Ladies and Gentlemen, please join me in putting your hands together to give a big Web Analytics Industry welcome to...

...Darrin Wood. [Applause]

Darrin joins the Gatineau (ok, ok, adCenter Analytics) team fresh from a stint in the Microsoft.com web analytics team, where he's spent 18 months working with our friends at WebTrends to make sure that we have the best data about the usage of our corporate website. Prior to which, he was employed by a certain well-known firm based out of Orem, Utah. So Darrin is pretty well-traveled from a web analytics point of view, and a great addition to the Analytics team.

Darrin's going to be stepping into the hole left by the departure of Justin Carder and leading product management for adCenter Analytics. To which end, you'll start seeing him popping up in all the usual places, like May's E-metrics Summit in San Francisco. Be sure to go up and say hi.

In other news, we now have a brand spanking new blog and forum for adCenter Analytics, located within the splendidness that is our new adCenter Community site. A shout-out to Mel Carson for the ton of work he's put in on this new site - it's a great resource for our adCenter customers to learn more about search marketing on adCenter and Analytics.

Finally, if you've requested access to the beta for adCenter Analytics, and haven't yet received your invite, then your wait should soon be over. Now that our beta refresh is out and we've worked through a couple of minor teething problems, we're looking to get up to date with requests for access, so you should get an invite code in the not-too-distant future.

Pragmatists vs Idealists

Joel Spolsky has an outstanding post over on his blog about the recent decision by the IE team to have IE8 default to web "standards" mode. I have very little to add to Joel's insightful and educative post, except to say that one of the most interesting dynamics about working for Microsoft (especially having previously worked for Microsoft competitors) is seeing the very real challenges that the company faces in balancing backwards compatibility with interoperability.

Phorm over function

There's been plenty of buzz (more of the angry hornet variety rather than the just-inhaled-a-lungful-of-dope variety) about Phorm of late, precipitated by a press release that the company put out on Feb 14 in the UK, announcing partnerships with three major UK ISPs to provide a system "...which ensures fewer irrelevant adverts and additional protection against malicious websites". Critics of the system  (led by noted UK cage-rattler, The Register) claim that the technology is little more than spyware by another name. The negative press around Phorm's announcement has caused at least one of their ISP partners to back away from the deal, and cause their stock to plummet by more than 30%. It looks like this could be the latest in an increasingly long line of bungled targeting announcements from the industry (Beacon, anyone?). But what went wrong?

What is Phorm?

Phorm as a company is the new name for 121Media, a UK AIM-listed company who started out producing a browser toolbar which tracked your page usage to provide a social media environment, connecting you with other people who were looking at the same page. Ad-funded, the toolbar quickly picked up a reputation for being spyware (even though I agree with Phorm's protestations that it was really adware, which is better, but still tarred with the same brush), so it was dropped and the company renamed Phorm.

The new service Phorm has launched is called Webwise (not to be confused with the BBC site of the same name). Essentially it is technology that ISPs install at their data centers which analyzes the URL and textual content of web pages being served and uses this information to place users into interest categories so that they can be served behaviorally-targeted ads. The technology does this by intercepting the page request and sending a copy of it to a "Profiling" server which extracts keywords and uses this information to assign users to interest groups:

 

 

The same technology has a function to alert the user to phishing web sites; since the URL and content is being examined, phishing sites can be spotted and blocked. This functionality forms a core part of Webwise's value proposition to users.

The other part of the alleged value to users is that this profiling process does not permit the ISP to associate a user's profile with their IP address; that means that the ISP (and any government agency who subpoenaed the ISP's records) could not re-associate the Phorm data with a customer record (ISPs can tell which IP address was assigned to which customer at a particular time). The Phorm system does also not store any of the page information or extracted keywords; once the interest "channel" has been arrived at, all the rest of the data is deleted.

So Phorm claims that its system is a real step forward for user privacy on the Internet, whilst at the same time enabling advertisers to reach their audience more effectively. But the industry (and the public) haven't really seen it like this.

 

Why all the fuss?

Phorm's announcement was always bound to generate a certain amount of controversy, because it's in the sensitive area of behavioral profiling & targeting.  But there has been a particularly virulent reaction in the UK, which, whilst started by sites like the Register, has now spread to the "mainstream" media.

Some of the reasons for the fuss are (comparatively) silly things - for example, the renaming of the company from 121Media, which has just made people nervous, especially given the previous company's adware history, or the fact that the company operates out of serviced offices in the UK and doesn't really have a physical address in the US.

A more serious blunder on Phorm's part is their failure to anticipate the scrutiny that this kind of system would be placed under. In this kind of environment, given the firm's history, absolute transparency is essential, and Phorm hasn't provided this. There are still unanswered technical questions about Phorm's system, such as how it manages the opt-out (does data still get collected, or not?), and there have been inconsistencies in the claims that Phorm has made about third-party privacy audits of their software.

Phorm has also made the mistake of launching prematurely, with many of their partnerships still only half-baked. At the moment there is no benefit to users being delivered, because none of the systems that Phorm has announced are actually live within ISPs, and so all the focus is on the downside. Phorm would have done much better to wait until the service was fully baked with at least one of their partners and they had some real users onboard who could testify to the increased relevance of ads and how comfortable they were with their privacy with Phorm, before making a big splash. The press release looks like the product of an over-zealous PR agency looking to ensure their monthly coverage targets were being hit. Well, they've certainly done that.

 

What can we learn?

The main problem here is a poorly thought-out balance of benefits for 'costs' in this offer. Phorm have claimed that this system protects user privacy, but it doesn't really; it's just an ad targeting system with a better-than-average approach to protecting privacy. Users who are opted into Phorm will still receive cookies and targeted ads from other ad networks, and their behavior will still be tracked by those other networks.

Apart from the phishing protection (which is already baked into IE7 and Firefox anyway, and turned on by default), there's nothing in the Phorm system which provides users with protection of their personal data across the Internet. The only way that Phorm's entry into this market can elevate user privacy overall is if other providers of targeted ads who are storing more data decide to pack up and go home - which I doubt will happen.

The furore also highlights the challenges of partnering with ISPs for this kind of service. Because ISPs are the gatekeepers of the Internet (and because, for many people, switching ISPs is a pain in the a**), users are very sensitive to any perceived exploitation of this relationship by the ISPs. In the UK, ISPs are some of the best-known Internet brands, but also some of the least liked. Ironically the cause of this dislike (poor customer service) is a direct result of the price war that has precipitated ISPs' interest in this kind of service, as they are receiving a cut of the revenues, of course.

Ultimately the tale makes clear how careful any company has to be in launching a service like this - the balance of benefits has to be clearly stacked in favor of the user. As Chris Williams of The Register said during an interview with Phorm's CEO, Kent Ertegrul, said:

"a big difference I see between what you're doing and what Google does is that people feel that they're getting a service from Google. I don't think people feel they'll be getting a service from you"

It will be interesting to see how the Phorm saga plays out. Perhaps one day it'll find its way onto an online marketing MBA module syllabus.

News, news, news...

Sigh. Blog post topics seem to be like buses - you wait ages for one to come along, and then three come along all at once. Actually, I've got four things to post about, but I'm going to leave two until after the weekend. Here are the other two. Funnily enough, they're related - both are about benchmark data.

1. Compete.com cashes in

Online traffic benchmarking service Compete.com has been bought by UK-based market research firm TNS (Taylor Nelson Sofres). This is a good result for the folks at Compete, who have been waging a four-way battle with Quantcast, Alexa, and Comscore. Funnily enough the deal isn't stellar, despite the significant attention that Compete (and benchmarking services in general) has been getting recently - it's only a guaranteed $75m, with another $75m payable on achievement of revenue targets. Compete Inc has accepted about $43m in investment since it started in 2,000, so I guess the investors are pleased but not delighted.

The rest of TNS's business is pretty traditional market research stuff, so it'll be interesting to see how they integrate/expoit Compete's capabilities. Moving the footprint outside of the US seems like one obvious goal they may look to achieve in the not-too-distant future.

2. Google Analytics rolls out new data sharing feature

Logging onto Google Analytics this week, I was interested to see the new data sharing options that the product is making available:

So the key option in the above list is #2 - allowing GA to share your data with its "benchmarking service", where data from sites in a similar industry will be aggregated together for benchmark reports, like the sample below:

This is a smart thing for Google to do, as it provides an incentive for GA users to share their data by providing them with a solid benefit in return. It will be interesting to see how GA determines which industry a site is in; I guess they will mine the search index for those sites and use some behavioral targeting-type techniques to drop a site into a category based upon the words that appear on the site's pages. I have no idea how they'll categorize my site - they'll probably drop it into a "blogs" industry segment, since Google already knows that my site is a blog.

The other smart part of this move is to make it easy to turn off data sharing altogether. I presume that this means that no GA data will be used to inform decisions about, for example, keyword ranking in Adwords; though GA's terms of use are still a little vague on this point. As I was discussing with Brian Clifton a couple of weeks ago in London, our part of the web analytics industry (companies that offer services for free, and monetize the service indirectly) need to be super-clear about how the data is going to be used.