Web Analytics Code of Ethics

Eric T. Peterson, Founder and Senior Partner at Web Analytics Demystified, Inc. has drafted a document for review and comment by the Web Analytics Association Standards Committee, the WAA Board of Directors, and all web analytics practitioners everywhere, whether WAA members or not.  Why? It would allow web analysts and the companies we work for to wear white hats and gain the trust of consumers. It would also be a starting point for an education campaign on the benefits of digital measurement tracking.

A copy of the proposed version is below.

Web Analysts Code of Ethics (1.0, drafted September 8, 2010)

As a professional web analyst and as a member of the global web analytics community I hereby agree to the following code of behavior regarding consumer data collected on any digital property I work on, with, or for:

  • I hold consumer data privacy in the highest regard and will do everything in my power to keep that data safe, secure, and private. To this end I will never knowingly transfer, release, or otherwise distribute data gathered through digital channels without express permission from the consumer(s) who generated the data;
  • I understand that the average consumer expects their online activity to be anonymous and I will work to keep it that way. Regardless of whether I have the ability to co-mingle personally identifiable and anonymous data, I will never connect the two unless A) customers have been directly appraised of this effort in advance and B) I am confident in my company’s ability to protect that data and keep it safe;
  • I will work diligently to ensure that my management team is well aware of the types of data we collect and the risks to consumers associated with those data. Part of my job is knowing what technology we have deployed and ensuring that others in my company, especially my senior leadership, are aware of how that technology could be used in a way that can be perceived of as invasive;
  • I will make every effort to help others in my organization understand why consumer data privacy is important. Recognizing that in my role I am rarely on the front-lines, I believe that the time it takes to make my co-workers aware of our commitment to data privacy is time well spent;
  • I will do my best to use tracking- and browser-based technologies in the way they were designed and not “hack” them to gather information simply because it is possible. Despite clear documentation regarding the possibilities, I will not use Flash, the browser cache, HTML5, or any other technology to “spy”, “reset”, or otherwise circumvent consumer control over their browsing experience;
  • I will work diligently with my company’s legal team to ensure that our privacy policy is up-to-date and provides an accurate and truthful reflection of our collection, use, and policy towards digitally-collected data. Whenever a new measurement technology is deployed I will assume the responsibility for starting the conversation with our legal team about the need to update our privacy policy;
  • I will pay close attention to the list of individuals inside my company and out that have access to any digitally-collected data falling under my domain. Given the ease with which access to digital data collectors can be shared I will work diligently to ensure that access lists are up-to-date and that anyone with access to these systems understands how that data can and cannot be used;
  • If anyone asks I will be transparent, honest, and forthright regarding the data we collect and how it is used to improve the overall consumer and customer experience online. I will, however, only share this information with express permission from my management team if the information will or might leave the confines of our organization;
  • I will work to enforce a cookie and user identification policy that is appropriate and respectful of the consumer experience in the environment I work in. If persistent cookies are not required I will suggest an expiration date. If user IDs could be used to track back to a known individual I will recommend reasonable obfuscation. I will advocate for first-party cookies (as opposed to third-party cookies) whenever possible;
  • Provided it exists I will reference the work of my industry Association whenever anyone has a question about this Code of Ethics, the industry I work in, or the work I do. I recognize that we are far stronger as a community than any one individual could ever be, and I believe that consistency in voice is important to communicating effectively about the work that I do.



Tweet