Session replay scripts: A privacy analysis

Session replay scripts record a user's actions while visiting a website or using a computer application. These recordings are typically sent to third party companies whose stated purpose is to analyze the recordings to help correct bottlenecks and illuminate problems that are difficult for users to navigate. We examine how session replay scripts are being marketed and how they are used by application developers. The extent of gathered data is intrusive, often going beyond the stated objectives, and often collected without users' knowledge. Using Nissenbaum's privacy as contextual integrity framework, we demonstrate how replay scripts violate the norms of both appropriateness and distribution, and hence the privacy of the user. We examine two scenarios: one where the session replay data are sent back to the application developer, and another where captured data are sent to third party companies. We compare the scenarios to two analogous situations: surveys taken at a museum and video surveillance in a brick-and-mortar store. We analyze in detail the case of FullStory, a vendor of session replay scripts. In conclusion, we offer suggestions on how to preserve private information in both scenarios.