The Web Analytics blogosphere is likely to have passionate views in regard to this opinion. So far, one of the most interesting post comes from the Web Analytics Yahoo group. The argument is simple, evident, and clearly expressed: there is already a user consent for anonymous data collection covered by privacy policies posted on any serious web site.
My contribution to this discussion is in regard to PIPEDA, the Personal Information Protection and Electronic Document Act, the Canadian law that governs the collection of private information. In a nutshell, that means the information must be:
- gathered with the user's consent
- collected for a reasonable purpose
- used only for the limited purposes for which it was gathered
- open for your inspection and correction
- stored securely
- Identifying purposes
- Limiting collection
- Limiting use, disclosure, and retention
- Individual access
- Challenging compliance
The W3C also offers some guidelines in the form of "P3P: The Platform for Privacy Preference". Although not widely used so far, I think sites offering the information about their P3P policy have an advantage:
The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit.P.S. Note the province of Quebec is governed by a similar act named "An Act respecting the protection of personal information in the private sector"