tag:econsultancy.com,2008:/topics/privacy-data-protection Latest Privacy & data protection content from Econsultancy 2017-05-04T14:11:38+01:00 tag:econsultancy.com,2008:BlogPost/69056 2017-05-04T14:11:38+01:00 2017-05-04T14:11:38+01:00 Bloomberg's Trigr will let advertisers deliver custom ads based on market conditions Patricio Robles <p>"Advertisers are clamoring to reach the right audience with the right content," Derek Gatts, Bloomberg Media's global technology and product head, told AdAge. "But there isn't a lot of conversation aligned with the 'when'."</p> <p>He further explained, "When markets are moving, our traffic booms. We saw that with the instability in Greece, Brexit, the US election – people come to Bloomberg when there is instability in the market because they want to know what the next steps are for their portfolio."</p> <p>Markets, of course, move up and down, and the direction they're moving can dramatically influence the moods of the people who are involved in them.</p> <p>As Bloomberg sees it, this creates an opportunity for advertisers to serve different messages that are appropriate in the context of what's happening in the markets. For example, Gatts says, "Luxury brands want to identify an audience that can spend $25,000 for a Rolex. What better time to advertise to an affluent audience than the moment they just made a ton of money?"</p> <p>With Trigr, advertisers can set triggers to deliver different creative based on granular market-based criteria, such as the performance of broad and category-specific indexes like the S&amp;P 500, various commodities, and stock exchanges in specific countries. Bloomberg will also give advertisers the ability to create triggers around a select number of specific companies.</p> <p>Trigr ads will be sold on a CPM basis and the Trigr technology is based on Bloomberg's own ad server, so Bloomberg can integrate it into any of its offerings that contain advertising, although it did hint that Trigr might be applied to ads "beyond Bloomberg's walls" as well.</p> <h3>The rise of emotional advertising?</h3> <p>Interestingly, Bloomberg's unveiling of Trigr comes at a time when Facebook has sparked interest in the idea of advertising to consumers based on their emotions.</p> <p>The world's largest social network is <a href="https://www.theguardian.com/technology/2017/may/01/facebook-advertising-data-insecure-teens">under fire</a> after a leaked internal document obtained by The Australian revealed that Facebook had told advertisers it can identify when young users feel "stressed," "defeated," "overwhelmed," "anxious," "stupid," "useless" and like a "failure." That knowledge of users' emotional states could in turn be used to target these users with advertisements.</p> <p>Facebook now claims that it doesn't allow advertisers to target users based on its analysis of their emotional states, but Antonio Garcia-Martinez, a former Facebook product manager, <a href="https://www.theguardian.com/technology/2017/may/02/facebook-executive-advertising-data-comment">claims</a> the company <em>could</em> do this and questions why it would mention the capability in a presentation for advertisers if it had no intention of allowing those advertisers to use it. According to Garcia-Martinez, "The hard reality is that Facebook will never try to limit such use of their data unless the public uproar reaches such a crescendo as to be un-mutable."</p> <p>But while Facebook's capability might cast doubt on the concept of emotion-based advertising, Bloomberg's Trigr demonstrates that there are probably reasonable proxies for emotion that don't rely on mining user data and thus aren't so creepy for advertisers to use.</p> <p>The real question, of course, is just how powerful this will be in the real world. There's no doubt that a major market move might make some individuals happy for a day or two, but will it be enough to convince them to shell out $25,000 for Rolex watches and other luxury goods that they wouldn't have purchased otherwise, or would have purchased well in the future instead? Thanks to Trigr, advertisers will soon have the ability to find out.</p> tag:econsultancy.com,2008:BlogPost/68945 2017-04-03T14:01:17+01:00 2017-04-03T14:01:17+01:00 Thanks to politicians, ISPs could soon become the dominant digital ad players in the US Patricio Robles <p>One of the obvious goals of these acquisitions is to stake out a better position in the booming digital advertising market, which surpassed television ad spending last year in the US and is now worth more than $70bn annually.</p> <p>But now, ISPs may have an even easier time realizing their digital advertising dreams thanks to the US House of Representatives and Senate voting to pass S.J. Res. 34, a measure that kills consumer broadband privacy rules that the Federal Communications Commission (FCC) <a href="https://www.fcc.gov/document/fcc-adopts-broadband-consumer-privacy-rules">enacted last October</a> which required ISPs to get consumers to give them permission to collect sensitive data, including their browsing histories, geolocation data, and financial information. Additionally, the rules required ISPs to be more transparent about their data collection and sales practices.</p> <p>US President Donald Trump is expected to sign S.J. Res. 34.</p> <p>Once that happens, as DSLReport's Karl Bode <a href="http://www.dslreports.com/shownews/The-GOP-Just-Killed-Consumer-Broadband-Privacy-Protections-139244">notes</a>, "there's arguably little to prevent ISPs from doing whatever they'd like with your personal information, including selling it to [third-party] companies."</p> <h3>Disappointment and outrage</h3> <p>Not surprisingly, many observers expressed disappointment and even outrage at the vote, which saw S.J. Res. 34 pass in both the House and Senate by a slim margin along party lines. <a href="https://www.eff.org/deeplinks/2017/03/congress-sides-cable-and-telephone-industry">According to</a> the Electronic Frontier Foundation (EFF), once President Trump signs S.J. Res. 34 the internet is going to become a less friendly and potentially downright scary place for US consumers:</p> <blockquote> <p>...big Internet providers will be given new powers to harvest your personal information in extraordinarily creepy ways. They will watch your every action online and create highly personalized and sensitive profiles for the highest bidder. All without your consent.</p> <p>This breaks with the decades long legal tradition that your communications provider is never allowed to monetize your personal information without asking for your permission first. This will harm our cybersecurity as these companies become giant repositories of personal data.</p> <p>It won't be long before the government begins demanding access to the treasure trove of private information Internet providers will collect and store.</p> </blockquote> <p>While such dire predictions are not guaranteed to come true, most tech industry observers and experts have expressed significant concerns that the elimination of the FCC's privacy rules would leave consumers vulnerable. Indeed, it would appear that, absent a regulatory change of heart, ISPs will now be free to collect data, and sell and use it, without many restrictions.</p> <p>So what happened? Members of the House and Senate recognized what was at stake. Democratic critics of S.J. Res. 34 <a href="https://arstechnica.com/tech-policy/2017/03/for-sale-your-private-browsing-history/">warned</a> that the measure would make ISPs "more powerful than Amazon and Google." And they raised the privacy implications. "Just last week I bought underwear on the Internet. Why should you know what size I take or the color?" Rep. Michael Capuano asked his colleagues during debate.</p> <p>But Republicans who voted for S.J. Res. 34 expressed concern that the FCC's privacy rules "arbitrarily [treat] Internet service providers differently from the rest of the Internet" and thus represent "government intervention in the free market." They argued that this benefited search engines and social networks, namely Google and Facebook, who use their massive data troves with minimal restriction to dominate the digital ad market.</p> <p>Of course, users can more easily choose not to use Google and Facebook than they can not to use an ISP, and there are steps they can take to limit tracking when they use internet services. On the other hand, ISPs have the unique ability to track every single site a customer visits, which is why there is so much disappointment and outrage over S.J. Res. 34.</p> <p>The unfettered ability to use and sell that browsing history data will put ISPs in position to make big moves in the digital advertising market and for better or worse, nobody should expect them to delay.</p> tag:econsultancy.com,2008:TrainingDate/3173 2017-03-21T11:32:05+00:00 2017-03-21T11:32:05+00:00 Google Analytics Advanced - Optimising your Site <p>Research by Econsultancy has shown that over 70% of companies now use Google Analytics systems to report online performance. However, frequently the tool hasn't been configured to tailor reports to make full use of its capabilities and drive business results.</p> <p>This practical small group workshop will help you get the most out of Google Analytics to improve your tracking, website and marketing campaign efficiency. Submit your own site during the workshop, and you'll have an opportunity to have it reviewed, with recommendations on "quick win" improvements for you to consider made by the expert trainer.</p> tag:econsultancy.com,2008:TrainingDate/3172 2017-03-21T11:31:16+00:00 2017-03-21T11:31:16+00:00 Google Analytics Advanced - Optimising your Site <p>Research by Econsultancy has shown that over 70% of companies now use Google Analytics systems to report online performance. However, frequently the tool hasn't been configured to tailor reports to make full use of its capabilities and drive business results.</p> <p>This practical small group workshop will help you get the most out of Google Analytics to improve your tracking, website and marketing campaign efficiency. Submit your own site during the workshop, and you'll have an opportunity to have it reviewed, with recommendations on "quick win" improvements for you to consider made by the expert trainer.</p> tag:econsultancy.com,2008:TrainingDate/3171 2017-03-21T11:29:32+00:00 2017-03-21T11:29:32+00:00 Google Analytics <p>Research by Econsultancy has shown that over 70% of companies now use Google Analytics systems to report online performance. However, frequently once the tool is in place there seems to be a "what next" moment.</p> <p>This practical, small group workshop will help you to get started with Google Analytics, offering you plenty of practical tips and shortcuts.</p> <p>You'll learn how to get useful information from the tool so you can begin optimising your site, online marketing and content.</p> <p>Your website will also be viewed by an industry expert, who will make recommendations as to the best starting points for your own analysis.</p> tag:econsultancy.com,2008:TrainingDate/3170 2017-03-21T11:28:33+00:00 2017-03-21T11:28:33+00:00 Google Analytics <p>Research by Econsultancy has shown that over 70% of companies now use Google Analytics systems to report online performance. However, frequently once the tool is in place there seems to be a "what next" moment.</p> <p>This practical, small group workshop will help you to get started with Google Analytics, offering you plenty of practical tips and shortcuts.</p> <p>You'll learn how to get useful information from the tool so you can begin optimising your site, online marketing and content.</p> <p>Your website will also be viewed by an industry expert, who will make recommendations as to the best starting points for your own analysis.</p> tag:econsultancy.com,2008:BlogPost/68886 2017-03-10T14:45:00+00:00 2017-03-10T14:45:00+00:00 10 mega digital marketing stats from this week Nikki Gilliland <h3>Correlation between spam rates and subscriber engagement</h3> <p>The latest report from Return Path highlights how industries that outperform the average on key email marketing metrics (like read rate, reply rate etc.) also see less email delivered to spam folders.</p> <p>While the <a href="https://returnpath.com/downloads/hidden-metrics-email-deliverability/?sfdc=70137000000MhwH" target="_blank">Hidden Metrics of Email Deliverability</a> shows that overall spam placement has increased slightly year on year  - from 13% in 2016 vs 12% in 2015 - levels of positive engagement have significantly improved.</p> <p>In terms of industries, the banking and finance and distribution and manufacturing categories saw just 6% of email delivered to spam folders, while this figure rose to 28% in the automotive category. </p> <p><em>Chart shows percentage of email delivered to spam folders</em></p> <p><img src="https://assets.econsultancy.com/images/0008/4558/Spam_rate.JPG" alt="" width="780" height="353"></p> <h3>Generation X perform four in 10 family travel searches</h3> <p>New research from Bing Ads has revealed how families are searching for holiday inspiration and services online.</p> <p>The <a href="https://advertise.bingads.microsoft.com/en-us/insights/set-sail-for-family-travel-searches-and-clicks" target="_blank">report</a> shows that 59% of searches for family holidays are undertaken by women compared to 41% by men. Similarly, Generation X (those aged 35 to 59) perform four of every 10 searches.</p> <p>Other highlights from the report include how consumers are more likely to use mobile devices to search for inspiration and PCs or tablet devices to make a final reservation. Meanwhile, it appears consumers dream of visiting the beach all year long, meaning companies need to invest in year-round campaigns to capture this evergreen interest.</p> <p><img src="https://assets.econsultancy.com/images/0008/4559/Bing_Ads.JPG" alt="" width="780" height="221"></p> <h3>Nine in 10 consumers concerned about how companies use personal data</h3> <p><a href="http://www.businesswire.com/news/home/20170307005123/en/Global-Study-Ten-Consumers-Concerned-Data-Security" target="_blank">New research</a> from Verint has found that while more consumers crave highly personalised customer service, they are also increasingly sceptical about how businesses collect and store personal data. </p> <p>From a study of more than 24,000 consumers, 80% said they like service that is personalised to their needs (which in turn relies on the use of customer data to deliver). </p> <p>However, 89% of consumers also want to know how companies keep their personal information secure, and 86% insist that they should know when their data is passed on to third parties.</p> <h3>Kinetic emails increase unique click rates by 18%</h3> <p>Experian’s Q4 2016 <a href="http://www.experian.com/marketing-services/email-benchmark-q4-2015.html" target="_blank">Email Benchmark Report</a> has revealed that kinetic emails – i.e. those that include interactive content like carousel navigation - see greater levels of engagement than any other kind.</p> <p>From analysis of seven brands in 2016, kinetic emails were found to increase unique click rates by as much as 18.3% and click-to-open rates by more than 10% compared to standard emails.</p> <p>The report also highlights that email volume increased 17.4% year-over-year, while metrics like click and transaction rates, revenue per email and average order volumes all remained relatively stable during the same period.</p> <p><img src="https://assets.econsultancy.com/images/0008/4557/Kinetic_emails.JPG" alt="" width="609" height="446"></p> <h3>British SMEs grow online exports by more than a third</h3> <p>New data from <a href="https://www.paypal.com/stories/uk/open-for-business-paypal-reveals-online-exports-boom" target="_blank">PayPal</a> has revealed how small and medium-sized businesses benefitted from the record lows of the pound last year. </p> <p>SMEs in the UK saw their rate of growth treble to 34% year-on-year from July to December 2016. Similarly, while there was an uplift in PayPal sales for British businesses overall, the biggest impact was seen on small and medium-sized organisations, with the amount international shoppers spent with UK SMEs rising 13% per transaction in the last six months of 2016. </p> <p>Fashion and sports experienced the highest growth, with a 49% year-on-year increase in goods from these categories sold to international shoppers.</p> <h3>Native video ads boost ROI</h3> <p>Yahoo’s <a href="http://b2bmarketing.yahoo.net/yfp-state-of-native/infographic?utm_source=AYC&amp;utm_campaign=Q12017YFPStateofNative&amp;utm_medium=organic" target="_blank">State of Native</a> report suggests that native advertising continues to reign supreme, with the brand seeing exponential growth of native ad consumption in all regions and across all devices.</p> <p>Data from more than 74.5bn native ad impressions show that publishers have seen a 446.7% lift in eCPMs (effective cost per thousand ad impressions) on native video ad placements compared to display.</p> <p>The report also highlights how consumer engagement for specific apps and devices vary by time of day and location. For example, in the US, users spend the late afternoons and evenings on their smartphones, while their nights are spent on desktop. This is compared to other parts of the world, where nights are typically spent on smartphones. </p> <p><img src="https://assets.econsultancy.com/images/0008/4561/Yahoo.JPG" alt="" width="780" height="286"></p> <h3>Household gifts drive the biggest basket value for Mother’s Day</h3> <p>According to Criteo, Brits are still lacking in imagination when it comes to buying Mother’s Day gifts online.</p> <p>Data reveals that household gifts such as kitchen, laundry appliances and vacuums drive the biggest basket value for online sales. Similarly, gardening tools typically see a boost in sales with spring just around the corner. Last year, there was a 193% increase in units sold in the two week’s leading up to Mother’s Day.</p> <p>In 2016, it was suggested that we spent a total of <a href="http://www.cityam.com/235965/mothers-day-2016-brits-will-spend-928m-this-year-on-mothers-day-gifts" target="_blank">£928m on the day</a>, with this figure expected to rise even higher this year.</p> <h3>TV accounts for 94% of viewed video ads in the UK</h3> <p>New data from <a href="https://www.thinkbox.tv/News-and-opinion/Newsroom/TV-accounts-for-94-percent-of-video-advertising" target="_blank">Thinkbox</a> has revealed that TV accounted for 93.8% of video ads viewed in the UK in 2016. This is the equivalent of 18 minutes and 53 seconds a day.</p> <p>These figures are slightly down on 2015, when TV saw a share of 94.4%. However, other forms of video advertising saw far less engagement, with YouTube accounting for 0.7% of viewed video ads in 2016, while other online video (including Facebook) collectively accounted for 5.2%.</p> <p>The average person is said to have watched 20 minutes of video ads a day in 2016, while total daily video consumption increased to 4 hours, 37 minutes in 2016.</p> <p><img src="https://assets.econsultancy.com/images/0008/4562/Thinkbox.JPG" alt="" width="780" height="435"></p> <h3>Wearables now at an all-time high</h3> <p>The International Data Corporation has revealed that the global wearables market reached a new <a href="http://www.idc.com/getdoc.jsp?containerId=prUS42342317" target="_blank">all-time high</a> in the fourth quarter of 2016. In this period, 33.9m units were shipped, representing a year-on-year growth of 16.9%.</p> <p>A total of 102.4m wearable devices were shipped in 2016 – a figure up 25% year-on-year. Insight suggests this could be due to single purpose devices evolving into hybrid ones, fusing together multiple health and fitness capabilities with smartphone technology.</p> <p>In terms of brand dominance, Fitbit continued to reign supreme, with 22.5m shipments being made over the course of the whole year.</p> <p><img src="https://assets.econsultancy.com/images/0008/4560/IDC_wearables.JPG" alt="" width="457" height="396"></p> <h3>64% of decision-makers say sales and marketing teams could be more aligned</h3> <p>According to a YouGov survey of 725 business leaders, commissioned by Huthwaite International, 92% of respondents believe sales and marketing teams should work closely together.</p> <p>Despite this fact, 64% also say that sales and marketing teams need to do more to facilitate this alignment. </p> <p>When it comes to the benefits of working more closely, 52% cited a consistent message delivered to clients and prospects, while 50% said the opportunity to gain new customers. Just 8% of respondents said they didn’t believe there was any benefit.</p> tag:econsultancy.com,2008:BlogPost/68683 2017-01-09T10:33:22+00:00 2017-01-09T10:33:22+00:00 What can marketers learn from Amazon Go's customer experience? Nikki Gilliland <p>Shoppers are simply required to scan smartphones as they enter, leaving Amazon’s “just walk out” technology to detect exactly what’s being taken and charge it to their Prime accounts.</p> <p>It’s one of the first ever examples of a truly seamless customer experience - a trend that’s <a href="https://econsultancy.com/blog/68652-ecommerce-in-2017-what-do-the-experts-predict/" target="_blank">predicted to be big</a> in the world of ecommerce this year.</p> <p>So, what can we learn from the concept? </p> <p>Here’s a few factors for marketers to consider.</p> <h3>Getting out of the customer’s way</h3> <p>According to Amazon, the store uses a combination of “computer vision, deep learning algorithms and sensor fusion” to create a seamless experience for customers.</p> <p>The concept of walking into a store and out again without any interaction with employees or payments might sound alien – but it’s designed to make shopping as hassle-free as possible.</p> <p>It’s also the antithesis of many retail marketing strategies.</p> <p>Instead of interrupting customers as they use technology, or asking them to interact with the brand online (“like our Facebook page”), Amazon wants the technology to stay hidden (though you do need to have downloaded Amazon's app beforehand).</p> <p>From the success of companies like Uber and <a href="https://econsultancy.com/blog/68375-airbnb-how-its-customer-experience-is-revolutionising-the-travel-industry/" target="_blank">Airbnb</a>, it is obvious that customers crave this kind of hands-off approach. Likewise, they also favour utility and practicality over anything else. </p> <p>With brands that offer a value proposition based on ease and simplicity dominating their fields, Amazon Go aims to provide customers exactly that – without shouting about it.</p> <p><iframe src="https://www.youtube.com/embed/NrmMk1Myrxc?wmode=transparent" width="854" height="480"></iframe></p> <h3>Avoiding over-personalisation</h3> <p>By keeping track of the customer’s every move, Amazon Go will enable the brand to deliver more data-driven marketing than ever before.</p> <p>As customers, we’re used to waiving the right to privacy online, with the knowledge that brands draw on our browsing and buying behaviour in order to deliver targeted messages.</p> <p>In fact, this is now an expectation, with consumers desiring <a href="https://econsultancy.com/blog/68285-six-things-to-consider-when-implementing-personalisation/" target="_blank">greater personalisation</a> for an improved service. Think Spotify's curated playlists or Netflix's movie recommendations. </p> <p>For the first time ever, however, Amazon Go means consumers will waive their right to privacy while shopping in person. From what we put back on the shelf to the route we take while walking around the store – this information is all up for grabs.</p> <p>From a marketing perspective, this also means there is the temptation to over-egg personalisation to the point of being creepy. As a result, issues over consumer privacy could potentially be its downfall.</p> <p>Of course, retail stores have been attempting to track customers for a while, but past examples show that it’s not always accepted. US retailer Nordstrom was previously forced to stop using WiFi to monitor movement in physical stores due to uproar from customers. </p> <p>A few years down the line, will it be any different?</p> <p>Retailers do appear to be recognising that success lies in an intelligent and relevant use of data – not just blind targeting or technology for the sake of it.</p> <p>For Amazon Go, clever targeting executed in a non-intrusive way is the aim, but the question remains whether or not customers are ready and willing to accept it.</p> <p><img src="https://assets.econsultancy.com/images/0008/2835/amazon_go.jpg" alt="" width="650" height="433"></p> <h3>Altering brand perceptions</h3> <p>The Amazon Go experience does not simply end in-store. Data could be used to serve customers even more targeted offers and personalised recommendations on-site.</p> <p>This connection between the online and offline world is evidently another reason behind the ecommerce brand’s foray into retail. </p> <p>After all, a physical experience is often a much better way to create a human connection with customers - especially for a brand like Amazon, which doesn’t exactly offer the most emotionally engaging experience online.</p> <p>With a bricks-and-mortar store, it has the opportunity to break down customer expectations – namely that Amazon offers a single type of service – and reveal a completely new way of interacting with the brand.</p> <blockquote class="twitter-tweet"> <p lang="en" dir="ltr">Just finished my first trip to <a href="https://twitter.com/AmazonGoAmerica">@AmazonGoAmerica</a> !!! Looooved it!! Who's jealous??? <a href="https://twitter.com/hashtag/AmazonGo?src=hash">#AmazonGo</a> <a href="https://twitter.com/hashtag/Amazon?src=hash">#Amazon</a> <a href="https://twitter.com/hashtag/HappyAmazonian?src=hash">#HappyAmazonian</a> <a href="https://t.co/huRrtBUXHJ">pic.twitter.com/huRrtBUXHJ</a></p> — M (@ThusSpokeLadyM) <a href="https://twitter.com/ThusSpokeLadyM/status/808758908705587200">December 13, 2016</a> </blockquote> <h3>In conclusion…</h3> <p>Amazon’s cashier-free store is by no means a guaranteed success.</p> <p>Currently available for Amazon employees and due to open to the public in the near future – it is an experiment that could easily be shelved. </p> <p>However, it’s certainly an exciting development for the future of retail, and gives marketers an insight into how a seamless experience could lead to greater engagement and satisfaction from consumers.</p> tag:econsultancy.com,2008:BlogPost/68360 2016-10-05T08:56:00+01:00 2016-10-05T08:56:00+01:00 20 examples of websites following the EU cookie law: 2016 edition Nikki Gilliland <p>If you're unaware, essentially, the law means that a website should warn or flag up the fact that cookies are being used to track visitors.</p> <p>A <a href="https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2015/02/a-cookie-can-last-7984-years-according-to-new-study/">2015 report</a> highlighted the fact that the UK uses more cookies than any other EU country. </p> <p>But, <em>how</em> exactly are they letting us know?</p> <p>Here's an update on how some websites are following up on this, with compliance being broken into three categories:</p> <ul> <li>The inclusion of a link to a privacy policy.</li> <li>A small notice that cookies are being used.</li> <li>A prominent banner or pop up.</li> </ul> <h3>The inclusion of a link to a privacy policy</h3> <h3>Linkedin</h3> <p>Similar to the tactic used by Facebook, Linkedin's cookie policy link (found just above the 'join now' button) is very easy to miss.</p> <p><img src="https://assets.econsultancy.com/images/0007/9763/Linkedin_cookies.PNG" alt="" width="780" height="500"></p> <h3>Apple</h3> <p>Even more out of sight, Apple includes its hyperlink at the very bottom of its homepage.</p> <p><img src="https://assets.econsultancy.com/images/0007/9768/Apple_cookies.PNG" alt="" width="780" height="395"></p> <h3>Buzzfeed</h3> <p>While the hyperlink is subtle (top-right), it does take you through to a rather comprehensive explanation of Buzzfeed's stance on cookies.</p> <p><img src="https://assets.econsultancy.com/images/0007/9785/Buzzfeed.PNG" alt="" width="780" height="441"></p> <h3>Google</h3> <p>The world's biggest website does want to remind you of its policy, however, you can put it off if you'd like...</p> <p><img src="https://assets.econsultancy.com/images/0007/9782/Google_cookies.PNG" alt="" width="780" height="315"></p> <h3>A small notice that cookies are being used</h3> <h3>Twitter</h3> <p>Twitter lets you know right off the bat that it uses cookies. Sign up and you agree.</p> <p><img src="https://assets.econsultancy.com/images/0007/9762/Twitter_cookies.PNG" alt="" width="780" height="397"></p> <h3>Microsoft</h3> <p>Likewise, Microsoft uses the implied consent rule in order to let you know.</p> <p><img src="https://assets.econsultancy.com/images/0007/9767/Microsoft.PNG" alt="" width="780" height="408"></p> <h3>Tesco</h3> <p>Tesco's updated policy is nicely flagged with a banner at the top of its homepage.</p> <p><img src="https://assets.econsultancy.com/images/0007/9769/Tesco_cookies.PNG" alt="" width="780" height="376"></p> <h3>Missguided</h3> <p>Missguided puts a positive spin on its use of cookies, but still doesn't give you much choice in the matter.</p> <p><img src="https://assets.econsultancy.com/images/0007/9774/Missguided.PNG" alt="" width="780" height="409"></p> <h3>John Lewis</h3> <p>John Lewis does a similar thing, but this time gives you a hint that you can change it if you so desire.</p> <p><img src="https://assets.econsultancy.com/images/0007/9776/John_Lewis.PNG" alt="" width="780" height="494"></p> <h3>Spotify</h3> <p>Spotify also uses the banner technique, succintly highlighting the fact that cookies are necessary for personalisation.</p> <p><img src="https://assets.econsultancy.com/images/0007/9783/Spotify.PNG" alt="" width="780" height="435"></p> <h3>A prominent banner or pop up </h3> <h3>BBC</h3> <p>The BBC has a more in-depth explanation of its cookie policy, including options to consent or change settings.</p> <p><img src="https://assets.econsultancy.com/images/0007/9764/BBC_cookies.PNG" alt="" width="780" height="509"></p> <h3>BT</h3> <p>BT takes a similar stance, using a pop-up on the bottom-right to bring the user's attention to its policy.</p> <p><img src="https://assets.econsultancy.com/images/0007/9766/BT_cookies.PNG" alt="" width="780" height="415"></p> <h3>Zara</h3> <p>Zara's minimal design means that its pop-up is impossible to miss.</p> <p><img src="https://assets.econsultancy.com/images/0007/9781/Zara_cookies.PNG" alt="" width="780" height="490"></p> <h3>Coca Cola</h3> <p>Coca Cola's notice is also prominent, taking the implied consent approach with a 'continue' button.</p> <p><img src="https://assets.econsultancy.com/images/0007/9786/Coca_Cola_cookies.PNG" alt="" width="780" height="462"></p> <h3>Channel 4</h3> <p>One of the most wordy examples I've come across, Channel 4 uses personalised language to reassure users of data protection and security.</p> <p><img src="https://assets.econsultancy.com/images/0007/9780/Channel_4.PNG" alt="" width="780" height="515"></p> <h3>Norton</h3> <p>Perhaps unsurprisingly, security software company Norton ensures that it users will notice its policy by using a pop-up notification.</p> <p><img src="https://assets.econsultancy.com/images/0007/9773/Norton.PNG" alt="" width="780" height="500"></p> <h3> </h3> <h3>Gordons</h3> <p>One of the sneakiest tactics is to get the user to consent to cookies at the same time as logging in, or in Gordons' case, entering ID.</p> <p><img src="https://assets.econsultancy.com/images/0007/9775/Gordons_gin.PNG" alt="" width="780" height="471"></p> <h3>British Airways</h3> <p>British Airways does a similar thing, including a subtle note along with an option to choose language and country.</p> <p><img src="https://assets.econsultancy.com/images/0007/9779/British_Airways.PNG" alt="" width="780" height="460"></p> <h3> </h3> <h3>Hotel Chocolat</h3> <p>Hotel Chocolat's clever play on words is a nice touch. However, the fact that the taskbar hides the bottom of the pop-up (and the link to the policy) is a pretty big fail.</p> <p><img src="https://assets.econsultancy.com/images/0007/9819/hotel_chocolat.JPG" alt="" width="780" height="512"></p> <h3>Easyjet</h3> <p>Finally, one of the most prominent cookie policy pop-ups of all. EasyJet's notice takes over half of the entire screen, meaning users cannot fail to miss it.</p> <p><img src="https://assets.econsultancy.com/images/0007/9777/Easyjet.PNG" alt="" width="780" height="370"></p> tag:econsultancy.com,2008:BlogPost/68239 2016-09-05T14:47:57+01:00 2016-09-05T14:47:57+01:00 For IoT medical device firms, security issues are no longer just bad PR Patricio Robles <p>For obvious reasons, <a href="https://econsultancy.com/blog/68048-personal-data-and-privacy-in-the-digital-healthcare-age">privacy</a> and security concerns are of paramount importance when it comes to connected medical devices, and one medical device manufacturer, St. Jude Medical, is learning that potential problems with connected devices can be more than just a PR headache.</p> <p>On Thursday, investment firm Muddy Waters Capital <a href="http://www.muddywatersresearch.com/research/stj/mw-is-short-stj/">published</a> a research report claiming that a security flaw in St. Jude's Merlin@home device contained a security vulnerability that could potentially leave individuals with those implanted devices at risk to remote cyber attackers.</p> <p>In the report, Muddy Waters' Carson Block suggested that patients using potentially vulnerable devices should disable connectivity for their implanted devices and that St. Jude should issue a recall.</p> <p>Since nearly half of St. Jude's revenue comes from the allegedly affected devices, Block argued in his report that St. Jude could see its revenue plummet over the next two years, the length of time he believes it would take for the company to fix the problem and handle a recall.<br></p> <p><img src="https://assets.econsultancy.com/images/0007/8787/st_jude_medical.png" alt="" width="700" height="309"></p> <p>Not surprisingly, shares of St. Jude stock dropped, and trading in them was temporarily halted.</p> <p>The company's share price recovered after it issued a statement disputing Muddy Waters' claims, calling them "false and misleading," but the Food and Drug Administration (FDA) <a href="http://www.startribune.com/st-jude-medical-sharply-criticizes-short-seller-s-attack-on-its-cybersecurity/391437581/">confirmed Friday</a> that it will be looking into the matter with the Department of Homeland Security.</p> <h3>More than just a PR problem</h3> <p>One of Muddy Waters' claims, that St. Jude's implanted pacemakers could have their batteries drained by a remote attacker 50 feet away, is for obvious reasons concerning.</p> <p>St. Jude says that such claims are meritless, noting that its implanted devices only have a wireless range of seven feet after they are implanted. </p> <p>University of Michigan researchers who have tried to exploit the vulnerabilities claimed by Muddy Waters <a href="http://www.reuters.com/article/us-st-jude-medical-cyber-university-idUSKCN1152I0">said</a> the "evidence does not support [Muddy Waters'] conclusions."</p> <p>But Muddy Waters counters that in the name of responsible disclosure, it did not release all of the details of the vulnerabilities.</p> <p><em>Two of St. Jude's pacemaker products</em></p> <p><img src="https://assets.econsultancy.com/images/0007/8788/St_Jude_products.png" alt="" width="752" height="449"></p> <p>Needless to say, it's far too early to make a judgment here and, ultimately, the FDA's investigation will establish whether the claims leveled by Muddy Waters are legitimate.</p> <p>If they are, they could threaten the pending $25bn acquisition of St. Jude by Abbott Laboratories, so the stakes are high.</p> <p>Whatever the final outcome, the situation is a wake-up call to companies manufacturing connected medical devices.</p> <p>That's because, as <a href="http://www.bloomberg.com/news/articles/2016-08-25/in-an-unorthodox-move-hacking-firm-teams-up-with-short-sellers">detailed by</a> Bloomberg's Jordan Robertson and Michael Riley, the Muddy Waters vs. St. Jude battle "reveals a new front in hacking for profit."</p> <p>Muddy Waters didn't identify potential vulnerabilities in St. Jude's devices.</p> <p>They were discovered by MedSec, a cybersecurity startup, which approached the investment firm and proposed a partnership in which MedSec would give its evidence to Muddy Waters and share in the profits if Muddy Waters was able to drive St. Jude's share price down.</p> <p>As Robertson and Riley note, "bringing this kind of information to an investment firm is highly unorthodox."</p> <p>Typically, security researchers make money by bringing vulnerabilities to the attention of the companies responsible for them in exchange for monetary compensation and/or public recognition.</p> <p>Alternatively, unscrupulous researchers sell the vulnerabilities they find on the black market.</p> <p>MedSec's CEO, Justine Bone, said that:</p> <blockquote> <p>As far as we can tell, St. Jude Medical has done absolutely nothing to even meet minimum cybersecurity standards, in comparison to the other manufacturers we looked at that have made efforts.</p> </blockquote> <p>So she decided not to bring the issue to St. Jude's attention.</p> <blockquote> <p>We were worried that they would sweep this under the rug or we would find ourselves in some sort of a hush litigation situation where patients were unaware of the risks they were facing.</p> <p>We partnered with Muddy Waters because they have a great history of holding large corporations accountable.</p> </blockquote> <p>While MedSec's decision is sparking debate over the ethics of security researchers, the message to companies that are involved with connected devices involving health and medicine is clear: Privacy and security must be top of mind as they have the potential to cause real wounds, not just PR scrapes.</p> <p>Interests with sophisticated tools, big bank accounts and media megaphones are increasingly going to be looking for problems, and when they think they find them, they're going to look to inflict damage, even if it's in the name of accountability.</p>