Is “Private Browsing” really “Private”?
Web analysts I speak with are expecting a crash in observed traffic with the launch of Firefox 3.5 and the newer features within IE.
I question if it’s really all that private at all.
Some commentators, like Preston Gralla, call private browsing the “porn mode”. Gralla goes onto write:
When you browse the Web using it, nothing about the session is stored — no history, no cookies, no temp files, no forms information, no search information, nothing that can show where you’ve browsed or what you’ve done. To turn the Las Vegas tag line on its ear: What happens in Firefox doesn’t stay in Firefox.
Well, alright, nothing in-the-browser is really stored. Of course, some memory of the porn run is recorded on the hard-drive and by any sort of spyware that a spouse, parent, partner, or roommate has installed on the computer.
A record, though not linked to anything personally identifiable on its own, is kept on the porn sites’ log files (and, if the site requires javascript, I don’t really see how private browsing can keep all the web analytics script from firing if it’s embedded right into the experience).
The concern of many web analysts is that just as a portion of the population are habitual cookie deleters, there are going to be people who turn on private browsing and leave it on.
What do cookies really do for us in terms of measurability?
Well, assuming that nobody ever deleted their cookies, it would have let me know with a high degree of accuracy, which browsers on a specific computer were returning to the website at a specific recency and frequency. Such information is important to a blogger because you can judge, roughly, just how much audience you’re retaining – and make decisions on frequency and content. Of course, cookies don’t measure people. Multiple people use the same computer, and a single person uses multiple computers over the run of day. It’s a proxy measure of return visitors though, and it’s still useful to an analyst so long as they know the real definition.
Another big use is for campaign attribution. Certain websites get paid on performance – meaning that they only get money if you click through on an ad and buy something – typically within 30 and 45 days. Without a cookie – they don’t get paid. It makes me wonder if certain websites that get paid for performance just might as well throw up the rule “Want to visit this website? Turn off Private Browswing” as a way to deal with it. I know many developers have been having similar fantasies about denying access to those who continue to use IE 6. In the end, I think that it’s the pay-for-performance business model that might end up suffering the most. (And I can’t imagine what kind of damage this is going to do to for the porn affiliate programs).
A third big use is for analysts is personalization and making your site experience better: like remembering your username or associating a certain behavior pattern with being a good customer and getting perks that encourage more intense behavior.
Here’s a big takeaway:
Your browsing behavior can be recorded by software installed on the client side. The search engines are most certainly recording which queries you’re entering. It most certainly is being recorded on the ISP side. Who the hell knows who else is looking at that data from the ISP side after the spliter. Then it’s being recorded, at some level, by third party ad servers and analytics companies. And, at the source of where the information is being housed, by server logs. If I was a rational policy analyst or a citizen concerned about surveillance, I’d be far more worried about those touchpoints where the information is personally identifiable.
Let me explain.
The web analyst sitting in front of the ad server report, the server logs, or the nicely formatted web analytics data has a hard enough time interpreting that data at the aggregate. 99.999% of the time, we have no idea of the identity of the person we’re looking at. In that 0.001% instance, it’s usually a filter I’ve set up specifically to track my own behavior. (What sort of analyst would I be if I didn’t understand how my own behavior is reflected on the tracking software that I use?)
The ISP’s, and the people behind the splitter: they know the billing addresses and are far closer to your identity. The person in your household that has installed some software one of your computers: they know exactly who you are and what you’re doing.
Privacy on the Internet is such a delusion.
Private browsing really isn’t private.
One thought on “Is “Private Browsing” really “Private”?”
Your blog is outrageous! I mean, Ive never been so entertained by anything in my life! Your vids are perfect for this. I mean, how did you manage to find something that matches your style of writing so well? Im really happy I started reading this today. Youve got a follower in me for sure!
Comments are closed.