Beautiful, Secure, Privacy-Respecting Laptops, Tablets, PCs, and Phones

Latest posts by Purism (see all)

Updated: 2024-01-05 Adding how Purism handles outreach into dystopia and uses third-party tools to educate about switching to Purism (utopia).
Updated: 2024-01-06 Listing examples of internal (utopian) tools and external (dystopian) tools.

In a previous post, “Is Ethical Advertising Possible?” We talked about the internal discussions we were having as we looked to expand our marketing efforts beyond what we’d done in the past. One of the reasons for that post was to explain our current thinking both so everyone knew where we were coming from, and so that we could get feedback from the community. We’ve really appreciated the feedback we’ve gotten so far and we have combined it with our own internal discussions to create an initial draft of what we are calling our Ethical Marketing Principles. We will use this as a guiding document for which marketing methods are acceptable and which aren’t for us from this point on.

Ethical Marketing Principles

This document serves to provide a set of high-level guiding principles we can use to direct which marketing practices fit within Purism’s social purpose as dictated by our Articles of Incorporation and our Digital Bill of Rights. While this document will list some examples of dos and don’ts, those examples will not be all-inclusive and shouldn’t be treated as a final list of what is allowed or not.

This is a living document. As we start applying these principles to our marketing decisions, we will very likely come across edge cases that will require more clarity. New technology advances may also provide new edge cases that don’t fit neatly into our principles. We may also find unforeseen consequences in actions that seem to conform to these principles at first. In all these cases we will likely need to amend this document.

Ultimately, the goal is to treat our customers ethically and to respect their privacy. Privacy, like clothing, is not one-size-fits-all. What one person feels free to share, another may feel is extremely private. Some people are comfortable wearing revealing clothing while others prefer to cover up. When in doubt, we will err on the side of being more conservative, but wherever we draw the line, some people will feel it’s too far and others not far enough.

Respect Privacy, Don’t Creep

As a general guiding principle, we mustn’t be creepy. This is subjective as people have different thresholds for what they find creepy. That said, we must not do to our customers things that we would find creepy if done to us. The digital world makes it easy to abstract away creepiness. When in doubt, attempt to map digital forms of tracking to the physical world as a smell test. An example of what we find acceptable, if you are living in dystopia and subject to tracking on third-party sites, we will advertise and use the tools those third-party sites have to reach you; however once you are a customer of ours using our products and in our customer database you have left dystopia and we will not use third-party tools on our customers. A concrete example of this is Google Analytics; we will use GA to market in dystopia or landing pages that market to dystopia, but our main site and contents will not have Google Analytics (reinforcing that we will reach out to market wider on these platforms and once you are a customer avoid those tools for all future interactions with you).

Respect Anonymity, Don’t Track

People must be free to visit our site without being identified and tracked between visits. In particular this means for our main site we must not use tracking cookies that can distinguish and identify a particular person between visits. We must also not use tracking pixels in our emails to show when previous customers opens or reads an email. If we use UTM links, they must not be unique-per-person but instead be generic so we can identify traffic from a particular platform or marketing campaign without identifying the individual who clicked them.

Collecting IP addresses and basic self-reported User Agents as part of web logs is acceptable and somewhat unavoidable, and can be used to distinguish a particular web session, but by itself isn’t enough to truly distinguish one individual from another (many people might share an IP address when on a shared network such at an office or on public WiFi, many people use the same browser). If a particular visitor visits us from multiple networks and did not sign into their account on our site, or perform some other obvious opt-in to identify themselves, we must not be able to identify that it’s the same person.

Respect Preferences, Don’t Spam

We must only contact people who have demonstrated (by opting in) they would like us to contact them. We must not rely on opt-out (as that often targets the laziness, haste or inattention of someone to uncheck a box), but must require opt-in (such as checking a “you can email me” box that defaults to being unchecked).

If after opting in, someone no longer wants to receive marketing from us, we must honor their preferences. For example, we must not send an email promotion announcing a sale to all of our past customers if someone on that list requested to be removed.

Delete Data, Don’t Hoard

Data is Uranium. We must collect only the data we need to do a particular task, no more, and we must delete data when we no longer need it. This means routinely removing the base data that is used to generate reports once we have those reports for a particular period of time. In general we must take a minimalist approach to data collection, which is in contrast to the “collect and save everything” mentality that is present in most marketing. We must self-host as much as possible, and avoid using 3rd party tools for data collection/analysis (such as Google Analytics) on our main site (we will use these tools to market and reach a wider audience outside our main site or on landing pages) as we cannot guarantee they will protect customer data as much as we will.

Respect Transparency, Don’t Pay-to-Play

We are sometimes contacted by firms that initially want to interview us for a news piece and ultimately we discover that they want us to pay them to publish the news piece (so it is essentially an ad disguised as a legitimate interview). We don’t do “Pay to Play” articles. Reviewers/influencers who are provided our products either to loan or to keep should disclose it in their review. If we purchase an ad on another platform, it must be labeled as such, not appear to be an article or news piece.

This also extends to other deceptive opt-in/opt-out dialogs for data collection that aim to confuse or hide what data is being collected.

Respect Rights, Don’t Launder

We mustn’t hire third parties to do things that violate our privacy policies, just so we aren’t doing them as a technicality. At the same time, we must acknowledge we can’t control what data brokers in “dystopia” do with customers that visit their sites. In the interest of reaching people who only live in “dystopia”, we may purchase ads on sites that do not respect their visitors’ privacy. However, we must not “launder” privacy invasions by having third parties do it on our behalf so our hands stay clean. If we were to hire a 3rd party to spam for us, we are still spamming. If we were to store data indefinitely on a 3rd party’s analysis platform, we are hoarding data.

This extends to using features on third party marketing platforms that can only exist by violating our policies. As a specific example, ad platforms often use tracking cookies to keep track of which sites an individual visits, and then sells access to that data to ad buyers to show ads to people who visit certain sites. By using that feature we would be enabling tracking/identifying of individuals in a way that violates our policies. This is separate from, for instance, purchasing an ad to display on a particular site because we believe visitors on that site might be interested in us (that’s similar to buying an ad in a magazine), or bidding on keywords to trigger our ads (which are based on search terms visitors intentionally volunteer). To drive the point home, our main site will not use Google Analytics, but sub domain landing pages or third party pages we market on or drive traffic toward or other platforms we market on will use Google Analytics to market into dystopia.

As a concrete example, Purism will market using dystopian tools such as Google Analytics to reach customers outside our main site, such as sub domain landing pages, or third party sites. Purism will not share our main site nor customer database with third-parties. Recently Purism was asked to offer a loyalty program on a third-party site by allowing the cross referencing of our customer data, Purism refused and found an alternative way to offer promotions based on a time window (3 days of promotion, as well as generic coupon code), rather than share customer emails with a third-party platform.

Internal (Utopian) Tools

An example list of internal self-hosted tools that we consider untouchable by third-parties:

  • Main site: all things from https://puri.sm/ should be self hosted and contained with our domain
  • Purism self-hosted Matomo (with limited web analytics)
  • Purism Site media and resources are self-hosted within domain
  • Purism Mailing lists of current subscribers and current customers
  • Purism Customer data (barring shipping details with shipping carriers)
  • Librem One tools
  • Purism Forums
  • Purism Blog

An example list of external third-party tools that we consider dystopian, that when utilized are targeting potential customers in dystopia:

  • Social Media (X, FB, LI, etc).
  • All forms of third party advertising
  • Landing pages not part of our main site in sub domains
  • All forms of third party marketing
  • Third Party sites

Feedback Welcome

As we mention at the beginning, our Ethical Marketing Principles is a living document that we intend to modify over time in response to new questions that come up as we expand our marketing. We also always want to hear from you about what marketing approaches you find creepy and how you feel about our current approach.

Recent Posts

Related Content