As the World Wide Web evolves into an increasingly dynamic channel for marketing and commerce, web sites are becoming mission-critical components of overall business strategies. Sophisticated businesses no longer view the web as a venue of relatively anonymous transactions, but as a crucial point of contact between the business and its customers—a place where lasting customer relationships can be forged and maintained. Businesses realize that, at each point of customer contact, significant amounts of data are being gathered and stored. The data from these disparate systems needs to be sorted, merged and coalesced into meaningful business information.
Companies for whom the Internet is a primary, if not the primary, conduit for managing customer relationships have invested heavily in their online businesses. To measure the return on this investment, and make the most of the web-marketing channel, managers need an E-Business Data Warehouse solution that can provide answers to the following types of questions:                Who are our best prospects and why?        Where are our most profitable customers coming from . . . which of our partner refers them to our site?        Which of our banner ad campaigns is driving the most qualified traffic to our site?        Which banner ad is generating the most revenue?        Which banner ad has the best buy versus browse ratio?        Which products are selling best online and why?        How many new or repeat visitors come to our site in a given time period?        What is the percentage and total number of new customers, existing customers, browsers for a given time period?        What is the conversion ratio for all customers coming to the site, by referral, by customer segment?        What is the average number of browse sessions prior to first purchase, second purchase, . . . nth purchase, by customer segment over a given time frame?        
Whereas the success of a company's web site was once measured in hits and page views, with the web master as primary audience for reports based on those metrics, the performance and information obtained from the web site is now critical to many members of the organization. To answer questions like the samples above, an E-Business Data Warehouse solution must be able to correlate click stream data with data from other disparate sources and transform it into actionable information available to users throughout the Enterprise.
While understanding online customers is necessary for an E-Business company's success, and extracting business information from web site traffic is imperative, web site complexity is growing exponentially. Today's complex web sites often employ geographically distributed servers and a mix of solutions, e.g., Ad Servers, Application Servers, Profile Servers, Content Management Systems and various Personalization technologies, to offer visitors a richer, more dynamic personal experience in the hope of turning those visitors into loyal customers. In addition, more and more companies are moving traditional business applications to the web and linking back-office systems to their online environments. These complex information architectures linking intranets, extranets and the Internet create vast amounts of raw data. The resulting site complexity, disparate data sources, and data volumes makes accurate and complete customer analysis difficult to impossible for most vendor solutions.
NCR Corporation has developed an E-Business Data Warehouse solution to provide the answers, embedded in this complex E-Business environment, to questions about online customers. NCR Corporation's E-Business Data warehouse solution, referred to herein as the Teradata Solutions for E-Business (TSEB), provides the decision support engine and surrounding technology to turn disparate customer information into knowledge. The ability to easily handle large amounts of data coupled with the ability to integrate data from many sources allows NCR Corporation to provide the most robust and scalable complete E-Business Data Warehouse Solution available in the industry.
Within any system including a depository of customer-related information, protection of personal privacy and customer privacy preferences is an important concern. Currently, there is no uniform set of laws, regulations, or conventions for E-Businesses to apply toward this problem. On the contrary, there are very different laws, conventions, and standards in play throughout the world—particularly between the United States and Europe. Following is a very brief summary of the latest versions of such regulations.
P3P or Platform for Privacy Preference was developed by the World-Wide Web Consortium (W3C). It, is the emerging US standard. It provides a standard XML based schema for defining a Web Site Privacy policy, a personal profile and personal privacy rules as well as a protocol to be used by privacy agent software to negotiate between a site and a consumer. P3P defines 15 basic privacy categories. Consumer consent can be given at the category level or at a more granular element level.
The Children Online Privacy Privacy Protection Act (COPPA) was developed by the Federal Trade Commission (FTC). It went into law on Oct. 21, 1998. It requires certain commercial sites to get explicit verifiable parental consent before collecting, using or disclosing personal information from children under 13. The sites must also prominently display their privacy policy which states what data is being collected and how it will be used.
The European Directive 95/46/EC, supplemented in 97/66/EC provides European consumers with rights relative to notice, explanation of the logic behind automatic processing, correction/deletion/blocking and the right to object. It also imposes responsibilities on the data administrators to only keep the data as long as necessary, prevent unauthorized access, insure data accuracy etc. In the case of sensitive data such as racial/ethnic, political, religious, philosophical, etc. the EU directive requires an explicit opt-in. Additionally it offers the consumers the right to opt-out of Automated Decisions.
The standards distinguish between different types of consent: Direct Marketing, 3rd party disclosure, and Affiliate disclosure. The EU adds Sensitive Data consent (explicit opt-in) and Automated decision code.
On Jul. 27, 2000 the Network Advertising Initiative (NAI) with the support of the FTC announced an agreement that requires explicit opt-in for the merger of Personally Identifiable Information (PII) with previously collected non-PII. They also agreed not to use PII about sensitive data (medical, financial etc). This agreement has implication on the Data Warehouse privacy design as well.
The above standards do not guarantee that the E-Commerce companies are actually executing on their policies as stated. The Online Privacy Alliance, of which NCR is a founding member, encourages the use of independent privacy auditors who assess the business' conformance to its published privacy policy. These companies, such as TRUSTe and BBB Online, award a business a “Seal of Compliance” when their privacy practices are in conformance. Auditing requires tracking of historical consent code updates.
What is needed is an extensible solution that can encompass known laws and standards and dynamically control access to personal information that may be used by analytical applications, e.g., reports, statistical models, etc. For example, the solution should limit access to personal information on minors for an application executing in the United States, but would need to enable access to that information to that same application executing in a European county.