How to Optimize Your Website for Privacy to Gain More Business
When it comes to online business: are you a creepy stalker invading people’s privacy for profit? Or do you optimize your website for privacy?
- Do you have dozens of trackers installed on your site?
- Do you want visitors to allow you to send notifications up front on the first visit?
- Do you let your ads follow people around the Web in a creepy way?
Not just tech-savvy users hate and block intrusive marketing tactics. They’re also unethical and harm the perception of your website.
You effectively scare people away! They won’t be doing business with you whether you are
- just a publisher
- running an online store
- or selling services on the Web.
It’s not hard to fathom. Being creepy is actually a bad habit in private but is downright self-sabotage when you ask people to spend time, effort or money on your site.
Find out below why and how website privacy optimization benefits all parties involved – website visitors and owners.
Are You Stalking Your Visitors You Creep?
Yeah, I know. Many marketers will advise you to “retarget” your visitors and the likes to increase profits but you actually stalk your users or let other stalkers do it.
Most business sites also do use Google Analytics because it’s free and everybody loves Google. Does everybody really?
There is a growing unease about Google and Facebook tracking every single step of ours online. Protecting your online privacy seems to be common sense by now.
Yet most website owners still treat privacy of their visitors lightly. They trade user data for some free tools or scripts. Is it worth it?
Protect Users or Wreck Yourself
By now there are many tools to protect your privacy online you can use directly in your browser – ideally Firefox – as Google which builds Chrome makes money off your “big data”.
- Personally I use Privacy Badger by the EFF (Electronic Frontier Foundation) – an American non profit fighting for our online rights.
- There is also a similar extension by the DuckDuckGo team called Privacy Essentials I also use. It’s probably a good start for beginners.
- Additionally I use uBlock Origin which is mainly an ad blocker but as most ads track people also blocks all kinds of tracking scripts.
I have been using Privacy Badger for quite a while now. At first many sites literally broke when I visited them with privacy protection.
Many sites literally use hundreds of potential trackers on their unsuspecting users! Consider Wired.com – the website of the popular technology magazine.
I can’t link Wired.com here for security reasons! The Wired website is spyware! The (by now defunct) FindX Privacy Control extension blocked 239 suspicious items! And guess what? The site still worked.
What does that mean? Wired used up to 239 redundant tracking scripts that you didn’t even need to load to make the website work or view the content!
Of course it’s mostly third party scripts and images. Google ads and analytics by themselves were responsible for dozens of trackers. Every image Google shows reports back on you!
Wired can get away with it – why can’t I? Well, Wired exists for almost 20 years and has a faithful audience. Even I do visit it despite all the surveillance.
Imagine a site you don’t even know though that x-rays you on entry. That’s a nono. That’s like a stranger looking under your skirt or opening your zipper.
Yet many sites add dozens or even hundreds of cookies to your local machine. Due to the European privacy law they have to ask for consent. It sometimes looks like this:
This site is even one of the better examples – it just adds 60 cookies and only 34 of them “for marketing purposes”.
I have seen worse ones. Some sites add more than 500 tracking cookies! I rather decline in such cases.
Most of the cookies are used for tracking and are “unnecessary”.
By itself the idea and implementation by Cookiebot is a good one – it is also compliant with the EU privacy law. You just need to make sure to limit the number of cookies!
Lack of Privacy May Cost You Money
Some people by now think I’m one of those paranoid “tinfoil hat” nerds. I’m not advocating hiding in the woods with a bunch of survivalists though.
We need to use technology in the information age or we’ll get left behind. I still want to be able to use the Web but I don’t want to be exploited by “big data” corporations while at it.
Even in case you don’t care for privacy you will surely admit that some of the ramifications are unsettling. You surely care about money, don’t you?
Based on your Internet activity or data you share you may see a different pricing online. In simple terms: lack of privacy will cost you more money!
Based on your profile some offers won’t even get shown to you while others may be overtly promoted.
For example inner city Afro-American youths are much more likely to see ads for alcohol while they won’t get shown real estate ads.
Who are you on the Web? Are you yourself with your
- ethnicity and skin color
- religion or lack there of
- sexual orientation and gender
- age and birth date
- political bias and affiliations
or a carefully crafted persona made to be as likeable as possible?
Each of those very common “data points” may have some negative impact on your online and real life. For example I can’t see a lot of online content because I’m in Germany.
A lot of video content and music is limited to the United States or at least blocked in Germany as Google’s YouTube fails to pay German copyright holders.
- To see videos or listen to music that is “not available in your country” you have to use a so called VPN or Virtual Private Network like Proton VPN that hides your actual whereabouts.
- Muslims are not only subject to discrimination on the street but also on the Web. Are you sure you want to disclose that you believe in Allah?
- Studies show that women are much more likely to be harassed online than men. Homosexuals or transgender people are exposed to even more hate speech.
- Some online stores show different pricing depending on your background and browsing history. You may pay more than others without realizing it.
- Age is clearly often used to decide whether you can access some online content. It’s not only about adult topics though.
Ageism becomes also apparent when you have to pay more because you’re older. Just think insurance policies.
When you follow the news online you might have noticed over the recent years that increasingly more and more people tend to agree with you. That’s the so called filter bubble.
Algorithms notice what you like and only show you items based on your political preferences. In the US this has led to a completely unexpected presidency by Donald Trump who has exploited big data to target people.
Many websites collect data like age or gender routinely. Just to sign up somewhere or to buy something you need to give away vital information on yourself.
Thus not only Internet users who end up on your site may lose money. You – the website owner – may lose money too when you neglect actual data protection.
I don’t even refer to the actual threat of getting sued when you don’t comply with local privacy laws. I mean you are losing customers because of lack of or downright disregard for privacy.
Even by skimming such wall of text written in alien language many people get scared. You only share the data with your partners, advertisers and everybody else? Back off!
There are some examples of actually human readable privacy policies out there you can not only understand but they don’t scare you with their message. Sadly they are few and far in between.
While Facebook may get away with an egregious tracking record because it is too big to fail and indispensable for most people your website may not.
Know When to Ask for Private Information and Permission or if at All
One creepy yet wide-spread practice many business websites adhere to is asking strangers for private information or access to their mailboxes.
This is the infamous “I fcuk on the first date” mentality. You enter a site and have to close a pop up asking for your mail address, a notification permission dialog and a consent notice for cookies.
Some sites also ask for permission to have access to location data – that is where you are or where you live. No, thank you!
When I asked my colleagues on Twitter most of them mentioned these issues. Even as Web professionals with technical know how they are ostracized by such sites.
Thank you Dean Cruddace, Zack Neary-Hayes, Andrew Akesson for feedback and additional insights. Click their names for their feedback!
The privacy-oriented Firefox browser already allows to block most of these requests altogether out of the box:
It’s a shame! These features can be very useful when used responsively. They are not just tools for stalkers and creepy marketers!
People already wonder whether there is even a proper reason to use website notifications at all. Most of them treat them as a major nuisance. Yes, it’s possible!
ProtonMail – that’s a private mail solution from the same company that offers ProtonVPN I mentioned above – allows you to use notifications once an email arrives. That’s really useful, isn’t it?
Do Not Track for no Reason!
Personally I’m trying my best to reconcile website optimization and privacy needs. You need analytics to know how your website works and whether people really view it.
You can use Matomo (formerly Piwik), or Koko Analytics on WordPress instead of Google Analytics. These tools do not add any cookies if you don’t want them to:
Both Matomo and Koko are free and open source. You can use them on your server. Thus you are the only person who has access to the data which is anonymous anyway when you want it. You have to opt out of cookies first though.
What you don’t really need unless for selfish reasons is tracking across domains and similar privacy breaches. Learn from the Facebook debacle!
Stop treating website visitors like easy prey. The goal of a website is not to make money off unsuspecting visitors by tricking them into giving away their data.
You need to convince people that you offer value. That’s marketing. Attract privacy oriented visitors to gain more business!
Stalking and selling private data is crime even if the laws aren’t applicable everywhere yet. Just because some sites still can get away with it does not mean it’s OK.
Are You Sure You’re Not Spying on Your Visitors?
OK, so you’re convinced now that visitor privacy is important for yourself and your potential customers or business partners. Excellent!
You have used all the tools above and checked your site for potential trackers. You removed all of them. Hooray! Can people trust you now?
I’ve done all of that just to discover that Google still sneakily managed to add some tracking cookies to my site! No joke.
I was flabbergasted. How was that even possible? None of the tools even detected it.
Google adds Doubleclick tracking cookies to the YouTube videos you embed!
How did I even find out? In late 2020 an investigative journalist by the name of Surya Mattu built a website privacy checking tool called Blacklight that looked even deeper that others.
I checked my site – looked at the results in utter surprise – and then dug deeper by looking up the actual source code of the results.:
Apparently both Twitter and Alphabet (that is Google) managed to sneak in some trackers into my site I wasn’t aware of. Check my site yourself.
As of now it seems I have to get rid of all YouTube videos in order no to let Google track my visitors. I apologize for not noticing this earlier.
I’m trying to locate the Twitter privacy hole too. Not sure how they added it either. You get the point. Just because you think you don’t track people on behalf of big data vendors doe snot mean you aren’t. The Markup explains it in depth.