Web Analytics and Privacy

Web Analytics and PrivacyHow to Mitigate Data Risks in the Age of Evolving Privacy Legislation

Web Analytics and Privacy

The ubiquity of data is bordering on pervasive, so much that an

acute tension is building between technological capabilities and

ethical uses of data.


If your business is a data processor, you need to follow strict privacy laws in order to avoid fines and protect your

stakeholders.


Here we will focus specifically on privacy for web analytics:

• Evolving Privacy Legislation

• Personal Data vs. Personally Identifiable Information (PII)

• Risk Classification of Web-Analytics and Related Processes


Evolving Privacy Legislation


Download free PDF!

You can read full discussion of the issue in our comprehensive

whitepaper...

...or get an overview by exploring this brief presentation

https://piwik.pro/c/web-analytics-in-data-sensitive-industries-2/?pk_campaign=Piwik_vs_Analytics_WP&pk_medium=leads&pk_source=Slideshare


As data flows are rarely limited to a single country, the objective becomes to build flexible and sustainable analytics setups that cover all regions.



Legislative misalignments can expose you to some serious monetary penalties:

• Fines are typically capped at 500k € in certain countries of the EU

• Upcoming General Data Protection Regulation (GDPR) is expected to allow fines up to as much as 2% to 5% of an organization’s global turnover

• US class action suits can lead to exposure to loss of much larger amounts



Note that GDPR is the strictest privacy law that has ever been introduced. It will have a significant impact on all businesses dealing with customers within the European Union.



GDPR will come into force within two years. What are

the core issues regarding Web Analytics?



Profiling is defined as any form of automated processing of personal data to predict aspects concerning performance at work, economic situation, reliability, behaviour, movements and others.

• GDPR concerns all companies processing personal data about EU residents.

• The profiling process must be automated

• The purpose of the profiling must be to evaluate personal aspects of a natural person

• One cannot use an individual’s PII for profiling purposes unless such profiling is in the public interest

• Explicit consent is necessary as a new legal basis for data processing

• Data subjects must be informed about any profiling activities



Where should you start to make sure your organization is compliant with the new law?


Guidelines on the Protection of Privacy and Transborder Flows of Personal Data by the OECD have become an internationally accepted set of rules for processing personal information. They will work just fine as a starting point.



OECD privacy principles:

1. Collection Limitation: Data collection should occur only with the knowledge and consent of the concerned individual (data subject).

2. Data Quality: One should only collect information which is accurate and relevant to a particular aim.

3. Individual Participation: The concerned individual should know if their information has been collected and must be able to access it if such data exists.

4. Purpose Specification: The intended use for a particular piece of information must be known at the time of collection.

5. Use Limitation: Collected data must not be used for purposes other than those specified at the time of collection.

6. Security Safeguards: Reasonable measures must be taken to protect data from unauthorized use, destruction, modification, or disclosure of personal information.

7. Openness: Individuals should be able to avail themselves of data collection and be able to contact the entity collecting this information.

8. Accountability: The data collector should be held accountable for failing to abide by any of the above rules. A dedicated person must be appointed



Remember that these outlined principles are acceptable as the core of your web-analytics privacy practices, but in many cases they may not be enough.



Personal Data vs. Personally Identifiable Information (PII)



Knowing the legal redline related to data types is crucial for minimizing the risk of

breaches or violations.

PII is a US-based concept, while Europe refers to Personal Data.


PII data can be linked to a particular individual, whereas Personal Data can relate to someone without identification.



E-mail address, name or phone number constitute PII, and the

use of this data to capture an individual’s behaviour may be

considered an abuse under privacy regulations.




Aurélie Pols

Taking into consideration the broad and vague definition of sensitive data, as enshrined in the European regulations, it is more practical to set up processes to detect PII following the US-based legislation. The recommended practice is therefore to use the US PII lists as a starting point to define escalation procedures and supplement such lists with context-related European practices.

Mind Your Privacy

https://www.mindyourprivacy.com/


Risk Classification of Web-Analytics and Related Processes


How can you be sure your company is fulfilling all of its data-related obligations? What methods can help you assign such responsibilities?



The scope of obligations for companies will depend upon the type of data they collect,

process, and share.



Responsible Who is/will be doing this task?

Who is assigned to work on this task?

Accountable Whose head will roll it this goes wrong?

Who has authority to make a decision?

Consulted Who con tell me more about this task?

Are any stakeholders already identified?

Informed Whose work depends on this task?

Who has to be kept updated about the progress?


One popular example of a responsibility-assignment method is the the RACI model, which stands for Responsible,

Accountable, Consulted, and Informed.


Another method useful in certain contexts, particularly the privacy aspects of data uses, is

the Privacy Impact Assessment (PIA). It typically consists of workflow-based questionnaires used by companies to identify and contain risks from

the beginning.



Fluid privacy regulations, changing terms and conditions, excessive authority of legal counsel, and misunderstanding of legislation may indeed cause some companies to come to an analytical

halt.



Taking that into account, responsibility could be divided into three main areas associated with the RACI model we mentioned above. When

relating this to customer relationship, data-risk classification could be seen as follows...



Classification Description Allocation

Green Carry-on, no issues here Full responsibility stays within analytics, no further consultations needed

Orange Bring in an outside counsel to be on the safe date

Analytics remain responsible; consult with provacy

Red

This is cutting edge, involves personal data and/or sensitive information and/or separate legal entitles

Privacy is informed and signs off or suggests risk-mitigation solutions (saying NO is not an answer, as next time they won’t be informed)



Or in other words, the above classification looks something like:

• Green: An individual comes to a digital property and leaves a data trail.

• Orange: A company wants to take a look at which individuals come back and what their technical environment is like; e.g. using cookies.

• Red: A company wants to stitch digital touch-points together.



Aurélie Pols

The trick is to understand when Green, Orange, and Red protocols are best applied to optimize data-privacy management. Remember, context remains of essence to assure privacy rights are respected.

Mind Your Privacy


https://www.mindyourprivacy.com/


Download!

If you want to learn more about mitigating data risks,

read our free whitepaper written by renowned

European privacy expert Aurélie Pols:

https://piwik.pro/c/web-analytics-in-data-sensitive-industries-2/?pk_campaign=Piwik_vs_Analytics_WP&pk_medium=leads&pk_source=Slideshare

Thank You

@piwikPRO /PiwikPro /piwik-pro

https://twitter.com/piwikpro

https://www.facebook.com/PiwikPro/

https://www.linkedin.com/company/piwik-pro

Web Analytics and Privacy

Data & Analytics

Transcript of Web Analytics and Privacy