Long before Verified Data existed, I spent years conducting manual audits of Google Analytics implementations for large organisations around the world.
The reason was simple: despite significant investment in analytics, many organisations had little understanding of whether their data was accurate, complete, or being collected in accordance with their own requirements.
To quantify the problem, I reviewed 75 enterprise Google Analytics implementations across multiple industries. The findings were striking. Configuration errors, broken tracking, missing data, duplicate data collection, incorrect attribution, and poor governance were far more common than most organisations realised.
At the time, these audits were performed entirely by hand. Each review required detailed inspection, testing, validation, and documentation. While effective, the process was time-consuming, expensive, and difficult to scale.
That experience ultimately became the inspiration for Verified Data.
The same question that drove those early analytics audits continues to drive my work today:
Key Findings of the Original Study
The study revealed that data quality problems were remarkably consistent regardless of industry, geography, or website type. Whether auditing retailers, publishers, financial services firms, government organisations, B2B companies, or e-commerce sites, the same issues appeared again and again.
Perhaps most concerning was the prevalence of privacy-related issues. Approximately one in five websites audited was collecting personally identifiable information (PII) through Google Analytics, often without the organisation being aware of it. In many cases, names, email addresses, customer identifiers, or other sensitive information were inadvertently being transmitted through URLs, forms, or tracking configurations.
The findings challenged a common assumption that larger organisations, bigger budgets, or more sophisticated digital teams naturally lead to better data governance. In reality, implementation errors were widespread and often remained undiscovered for years.
Can organisations trust what their websites are actually doing?
Looking back, the most important lesson from the study was that website behaviour should never be assumed. Whether the objective is accurate analytics, privacy compliance, consent management, or governance, independent verification remains essential.
The technology landscape has changed considerably since those audits were conducted, but the underlying challenge has not. Organisations continue to make decisions based on data and systems they rarely inspect in detail.
The original study remains a reminder that digital blind spots are often far more common than people think.
Watch my original presentation of study to explore the findings in more detail.