Category Archives: Cookie Law

Shooting the messenger – a right to forget the point!

An EU court has today backed the right for people to request that Google must amend some search results, in what is becoming known as the “right to be forgotten”. This story, reported on the BBC News website, raises some interesting questions and also possible paves the way for a world wide web police, for which Google must logically be placed.

But first lets look at the court case, which presents a few problems and, much like the “cookie law”, has got quite a few people excited despite having hold of the wrong end of a very large stick. For one, the EU Justice Commissioner, Viviane Reding, said in a post on Facebook that it is a “clear victory for the protection of personal data of Europeans”. I can’t help but feel she has massively missed the point here. Google themselves make the salient point; They do not control data, they only offer links to information freely available on the internet.

What Viviane is failing to see is that this ruling doesn’t solve any problem at all. If people want misleading, inaccurate or otherwise unfair information about themselves to be removed from the internet then asking Google to remove it from search results doesn’t remove it from the internet, it merely stops it being shown in Google. The information itself is still out there as a source for people to find. And you might argue that if it isn’t shown in the most popular search engine (and indeed website) in the world then that solves the problem, but if you believe that you’re probably a bit short sighted. Why? Well quite simply because the online world is changing.

An example of this change is this article, which talks about how the younger generation are consuming the internet through apps rather than browsers. This is significant because the web is moving towards an information warehouse rather than website based approach, where your app of choice will be used to retrieve this information. If this is indeed where the net ends up then Google will no longer be the majority search engine, and therefore the information that Google has obediently hidden will be found again. Not to mention that if the actual content is not removed, it only takes a couple of people to find it and share it and then it is all over the net.

So, what is this ruling actually doing? Well it is shooting the messenger for the ‘crimes’ of others. Google is suffering from being the biggest name in the web. It suits the cause of the advocates, politicians and legal personnel to aim the gun directly at a big name rather than this court case disappearing into obscurity once the actual offending website is dealt with. More to the point, like the cookie law, it will get a lot of normal people who don’t 100% understand how the web actually works riled up and support some piece of law being passed that doesn’t actually solve the problem, just covers it with a plaster for a while.

But there is something else going on here as well, something which many people have seen coming for a while. In placing the responsibility with Google (and presumably other search engines, although none have currently been mentioned) to manage and control this content they have now effectively asked them to start policing the internet. As there are vagaries around exactly when a person can validly ask for content to be removed, there will need to be someone making judgements on what is and isn’t allowed and Google are best placed to do this. They have the biggest reach, the widest data access and the best understanding of content monitoring and assessment. Another perceived advantage is that Google are agnostic of governments and institutions, meaning they are well placed to make impartial judgements (in theory).

Whether or not Google does end up being this web police or not, this court case is a line in the sand. To date the internet is largely uncontrolled and almost anything can be uploaded. But this court case has moved a step closer to a situation where either proactively or retrospectively content is going to be monitored and potentially restricted or even removed. The age of the free internet, the ultimate safe harbour of freedom of speech, may well be coming to an end. Whether this is a good or bad thing however, is a whole different question.

In the meantime, if you see something about yourself online that you don’t think should be there, don’t ask Google to remove it, ask the actual website. That will be much more effective in actually removing the content.

Why the long face?

So what is the big issue really? So what if a bit of horse has turned up in some burgers, the French eat horse after all. Well at the nub of it, yet again, is trust. The major issue with the horse meat fiasco is that there is uncertainty about where this meat came into the system and therefore issues around the quality and whether it is fit for consumption. As consumers, we put our trust in the providers of these products and assume that they are assuring that the quality of that food is as it should be. Critically, we assume that what the packet says it contains is actually what it contains.

This situation is just the latest in a long line of ‘let downs’ for the consumer, and they occur in every sector. The worry for the food industry is that this could be just the tip of the iceberg and once people lose their trust in a brand it is very hard to restore that trust. In digital the situation is very similar and our responsibilities to our users is exactly the same. Users instill trust in us when they interact with brands and with online assets, assuming that we are being responsible in the way we operate.

I have previously written about the EU “cookie law” and the principle that at its heart it is about trust. This recent news in the food sector highlights basic trust issues that we need to consider, because as digital practitioners cookies are just the tip of the iceberg. Take, for example, app development. If you download a new app and it has no location based features then when you load it up you wouldn’t expect to be asked if the app can log your location. Similarly, if you are using a navigation app then you wouldn’t expect the app to need your personal details in order to work. For a lot of people this is a very real imposition because the app, for no particular reason, is collecting personal information. The immediate question for a savvy user is “why do you need that information, how are you going to use it?” and the resulting response is likely to be a lack of trust, suspicion and possibly even deleting the app.

Storing data is another area of real concern for users. As I mentioned above, the first issue is asking for ‘unnecessarily’ data about someone. The second is how that data is being used and if it is being stored securely. The media is filled with stories about data disks being left on trains, people hacking into websites and stealing information and so called experts assuring us that data is never secure. Whilst this media attention is unhelpful, it highlights how much of an issue the normal person considers this to be. Our responsibility is to take the right steps to make sure that our builds are as secure as possible, including robust testing. It is also our responsibility to make sure we only store the data that is actually needed and that we explain, clearly and simply, why we need this data and what we do with it. It is also important to give users the chance to remove their data as well. Not least, this complies with the data protection act, but more importantly it shows a two way trust.

It is paramount that we show respect to our users and in return they will engage with our brands. Trust needs to be at the heart of everything that we do, whether it is communicating with them, the way we design our online presence for them, or in the way that we treat them and their data. Without trust there is no loyalty in a customer and that will ultimately mean it is harder to make them spend their money with us. Instead, we shuold cultivate good and trusted relationships with our customers and ten they will become advocates of our brands.

Anyone for a Cookie?

There has been a lot of chat about the so called “Cookie Law” in recent months, largely around whether or not to comply, what is compliant and what it is actually about. Well the first thing to understand about the “cookie law” is that it is about more than just cookies. The focus of the law is about storing information about the user (usually stored in text files in the browser called “cookies”), no matter what that information is. I am not going to go into the details of the law now, as you will no doubt already know the gist of it and if you don’t then the ICO website can help better than I can.

The key thing about this law that most people have failed to grasp though is not the specifics, it is the underlying point. The reason why so many people have got so animated about this law is nothing to do with technology and it is nothing to do gathering analytics, it is about trust. The simple truth is that if we are storing information about a user, without their consent, and they become aware of this then they will start to lose trust in the website and brand. It is not important whether we are storing information that can be related specifically to them or if it is something as high level as where they are going. The point is that we are storing information that affects how we treat them, even if it is anonymous.

We, as digital providers, know that a large proportion of the cookies we use are to see how people are using our websites or to provide users with specific / personalised functionally. But for the general public it is a different matter all together. They don’t understand how the technology works or how we use it and so finding out that we treat them in specific ways based on what they do is quite annoying for them. And I can understand this, I wouldn’t want other people to make decisions about how they treat me without me having any say at all.

So cutting through the murk, what does this mean for us? We (as people who store info for good reasons) have to accept that we are in this situation because of the rather less desirable people who have abused this technology in order to ‘stalk’ people around the web trying to market things. We can’t change that, we can’t change where we are now and not complying is actually not going to help anyone. Instead, we find ourselves with responsibilities as people designing these sites; The first of these is to tell people what we are doing, in plain English, explaining the benefits of the technology and the disadvantages of opting out. The second is to make sure that we only capture data that is absolutely needed. If you don’t need to know someone’s location then don’t capture it, simple as that. And lastly, give people the chance to opt out easily should they choose to. As long as they understand what opting out means then it should be their choice.

Whilst this is an annoying situation to be in, I think this can only be a good thing in the long run. Most people are willing to accept data being stored about them as long as they understand why and it is providing them with a clear benefit. I know I am. This heightened awareness in the public will surely allow us to push the boundaries forwards in the future in terms of personalisation. And for those who initially opt out…well they will soon be converted when they realise how good an experience they can get if they embrace these technologies.