Know Where Your Visitors Have Been: beencounter

Tel Aviv (Israel) based beencounter is a service unlike any you have ever seen we suspect. By “hacking” your web visitor’s browser history files, beencounter provides interesting insights into your audience. An API makes this information actionable for personalization and targeting efforts.

What does beencounter do?

beencounter (the little “b” is their branding, not a typo) is, in their own words, a “Behavioral Targeting and Behavioral Tracking” service. Built around a single line Javascript tag, beencounter basically gives you access to your site visitor’s browser history files. And while they cannot tell you all the places your visitors have been, by providing the service with a list of URLs, beencounter can tell you whether your site visitors have been to those URLs sometime in the past.

Here you can see the results for Web Analytics Demystified over a few weeks:

What this report tells me is that during the timeframe I selected about 18% of my visitors had also been to the main Google Analytics page, about 6% had been to Omniture’s home page, and about 4% had passed through blogger Avinash Kaushik’s blog main page.

Pretty nifty, huh?

How does beencounter work?

beencounter is doing something surprisingly simple: they are taking advantage of a known hack of the browser Document Object Model (DOM) that identifies URLs that have been previously visited. The way this manifests normally is showing visited links on a page as a different color than unvisited links. You can also see this information if you open your browser history.

All you have to do is provide beencounter a list of URLs that you want to watch out for and they do the rest. What’s more is they provide an easy-to-use API so that you can actually query the visitor’s browser in real-time and see if they have been to a site or group of sites:

Once you’ve added your sites, beencounter will provide a Site ID, and then just a little bit of Javascript is all you need (and the “is good but we are better” example text comes from beencounter, not us):

Sweet, huh?

What makes beencounter different?

I don’t follow behavioral targeting solutions very closely, but I’ve never seen a solution that provides this much programatic access to insights into visitor behavior across the Internet. When I saw the application I immediately thought of a dozen cool things I could do with only a tiny bit of programming.

Don’t get me wrong: beencounter has some particular challenges … specifically the fact that many people who learn about the solution are likely to think beencounter is incredibly invasive and crosses the line regarding consumer privacy. For example, I am watching for people going to ZAAZ and the WAA, but I could just as easily try and determine who in my audience spends time at Playboy.com or one of the many gambling sites out there.

Fortunately Nir Ben Levy and his team at beencounter had the same thought, and they have an active program to block risque, inappropriate, or otherwise potentially invasive sites. Mr. Ben Levy said they have over 2,000 “blacklisted” sites in a variety of domains, perhaps most importantly including financial services domains where someone could use this service for phishing or other nefarious activities. They manually maintain the blacklist which I’m sure makes for interesting conversation at beencounter HQ.

Who will benefit from beencounter?

In terms of benefits to the web analytics community a few immediately go to the top of the list:

If you have a powerful segmentation tool you could use the beencounter API to dynamically populate custom variables with the list of sites and/or API IDs for post-hoc segmentation. For example, I could create a segment in Omniture Insights of “people who love Avinash Kaushik but not the Web Analytics Association”
If you’re interested in measuring “loyalty” to a site, you could mine beencounter via the APIs to determine what percentage of visitors are also visiting your competitor’s sites (e.g., “disloyal”.) This is particularly cool because loyalty, as used in web analytics today, is a pretty bastardized term to say the least.
From a targeting and testing perspective, it would be pretty simple to write a dynamic rendering engine that swapped out key site messages based on the results of calls to the beencounter API. For example, we might have a different homepage message for people we know have been to Gartner or Forrester, and we could then test differential messages using web analytics. While not a proper A/B test (unless you really randomized the audiences) this would likely yield some interesting data.

On point #3, given that the pricing plan that includes API access starts at $49.95 per month, for motivated individuals beencounter is likely the cheapest behavioral targeting solution in the world.

Things we like about beencounter:

Provides amazing access to visitor information and offsite audience behavior
Very simple to implement and use for folks with even basic Javascript skills
UI is easy to understand (nothing fancy) and includes export to Excel

Things we’d like to see from beencounter:

More information about their “blacklist”, including access to the list, and more information about their efforts to prevent abuse
Faster servers and an uptime SLA (we have seen some slow response from their Javascript) OR a server-side option so that we could run locally and thusly manage our own uptime/response
An option to have their script “walk” the DOM and look for pattern matches, not exact matches exclusively

Learn more about beencounter’s service at http://www.beencounter.com

Posted by Eric on Monday, February 22nd, 2010 | 29 responses | Add a Comment | Share, Save or Email

Emer Kirrane

Oh, this just feels so wrong, and yet, imagine the potential to build a visitor profile! This would help to look at web experience, not just site experience. I can imagine this being seen to cross many lines in terms of privacy but I suppose it theoretically just expands on referrer and exit link information. Plus, with Yahoo! Web Analytics, we already show visitor data across Yahoo! properties which builds a profile outside of a specific visit.

Still, I deleted my history before coming to look at this post. It makes me a little squeamish, if I’m perfectly honest.

Cheers,

Emer (Yahoo! Web Analytics)

Benjamin Dageroth

Beware, this is a serious intrusion into the privacy of the user and a security flaw. It was never intented that a website has access to the history of the user.

If you want to use this method, it is however a very simple script you can easily include in your page without relying on a third party, if you are worried about uptime SLAs, etc. Just google for css history hack.

Bob Mitchell

Thanks for raising some awareness on this – although it’s the sort of thing that, mismanaged, has the possibility of harming not just the reputation of the site using it, but anyone that touches it – responsibly used, it has the potential to add great value.

The ability to do this is something that I’ve mentioned to a couple of clients over the past year or so, but not one has thought it sufficiently non-evil to actually go ahead with it.

(all that said, I believe the mechanisms to achieve this are potentially going to be squashed in some browsers in the near future.)

Jussi Ruokomäki

As far as I know, Statsit provides similar information (probably using similar DOM approach). They don’t have a free plan, though.

Thomas "@bosilytics" Bosilevac

This has the potential to be a fairly effective means of understanding users that may (or definitely) have passed by your social media properties as well (since often time they are within that Direct Traffic category in your WA tool): http://www.twitter.com/bosilytics, http://www.slideshare.com/bosilytics

Clint

Here’s the opt-out. http://www.beencounter.com/?page=no-track
It’s buried under Learn More (bottom of the page)–> Privacy Policy –> Opt Out.
Interesting that there is not link to their privacy policy in the footer of their home page.

I also think that it’s a bit misdirecting to say that they only track anonymously. Like search queries (remember the AOL snafu from a few years back) browser history is going to be among the most unique sets of data available about a user. Over time browsing patterns will most likely provide an identifiable finger print of the user.

Andrew Morris

I have to say I am in the same camp as Emer on this one.

I would have severe severe reservations about visiting sites that may collect this sort of data as it is one step away from hacking all my background info.

I also don’t think this sort of information gathering really helps our cause as an industry, people already think we ’spy’ on them and this can only harm us in debates about invasion of privacy.

Mark Coleman

I think your description speaks for itself: “beencounter is doing something surprisingly simple: they are taking advantage of a known hack…”

Not sure we want to pursue solutions based on “known hacks” not to mention how many companies out there would have to update their Privacy Statements to cover this if they used it.

Tom Miller

@Clint:

Clint, right now browser configuration can uniquely identify visitor in most cases (check out https://panopticlick.eff.org/). Adding a layer of browsing patterns to this would make that data more reliable.

That being said, I am definitely going to test-drive this tool.

Vinesh Chauhan @VineshC

Interesting as such technologies begin to tread on very risky ground in terms of privacy and transparency. I can also cleary see how such technology could be leveraged in a marketing capacity to understand your site visitors in some detail.

As raised by others, I would also be concerned of reputation impact upon my organisation. As you can guess I personally could never condone use of such technology in my organisation or vertical (financial Services). Morality aside, transparency of such technology with your visitor base would be critical for me and pose some interesting scenarios, for example if a visitor who enters your site is made aware of such technology how would they react? I would guess if you are able to articulate how the collection of such data would benefit them, may result in a willingness to exchange data, in other words a visitor may be willing to opt-in as they clearly understand the value exchange for them directly! The question is how many organisations are able to articulate what this value exchange means for the site visitor other than monetisation!

Eric Beane

I remember a few years back seeing this done with JavaScript and if memory serves right Dell or one of the computer makes used to offer different pricing based on competitors visited. I think it caused an uproar but I cannot find any articles online.

As a marketer I would LOVE to know this info, but I am afraid it violates too many privacy issues.

eric

BJ Williamson

In the end the privacy of the user is more important because any type of misdirection will always come back to haunt you. I agree with Clint that a user browser patterns are among the most unique sets of data that gives you a identifiable finger print of a user. The information is incredibly valuable but at what cost to your users?

Steve Jackson

Hi Eric,

An AI programmer told me it’s relatively simple to scrape a browser for URL history and build a profile. When I heard this my immediate worry was privacy.

How do you see the privacy side here?

I’m a bit unsure based on your illustration of segmentation. Could the unscrupulous use the very same method to identify the browsing history of individuals? If so I don’t like it.

For instance I have just given you my email address to post a comment on your blog. Could the browsing history be somehow tied to the email address by using segmentation?

While I wholeheartedly trust you wouldn’t use my data dubiously (and have no worries about any segment I am or am not part of in your data), if that is the case then it’s a breach of privacy in my opinion. Opt-in doesn’t cut it.

I have not tried it yet but do you think it could be used in this way?

If it’s totally anonymous then it’s just useful in my book.
Best
Steve

Clint

@Tom. Thanks! I didn’t have time to track down that link this morning (it was on my mind while writing my comment). I agree that browser config is also a strong indicator of uniqueness and that adding browsing history to it – oh boy. We played around with this a while back (2 or 3 years ago) and oh boy did it give me a scivvy feeling.

General consensus of the people I talked to at the time is that the browser history hack is a hole in browser security that needs to be fixed.

nir

First I would like to thank Eric for the post and to all the people that commented. I value the points raised in the comments and would like to address them.

When you review the history of web analytics you can see that it evolves from technical related data to user centric data:
- log file analysis (e.g. webalizer) reported hits, bandwidth usage and referrals. It didn’t help webmasters understand much about their users but it did help them understand more about their web servers.
- log analysis+ (e.g. awstats) reported log file based data with some user related data like screen size, flash availability, colors used etc. These tools helped webmasters understand how their visitors see their site.
- web analytics (e.g. google analytics) reports user based data which include goal/funnel tracking. Technical data has become far less important. The data reported helps site owners understand who their users are and how they move across the site using basic “browser generated” data.

We are already in the user behavior stage of analytics. Tools like crazyegg introduced click heatmaps which improved the understanding of how people interact with websites. Btbuckets allows sites to create user segments and take actions upon them in real time. Formalive helps you understand why people abandoned your forms. beencounter helps you understand your visitors’ interests, browsing-paths to your site and act upon it in real time. Web analytics has evolved to user centric data with behavioral tracking as an integral part of it. Following the usage of behavioral data by big ad networks, web analytics will improve its offer to site owners with similar technologies. We believe that beencounter is part of this natural move.

@Emer – When big players collect behavioral data it seems fine but when a smaller player enters the field some people feel uneasy. It’s natural. I hope that we will gain trust as more people use and familiarize with our service. As for Yahoo! Web Analytics, I am beyond sure that data collected across Yahoo! properties is by far more detailed than the data we have

@Bob Mitchell and @Vinesh – “but not one has thought it sufficiently non-evil to actually go ahead with it” – we deal with this issue all the time. I think that the question is will the data be used for evil? Will the visitors object if they know a site uses our service? If they would object when beencounter is used and not object if the site tracks their referrers, search terms, ip, hostname, past visits, geo location, mouse click position and mouse movement – then beencounter should probably not be used on that site. I believe that in most examples of usage visitors would not object more than to other data collected. People are ok with behavioral based ads (for example adsense and gmail) since they don’t fear that something bad will happen to them. If the site is trustworthy then you trust it won’t harm you in terms of privacy, misuse of your data or your credit card for that matter.

@Clint – I would like to recommend http://www.privacychoice.org/whos_watching . They automatically opt you out from our service as well as from others (no – I don’t use their service )

Nir
beencounter.com

Ben Robison

I think the issue is not that little sites can’t do behavioral targeting, it’s the method used to do it.

Behavioral targeting solutions will watch how the user behaves on the site, as well as include any number of other variables (time of day, browser, OS, geographic region, etc) to fit a visitor into a profile and then serve them content accordingly.

In my mind, this is different and it certainly makes me squeemish (and if us analytics and marketing people are squeemish, you can only imagine what the rest of the world would do if they knew). If we think that the usage of flash cookies to reset visitor IDs is bad, then what can we say about using a trick so that our visitors reveal their web history to us?

It’s going to be hard to convince the world that we can be trusted, when we constantly go about creating new ways to trick them. I note that of the 15 comments so far, 1 is positive (posted by beencounter themselves), 2 are neutral, and all the rest in some way express concerns over this kind of tracking. Eric, I’d like to think that you’d consider your user’s responses regarding your own use of the service on your site.

Eric

Thanks to everyone who has commented on the post so far. I honestly didn’t expect nearly this level of interest from folks but hey, I’m not complaining! Responses and thoughts follow …

Emer: Honestly beencounter does a lot more than referrer + exit link … it really does look all the way back in your browser history. If you never clear, it’s all there. No recency or frequency, but good data from which to expand on visitor profiles. And while it’s like what you all have at Yahoo, it’s not limited to your (admittedly expansive) network.

Deleted your history? Darling, what do you have to hide …

Ben: Perhaps, but perhaps not. Fundamentally I think we need to have a bigger conversation about what “privacy” means on the Internet, don’t you? You say this is an intrusion … but Comcast knows EVERYTHING about my surfing habits. Do I trust Comcast but not beencounter?

This is bigger than beencounter, but I respect your position and thanks for commenting!

Bob: Agree on the “it’s not the tool but the use” perspective! But since the “hack” that enables this is what makes links show up as different colors and allows for the browser history. I suppose they can close up the Javascript access but I wonder if they will …

Tom: Yeah, this is actually the same technology/hack that powers Tealium’s Social Media product (and I suspect some other apps out there.) So you could use this to see if someone has been to your Facebook group, your Facebook personal page, your Linkedin Groups, your Twitter account, etc. Great point!

Clint: Thanks for the link to the opt-out … what happens if you delete your cookies do you think? I’m not sure about your thesis about using the browser history to uniquely ID people … me? I just ask folks for their names

Mark: Regarding building a company on a known hack … you do recall that using web server log files to understand visitor behavior was a hack, right? That seemed to work okay for Webtrends

Vinesh: Agree, but I sort of doubt that we’ll see any kind of proactive announcement that this service is being used. Same as page tags, etc., I suspect this falls into the “what they don’t know don’t hurt ‘em” school of thought. We’ll see, huh?

Steve: I have an email into Adobe’s Chief Privacy Officer (on Flash LSO) and that response plus this conversation will certainly give me some fresh stuff to write about re: privacy and web analytics. Dubious uses? I’m not sure I can think of any … especially since beencounter is blocking the ability to see if your history has, you know, yucky sites.

Nir: Thanks for your comment and additional thoughts, and thanks of course for showing us the technology!

Clint

@Eric, I’m trying to track down a couple of articles. But I recall a couple in the past week that show that individuals distinct travel habits which when given access to location based data from a phone (say 4square) can be used to uniquely identify them over time. I imagine that browsing habits exhibit a similar predictability so given access to the browser history you can get to know a specific individual quite well, especially when that browsing history might contain search queries.

The only mitigating factor here is that you have to know which sites you want to look for (pre-visit) in the history (the test is whether or not the domain has been visited and not show me all the domains the visitor has visited).

On a higher (deeper?) level, my issue here is that this is yet another way to violate the user’s right to privacy since at a fundamental level you are collecting data outside of the cookie domain. In other words, a cookie is not required for this tracking to work so like Flash you are circumventing the built in privacy controls of the browser that users are most likely to be familiar with.

As with all things cookie, obviously my opt-out only lasts as long as my cookie does and/or as long as I am using the same browser where the cookie is set.

@Nir, yes there are orgs for this kind of thing. My issue is that your privacy policy (and the opt out) are buried within your site. I think that only a concerted effort to find your opt out will get a user there and instead it needs to be plain and obvious to users of all levels what they can do not to be tracked by your system (BTW, that’s not targeted at you anymore than I would target the comment at any other analytics provider)

Chris Erickson

I remember I saw the first rudimentary demonstration of this DOM hack several years ago. It seemed pretty clear clear how someone could use this to build a fully-featured tool, but at the time I didn’t think anyone would have the chutzpah to do so, let alone build their whole business around what is essentially a browser exploit.

Is the data useful? You bet it is. Frankly, I think you’ve barely scratched the surface here with the clever ways it could be used to squeeze out more dollars, and the applications that could be downright devious. But the breach in user trust would simply be enormous. Eric, I think everyone will give you a pass about using this tool on your site because 1) trying and reviewing the latest and greatest web analysis tools is part of your job description, and 2) you’re being up front on a detail level about how you’re using this tool.

On the other hand, if I was going to some other website that wasn’t “web analytics” related, and discovered they were using this tool, I would not be visiting that website again. Neither would most people if they understood what the tool was doing.

Steve Jackson

Hi Eric,

That’s what Phorm said regards dubious uses and look what happened to them. They got a whole firestorm of shit as my post from 2008 illustrated (and ended up with the European Union getting involved). If you can tie a segment to a personal identifier like an email address or ID then you’re playing with fire. 2000 sites as a filter is not nearly enough and who makes the decision in beencounter as to what a filtered site is?

Looking forward to your response after Adobe get back to you.
Best
Steve

Eric

Ben: Good points all, especially the summary of perception of the service by this obviously learned community. Whether we remove the code from Demystified is a decision we’ll make after we have some time to explore how the application can be used, but we have updated our privacy policy to reflect the application’s use and thanks for reminding me to mention that!

Clint: I honestly don’t think the service would be nearly as useful for what you’re describing as you think. All beencounter says is “has the visitor been to these URLs” without regard to time or visitation patterns. You’ve made some assumptions about what can be accessed that either A) aren’t possible or B) aren’t in beencounter.

Regarding circumventing built in privacy controls? “Delete history” is right below “Delete cookies” in my browser. Isn’t it in yours? And Private Browsing seems to eliminate history, rendering applications like this ineffective.

I’m not disagreeing with you, by the way. Definitely some privacy challenges here.

Chris: Thanks for the “pass” on using the app. We’re just exploring new technology that has the potential to make our lives easier (or not). By the way, does your momma know you visit Sarah Palin’s blog?

Steve: You’re taking credit for the EU position on cookies based on your blog post? If so, I know some folks who want to rough you up

Seriously, you raise an excellent point about co-mingling this with PII or other reasonable identifiers (e.g., geography) although when you look at the data you’ll see that comparing beencounter to Phorm is silly. Kind of like comparing a Fiat and a Ferrari … yes, they are both cars, but not really. (Apologies to those of you driving Fiats.)

Steve Jackson

@Eric,

I wouldn’t be so quick to call it silly. In principle it could be seen as dangerously close if indeed PII can be tied to a segment of browsers.

Phorm didn’t show in its reporting system how it does deep packet inspection, nor did it show what I as an individual user did, it aggregated everything and kept everything anonymous to the customer (in this case BT). This is why initially I was fooled, I figured “storm in a teacup over behavioral targeting”. I was wrong and held up my hands at the time.

The point is that people at Phorm (and their trial customer BT) had the possibility to access individual browsing information and could dig into any individual record. If the browsing history revealed information like someone visiting their Gmail account you had a name to the record. Privacy game over.

What beencounter could face is the same problem from a different angle.

Case Example;

President Obama goes to a reputable website he frequents that recently installed beencounter and logs in. The website owners automatically segment the president as a logged in user and now since they can, they record the browser history information from beencounter to their own CRM systems. An unscrupulous employee then during a routine scan of individuals who logged in last week sees the presidents email address and checks up the browser history entries from beencounter. He sees that Mr Obama has frequented various porn sites not listed on beencounters filter list. How much is that information worth to the unscrupulous employee?

While I know it’s an outrageously unlikely scenario my point is could it happen? If not why not?

My question is, have beencounter considered this angle and taken steps to ensure it can’t happen? From your analysis it appears not?

Because the above possibility was what the Phorm campaigners were complaining about.

The difference between Phorm with PII and beencounter with PII is that potentially you could get all the information from Phorm about individual browsing behavior going back to opening your internet account. With beencounter you might only get a record of URLs in the browser cache.

I agree there is a huge difference however in many cases beencounter might be just as damaging.

While it may look silly looking at the data produced by the system, that’s exactly what I thought about Phorm when I first looked at it.

And no, Not my fault about the EU’s position on cookies…. Phorm, maybe, cookies, no.

Cheers
Steve

Greg

Here’s what a criminal will do.

Require user name and password to get some cool download.

Use this hacker stuff to see history, and check for banking sites.

Since many people use the same user name and secret password everywhere, and you have collected this info, see if you can use the user name and password they gave you to log into that bank account.

Once you have a long list, log into all the bank accounts, create a new payee and have a check mailed to you. Since people don’t check their bank site every day, most checks will clear before the person is aware of what happened.

The potential for fraud is huge. Catch him if you can.

Also, worried that Congress may ban cookies? Just wait until 20/20 does a story on these people, with an expose on companies that use this invasive service. This would cause a huge backlash.

Nir

@Steve – what about these examples: President Obama logs into his Amazon account and orders a book about any-embarrassing-issue. Employee finds out and tells press. President Obama logs into his paypal account and searches for any-embarrassing-product on eBay. Employee finds out and tells press. President Obama buys with his credit card any-embarrassing-product. Employee finds out and tells press. beencounter does not promote bad security or bad privacy procedures in websites. I agree that sites that install beencounter know more about their users but that does not mean they now lower their privacy efforts. Our privacy team goes over all site tracking requests and blacklist sites that are “sensitive” in order to avoid incidents like in the example you described (even if the visitor is not President Obama ).

@Greg – If site owners want to use their users login data nothing can stop them. They can try different banks, social sites, email accounts and hack their user’s accounts. beencounter wont help them in your example as banks are automatically blacklisted by our system and users cannot track these sites.

A word about “evil” sites. I know that it is simple to use an “evil” site as an example but try to think when you last visited an evil/scam site or clicked on a phishing email just to see how well they duplicated paypal login page. These sites don’t stay up long and are on the outskirts of the internet. They can fool a few but then they get shut down by the domain registrar/host and search engines worn people not to click on search result linking to these sites. 99.99% of the sites do not want to harm their users/visitors and would not use behavioral tracking against them as they would not try abuse any other user information.

For readers that are not familiar with cookies, flash cookies and history. Tracking cookies and flash cookies can live forever as long as you don’t actively delete them. History, on the other hand, is deleted automatically by most browsers every few months. This makes the periods tracked with history limited compared to cookies.

Steve Jackson

@Nir

There is one small but hugely significant difference in your examples. President Obama would actually know that he was setting himself up for embarrassing situations in every one of your examples. He would have to be pretty stupid to do that. In my example he wouldn’t have a clue that he was being compromised, your system would be looking at something he didn’t know about. No-one reads privacy policies and that’s your problem not ours. If someone is compromised by your system the bad PR you could get might be fatal to your business. Ask Google (regards Buzz).

You haven’t answered the question I posed either you have just side stepped the issue. You cannot be telling me that your unpublished filter list of dodgy websites is your only form of defense to the privacy worries raised by myself and others on this thread? It’s an exceptionally weak and flawed method to protect the privacy of consumers on your customers websites. There are literally millions of dodgy websites out there.

You need to be much more transparent about your service and stop trying to deflect the argument somewhere else. Everyone reading Eric’s blog has forgotten more about cookies than McVities so throwing that one up as a defense is not helping you here.

Now don’t get me wrong, I want you to succeed, essentially I like the idea of the service but right now I have huge concerns using it or recommending it because it sounds like it has holes. It’s your opportunity to answer the concern.

So to clarify…

Do you make it impossible for 3rd parties to tie PII to an individual record from your service?

For instance could we attach beencounter information to a CRM record by the use of segmentation, potentially without the knowledge of the visitor?

If so how?

Rudi Shumpert

When I first saw this I was very intrigued. I even downloaded it an put in on my site to test it out.

But I have to say that I am uncomfortable with this practice. To me, this service crosses the line with what is acceptable to do in data collection. Just too many concerns on privacy invasion.

I have removed the scripts from my site.

nir

@Steve – If you are asking if we have an API that subscribers can query “has IP xxx.xxx.xxx.xx been to site yyyy”, “has cookie-id xxxxx been to site yyyy” or similar then no we don’t.

Steve Jackson

@Nir;

No I’m not asking that. I don’t think the flaw is with your service but I think it can be manipulated by anyone who uses it (IE a third party) with analytics knowledge and programming skills.

So for instance if someone logged in to a site they didn’t know was being tracked with beencounter could your customer populate their CRM systems with beencounter information?

has cookie-id xxxxx, identified by customer login as Jon@doe.com (salesforce.com) been to site yyyy (identified by beencounter).

My concern centers around the analysis Eric made;
If you have a powerful segmentation tool you could use the beencounter API to dynamically populate custom variables with the list of sites and/or API IDs for post-hoc segmentation.

I suppose from a technical perspective I am asking how your API allows you to populate custom variables and can this be tied to PII in any way.

Alvin

After reading most of the posts here, I think our question is pretty clear :

Who is “authorized” to collect those “sensitive” data?

I am sure all of us have given our social security or credit card numbers over the PHONE. What makes the different is the BRAND, but how do we know if the other person over phone did not steal our personal information?

We are in the same situation when Online Shopping was introduced many years ago and people had great concern about privacy until SSL was implemented. In this case, I think we need an OFFICIAL PARTY to STANDARDIZE and AUTHORIZE data collection method of each website.

Add a Comment