Privacy implications of displaying visitor name in page title?

Discussion in 'Web Design and Development' started by slightly, Apr 17, 2009.

  1. slightly macrumors regular

    slightly

    Joined:
    Mar 14, 2003
    Location:
    Beacon, NY
    #1
    Hey guys.

    I administer a small business website which runs a database of actors and extras. We have maybe 500 people on the books, and each of them is able to log in and work on their profile, which get searched on by the company's clients (production companies, etc).

    I just got Woopra configured, and, although it's still in beta development, it's obviously got a lot of potential. I love the way that you can see "live" hits on the site for each page visit.

    I then thought how potentially useful it would be to add the visitor's name in the appropriate page titles (eg, when they're editing their profile), so that me or my fellow Woopra admins can see the artist's names as they're working on the pages. So rather than displaying

    My Site - Edit Profile

    it would say something like

    My Site - Edit Profile - John Smith

    So my client would know "Ah, there's John updating his profile" and possibly use the Woopra features like live chat (which doesn't work right now) to help them out.

    Obviously there are ways of tracking our users' visits through the PHP/database itself, which may well be better, but I was curious about the privacy implications of displaying someone's name in the title of the page. Does that create more exposure than displaying it in the page's content? Let's say that the visitor was updating their profile from their office day job at lunchtime - would an IT admin be able to view page titles from a connection log?

    Our web pages aren't secured, so I don't know that there's necessarily any expectation of privacy, but ... well, anyway, I'm interested to know whether anyone has had any thoughts or experiences with this issue.

    Thanks!

    Matt
     
  2. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #2
    The title tag isn't logged in the web server access logs or anything so I don't see any privacy issues being brought up. The title tag is pretty much between the browser and the user.

    An admin could potentially look at the a log and see any URL arguments (edit_profile.php?name=john) that may lead them to the person's name, but that's about it.
     
  3. SrWebDeveloper macrumors 68000

    SrWebDeveloper

    Joined:
    Dec 7, 2007
    Location:
    Alexandria, VA, USA
    #3
    You should include that information in your privacy policy page, and create one and link it in the footer if you don't have one, at minimum.

    You should also look into P3P which is a W3C guideline for creating browser privacy policies - i.e. you use a simple tool offline to generate a privacy policy, it's exported in XML format and you upload/link the files in your web page and very simply HTML into the head section to make it work. The user then can view the policy through their security settings in their own browser for your domain/site.

    P3P tutorial (links on the right for implementation and deployment)
    Download the FREE policy maker here (Java, runs on any platform)

    BTW, the software I suggest also validates as you work on the policy and has an error tab showing you warnings and errors. Very nice, and free.

    This is the sensible approach you should take when you run an online business and/or legal concerns play a role.

    -jim
     

Share This Page