HomeDesigning Your WebsiteWebmaster's Corner

Ethics of (really detailed) User Tracking

teammatt3 posted this at 20:27 — 22nd September 2008.

teammatt3's picture

He has: 2,102 posts

Joined: Sep 2003

I was one of the testers of a program that intimately reveals the actions users take on websites. It's almost like this tool had a video camera recording every action the user took. The movement of the mouse, where they clicked, how many times, what keys they pressed, etc was all available for me to see. I was really amazed that this was even possible in javascript.

I haven't used the service in a while, but reading an old email made me think of it again. What do you think about services like this? Is it ok to use them or is it a total invasion of the user's privacy?

pr0gr4mm3r posted this at 20:51 — 22nd September 2008.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

I don't think where I moved my mouse and what links I clicked on are all that interesting. I am only concerned about keeping my personal information private. If someone wants to know my path through a website, I'm not that concerned.

decibel.places posted this at 23:07 — 22nd September 2008.

decibel.places's picture

He has: 1,494 posts

Joined: Jun 2008

well, your key presses can be captured... so even if you don't submit anything, the text can be scraped-

I put in a listener for the Enter/Return key on a site, the other keys have codes too Sad

So don't enter your info unless you REALLY trust the site (I almost never enter my DOB - it's great to be 38 again!) Shocked

You could also turn off JavaScript, if you're really paranoid, but many sites depend on it (although JS is hell on Section 508 accessibility, are you listening Target?)

What about proxy services like Tor and Vidalia? I installed them after reading about them at d.o. but using them creeped me out!

Getting back to User Tracking, I think if you are gathering any statistics beyond referrer URL (yeah, in PHP it is referer Sticking out tongue - the programmer who can actually spell is a rare beast) - maybe even for that - a detailed privacy statement is necessary. For really detailed stats, I think you would want the users to agree to a legal TOS, which justifies why you are collecting all that personal info (like a dating site?)

Megan posted this at 13:13 — 23rd September 2008.

Megan's picture

She has: 11,421 posts

Joined: Jun 1999

decibel.places wrote:
Getting back to User Tracking, I think if you are gathering any statistics beyond referrer URL (yeah, in PHP it is referer Sticking out tongue - the programmer who can actually spell is a rare beast) - maybe even for that - a detailed privacy statement is necessary. For really detailed stats, I think you would want the users to agree to a legal TOS, which justifies why you are collecting all that personal info (like a dating site?)

I agree with this. Not that people ever read the TOS or privacy policy, but at the same time there should be some openness about it. I'd feel uncomfortable if I knew a webite was tracking everything I did. For many sites this could also be combined with all the other things they know about you (e.g. Google, Amazon, Facebook). It's like you're being followed.

We are developing a privacy policy for our sites (at work) because we're using Google Analytics.

Edit: okay, I agree with the requiring a privacy policy or TOS bit, not that it should be required for anything beyond referrer logging - somewhere in between probably. If it can be traced to an individual IP, definitely.

Megan
Connect with us on Facebook!

Greg K posted this at 14:00 — 23rd September 2008.

Greg K's picture

He has: 2,145 posts

Joined: Nov 2003

decibel.places wrote:
I think if you are gathering any statistics beyond referrer URL [...] a detailed privacy statement is necessary.

In that case just about every site needs the privacy statement. Every default install of apache logs data, such as IP address, date, time, action on the server, referring page, your browser identifier.

There are still people that are amazed that even that basic information is grabbed.

-Greg

Darling posted this at 02:03 — 23rd September 2008.

He has: 7 posts

Joined: Sep 2008

Welcome to airstrip one!

I'm amazed that this sort of thing is allowed to go on (although the internet is notoriously difficult to police). I know, at the moment, it is only being used for more targeted advertising but with the number of blunders with personal information recently (laptops being left on trains, hard drives full of credit card details being sold on eBay etc.)it can't be long before some unscrupulous characters get their hands on our keystrokes.

Darling posted this at 13:43 — 23rd September 2008.

He has: 7 posts

Joined: Sep 2008

Surely you can get any private data typed in by logging keystrokes?

greg posted this at 02:38 — 23rd September 2008.

greg's picture

He has: 1,581 posts

Joined: Nov 2005

mouse movements, buttons pressed, keystrokes...
who cares if someone records all of them. As pr0gr4mm3r said, it's only private data that means anything. Name/address/dob/age/credit card/etc

webgeek posted this at 10:35 — 23rd September 2008.

They have: 13 posts

Joined: Sep 2008

I think tracking website visitor activities is good as long as you use it to improve your website conversion and sales rate and don't spam user or use his personal information for illegal purposes.

There are many such softwares such as RealTimeQuery to track live visitors.

Manoj
Website Spell Checker | XML Sitemap Generator

trelog posted this at 12:18 — 19th October 2008.

They have: 11 posts

Joined: Sep 2008

I don't like the idea of it at all. I don't think the sites I visit or the ads I click on are anybody's business other than my own.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.