This is the data which Google Analytics collected, from the Swedish government’s website before, and after, they introduced a banner asking for visitors to accept cookies:
With the introduction of the banner, at the end of June, 80-90% of their data disappears – just as we’ve seen in the UK, on the Information Commission’s website. Thanks to the Swedish authorities for sharing this data.
Why a banner?
Here’s what they say, on the banner:
Why does this matter?
The EU directive which this is based on is throwing the baby out with the bath water. In an attempt to protect our online privacy they have taken a crude approach to an issue which is more complicated than their directive recognizes. In this particular instance, the use of Google Analytics, there is not a privacy issue and the data is used to improve the website.
What’s the precedent for this?
In Sweden, right now, there is none. The PTS, the organisation responsible for making the directive a reality in Sweden, has nothing particularly specific (In Swedish); certainly nothing which directly requires a banner. Uppsala’s county website also sports a similar banner.
But there’s still some data being collected – all is not lost, right?
Wrong. One of the joys of the analytics data we can collect is that, from the start, we get a bucket of visitor data which represents everyone who has visited our site. Our job as analysts is to segment out different types of visitors and figure out how the site is performing for them. The opt in banner segments the data into people who accept cookies. I would hazard that the people who accept cookies are a rather unique demographic, who probably don’t represent most of your other visitors. In my humble opinion, your data is screwed from the start.
You could use this as an argument for the cookie directive. ‘See’ you can say, ‘no one wants cookies on their computer’. I would say that the lumping together of cookies as all universally bad has been lazy legislation; it does not reflect reality. Cookies which track visitor activity for improving the website are a little different to those tracking your activity across the web. Without being able to gather data on what our visitors are doing on our site – which content works, which buttons get clicked, for example – we’re flying blind and the users’ experience will suffer.
I own a website (in Sweden) – what should I do?
Check out the PTS regulations, they say the following:
In essence, ‘you don’t have to change your website right now’. Maybe while we wait, we’ll get a browser opt-in option which could be satisfactory for the EU, as Peter Hustinex (European Data Protection Supervisor) hinted at in a recent presentation. It’ll be interesting to see what comes out from Google on this.
Here’s some additional reading:
Brian Clifton’s most recent post on the implications of the EU directive for Google Analytics
IAB (Sweden) – Recommendation on cookie use (In Swedish, but English translation available on their site).