Web 3.0 and the Internet User's Bill of Rights

Back in 2007, on the subject of the evolution of the web analytics industry, I proffered that “If Web Analytics 1.0 was all about measuring page views to generate reports and define key performance indicators, and if Web Analytics 2.0 is about measuring events and integrating qualitative and quantitative data, then Web Analytics 3.0 is about measuring real people and optimizing the flow of information to individuals as they interact with the world around them.”

At the time I was thinking about the onset of digital ubiquity — an “always on” Internet that followed us everywhere we went and more or less knew where we were. Given the explosion of mobile devices and our near universal dependence on smartphones, location-based services, and digital personal assistants, the following comment seems almost quaint:

“Just think for a minute about how your browsing experience might change if the web sites you visited remembered you and delivered a tailored experience based on your demographic profile (theoretically available via your phone number), your browsing history (accurate because you’re not deleting your phone number) and your specific geographic location when you make the request?”

Essentially I envisioned a future where anonymous log files gave way to massive data stores that, given much of the data would be flowing from mobile devices that we kept on us at all times, would form a far more complete picture of each of us individually than Web Analytics 1.0 or 2.0 could ever hope to support. What’s more, when subject to enough processing power and computational wizardry, this data would support previously unimaginable levels of micro-targeting and content personalization, possibly knowing more about us than our own loved ones.

At the time I recall having conversations with one particularly smart individual who argued that this would never happen — that phone manufacturers and phone and Internet service providers would never allow this type of information to be used, much less in a commercial context. His argument was that this would be such an egregious violation of consumer privacy that, were this to happen, the government would inevitably step in and, fearing ham-fisted meddling by “luddite politicians” (his words, not mine), industry leaders would come together and attempt to offer at least some level of consumer protection, even if it would negatively impact their business models.

Turns out we were both right.

What I referred to as “Web Analytics 3.0” is clearly the collection, analysis, and use of what is more commonly referred to as “Big Data” — an incredibly powerful source of information about consumers that can be used in an almost endless number of ways to power our new data economy. And, thanks to some spectacular mis-steps on the part of organizations, groups, and companies who should know better, “Big Data” is increasingly subject to regulation.

In the past few days, the California Attorney General has announced that she has the agreement of six of the largest mobile platform providers — Google, Apple, Amazon, HP, RIM, and Microsoft — to begin enforcing a law that calls attention to the use of consumer data in mobile applications. And, even more amazingly, the Obama administration has delivered a “Digital Consumer’s Bill of Rights” that has the major browser manufactures agreeing to quickly begin to support “Do Not Track” functionality designed to limit the flow and use of even anonymous web usage data in some instances.

Clearly, both of these announcements are good for consumers, who will hopefully be better protected from bonehead moves like sending entire address books insecurely up to cloud-based servers. And clearly both of these announcements are good for legislators, who during an election year will have something positive to talk about, at least with the majority of their constituents.

But where does this leave you, the digital measurement, analysis, and optimization worker?

More or less in the same place we were back in December 2010 when this all first came up, on the brink of a sea-change in web analytics, but one that I’m confident that most of us can handle. While I still believe that web analytics is hard — perhaps more so than ever — I’m also confident that individuals who are truly invested in making informed decisions based on the available data will be just fine.

Still there are unknowns and subsequently risk coming down the pipe through the President’s “Bill of Rights.”  Some things that I am particularly interested in knowing include:

• Who decides which technologies will be subjected to browser-based “Do Not Track” directives?
• Will “blocked” technologies be universally blocked? Or, like in P3P, is their a continuum of requirements?
• Will “blocked” technologies be blocked across all participating browsers? Or will browser vendors decide individually?
• Will “blocked” sessions be identified as such? And if so, will some minimal data still be available?
• How will the Bill of Rights “guarantee” data security, transparency, respect for context, etc. as outlined by the President?

I suspect the answers to most of these questions are still being discussed.  Still, the ramifications are important and there is an awful lot of conflict of interest inherent in the browser vendor’s participation.  For example, if you’re Google and have made a pretty significant investment into Google Analytics, what is your motivation to block analytics tracking in your Chrome browser? Or perhaps you’re Microsoft and you have multiple initiatives to improve the quality of search and display advertising — all of which depend on some level of data collected via the browser — are you willing to prevent all of that in Internet Explorer?

It will be interesting to watch this play out.

For what it’s worth, at Analytics Demystified we have been thinking about the explosion in digital data collection and consumer privacy for a pretty long time. Going all the way back to that 2007 post on Web 3.0, and rolling forward to our work on the Web Analyst’s Code of Ethics and more recently our GUARDS Audit (with BPA Worldwide), Analytics Demystified strongly believes that consumer data is a valuable asset, one that needs to be treated with the upmost respect.

To that end, if your legal team or senior leadership are asking you about the data you collect and how you might be exposed based on how that data is being secured and used, you might be interested in Analytics Demystified GUARDS. In a nutshell, GUARDS is a comprehensive audit of your digital data collection landscape performed by auditors from BPA Worldwide designed to help leadership understand what data is collected, where, why, and how that data is being secured and ultimately used.

Either way, my partners and I at Analytics Demystified will be keeping a careful eye on this Bill of Rights, changes in the mobile data collection landscape, and the application of Do Not Track across modern browsers. I welcome your comments and feedback.