Indifference to Privacy and Data Ownership Could Cost You $

A quick reading through tech blog headlines over the past week alone yielded a dozen articles related to net privacy ranging from European ePrivacy Directive (CNet) to IE10 Do Not Track (WSJ) defaults.  If all the privacy attention is causing your eyes to glaze over (admittedly it can sometimes be pretty dry reading), here is a scenario that should peak your interest: if your company is indifferent you could actually be losing a lot of money.

No, I’m not talking about potential lawsuits or anything; from my perspective, companies seem to be doing a good job posting privacy-aware policies and making it clear to their users how their data is used.  When I say losing money I’m talking about dollars lost by sacrificing ownership of your analytics data.  What you give up as payment for the cost of “free analytics” will likely surprise you.

Let me lay out a scenario that hits home for most companies:

Company XYZ has rolled out a new mobile App and the company is using Flurry Analytics in their app (or Google Analytics, or a host of other easy-entry analytics). The reasoning is that Flurry gives entry level insights into user experience and, well, it’s free.

Like most companies that have published apps, the app conversion goal isn’t (just) the app purchase itself (most are free apps).  For most, their apps were created to sell in-app products, provide a service, or deliver an interaction with a brand to increase customer loyalty.  Whether it’s a service, a brand or an in-app purchase though, the investment in building the app is meant to drive strong in-app conversion rates.

In the case of fictitious XYZ corp, let’s say they are an insurance company and they’d like to get users to research and expand their coverage for new insurance policies.

Like everyone else, they need analytics because unless they understand how users are engaging with their app, they can’t improve it for a better user experience nor can they optimize it for higher conversion rates. But before XYZ Corp gives the power to their app developer to drop in analytics, they need to ask themselves why free analytics, Flurry, is giving away their analytics.  To answer that question, they need look no further than the Flurry terms of service and privacy policy  – Flurry’s monetization strategy is to use their data they collect (yes, it is THEIR  data, not yours) to target your users and sell their AppCircle advertising service.

And what is the selling point of their advertising service?  The ubiquity of apps using Flurry gives them a wide knowledge of what other apps are installed on devices and they can offer a targeted ad service.

Is that so bad?  Here is where XYZ starts losing money.

A competitor company to XYZ makes the (reasonable) assumption that XYZ is using Flurry and they pay to advertise on Flurry’s AppCircle service.  There are plenty of apps on each users’ device that serve up targeted ads.  Following the competitive ad spend with AppCircle, now any user that has the XYZ app on their device gets ads targeted towards them for Insurance… only it is their competitors insurance.

Flurry is not only collecting data about your app, they are combining it with all their knowledge of the other apps and behavior of your users and you gave them fully permission to do so, in fact, it’s _their_ data and that is how you paid for the “free” analytics.  Google Analytics is the same only add in a far wider array of interactions from email to friends circles.

App Developer and blogger David Barnard summed up the hidden costs of free analytics in a frustrated post about Flurry weeks ago: “Turns out, I was paying in user data. Instead of offering me the opportunity to pay for the service, Flurry is now going to monetize the data I gave them by offering highly targeted ads.”  It’s this kind of cross-app/mobile site tracking that caused Apple to change their policy on using the UDID (a device ID that is persistent and accessible to all apps).

Periodically Google Analytics and other free analytics like Flurry find themselves in the cross-hairs (or at least they are collateral damage from the explosion of some other privacy issue) and they shift themselves out of the spotlight, like they tried to do with the Apple UDID fallout (PCMag).  But they aren’t being forthcoming about what they replaced it with.

Writer Ki Mae Heussner in an AdWeek article regarding the UDID replacement used by these companies (AdWeek): “It has also created an opportunity for those in the mobile world who use an alternate, sophisticated means of tracking called device recognition (or what some term “digital fingerprinting”) to make bold—and highly debatable—claims of being more pro-privacy, since these methods don’t rely on the controversial UDID. However, digital fingerprinting potentially involves the collection of potentially hundreds of other data points flowing off of a mobile device, which could set off just as many or more privacy alarms.”

When you have a presence on many, if not most, mobile devices like Google Analytics, you can bet they have their own treasure trove of digital fingerprints stored and they are using this as the selling point of their service.

The thing is, what most developers like Mr. Barnard at App Cubby aren’t aware is just how prevalent this is.  Even some paid analytics services publish data on “industry” trends, devices, competitive sheets, etc. and user profiling is a lucrative business.

There hasn’t been any shortage of articles talking about Google’s changes in privacy policy a few weeks ago (TechCrunch), it caused an understandable stir. Unfortunately the focus on the articles seemed to center on the consolidation of Google’s privacy terms across it’s sites and services rather than the underlying questions I think we’re all asking. Certainly, consolidating your policies  to be more transparent to users should be seen as a good thing.  But I think what most of us were reacting to was our own realization of just how much we rely on a very wide range of services from Google and what that could mean to our privacy when one action in one service could feed a host of targeted advertising in every other service.  Google’s store of data has a lot of power. Users (and regulators) are keen to make sure that means in increase in responsibility.

One area where Webtrends stands out: it’s YOUR data, it’s not combined with other customer data for industry trends or any other such statistics, and Webtrends doesn’t even share user IDs across apps or devices.  By not sharing your IDs we’re also making it clear that they are your users/visitors as well.  And because it’s your data, Webtrends created the industry’s best web services for accessing your data as well as enhancing it with other sources of data.  And our plugin model for our JavaScript encourages an open approach to creating leading edge analytics.

Considering the value of your customer relationship (both real world money and user experience), ownership and data privacy may honestly warrant the cost of paid analytics all on its own.