Almost one-quarter of Canadian business leaders are not aware that third parties can install code on their websites without their consent, leading to the potential for privacy issues, according to a survey released today by productivity software vendor Zoho. The research was conducted in November 2020 among 1,416 businesses in the U.S. and Canada by research firm CRM Essentials on Zoho’s behalf, and it painted a disturbing picture.
Twice as many businesses in Canada as in the U.S. (23 per cent vs 10.7 per cent) were unaware that the add-ins on their websites that they use for tracking, comment management, forms, and other functions may, in turn, install additional trackers that gather terrifying amounts of potentially sensitive information, including IP addresses, behavioural data, social activity, transactional data, feedback, application usage data. It can even gather information about a user’s devices and browsers, as illustrated by a recent article on The Markup, a nonprofit news site that investigates how technology is being used to change our society. Worse, most of the companies that know about these trackers do not notify their users about them; only 19 per cent in Canada and 11.5 per cent in the U.S. said they do so.
“Given the importance of data privacy and transparency, it’s quite surprising that so few Canadian businesses inform their website visitors about the third-party tracking on their sites,” said Chandrasekar LSP, Product Evangelist at Zoho. “Especially at a time when data privacy laws are in a state of transition in Canada, this is a missed opportunity for businesses to take data privacy into their own hands and further establish trust with their customer base. I would expect every business to highlight their website tracking policies.”
Also:
Canada has ‘clearly fallen behind’ other countries in privacy law, says privacy commissionerÂ
However, only 39.7 per cent of Canadian businesses surveyed have well-defined documented customer data privacy policies that are strictly enforced, well below the U.S.’s 62.2 per cent. This did not significantly differ by company size in Canada, although more mid-sized U.S. respondents (101 – 1000 employees) had strictly enforced policies than their larger or smaller compatriots.
Differences among industry sectors were also pronounced. For example, 41.2 per cent of Canadian public sector organizations have strictly enforced policies, compared to 58.8 per cent in the U.S., healthcare was 41.9 per cent vs 50 per cent in the U.S., and financial services and insurance was 44 per cent vs the U.S.’s 61.2 per cent. Technology fared no better: 43.7 percent in Canada vs 67.6 percent in the U.S. Among telecommunications companies in the U.S., 83.3 per cent have strictly enforced privacy policies, compared to a mere 45.5 per cent in Canada.
Comfort levels also vary. In Canada, 21.6 per cent said that third-party vendors have done a good job in explaining how the data collected will be used, and only 11.8 percent are very comfortable with the way third-party ad platforms use customer data. In the U.S., almost twice as many (41.1 percent) think those vendors are doing a good job explaining, and almost three times as many (34.5 per cent) are very comfortable with the way customer data is used.
“What you’re seeing here is surveillance capitalism,” LSP explained. “People, in the name of hyper-personalization, give up so much of information about every visitor who comes to their website, and they don’t even know what that information is, number one, and they don’t even know how that information is being used by these big tech companies to further make their suggestion engines better, to help them target their ads in a more effective way to people who are browsing the internet. When you actually look at the impact of what this is doing, it is enormous.”
For example, he noted, a client could pay the ad company to show its ads to people who have visited a rival’s website, effectively using the rival’s tracking information against it. “[The harvested information] is enhancing their suggestion engines, it’s enhancing their machine learning capabilities,” he said. “You are actually donating to them. These are your assets, per se, but you’re just donating it to them.”
However, companies persist in using third-party platforms for one reason: It helps meet their sales objectives. In Canada, 21.8 per cent of respondents said the platforms were a primary factor in their ability to meet their sales objectives, with an additional 54.9 per cent saying the platforms had been helpful. In the U.S., twice as many (43.3 per cent) labelled the platforms as a primary enabler, while 39.4 per cent said they were helpful.
“The lack of data surveillance transparency is similarly bad on both sides of the border, however, U.S. businesses have a better sense of how their third-party data is used, especially when it comes to using that data for marketing,” said Brent Leary, co-founder and partner of CRM Essentials. “Both U.S. and Canadian businesses may want to consider a privacy commitment similar to Zoho’s, which states that it will not share or sell visitor or customer data. Even if they find it difficult to reach that level, they can and should do much better than they are today”
