Recherche avancée

Sur d’autres sites (6674)

• Announcing our latest open source project : DeviceDetector

  30 juillet 2014, par Stefan Giehl — Community, Development, Meta, DeviceDetector

  This blog post is an announcement for our latest open source project release : DeviceDetector ! The Universal Device Detection library will parse any User Agent and detect the browser, operating system, device used (desktop, tablet, mobile, tv, cars, console, etc.), brand and model.

  Read on to learn more about this exciting release.

  Why did we create DeviceDetector ?

  Our previous library UserAgentParser only had the possibility to detect operating systems and browsers. But as more and more traffic is coming from mobile devices like smartphones and tablets it is getting more and more important to know which devices are used by the websites visitors.

  To ensure that the device detection within Piwik will gain the required attention, so it will be as accurate as possible, we decided to move that part of Piwik into a separate project, that we will maintain separately. As an own project we hope the DeviceDetector will gain a better visibility as well as a better support by and for the community !

  DeviceDetector is hosted on GitHub at piwik/device-detector. It is also available as composer package through Packagist.

  How DeviceDetector works

  Every client requesting data from a webserver identifies itself by sending a so-called User-Agent within the request to the server. Those User Agents might contain several information such as :

  • client name and version (clients can be browsers or other software like feed readers, media players, apps,…)
  • operating system name and version
  • device identifier, which can be used to detect the brand and model.

  For Example :

  Mozilla/5.0 (Linux; Android 4.4.2; Nexus 5 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.99 Mobile Safari/537.36

  This User Agent contains following information :

  Operating system is Android 4.4.2, client uses the browser Chrome Mobile 32.0.1700.99 and the device is a Google Nexus 5 smartphone.

  What DeviceDetector currently detects

  DeviceDetector is able to detect bots, like search engines, feed fetchers, site monitors and so on, five different client types, including around 100 browsers, 15 feed readers, some media players, personal information managers (like mail clients) and mobile apps using the AFNetworking framework, around 80 operating systems and nine different device types (smartphones, tablets, feature phones, consoles, tvs, car browsers, cameras, smart displays and desktop devices) from over 180 brands.

  Note : Piwik itself currently does not use the full feature set of DeviceDetector. Client detection is currently not implemented in Piwik (only detected browsers are reported, other clients are marked as Unknown). Client detection will be implemented into Piwik in the future, follow #5413 to stay updated.

  Performance of DeviceDetector

  Our detections are currently handled by an enormous number of regexes, that are defined in several .YML Files. As parsing these .YML files is a bit slow, DeviceDetector is able to cache the parsed .YML Files. By default DeviceDetector uses a static cache, which means that everything is cached in static variables. As that only improves speed for many detections within one process, there are also adapters to cache in files or memcache for speeding up detections across requests.

  How can users help contribute to DeviceDetector ?

  Submit your devices that are not detected yet

  If you own a device, that is currently not correctly detected by the DeviceDetector, please create a issue on GitHub
  In order to check if your device is detected correctly by the DeviceDetector go to your Piwik server, click on ‘Settings’ link, then click on ‘Device Detection’ under the Diagnostic menu. If the data does not match, please copy the displayed User Agent and use that and your device data to create a ticket.

  Submit a list of your User Agents

  In order to create new detections or improve the existing ones, it is necessary for us to have lists of User Agents. If you have a website used by mostly non desktop devices it would be useful if you send a list of the User Agents that visited your website. To do so you need access to your access logs. The following command will extract the User Agents :

  zcat ~/path/to/access/logs* | awk -F'"' '{print $6}' | sort | uniq -c | sort -rn | head -n20000 > /home/piwik/top-user-agents.txt

  If you want to help us with those data, please get in touch at devicedetector@piwik.org

  Submit improvements on GitHub

  As DeviceDetector is free/libre library, we invite you to help us improving the detections as well as the code. Please feel free to create tickets and pull requests on Github.

  What’s the next big thing for DeviceDetector ?

  Please check out the list of issues in device-detector issue tracker.

  We hope the community will answer our call for help. Together, we can build DeviceDetector as the most powerful device detection library !

  Happy Device Detection,

• 4 Ways to Embed User Privacy & Data Security in Your Business

  15 juillet 2022, par Erin — Privacy

  Customer analytics undeniably plays a vital role for businesses. Product improvements, interface personalisation, content improvements, and creative advertising thrive on data. 

  Yet, there’s a fine line between being a customer-centred company and a privacy-violating one. 

  Due to ubiquitous online tracking, 62% of Americans now believe that it’s impossible to go about their daily lives without companies collecting data about them. Still, despite the importance of privacy in business for consumers, companies are reluctant to act. Privacy initiatives often stay on the back burner due to perceived complexity. That’s true to some extent.

  Privacy in business does assume complex technical changes to your data management. But to be a privacy-centred organisation, you also need to re-think your processes, practices, and culture. 

  Here are four ways to start your journey to better user privacy and data security. 

  1. Revise Your Data Collection Process to Gain Consumer Trust 

  The public is wary of sharing data with businesses because they are suspicious of its subsequent usage. 

  However, not all data collection is bad or wrong. In many cases, you need specific data for service delivery, compliance, or good-natured personalisation. 

  That’s exactly what consumers expect. Almost half of US consumers say they’d trust a company that limits the amount of personal information requested and only asks for data relevant to its products/services. 

  By limiting data collection and offering transparent data usage terms, you can : 

  • Reassure reluctant users to try your product or service — hence, boost conversions and sales. 
  • Retain existing audiences by gaining their trust, which leads to loyalty and higher customer lifetime value (CLV). 

  To gain consumers’ trust, implement proper consent and opt-out mechanisms. Then create educational materials about how you are collecting and using their data.

  2. Perform Data Mapping to Determine Where Sensitive Data Rests 

  Businesses are already pressed with an expanded cyber-security radar, courtesy of remote work, digital payment processing, IoT device adoption, etc. Yet, 41% of the executives don’t think their security initiatives have kept up with the digital transformations.

  Loopholes in security eventually result in a data breach. The average cost of a data breach looms at $4.24 million globally. The sum includes regulatory fines and containment costs, plus indirect losses in the form of reduced brand equity and market share. 

  Lax data protection in business also undermines consumer trust : 87% of consumers wouldn’t transact with a company if they had qualms with its security practices. 

  To improve your security posture, analyse where you are storing sensitive consumer data, who has access to it (internally and externally), and how you are protecting it. Then work with cybersecurity specialists on implementing stronger consumer security mechanisms (e.g. auto-log offs, secure password policy, etc) and extra internal security policies (if needed). 

  At the same time, start practising data minimisation. Ensure that all collected data is : 

  • Adequate – sufficient to meet your stated objectives 
  • Relevant – is rationally linked to the objectives 
  • Limited – no unnecessary data is collected or stored
  • Timely – data is periodically reviewed and removed when unnecessary 

  

  These principles prevent data hoarding. Also, they help improve your security posture and regulatory compliance by reducing the volume of information you need to safeguard.

  3. Do an Inventory of Your Business Tools

  Data leaks and consumer privacy breaches often occur through third parties. Because Google Analytics was deemed in breach of European GDPR in France, Austria and Italy, businesses using it are vulnerable to lawsuits (which are already happening). 

  Investigate your corporate toolkit to determine “weak links” – tools with controversial privacy policies, murky data collection practices, and poor security. 

  Treat it as a journey and pick your battles. By relying on Big Tech products for years, you might have overlooked better alternatives. 

  For example :

  • Matomo is a privacy-centred Google Analytics alternative. Our web analytics is compliant with GDPR, CCPA, and other global privacy laws. Unlike Google Analytics, we don’t exploit any data you collect and provide full transparency into how and where it’s stored. Or if you want a simple analytics solution, Fathom is another great privacy-friendly option.

  

  • For online data storage, you can choose Proton Drive or Nextcloud (open-source). Or host your corporate data with a local cloud hosting provider to avoid cross-border data transfers.

  

  Aim to progressively replace Google products with more privacy-centred alternatives. 

  4. Cultivate a Privacy-Centred Corporate Culture 

  To make privacy a competitive advantage, you need every team member (at every level) to respect its importance. 

  This is a continuous process of inspiring and educating your people. Find “privacy ambassadors” who are willing to lead the conversations, educate others, and provide resources for leading the change. 

  On an operational level, incorporate privacy principles around data minimisation, bounded collection, and usage into your Code of Conduct, standard operating procedures (SOPs), and other policies. 

  Creating a privacy-centric culture takes effort, but it pays off well. Cisco estimates that for each dollar spent on privacy, an average organisation gets $2.70 in associated benefits. Almost half (47%) of organisations gain 2X returns on their privacy initiatives.

  Moving Forward with a Data Privacy Programme 

  Privacy has become a strong differentiator for brands. Consumers crave transparency and ethical data usage. Regulators mandate limited data collection and proper security mechanisms.

  But sweeping changes are hard to implement. So start small and go one step at a time. Understand which first-party data your company collects and how it is stored.

  Then look into the tools and technologies you are using for data collection. Do these provide sufficient privacy controls ? How are they using data collected on your behalf ? Finally, move to wider transformations, pertaining to data management, cybersecurity, and cultural practices. 

  Be consistent with your effort — and eventually, all the pieces will fall into place. 

• Privacy in Business : What Is It and Why Is It Important ?

  13 juillet 2022, par Erin — Privacy

  Privacy concerns loom large among consumers. Yet, businesses remain reluctant to change the old ways of doing things until they become an operational nuisance. 

  More and more businesses are slowly starting to feel the pressure to incorporate privacy best practices. But what exactly does privacy mean in business ? And why is it important for businesses to protect users’ privacy ? 

  In this blog, we’ll answer all of these questions and more. 

  What is Privacy in Business ?

  In the corporate world, privacy stands for the business decision to use collected consumer data in a safe, secure and compliant way. 

  Companies with a privacy-centred culture : 

  • Get explicit user consent to tracking, opt-ins and data sharing 
  • Collect strictly necessary data in compliance with regulations 
  • Ask for permissions to collect, process and store sensitive data 
  • Provide transparent explanations about data operationalisation and usage 
  • Have mechanisms for data collection opt-outs and data removal requests 
  • Implement security controls for storing collected data and limit access permissions to it 

  In other words : They treat consumers’ data with utmost integrity and security – and provide reassurances of ethical data usage. 

  What Are the Ethical Business Issues Related to Privacy ?

  Consumer data analytics has been around for decades. But digital technologies – ubiquitous connectivity, social media networks, data science and machine learning – increased the magnitude and sophistication of customer profiling.

  Big Tech companies like Google and Facebook, among others, capture millions of data points about users. These include general demographics data like “age” or “gender”, as well as more granular insights such as “income”, “past browsing history” or “recently visited geo-locations”. 

  When combined, such personally identifiable information (PII) can be used to approximate the user’s exact address, frequently purchased goods, political beliefs or past medical conditions. Then such information is shared with third parties such as advertisers. 

  That’s when ethical issues arise. 

  The Cambridge Analytica data scandal is a prime example of consumer data that was unethically exploited. 

  Over the years, Google also faced a series of regulatory issues surrounding consumer privacy breaches :

  • In 2021, a Google Chrome browser update put some 2.6 billion users at risk of “surveillance, manipulation and abuse” by providing third parties with data on device usage. 
  • The same year, Google was taken to court for failing to provide full disclosures on tracking performed in Google Chrome incognito mode. A $5 billion lawsuit is still pending.
  • As of 2022, Google Analytics 4 is considered GDPR non-compliant and was branded “illegal” by several European countries. 

  If you are curious, learn more about Google Analytics privacy issues. 

  The bigger issue ? Big Tech companies make the businesses that use their technologies (unknowingly) complicit in consumer data violations.

  In 2022, the Belgian data regulator found the official IAB Europe framework for user consent gathering in breach of GDPR. The framework was used by all major AdTech platforms to issue pop-ups for user consent to tracking. Now ad platforms must delete all data gathered through these. Biggest advertisers such as Procter & Gamble, Unilever, IBM and Mastercard among others, also received a notice about data removal and a regulatory warning on further repercussions if they fail to comply. 

  Big Tech firms have given brands unprecedented access to granular consumer data. Unrestricted access, however, also opened the door to data abuse and unethical use. 

  Examples of Unethical Data Usage by Businesses 

  • Data hoarding means excessively harvesting all available consumer data because a possibility to do so exists, often using murky consent mechanisms. Yet, 85% of collected Big Data is either dark or redundant, obsolete or trivial (ROT).
  • Invasive personalisation based on sensitive user information (or second-guesses), like a recent US marketing campaign, congratulating women on pregnancy (even if they weren’t expecting). Overall, 75% of consumers find most forms of personalisation somewhat creepy. 22% also said they’d leave for another brand due to creepy experiences.
  • Hyper-targeted advertising campaigns based on data consumers would prefer not to share. A recent investigation found that advertising platforms often assign sensitive labels to users (as part of their ad profiles), indicative of their religion, mental issues, history with abuse and so on. This allows advertisers to target such consumers with dubious ads. 

  Ultimately, excessive data collection, paired with poor data protection in business settings, results in major data breaches and costly damage control. Given that cyber attacks are on the rise, every business is vulnerable. 

  Why Should a Business Be Concerned About Protecting the Privacy of Its Customers ?

  Businesses must prioritise customer privacy because that’s what is expected of them. Globally, 89% of consumers say they care about their privacy. 

  As frequent stories about unethical data usage, excessive tracking and data breaches surface online, even more grow more concerned about protecting their data. Many publicly urge companies to take action. Others curtail their relationships with brands privately. 

  

  On average, 45% of consumers feel uncomfortable about sharing personal data. According to KPMG, 78% of American consumers have fears about the amount of data being collected. 40% of them also don’t trust companies to use their data ethically. Among Europeans, 41% are unwilling to share any personal data with businesses. 

  Because the demand for online privacy is rising, progressive companies now treat privacy as a competitive advantage. 

  For example, the encrypted messaging app Signal gained over 42 million active users in a year because it offers better data security and privacy protection. 

  ProtonMail, a privacy-centred email client, also amassed a 50 million user base in several years thanks to a “fundamentally stronger definition of privacy”.

  The growth of privacy-mindful businesses speaks volumes. And even more good things happen to privacy-mindful businesses : 

  • Higher consumer trust and loyalty 
  • Improved attractiveness to investors
  • Less complex compliance
  • Minimum cybersecurity exposure 
  • Better agility and innovation

  It’s time to start pursuing them ! Learn how to embed privacy and security into your operations.