Potentiality Leads the Way with the ‘Privacy Detector’ Booth

Potentiality Leads the Way with the ‘Privacy Detector’ Booth

 
Article supplied by Isabella Blick | Head of Asia Pacific Customer Experience | Potentiality

 

At the recent Northampton conference, we rolled out an unprecedented experiment: a “Privacy Detector” booth. Participants from academic institutions across the UK and beyond had the opportunity to delve into the privacy health of their school websites. Utilising a custom Chrome extension and some smart circuitry, this detector would trigger an alerting siren if it detected user engagement data being channeled to marketing powerhouses like Google or Facebook. Instead of the “out of sight, out of mind” approach, we turned it on its head and sirens took center stage! Schools with no data leakage would walk away with a £50 gift voucher. Over 100 schools dared to test, but the results were staggering: none passed. *

We were aware these tools were common, but the unanimous adoption was a jaw-dropper. As the time-honored saying goes, “if you’re not paying for the product, you are the product.” but here the narrative takes a more sinister turn. When schools or software providers decide to use free tools offered by giants like Google or Facebook, they turn their communities into the product without any reasonable opportunity to consent. There’s a lot of controversy about the privacy implications of individual usage of online resources like Facebook and Tik Tok, but at least with those sites it’s a conscious decision which each individual controls.

In today’s digital landscape, schools and educational institutions are increasingly leveraging potent web analytics to optimize their online presence. Industry bigwigs such as Google Analytics and Facebook Pixel offer insights that can significantly enhance the user experience and amplify website functionality. So if all this is free, who’s footing the bill?

On inspecting one site, we discovered that user donation amounts were shared with these marketing companies. The eventual fallout? The user ends up being marketed to based on a donation made to the school. That’s a pill I doubt they’d swallow willingly…

Navigating the privacy policies of these companies can feel like walking through a maze. Google Analytics, arguably the most guarded, sports a very complex set of policies. They claim data anonymization, but truthfully, they don’t need to know who you are to market to you. They also note that site visitors can control their marketing exposure via their Google profiles – a process trickier than visitors would reasonably anticipate. I won’t dive into all the legal intricacies in this article, but if these companies weren’t planning on marketing based on site usage, wouldn’t they simply state “we don’t use this data to target marketing to your visitors”? 

A recurring misguided belief among the UK schools we interacted with was that these tools were vital for boosting their Google Search visibility (SEO). That’s a completely different ballgame. They were also caught off guard to learn that switching to incognito mode or disabling cookies had zero impact! These tools aren’t cookie-dependent so that makes no difference. In my view, the offer to disable cookies which is creating a false sense of security is not just misleading,but ethically questionable.

In almost all instances, schools were employing website providers that had their products integrated with these free tools. Marketing companies simplify this integration, consequently bolstering the website provider’s product offerings. However, at day’s end, it’s a shortcut that compromises the privacy of the client’s community to enhance their own product features. Implementing private and secure analytics tools does require time and effort, but the payoff is retaining ownership of the engagement data within the school, yielding more profound and relevant analytics than what Google Analytics and Facebook Pixel can offer. As an example, our latest product release – “Potentiality Shield” (purposefully named) enables us to track not just the hits, browsers, devices, and locations of each visitor, but often precisely who is visiting what pages. This can be used collectively with all other automatically collected engagement data such as purchases, event attendances, archive views, click and reads on emails etc, to build warmth profiles for fundraising or volunteer management. You can even use the data to train our bulk AI comms tools which draft mass individually personalized messages based on user engagement. The possibilities are powerful, exciting and scary all at the same time. Which is the reason why these companies want schools to give the data to them. For a school to manage and utilize this data themselves also introduces a host of ethical questions, but at least the school and their community retain control and aren’t unknowingly feeding data to major marketing companies.

So what can we learn from this experiment and where to from here? There was certainly a lot of surprise amongst our stall visitors when they saw what was going on. So it’s certainly a positive that our participants are more aware and perhaps making a more informed decision on what technologies they use. However the tricky part here is that it’s their community paying the price, so shouldn’t their community be granted the same awareness if the commodity in question is their engagement data? Do schools replace the cookie control popups with warning banners telling visitors that there’s nothing they can realistically do to prevent marketing companies targeting advertising to them based on their use of the site? One suggestion by a school, as the only way to guarantee privacy, was for their site visitors to use a Tor Browser (a browser used mostly to access the dark web). I’ll leave it to the readers of this article to decide if they want to put that on their school website!

While I loathe being the purveyor of grim tidings, I can’t see that these tools are acceptable or even ethical to use in an educational environment. Schools aren’t just institutions; they’re communities, distinct from regular websites. If an airline site shares data with marketing sites, they might just shrug it off as “business as usual”. Schools however embody a community and should hold the privacy and security of that community sacrosanct. If community members are uncomfortable being tracked by marketing companies without their express permission or even knowledge, then their data simply shouldn’t be shared.

It’s time to shield our communities and ensure their digital safety. Remember, privacy matters. Let’s act like it does.

* Potentiality clients were excluded from the free voucher giveaway, as we utilise our proprietary analytics tools which naturally pass the privacy test. The data collected stays wholly owned by the school and is not shared or used by other companies or clients in any way