Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

‘Don’t Be Google’: The Rise of Privacy Focused Startups

Google once used the slogan “don’t be evil” to distinguish itself from its competitors, but now a growing number of pro-privacy startups are rallying to the mantra “don’t be Google”.

They are taking on Google Analytics, a product used by more than half of the world’s websites to understand people’s browsing habits.

Google once used the slogan “don’t be evil” to distinguish itself from its competitors, but now a growing number of pro-privacy startups are rallying to the mantra “don’t be Google”.

They are taking on Google Analytics, a product used by more than half of the world’s websites to understand people’s browsing habits.

“Google made a lot of good tools for a lot of people,” says Marko Saric, a Dane living in Belgium who set up Plausible Analytics in Estonia in 2019.

“But over the years they changed their approach without really thinking what is right, what is wrong, what is evil, what is not.”

Saric and many others are benefitting from GDPR, a European privacy regulation introduced in 2018 to control who can access personal data.

Last week, France followed Austria in declaring Google’s practice of transferring personal data from the EU to its US servers was illegal under GDPR because the country does not have adequate protections.

Google disagrees, saying the data is anonymised and the scenarios envisaged in Europe are hypothetical.

Nevertheless, startups see an opening in a true David vs Goliath battle.

“The week that Google Analytics was ruled illegal by the Austrian DPA (data protection authority) was a good week for us,” says Paul Jarvis, who runs Fathom Analytics from his home in Vancouver Island, Canada.

He says new subscriptions tripled over that week, though he does not give exact numbers.

Google dominates the analytics market with 57% of all websites using its service, according to survey group W3Techs. The best-established privacy-focused tool, Matomo, accounts for 1% of websites.

The smaller players know they are not going to overturn Google’s domination, rather their aim is to inject a bit of fairness and choice into the market.

– ‘Behemoth’ application –

The supercharging moment for pro-privacy software developers came in 2013 when former CIA contractor Edward Snowden revealed how US security agencies were engaged in mass surveillance.

“We already knew some of it,” says Matomo founder Matthieu Aubry. “But when he came out, we had proof that we weren’t just paranoid or making stuff up.”

Snowden showed how the US National Security Agency, aided by a system of secret courts, was able to gather personal data from users of websites including Google, Facebook and Microsoft.

Snowden’s revelations helped to solidify support across Europe for its new privacy regulation and inspired software developers to make privacy central to their products.

The first thing the startups have taken aim at is the sheer complexity of Google Analytics.

“You have 1,000 different dashboards and all this data, but it doesn’t help you if you don’t understand it,” says Michael Neuhauser, who launched Fair Analytics last month.

Jarvis, who had previously trained people to use Google Analytics, describes it as a “behemoth”.

Unlike Google, the privacy-focused products do not use cookies to track users around the web and offer a much simpler array of data, helping them to keep within the boundaries of GDPR.

And they all make this a key selling point on their websites.

– ‘An alternative internet’ –

But making a living from these tools is no mean feat.

Saric of Plausible and Jarvis of Fathom both sank time and money into their projects before they could pay themselves a wage.

Both firms still operate with a startup mentality — tiny teams working remotely across countries having direct contact with clients.

Aubry, who founded Matomo in 2007 when he was in his early 20s, remembers being in a similar position.

“For a long time, we didn’t even have a business around the project, it was pure community,” says the Frenchman from his home in Wellington, New Zealand.

But he says his firm now has global reach and he wants to help create “an alternative internet” not dominated by big tech.

His peers are at a much earlier stage but they certainly agree with the sentiment.

Jarvis reckons anyone switching from a big tech product is “a win for privacy” and helps to create a fairer system.

But a huge barrier remains: Google can afford to offer its tools for free, whereas the smaller firms need clients to pay, even if just a few dollars a month.

The privacy-focused firms say it is time to overhaul our understanding of these transactions.

“All of these free products that we use and love, we’re not paying for them with money, we’re paying for them with data and privacy,” says Jarvis.

“We charge money for our product because it’s just a more honest business model.”

Related: France Hits Google, Facebook With Huge Fines Over ‘Cookies’

Related: DC, 3 States Sue Google Saying it Invades Users’ Privacy

Related: Google Loses Appeal Against 50-Mn-Euro French Fine

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.