Recherche avancée

Sur d’autres sites (4524)

• GA360 Sunset : Is Now the Time to Switch ?

  20 mai 2024, par Erin

  Google pushed the sunset date of Universal Analytics 360 to July 2024, giving enterprise users more time to transition to Google Analytics 4. This extension is also seen by some as time to find a suitable alternative. 

  While Google positions GA4 as an upgrade to Universal Analytics, the new platform has faced its fair share of backlash. 

  So before you rush to meet the new sunset deadline, ask yourself this question : Is now the time to switch to a Google Analytics alternative ?

  In this article, we’ll explain what the new GA360 sunset date means and show you what you could gain by choosing a privacy-friendly alternative. 

  What’s happening with the final GA360 sunset ?

  Google has given Universal Analytics 360 properties with a current 360 licence a one-time extension, which will end on 1 July 2024.

  Why did Google extend the sunset ?

  In a blog post on Google, Russell Ketchum, Director of Product Management at Google Analytics, provided more details about the final GA360 sunset. 

  In short, the tech giant realised it would take large enterprise accounts (which typically have complex analytics setups) much longer to transition smoothly. The extension gives them time to migrate to GA4 and check everything is tracking correctly. 

  What’s more, Google is also focused on improving the GA4 experience before more GA360 users migrate :

  “We’re focusing our efforts and investments on Google Analytics 4 to deliver a solution built to adapt to a changing ecosystem. Because of this, throughout 2023 we’ll be shifting support away from Universal Analytics 360 and will move our full focus to Google Analytics 4 in 2024. As a result, performance will likely degrade in Universal Analytics 360 until the new sunset date.”

  Despite the extension, the July sunset is definitive. 

  Starting the week of 1 July 2024, you won’t be able to access any Universal Analytics properties or the API (not even with read-only access), and all data will be deleted.

  In other words, it’s not just data collection that will cease at the start of July. You won’t be able to access the platform, and all your data will be deleted. 

  What GA360 features is Google deprecating, and when ?

  If you’re wondering which GA360 features are being deprecated and when, here is the timeline for Google’s final GA360 sunset :

  • 1 January 2024 : From the beginning of the year, Google doesn’t guarantee all features and functionalities in UA 360 will continue to work as expected. 
  • 29 January 2024 : Google began deprecating a string of advertising and measurement features as it shifts resources to focus on GA4. These features include :
    • Realtime reports
    • Lifetime Value report
    • Model Explorer
    • Cohort Analysis
    • Conversion Probability report
    • GDN Impression Beta
  • Early March 2024 : Google began deprecating more advertising and measurement features. Deprecated advertising features include Demographic and Interest reports, Publisher reporting, Phone Analytics, Event and Salesforce Data Import, and Realtime BigQuery Export. Deprecated measurement features include Universal Analytics property creation, App Views, Unsampled reports, Custom Tables and annotations.
  • Late March 2024 : This is the last recommended date for migration to GA4 to give users three months to validate data and settings. By this date, Google recommends that you migrate your UA’s Google Ads links to GA4, create new Google Ad conversions based on GA4 events, and add GA4 audiences to campaigns and ad groups for retargeting. 
  • 1 July 2024 : From 1 July 2024, you won’t be able to access any UA properties, and all data will be deleted.

  What’s different about GA4 360 ? 

  GA4 comes with a new set of metrics, setups and reports that change how you analyse your data. We highlight the key differences between Universal Analytics and GA4 below. 

  

  New dashboard

  The layout of GA4 is completely different from Universal Analytics, so much so that the UX can be very complex for first-time and experienced GA users alike. Reports or metrics that used to be available in a couple of clicks in UA now take five or more to find. While you can do more in theory with GA4, it takes much more work. 

  New measurements

  The biggest difference between GA4 and UA is how Google measures data. GA4 tracks events — and everything counts as an event. That includes pageviews, scrolls, clicks, file downloads and contact form submissions. 

  The idea is to anonymise data while letting you track complex buyer journeys across multiple devices. However, it can be very confusing, even for experienced marketers and analysts. 

  New metrics

  You won’t be able to track the same metrics in GA4 as in Universal Analytics. Rather than bounce rate, for example, you are forced to track engagement rate, which is the percentage of engaged sessions. These sessions last at least ten seconds, at least two pageviews or at least one conversion event. 

  Confused ? You’re not alone. 

  New reports

  Most reports you’ll be familiar with in Universal Analytics have been replaced in GA4. The new platform also has a completely different reporting interface, with every report grouped under the following five headings : realtime, audience, acquisition, behaviour and conversions. It can be hard for experienced marketers, let alone beginners, to find their way around these new reports. 

  AI insights

  GA4 has machine learning (ML) capabilities that allow you to generate AI insights from your data. Specifically, GA4 has predictive analytics features that let you track three trends : 

  • Purchase probability : the likelihood that a consumer will make a purchase in a given timeframe.
  • Churn probability : the likelihood a customer will churn in a given period.
  • Predictive revenue : the amount of revenue a user is likely to generate over a given period. 

  Google generates these insights using historical data and machine learning algorithms. 

  Cross-platform capabilities

  GA4 also offers cross-platform capabilities, meaning it can track user interactions across websites and mobile apps, giving businesses a holistic view of customer behaviour. This allows for better decision-making throughout the customer journey.

  Does GA4 360 come with other risks ?

  Aside from the poor usability, complexity and steep learning curve, upgrading your GA360 property to GA4 comes with several other risks.

  GA4 has a rocky relationship with privacy regulations, and while you can use it in a GDPR-compliant way at the moment, there’s no guarantee you’ll be able to do so in the future. 

  This presents the prospect of fines for non-compliance. A worse risk, however, is regulators forcing you to change web analytics platforms in the future—something that’s already happened in the EU. Migrating to a new application can be incredibly painful and time-consuming, especially when you can choose a privacy-friendly alternative that avoids the possibility of this scenario. 

  If all this wasn’t bad enough, switching to GA4 risks your historical Universal Analytics data. That’s because you can’t import Universal Analytics data into GA4, even if you migrate ahead of the sunset deadline.

  Why you should consider a GA4 360 alternative instead

  With the GA360 sunset on the horizon, what are your options if you don’t want to deal with GA4’s problems ? 

  The easiest solution is to migrate to a GA4 360 alternative instead. And there are plenty of reasons to migrate from Google Analytics to a privacy-friendly alternative like Matomo. 

  Keep historical data

  As we’ve explained, Google isn’t letting users import their Universal Analytics data from GA360 to GA4. The easiest way to keep it is by switching to a Google Analytics alternative like Matomo that lets you import your historical data. 

  Any business using Google Analytics, whether a GA360 user or otherwise, can import data into Matomo using our Google Analytics Importer plugin. It’s the best way to avoid disruption or losing data when moving on from Universal Analytics.

  Collect 100% accurate data

  Google Analytics implements data sampling and machine learning to fill gaps in your data and generate the kind of predictive insights we mentioned earlier. For standard GA4 users, data sampling starts at 10 million events. For GA4 360 users, data sampling starts at one billion events. Nevertheless, Google Analytics data may not accurately reflect your web traffic. 

  You can fix this using a Google Analytics alternative like Matomo that doesn’t use data sampling. That way, you can be confident that your data-driven decisions are being made with 100% accurate user data. 

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  Guarantee user privacy first

  Google has a stormy relationship with the EU-US Data Privacy Framework—being banned and added back to the framework in recent years.

  Currently, organisations governed by GDPR can use Google Analytics to collect data about EU residents, but there’s no guarantee of their ability to do so in the future. Nor does the Framework prevent Google from using EU customer data for ulterior purposes such as marketing and training large language models. 

  By switching to a privacy-focused alternative like Matomo, you don’t have to worry about your user’s data ending up in the wrong hands.

  Upgrade to an all-in-one analytics tool

  Switching from Google Analytics can actually give organisations access to more features. That’s because some GA4 alternatives, like Matomo, offer advanced conversion optimisation features like heatmaps, session recordings, A/B testing, form analytics and more right out of the box. 

  

  This makes Matomo a great choice for marketing teams that want to minimise their tech stack and use one tool for both web and behavioural analytics. 

  Get real-time reports

  GA4 isn’t the best tool for analysing website visitors in real time. That’s because it can take up to 4 hours to process new reports in GA360.

  However, Google Analytics alternatives like Matomo have a range of real-time reports you can leverage.

  

  In Matomo, the Real Time Visitor World Map and other reports are processed every 15 minutes. There is also a Visits in Real-time report, which refreshes every five seconds and shows a wealth of data for each visitor. 

  Matomo makes migration easy

  Whether it’s the poor usability, steep learning curve, inaccurate data or privacy issues, there’s every reason to think twice about migrating your UA360 account to GA4. 

  So why not migrate to a Google Analytics alternative like Matomo instead ? One that doesn’t sample data, guarantees your customers’ privacy, offers all the features GA4 doesn’t and is already used by over 1 million sites worldwide.

  Making the switch is easy. Matomo is one of the few web analytics tools that lets you import historical Google Analytics data. In doing so, you can continue to access your historical data and develop more meaningful insights by not having to start from scratch.

  If you’re ready to start a Google Analytics migration, you can try Matomo free for 21 days — no credit card required. 

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• OCPA, FDBR and TDPSA – What you need to know about the US’s new privacy laws

  22 juillet 2024, par Daniel Crough

  On July 1, 2024, new privacy laws took effect in Florida, Oregon, and Texas. People in these states now have more control over their personal data, signaling a shift in privacy policy in the United States. Here’s what you need to know about these laws and how privacy-focused analytics can help your business stay compliant.

  Consumer rights are front and centre across all three laws

  The Florida Digital Bill of Rights (FDBR), Oregon Consumer Privacy Act (OCPA), and Texas Data Privacy and Security Act (TDPSA) grant consumers similar rights.

  Access : Consumers can access their personal data held by businesses.

  Correction : Consumers can correct inaccurate data.

  Deletion : Consumers may request data deletion.

  Opt-Out : Consumers can opt-out of the sale of their personal data and targeted advertising.

  Oregon Consumer Privacy Act (OCPA)

  The Oregon Consumer Privacy Act (OCPA), signed into law on June 23, 2023, and effective as of July 1, 2024, grants Oregonians new rights regarding their personal data and imposes obligations on businesses. Starting July 1, 2025, authorities will enforce provisions that require data protection assessments, and businesses must recognize universal opt-out mechanisms by January 1, 2026. In Oregon, the OCPA applies to business that :

  • Either conduct business in Oregon or offer products and services to Oregon residents

  • Control or process the personal data of 100,000 consumers or more, or

  • Control or process the data of 25,000 or more consumers while receiving over 25% of their gross revenues from selling personal data.

  Exemptions include public bodies like state and local governments, financial institutions, and insurers that operate under specific financial regulations. The law also excludes protected health information covered by HIPAA and other specific federal regulations.

  Business obligations

  Data Protection Assessments : Businesses must conduct data protection assessments for high-risk processing activities, such as those involving sensitive data or targeting children.

  Consent for Sensitive Data : Businesses must secure explicit consent before collecting, processing, or selling sensitive personal data, such as racial or ethnic origin, religious beliefs, health information, biometric data, and geolocation.

  Universal Opt-out : Starting January 1, 2025, businesses must acknowledge universal opt-out mechanisms, like the Global Privacy Control, that allow consumers to opt out of data collection and processing activities.

  Enforcement

  The Oregon Attorney General can issue fines up to $7,500 per violation. There is no private right of action.

  Unique characteristics of the OCPA

  The OCPA differs from other state privacy laws by requiring affirmative opt-in consent for processing sensitive and children’s data, and by including nonprofit organisations under its scope. It also requires global browser opt-out mechanisms starting in 2026.

  Florida Digital Bill of Rights (FDBR)

  The Florida Digital Bill of Rights (FDBR) became law on June 6, 2023, and it came into effect on July 1, 2024. This law targets businesses with substantial operations or revenues tied to digital activities and seeks to protect the personal data of Florida residents by granting them greater control over their information and imposing stricter obligations on businesses. It applies to entities that :

  • Conduct business in Florida or provide products or services targeting Florida residents,

  • Have annual global gross revenues exceeding $1 billion,

  • Receive 50% or more of their revenues from digital advertising or operate significant digital platforms such as app stores or smart speakers with virtual assistants.

  Exemptions include governmental entities, nonprofits, financial institutions covered by the Gramm-Leach-Bliley Act, and entities covered by HIPAA.

  Business obligations

  Data Security Measures : Companies are required to implement reasonable data security measures to protect personal data from unauthorised access and breaches.

  Handling Sensitive Data : Explicit consent is required for processing sensitive data, which includes information like racial or ethnic origin, religious beliefs, and biometric data.

  Non-Discrimination : Entities must ensure they do not discriminate against consumers who exercise their privacy rights.

  Data Minimisation : Businesses must collect only necessary data.

  Vendor Management : Businesses must ensure that their processors and vendors also comply with the FDBR, regarding the secure handling and processing of personal data.

  Enforcement

  The Florida Attorney General can impose fines of up to $50,000 per violation, with higher penalties for intentional breaches.

  Unique characteristics of the FDBR

  Unlike broader privacy laws such as the California Consumer Privacy Act (CCPA), which apply to a wider range of businesses based on lower revenue thresholds and the volume of data processed, the FDBR distinguishes itself by targeting large-scale businesses with substantial revenues from digital advertising. The FDBR also emphasises specific consumer rights related to modern digital interactions, reflecting the evolving landscape of online privacy concerns.

  Texas Data Privacy and Security Act (TDPSA)

  The Texas Data Privacy and Security Act (TDPSA), signed into law on June 16, 2023, and effective as of July 1, 2024, enhances data protection for Texas residents. The TDPSA applies to entities that :

  • Conduct business in Texas or offer products or services to Texas residents.

  • Engage in processing or selling personal data.

  • Do not fall under the classification of small businesses according to the U.S. Small Business Administration’s criteria, which usually involve employee numbers or average annual receipts. 

  The law excludes state agencies, political subdivisions, financial institutions compliant with the Gramm-Leach-Bliley Act, and entities compliant with HIPAA.

  Business obligations

  Data Protection Assessments : Businesses must conduct data protection assessments for processing activities that pose a heightened risk of harm to consumers, such as processing for targeted advertising, selling personal data, or profiling.

  Consent for Sensitive Data : Businesses must get explicit consent before collecting, processing, or selling sensitive personal data, such as racial or ethnic origin, religious beliefs, health information, biometric data, and geolocation.

  Companies must have adequate data security practices based on the personal information they handle.

  Data Subject Access Requests (DSARs) : Businesses must respond to consumer requests regarding their personal data (e.g., access, correction, deletion) without undue delay, but no later than 45 days after receipt of the request.

  Sale of Data : If businesses sell personal data, they must disclose these practices to consumers and provide them with an option to opt out.

  Universal Opt-Out Compliance : Starting January 1, 2025, businesses must recognise universal opt-out mechanisms like the Global Privacy Control, enabling consumers to opt out of data collection and processing activities.

  Enforcement

  The Texas Attorney General can impose fines up to $25,000 per violation. There is no private right of action.

  Unique characteristics of the TDPSA

  The TDPSA stands out for its small business carve-out, lack of specific thresholds based on revenue or data volume, and requirements for recognising universal opt-out mechanisms starting in 2025. It also mandates consent for processing sensitive data and includes specific measures for data protection assessments and privacy notices.

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  Privacy notices across Florida, Oregon, and Texas

  All three laws include a mandate for privacy notices, though there are subtle variations in their specific requirements. Here’s a breakdown of these differences :

  FDBR privacy notice requirements

  Clarity : Privacy notices must clearly explain the collection and use of personal data.

  Disclosure : Notices must inform consumers about their rights, including the right to access, correct, delete their data, and opt-out of data sales and targeted advertising.

  Specificity : Businesses must disclose if they sell personal data or use it for targeted advertising.

  Security Practices : The notice should describe the data security measures in place.

  OCPA privacy notice requirements

  Comprehensive Information : Notices must provide information about the personal data collected, the purposes for processing, and any third parties that can access it.

  Consumer Rights : Must plainly outline consumers’ rights to access, correct, delete their data, and opt-out of data sales, targeted advertising, and profiling.

  Sensitive Data : To process sensitive data, businesses or entities must get explicit consent and communicate it.

  Universal Opt-Out : Starting January 1, 2026, businesses must recognise and honour universal opt-out mechanisms.

  TDPSA privacy notice requirements

  Detailed Notices : Must provide clear and detailed information about data collection practices, including the data collected and the purposes for its use.

  Consumer Rights : Must inform consumers of their rights to access, correct, delete their data, and opt-out of data sales and targeted advertising.

  High-Risk Processing : Notices should include information about any high-risk processing activities and the safeguards in place.

  Sensitive Data : To process sensitive data, entities and businesses must get explicit consent.

  What these laws mean for your businesses

  Businesses operating in Florida, Oregon, and Texas must now comply with these new data privacy laws. Here’s what you can do to avoid fines :

  1. Understand the Laws : Familiarise yourself with the specific requirements of the FDBR, OCPA, and TDPSA, including consumer rights and business obligations.

  2. Implement Data Protection Measures : Ensure you have robust data security measures in place. This includes conducting regular data protection assessments, especially for high-risk processing activities.

  3. Update Privacy Policies : Provide clear and comprehensive privacy notices that inform consumers about their rights and how their data is processed.

  4. Obtain Explicit Consent : For sensitive data, make sure you get explicit consent from consumers. This includes information like health, race, sexual orientation, and more.

  5. Manage Requests Efficiently : Be prepared to handle requests from consumers to access, correct, delete their data, and opt-out of data sales and targeted advertising within the stipulated timeframes.

  6. Recognise Opt-Out Mechanisms : For Oregon, businesses must be ready to implement and recognise universal opt-out mechanisms by January 1, 2026. In Texas, opt-out enforcement begins in 2026. In Florida, the specific opt-out provisions began on July 1, 2024.

  7. Stay Updated : Keep abreast of any changes or updates to these laws to ensure ongoing compliance. Keep an eye on the Matomo blog or sign up for our newsletter to stay in the know.

  Are we headed towards a more privacy-focused future in the United States ?

  Florida, Oregon, and Texas are joining states like California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, and Montana in strengthening consumer privacy protections. This trend could signify a shift in US policy towards a more privacy-focused internet, underlining the importance of consumer data rights and transparent business practices. Even if these laws do not apply to your business, considering updates to your data and privacy policies is wise. Fortunately, there are tools and solutions designed for privacy and compliance to help you navigate these changes.

  Avoid fines and get better data with Matomo

  Most analytics tools don’t prioritize safeguarding user data. At Matomo, we believe everyone has the right to data sovereignty, privacy and amazing analytics. Matomo offers a solution that meets privacy regulations while delivering incredible insights. With Matomo, you get :

  100% Data Ownership : Keep full control over your data, ensuring it is used according to your privacy policies.

  Privacy Protection : Built with privacy in mind, Matomo helps businesses comply with privacy laws.

  Powerful Features : Gain insights with tools like heatmaps, session recordings, and A/B testing.

  Open Source : Matomo’s is open-source and committed to transparency and customisation.

  Flexibility : Choose to host Matomo on your servers or in the cloud for added security.

  No Data Sampling : Ensure accurate and complete insights without data sampling.

  Privacy Compliance : Easily meet GDPR and other requirements, with data stored securely and never sold or shared.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

  Disclaimer : This content is provided for informational purposes only and is not intended as legal advice. While we strive to ensure the accuracy and timeliness of the information provided, the laws and regulations surrounding privacy are complex and subject to change. We recommend consulting with a qualified legal professional to address specific legal issues related to your circumstances. 

• The Guide to an Ethical Web : With Big Data Comes Big Responsibility

  13 mars, par Alex Carmona

  Roughly two-thirds of Earth’s 8 billion people use the internet for communication, education, entertainment, business and more. We are connected globally in ways previous generations could’ve never dreamed of. It’s been a wild ride, and we’re just starting.

  Many users have learned that experiences online can be a mix of good and bad. Sometimes, the bad can feel like it outweighs the good, particularly when large tech companies use our data shadily, cut corners on accessibility or act in any other way that devalues the human being behind the screen.

  As fellow internet citizens, what responsibility do we have to create a more ethical web for our customers ?

  In this article, we’ll look at ethical principles online and how to act (and not act) to build trust, reach customers regardless of ability, safeguard privacy and stay compliant while improving business outcomes.

  

  What is an “ethical web” ?

  When we talk about the ethical web, we’re talking about the use of the internet in an ethical way. Among other values, it involves transparency, consent and restraint. It applies the Golden Rule to the internet : Treat others (and their data and user experience) how you’d want yourself (and yours) to be treated. 

  With limited oversight, the internet has evolved in ways that often prioritise profit over user rights. While selling data or pushing cookies might seem logical in this context, they can undermine trust and reputation. And the tide is slowly but surely shifting as consumers and legislators push back.

  Consumers no longer want to buy from companies that will use their data in ways they don’t agree to. In 2022, 75% of UK and US consumers surveyed said they were uncomfortable purchasing from businesses with weak data ethics.

  Legislators worldwide have been taking part in this effort for nearly a decade, with laws like GDPR in the EU and LGPD in Brazil, as well as the various state laws in the US, like California’s CCPA and Virginia’s VCDPA. 

  Even tech giants are no longer above the law, like Meta, which was fined over a billion Euros for GDPR violations in 2023.

  

  These changes may make the internet feel less business-friendly at first glance, but ethical choices ultimately build a stronger digital ecosystem for both companies and consumers. 

  Likewise, all internet users alike can make this happen by shunning short-term profit and convenience for healthier, long-term choices and behaviour.

  As we dig into what it takes to build an ethical web, remember that no company or individual is free from mistakes in these areas nor is it an overnight fix. Progress is made one click at a time.

  Ethical SEO : Optimising your content and your ethics

  Content creation and search engine optimisation (SEO) require so much work that it’s hard to fault creators for not always abiding by search engine guidelines and seeking shortcuts – especially when there’s a sea of LinkedIn posts about how copying/pasting ChatGPT responses helped someone rank #1 for several keywords in one week.

  However, users turn to Google and other search engines for something of substance that will guide or entertain them.

  Content meets customer needs and is more likely to lead to sales when it’s well-written, original and optimised just enough to make it easier to find on the first page of results. This doesn’t happen when content teams dilute quality and waste a reader or viewer’s time on posts that will only yield a higher bounce rate.

  Some SEO pros do find success by building backlinks through private blog networks or crafting a million unedited posts with generative AI, but it’s short-lived. Google and other search engines always catch up, and their content plummets or gets penalised and delisted with every new update.

  Content teams can still rank at the top while sticking to ethical SEO principles. Here’s a sample list of dos and don’ts to get started :

  • Do put content quality above all else. Make content that serves the audience, not just a brand or partner ad network.
  • Do apply the E-E-A-T framework. Search engines value content written by authors who bring expertise, experience, authority and trust (E-E-A-T).
  • Don’t keyword stuff. This might have worked in the early days of SEO, but it hurts readability and now harms article performance.
  • Do use alt text as intended. While it can still help SEO, alt text should prioritise accessibility for users with screen readers.

  • Don’t steal content. Whether it’s violating copyright, copying/pasting other people’s content or simply paraphrasing without citation, companies should never steal content.
  • Don’t steal ideas. It’s okay to join in on a current conversation or trends in an industry, but content creators should be sure they have something valuable to add.
  • Do use AI tools as partners, not creators. AI can be an incredible aid in crafting content, but it should never be posted without a human’s touch.

  When we follow ethical SEO guidelines and get more clients with our content, how do we best handle their data ?

  Ethical data governance : Important principles and how to avoid data misuse

  Data governance comprises every aspect of how a company manages data, including storage, security, privacy, lifecycle management, setting policies and maintaining compliance with laws like GDPR and HIPAA.

  Applying data ethics to governance is doing it all in a transparent, restrained way that acknowledges an individual’s right to ownership over their data. 

  For organisations, this translates to getting consent to collect data and clearly spelling out how it will be stored and used — and sticking to it.

  If a user’s birth date is needed for legal reasons, it cannot be sold to a third party or later used for something else without explicit permission. Reusing data in ways that stray from its original purpose is a form of commingling, one of the data misuses that is easy for even well-intentioned teams to do accidentally.

  Ethical data governance also includes the vigilant safeguarding of users’ data and minimising potential privacy issues.

  Failing to implement and adhere to strong security measures leads to situations like the National Public Data (NPD) breach, where cyber criminals expose the addresses, phone numbers and social security numbers of hundreds of millions of people. This was due in large part to a weakness in storing login credentials and a lack of password policy enforcement.

  No one at NPD wanted this to happen, but security likely took a backseat to other business concerns, leading to the company’s filing for bankruptcy.

  More importantly, as a data broker that aggregates information from other sources, the people affected likely had no clue this organisation had been buying and selling their data. The companies originally entrusted with their information helped provide the leaked data, showing a lack of care for privacy.

  Situations like this reinforce the need for strict data protection laws and for companies to refine their data governance approach. 

  Businesses can improve their data governance posturing with managers and other higher-ups setting the right tone at the top. If leadership takes a firm and disciplined approach by setting and adhering to strong policies, the rest of the team will follow and minimise the chances of data misuse and security incidents.

  One way to start is by using tools that make the principles of data ethics easier to follow.

  Ethical web analytics : Drawing insights while respecting privacy

  Web analytics tools are designed to gather data about users and what they do while visiting a site.
  The most popular tool worldwide is Google Analytics (GA). Its brand name and feature set carry a lot of weight, but many former users have switched to alternatives due to dissatisfaction with the changes made in GA4 and reservations about the way Google handles data.

  

  Google is another tech giant that has been slapped with massive GDPR fines for issues over its data processing practices. It has run so afoul of compliance that it was banned in France and Austria for a while. Additionally, in the US Department of Justice’s ongoing antitrust lawsuit against Google, the company’s data tracking has been targeted for both how it affects users and potential rivals.

  Unlike GA, ethical web analytics tools allow websites to get the data they need while respecting user privacy.

  Matomo offers privacy protections like :

  • Providing data anonymisation and IP anonymisation
  • Allowing users the ability to not process personally identifiable information (PII)
  • Disabling the ability to track users across websites by default to make compliance easier
  • Giving users full control over their customer data without the risk of it getting into the hands of third parties
  • Much more

  We’re also fully transparent about how we handle your data on the web and in the Matomo Cloud and in how we build Matomo as an open-source tool. Our openness allows you to be more open with your customers and how you ethically use their data.

  There are other GDPR-compliant tools on the market, but some of them, like Adobe Analytics, require more setup from users for compliance, don’t grant full control over data and don’t offer on-premise options or consent-free tracking.

  Beyond tracking, there are other ways to make a user’s experience more enjoyable and ethical.

  Ethical user experience : User-friendliness, not user-hostility

  When designing a website or application, creating a positive user experience (UX) always comes first. 

  The UI should be simple to navigate, data and privacy policy information should be easy to find and customers should feel welcomed. They must never be tricked into consenting or installing. 

  When businesses resort to user-hostile tactics, the UX becomes a battle between the user and them. What may seem like a clever tactic to increase sign-ups can alienate potential customers and ruin a brand’s image. 

  Here are some best practices for creating a more ethical UX :

  Avoid dark patterns

  Dark patterns are UI designs and strategies that mislead users into paying for, agreeing to or doing something they don’t actually want. These designs are unethical because they’re manipulative and remove transparency and consent from the interaction. 

  In some cases, they’re illegal and can bring lawsuits. 

  In 2023, Italy’s Data Protection Authority (DPA) fined a digital marketing company €300,000 for alleged GDPR violations. They employed dark patterns by asking customers to accept cookies again after rejecting them and placing the option to reject cookies outside the cookie banner. 

  Despite their legality and 56% of surveyed customers losing trust in platforms that employ dark patterns, a review by the Organisation for Economic Co-operation and Development (OECD) found that 76% of the websites examined contained at least one dark pattern.

  

  If a company is worried that they may be relying on dark patterns, here are some examples of what to avoid :

  • Pre-ticking boxes to have users agree to third-party cookies, sign up for a newsletter, etc.
  • Complicated cookie banners without a one-click way to reject all unnecessary cookies
  • Hiding important text with text colour, under drop-down menus or requiring hovering over something with a mouse 
  • “Confirm shaming” users with emotionally manipulative language to delay subscription cancellations or opt out of tracking 

  Improve trust centres

  Trust centres are the sections of a website that outline how a company approaches topics like data governance, user privacy and security. 

  They should be easy to find and understand. If a user has a question about a company’s data policy, it should be one click away with language that doesn’t require a law degree to comprehend.

  Additionally, trust centres must cover all relevant details, including where data is stored and who does the subprocessing. This is an area where even some of the best-intentioned companies may miss the mark, but it’s also an easy fix and a great place to start creating a more ethical web.

  Embrace inclusivity

  People want to feel welcomed to the party — and deserve to be — regardless of their race, ethnicity, religion, gender identity, orientation or ability. 

  Inclusivity is great for customers and companies alike. 

  A study by the Unstereotype Alliance found that progressive marketing drove up short- and long-term sales, customer loyalty and purchase consideration. A Kantar study reported that 75% of surveyed customers around the world consider a company’s diversity and inclusivity when making a purchasing decision.

  An easy place to start embracing inclusivity is with a website’s blog images. The people in photos and cartoons should reflect a variety of different backgrounds.

  Another area to improve inclusivity is by making your site or app more accessible.

  Accessibility ethics : An internet for everyone

  Accessibility is designing your product in a way that everyone can enjoy or take part in, regardless of ability. Digital accessibility is applying this design to the web and applications by making accommodations like adding descriptive alt text to images for users with visual impairments.

  Just because someone has a hearing, vision, speech, mobility, neurological or other impairment doesn’t mean they have any less of a right to shop online, read silly listicles or get into arguments with strangers in the comment section.

  Beyond being the right thing to do, the Fable team shows there’s a strong business case for accessibility. People with disabilities have money to spend, and the accommodations businesses make for them often benefit people without disabilities, too – as anyone who streams with subtitles can attest.

  Despite being a win-win for greater inclusivity and business, much of the web is still inaccessible. WebAIM, a leader in web accessibility, studied a million web pages and found an average of over 55 accessibility errors per page.

  We must all play a more active role in improving the experience of our users with disabilities, and we can start with accessibility auditing and testing.

  An accessibility audit is an evaluation of how usable a site is for people with disabilities. It may be done in-house by an expert on a company’s team or, for better results, a third-party consultant who can give a fully objective audit.

  Auditing might consist of running an automated tool or manually checking your site, PDFs, emails and other materials for compliance with the Web Content Accessibility Guidelines list.

  Accessibility testing is narrower than auditing. It checks how accessibility or its absence looks in action. It can be done after a site, app, email or product is released, but it ideally starts in the development process.

  Testing should be done manually and with automated tools. Manual checks put developers in the position of their users, allowing them to get a better idea of what users are dealing with firsthand. Automated tools can save time and money, but there should always be manual testing in the process.

  Auditing gives teams an idea of where to start with improving accessibility, and testing helps make sure accommodations work as intended.

  Conclusion

  At Matomo, we strive to make the ethical web a reality, starting with web analytics.

  For our users, it means full compliance with stringent policies like GDPR and providing 100% accurate data. For their customers, it’s collecting only the data required to do the job and enabling cookieless configurations to get rid of annoying banners. 

  For both parties, it’s knowing that respect for privacy is one of our foundational values, whether it’s the ability to look under Matomo’s hood and read our open-source code, the option to store data on-premise to minimise the chances of it falling into the wrong hands or one of the other ways that we protect privacy.

  If you weren’t 100% ethical before, it’s never too late to change. You can even bring your Google Analytics data with you.

  Join us in our mission to improve the web. We can’t do it alone ! 

  Try Matomo free for 21 days

  no credit card required