The use of online tracking tools is one of the primary methods that businesses can use to inform their marketing efforts and therefore grow revenue. In order to do this, companies with an online presence most often use cookies and tags, also known as web beacons, to gather data about their consumers and their habits. Cookies are small text files that a website can place on a user’s device that enables them to recognize and track their online behavior. Similarly, tags are the technical mechanism by which cookies are stored on a user’s device, collecting data including but not limited to the pages they view, products they purchase, and how they accessed the website.

Because of the expansive technology that businesses can use to gather personal data on their customers, there are many privacy regulations that have been put into place to protect the rights of the user when online, which may be part of why cybersecurity insurance rates are rising. For example, in Europe, ePrivacy Directive is the governing body of user experience and privacy, and secures one’s right to privacy in terms of online tracking, personal profiting, unsolicited marketing tactics, and nonconsensual data harvesting by third parties. Similarly, the General Data Protection Regulation (GDPR) addresses data protection regardless of data type, giving users multiple rights and powers over where and with whom their data is shared. In the United States, state-specific legislation gives users rights related to the processing of their personal information. California, Colorado, and Virginia are only a few of the many states that outline specific guidelines for how data and private information is handled.

If too many users refuse to consent to sharing their data, businesses struggle to gather sufficient data and analytics may be rendered useless. When websites are unaware of the proportion of consenting users, what cohort is reflected in collected data, and if a sufficient sample is present to make accurate optimizations, it is increasingly difficult for businesses to make accurate inferences about user behavior. In addition, if these regulations are violated, there are heavy fines associated with non-compliance. In May 2018, the EU issued over 800 fines, and to date, big name companies like Amazon and Google have incurred millions of dollars in fines. It is tedious for users to read the consent agreement and give permission to a website to store their data, therefore a smaller proportion of users are consenting, leaving companies with insufficient information and a higher likelihood of fines and violations.

There is now a new approach to online privacy law compliance that allows businesses to make the most of the data that they have in an ethical way. This measurement methodology involves collecting data anonymously without the use of cookies, and suggests that websites prompt users to provide a login or to register early in the user funnel. Both of these methods will allow for data collection in common scenarios where consent is not necessary or when it is given voluntarily under the guise of account creation with a certain business or web page. This data is vital to marketers and users alike, as it allows a company to make informed decisions about their user’s interests in the most ethical way, which is important to customers. Data in today’s world is so powerful, and it’s important to present the best tools to harness that power, lawfully.