When the cookie crumbles
AUSTRALIA— Earlier this week, web audience measurement firm Effective Measure claimed to be setting “a new benchmark in visitor privacy” with a system that would allow consumers to permanently opt out of having their online activity tracked.
The issue of online privacy is drawing the attention of legislators around the globe, and a heavy-handed regulatory response poses a potentially serious threat to the work of the MR industry.
With that in mind, Research contacted Effective Measure’s chief privacy officer Roger Kermode to find out more about the company’s new solution and gauge his views on where the privacy debate is heading.
Could you start by explaining how Effective Measure produces its audience measurement data? Is it a cookie-based measure?
Effective Measure produces its audience measurement data via the use of patent-pending DigitalHelix technology. DigitalHelix incorporates a number of methods, including cookies, to track and aggregate media consumption across multiple sites, browsers, and devices. The technology is designed to cope with the deletion of cookies and in so doing provide accurate counts of the number of visitors to a site.
It also allows Effective Measure to offer an integrated survey functionality that allows anonymised and aggregated responses given by users who opt in to answer questions on one site to be shared with another site. This allows audience demographic data to be compiled and shared across the sites within a market based on what people are willing to share.
Should they decide not to participate in a survey or not answer a specific survey question that is their choice. All traffic data collected by Effective Measure is anonymised and aggregated so that it is not possible to identify individual users.
Other methods based solely on cookies suffer from a couple of problems, the most serious one being that they generate inaccurate data regarding site traffic when users delete cookies. While the number of page views is roughly accurate, the number of visitors can be significantly over-counted since deleted cookies result in new visitor IDs when a user returns.
How does your new opt-out system differ from the existing one?
Our previous opt-out system followed the industry practice of setting a cookie to enable opt-out. Our new system builds on this by leveraging the persistence afforded by DigitalHelix to ensure that any potential tracking data from a visitor that has been opted out is discarded and not included in the measurement stats.
Opt-out methods based solely on third-party cookies create a potential privacy issue. A user who deletes cookies after visiting a site, and then visits a site again, will have a new cookie created and be tracked again under the new identifier. This creates a problem for both users and for advertisers, since the user isn’t opted out on a permanent basis, and the traffic numbers generated by the cookie-only verification service include duplicated user data.
What was the catalyst for introducing such a system? Was it a response to the outcry there has been around ISP-based behavioural monitoring and ad targeting?
Effective Measure doesn’t participate in behavioural ad targeting in any form, we simply measure the size of website audiences, and provide opt-in site demographics. We decided that it was appropriate to proactively lead the discussion on user privacy in the audience measurement space.
You bill the new opt-out system as a new benchmark in visitor privacy - yet law makers, specifically in the US and Europe, seem to be pushing heavily for opt-in when it comes to behavioural tracking. Would this be workable in a research context?
Our survey function is completely opt-in by design since it allows users to answer all, none or some of the questions presented. All demographic data we collect and manage on behalf of our clients is on an opt-in only basis, the only data we collect on an opt-out basis is de-identified, website usage data.
At the highest level, privacy is something for which users will make personal decisions around how much data they are willing to share. If there is a perceived benefit to be gained then a user can choose to reveal some information to gain that benefit.
We do believe that DigitalHelix sets a new benchmark in visitor privacy. As far as we’re aware no other system is able to provide the combination of opt-in demographics with a permanent opt-out without compromising browser operation by permanently disabling cookies altogether.
How do you see the online privacy debate unfolding?
Online privacy has been an important issue since the early days of the internet and is an issue that constantly evolves along with the application of new technologies. We feel that consumers are becoming more and more aware of how their personal data could be used, and are becoming savvier about how they can prevent identifiable data being misused.
We see the debate moving towards responsible self-regulation by industry groups like the Network Advertisers Initiative. In an industry where technology moves quickly, we feel that these kinds of industry-led initiatives, along with proactive user privacy policies, such as persistent opt-outs from responsible companies, are the most effective way to ensure user data is not misused.
Follow us on Twitter