Those who create and author technical systems can and do impose their politics, beliefs, and inclinations onto how technology is perceived, used, and understood. On the Internet, this unfortunately means that the technically savvy often recommend choices to users who are less knowledgeable. A number of these recommendations are tainted by existing biases, legal (mis)understandings, or stakeholder gamesmanship. In the case of website development firms, such as Weebly, recommendations can lead users to violate terms of service and legal provisions to the detriment of those users. In essence, bad advice from firms like Weebly can lead to harms befalling their blissfully ignorant users.
In this short post, I talk about how Weebly blatantly encourages its customers to conduct surveillance on websites without telling them of their obligations to notify website visitors that surveillance is being conducted. I also note how the company deceives those visiting Weebly’s own properties by obfuscating whether information is collected and who is involved in the collection of visitors’ data. I conclude by briefly noting that Google ought to behave responsibly and publicly call out, and lean on, the company to ensure that Google’s Analytics product is used responsibly and in concordance with its terms of service.
What is Weebly Doing?
Weebly is a company driven to help people get online. To this end, they provide an easy to use interface that lets Weebly customers create websites. Its day-to-day functionality in designing and creating webpages have already been reviewed, so that’s not going to be something I address. Instead, I identify two problems: First, how the company instructs users to use Google Analytics; second, the company’s failure to disclose that they are applying Google Analytics to their users’ webpage without imposing privacy notices on users’ sites that disclose this practice.
Weebly may automatically receive and record information on our server logs from your browser, including your IP address, cookies, and the pages you request. We also may collect other use information as part of our analytics services, in order to improve the service.
This ‘misguidance’ is compounded by their possession of a TRUSTe privacy seal. The seal is intended to demonstrate the company’s commitment to privacy, though as discussed by Bennett and Raab (2006) “there is no provision in the TRUSTe program for an onsite examination of a site’s privacy practices as a precondition for receiving the TRUSTe mark. In the case of a privacy violation, licensee sites are contractually liable to a more comprehensive examination of its privacy practices. A TRUSTe-designated public accounting firm will then investigate the alleged violations. However, this comprehensive examination is only performed “for cause” at TRUSTe request in response to formally stated concerned about a licensed site’s compliance with the TRUSTe requirements” (165). In aggregate, Weebly is intentionally, and actively, contributing to not just the surveillance of visitors to its properties, but to masking its actual business practices whilst representing itself as a ‘privacy friendly’ corporation.
Google Needs to Step Up
Would this process be more onerous than Google’s current ‘please read a lot of legal text and then add something to your website’ whilst relying on ‘Scout’s honour’? Yes. Would doing so contribute to making people a little more aware of the magnitude of online surveillance? Yes. Would such an action comply with the Google’s mantra of ‘Do no evil?’ Yes.
Google demands that a very low baseline be met as a condition of using Analytics to surveil web visitors: the company should be obliged to ensure that the baseline is met and, where it isn’t, apply consequences for violating Google’s terms of service. If Google can take a hard line on pseudonyms on their social networking service, why can’t they take a similar line concerning the use of the company’s older Analytics product?
Weebly automatically receives and records information on our server logs from your browser, including your IP address, cookies, and the pages you request. We also collect other use information as part of our analytics services, in order to improve the service. However, we do not link such information to any personally identifiable information you submit while on our site.
Weebly may use or share your personal information where it is necessary to complete a transaction, to operate or improve the Weebly products and services, or to do something that you have asked us to do. We use other third parties such as a credit card processing company to bill you for goods and services. These third parties are prohibited from using your personally identifiable information for promotional purposes.
C. J. Bennett and C. D. Raab. (2006). The Governance of Privacy: Policy Instruments in Global Perspective. Cambridge, Mass.: The MIT Press.