PrivacyEU and PrivacyDNT deliver more value than a TMS-based approach to e-privacy
Last week, Ensighten announced Ensighten PrivacyDNT, a free and simple-to-use Web service that enables U.S. publishers and etailers to quickly and easily comply with the emerging Do Not Track standards by controlling the data collection capabilities of all third-party tags on a website. And today, Ensighten is announcing our newest Ensighten privacy offering – Ensighten PrivacyEU. This latest e-privacy offering from Ensighten enables UK websites to quickly comply with the EU ePrivacy Directive (sometimes referred to as the UK Cookie Law). It’s a timely addition to our suite of e-privacy products: Ensighten PrivacyEU will be available for download on May 26, 2012 — that's the date the ICO starts enforcement of the UK Cookie Law. We think these two complementary products, PrivacyEU and PrivacyDNT, are pretty revolutionary. Now, without any complicated technical work on their part, publishers and marketers can take steps to define and enforce commonsense e-privacy policies. To understand the significance of Ensighten’s e-privacy technology, it’s helpful to compare it to what’s available from other vendors. With the May 26 deadline for enforcement of the UK Cookie Law looming, there is a lot of market interest (especially in the UK but elsewhere too) in e-privacy solutions. As you might expect, there are a lot of vendors looking to sell into this fast-growing market. These tag-based e-privacy solutions generally fall into one of two categories: either “Crawl & Audit” solutions or “Requires a Full TMS” solutions. Let’s look at each of these. “Crawl & Audit” e-privacy solutions: These solutions typically involve a Web spider crawling a website and generating a list of tags on the site. These tags are then manually categorized by their privacy attributes using some kind of proprietary or public database. The website owner is then presented with a report that lists the categorized site tags, and the website privacy and legal teams then interpret the report to decide which tags to allow/block under (say) UK Cookie Law or DNT. The crawler will periodically sweep the website to advise the website owner of any new tags on the site. The big shortcoming with this approach is that the website publisher has no way to actually control the tags on the website. So, while the report is nice to have, it doesn’t bring the site into actual compliance with any law or standard. “Requires a Full TMS” e-privacy solutions: If “Crawl & Audit” solutions fall short because they can’t actually enforce their own recommendations on tag blocking, then maybe it makes sense to use a tag management system (TMS) to control tags in an e-privacy context? In fact, we’ve recently seen a number of announcements of “Crawl & Audit” vendors teaming up with TMS vendors. Unfortunately, this “combo solution” approach doesn’t work in the real world. In order for a TMS to control all the tags on your website for e-privacy compliance, you have to move ALL your tags into the TMS. This is by no means a picnic. Here’s why:
- It’s a huge, lengthy cross-functional undertaking. Removing all tags from an average enterprise website (often, tens of thousands of pages across 50 or more domains) and re-configuring them in a TMS is typically a phased, multi-month or multi-year process that spans IT, analytics, customer acquisition marketing and marketing agencies. Even then, typically some of the organization’s tags will remain outside the TMS.
- It doesn’t guarantee 100 percent compliance with e-privacy laws. Since not all existing tags will likely be placed in the new TMS, and new tags (which will also likely be handled outside the TMS) are typically added to enterprise websites weekly or even daily, you quickly have an e-privacy compliance problem on your hands. You can’t have 100 percent compliance with e-privacy laws and standards when only 60 percent of the tags on your website are in your TMS.