As a new consultant fresh out of college, I went through a training exercise called “Failure Analysis.” I am unsure if they still do this type of exercise these days, but the idea behind the exercise was to play out worst-case scenarios and determine how to mitigate each scenario. I found the exercise helpful and, for better or worse, find myself occasionally playing out potential failures in my head.
Recently, I have been thinking about failure analysis relates to digital analytics, privacy, and GDPR. The digital analytics industry is in a strange place right now as it relates to user identification and privacy. Organizations want to collect as much data as possible about users so they can improve digital advertising and products, but at the same time, consumers want their privacy respected. The last few years have seen a cat-and-mouse game between regulators, companies, vendors, and consumers regarding user identification and data privacy. On some browsers/devices, cookies last only seven days; on others, they never expire. Unless you are entirely immersed in the field (like or ), it is challenging to stay on top of the current regulations in each country (or state if you are in the USA).
So lately, I have been pondering the idea of failure analysis and data privacy. What if all website or app users were anonymous? What if there were no cookies to tell you if the people using your website/app had been there before? How would this change the digital analytics industry?
While this may sound a bit pessimistic, it isn’t outside of the realm of possibility that one day all cookies and anonymous user identification could be outlawed. But even if this doesn’t happen, the idea behind failure analysis is to play out hypothetical scenarios and think about the impacts and mitigation techniques. The following is my failure analysis of data privacy related to the digital analytics industry.
Marketing Attribution
The most obvious casualty of removing all anonymous identities is digital marketing attribution. While it would still be possible to view how many users converted when coming directly from a digital advertisement, it would be impossible to know if that same user had previously visited your website or app from other campaigns. Since marketing attribution relies on assigning credit amongst multiple campaigns the same user had interacted with over time, in a fully privacy-compliant world, all conversions would be “last touch.” A lack of identity would also mean that marketers would have no way of understanding the interplay between marketing campaigns or determining which campaign or marketing channel combinations led to conversion. In a completely cookie-less world, campaigns or channel decisions would skew towards those with a higher preponderance of last-touch success. Ironically, Google is when they probably have the most to gain since paid search is often the last thing users do before converting!
From a digital analytics perspective, this scenario would negate the value of many of the features of traditional “marketing analytics” products. Products like Google and Adobe Analytics have extensive features around campaigns, channels, and acquisition. Many of the new would also lose some of their value. This slow degradation of user identity is partially responsible for the recent . After all, if you cannot accurately calculate the marketing return on ad spend, it makes sense that executives would shift budgets away from marketing. No one likes to spend money they cannot prove is generating ROI!
Mitigation Tactics
So, how can this marketing attribution failure be mitigated? One mitigation approach Google has pushed is the idea of and . While I plan to cover these in more detail in a future blog post, at a high level, Google is attempting to use data known about consented users to estimate what is happening with anonymous (non-consented) users. I am not a fan of this approach because I don’t generally support data being artificially constructed. That can be a slippery slope. I also think this approach is a short-term band-aid and won’t work in as the percentage of anonymous users rises towards 100%.
The other marketing attribution mitigation approach is or . These techniques are interesting in that they don’t rely on knowing who the user is. Instead, these user agnostic techniques use machine learning, algorithms, and experiments to determine which marketing spend is leading to success. At this point, I haven’t seen wide scale adoption of these approaches, but I expect they will gain popularity as more and more users are anonymous to marketers.
User Retention Reporting
One of the best parts of identifying repeat website or app users is retention reporting. Seeing how often the same user returns to your digital property enables you to learn things like:
- What campaigns drive loyal users?
- What product features drive long-term engagement?
- What is your typical product usage interval?
- What features or content are causing user churn?
While marketing analytics products offer some lightweight retention reporting, this is an area where product analytics vendors go much deeper. Amplitude, for example, has over twenty permutations of retention reports.
But if it becomes impossible to know if the user on your website or app today is there for the first time or the fifth time, retention reporting is rendered useless. In this scenario, it would look like every user was a first-time user. It would be impossible to know how often users churned. A lack of identity would make it much harder for product teams to understand how feature usage differs between novice and experienced users.
Mitigation Tactics
The most viable mitigation tactic for user retention is increased user authentication. For years, brands have been lazy and outsourced their relationship with customers to advertising networks. For example, instead of a company, say, Acme Corp, getting all of its customers to have an Acme Corp account, they pay money to Google or Facebook to find the same users over and over through their advertising networks. But as more users become anonymous due to cookie deletion and privacy regulations, advertising networks lose their ability to identify users accurately. For example, when Apple introduced ITP, as brands no longer believed that Facebook could accurately track users as they had.
Brands will soon recognize the benefits of having a 1:1 relationship with their customers via an authenticated login instead of relying on advertising networks for identity. Once you get customers to authenticate, you can see all their user behavior in a privacy-compliant manner. Industries like financial services have been at the forefront of user identity, as almost every customer authenticates when using financial websites and apps. Digital natives like Uber, Doordash, etc., have also seen the benefits of this since most users authenticate while using their mobile apps. Over the next few years, more brands will find ways to increase their logged-in accounts, even if they have to pay (or bribe) customers to create them. As consumers, we may all have to get used to using password tools like 1Password or LastPass to remember our different brand logins!
Another potential mitigation strategy for user retention is the use of blockchain technology. I imagine a scenario where users store their personal information on a private blockchain and choose which portions of their user profile to share with each brand. One of those attributes could communicate that they were the same user as in the past while still obfuscating their actual identity. Blockchain would be a way to securely tell a brand that they have a return visitor without compromising privacy. But I expect users will want something in return for sharing this information. Users may earn money from their identity and take control of their data, which could eliminate advertising networks as the go-between. As an aside note, my recent move to Amsterdam introduced me to , a nifty technology that does this. Whenever a Dutch organization or business needs information about me, I can authorize it via DigiId.
Other Potential Impacts
While marketing attribution and user retention are the most impacted by a completely anonymous world, the following are some other potential impacts:
- User Cohorts – Building a cohort of users who did X in one session and Y in another would be impossible.
- User Journeys – You could not view multi-device, multi-session user journeys.
- Conversion Funnels – Conversion funnels would be limited to session conversion only.
- Pathing – It would be impossible to stitch together user paths across sessions.
- Experimentation – You could only keep users in a specific experiment or test within one session.
- Personalization – You could not personalize content or promotions based on past user behavior.
- Remarketing – There would be no way to send remarketing messages to users who failed to convert (e.g., left items in the shopping cart).
Summary
As you can see, the digital analytics industry heavily depends on anonymous user identification. Hopefully, we never have a world where it is entirely impossible to identify anonymous users. As an industry, I am hopeful we will find a mutually beneficial solution to privacy and identity. But if you want to plan for the worst case scenario, based upon my failure analysis, you may want to consider the following:
- Invest in product analytics – While identity impacts marketing and product analytics, marketing analytics is more severely affected. Even in a 100% anonymous world, product teams can still leverage product analytics data to see how users engage with the product, what features they use, etc. While it is a bonus to see this over time from returning users, it is not required. But most of the benefits of marketing analytics are nullified if all users are anonymous.
- Change attribution approach – Find a way to perform marketing attribution that doesn’t rely on tracking individual users.
- Increase user authentication – Brands should invest more in building 1:1 relationships with customers and getting them to create authenticated accounts.