ga cookie to identify a user, this means your user-based analysis is restricted to people who return within a 7 day period (and metrics like Users and New Users will therefore be inflated). More details on Simo Ahava’s blog.
The above was the starting point for the discussions taking place at the Digital Analytics meetup. It’s a great sign that instead of trying to find loopholes for these restrictions, all speakers encouraged the analytics community to accept why GDPR and ITP have been created: a response to actual user demand for privacy.
Mark Goodwin from Mozilla Firefox (@mr_goodwin, not speaking on behalf of Mozilla) is a software developer specialising in security. He reminded everyone that browsers are named “user agents” for a reason: they are supposed to represent the user’s interests when they surf the web. Analytics plays an important role in this (e.g. fraud identification and prevention) but the exact same data can be monetised by companies (e.g. ad targeting). This represents a misuse when a user has explicitly instructed their browser (i.e. user agent) to not allow this and this instruction is ignored by websites or advertising platforms.
The concept of restricting the use of personally identifiable data to clearly defined and soundly justified purposes (like fraud prevention) is also one of the core principles of GDPR. As we all know, there are users who have installed ad blockers and tracking blockers, possibly because they don’t trust companies to actually follow GDPR. Pierre Far of Blockmetry (@blockmetry) highlighted that on average, 8% of pageviews in the UK are not tracked and this number can show seasonality (in the US, for example, it spikes on the 4th of July). Of major concern to us in the Digital Analytics community, this biases insights and recommendations as the data collected is skewed. It also makes comparisons between time periods difficult as the skew varies. Another interesting point made by Pierre was that removing or blocking tracking on a website actually leads to a better user experience as page load time can decrease by about 50%.
The panel which followed was formed of 3 experts: Pierre as introduced above (unfortunately Mark was not feeling well and had to leave) as well as Matthew Tod and Alec Cochrane, both experts in digital analytics - they’ve been part of the industry for more than 15 years. The panel emphasised that the main problem with discussions around current tracking is that they don’t focus on the benefit to the user, leading to the legislative and technological backlash which resulted in GDPR, ITP and tracker-blocking software. Analytics therefore needs to change and accept that the scope for collecting or analysing user-identifiable data will become more restricted. This would disproportionately affect Marketing which is dependent on tracking users across websites and longer time frames. It was also pointed out that technologies such as fingerprinting are not allowed under GDPR (no loopholes, remember?).
However, as Peter O’Neill, Analytics Director at Ayima, pointed out, even without user information, analytics data can be used to troubleshoot site issues (e.g. page load, broken pages) or understand the customer behaviour (e.g. do users purchase via search or product detail pages?).
In summary, I’ll leave you with this to ponder: is it time for each of us to self-regulate how we collect and use data? Or do we wait for legislation to be created to ensure data collection and processing is done in an ethical way?
Ayima is planning one final Digital Analytics meetup this year, to be held on Tues 26th Nov with a topic along the lines of “Putting the fun back into data”. We want to share some more fun/interesting examples of the use of data, ensuring that beyond interesting, it is also practical. Digital Analytics is all about using data to tell stories so we want to hear some of the best. We will be announcing the meetup next week but please get in touch if you have a fun/interesting data story you want to share.