I particularly like Stack Overflow as an example here. You can visit Stack Overflow and ask a question, all without having to create a profile. You are given a name, given a profile, and given most of what a regular user gets.
As soon as you do decide to sign up "for real", your temporary profile is turned into a real profile. The biggest difference being that you're not cookie-based (you can log in to the profile from other machines).
Despite Jeff Atwood complaining loudly about how so many users have stayed cookie-based for so long, Stack Overflow has gone to great lengths to make sure their site is completely usable with a minimum of hassle, which makes it a much better site in my eyes.
Of course, not having to register is completely by design and almost certainly never going to change, it's such an obvious win from a user experience point of view.
Disclaimer: Stack Exchange employee.
And yet so few implement this.
By the way, I think it only really became obvious, to me at least, when StackOverflow implemented that design.
Ultimately the best companies are those who are passionate about their users and willing to go to considerable efforts to do things which have no other goal but making users happy.
This is the only site I've used where the username doesn't have to be unique!
I knew an engineer who interned at Amazon who's responsibility was to maintain this legacy system as there were still quite a number of active accounts that shared the same email address.
And by most, I mean a huge majority, like 90%+.
I'm not aware of any studies though, does anyone have any study to link to?
For example, we all know Facebook is huge, and many people give up all sorts of personal data to the company running it. And yet, on several recent occasions when Facebook have made changes that they were demonstrably technically capable of making and arguably within their legal rights to make, but which diminished the privacy of their users, the outcry from the user base was substantial and in some cases they gave up and essentially reverted the changes.
That was basically a PR/marketing move by Facebook: when you rely on critical mass of users in the way they do, you can't afford to upset people en masse so that they start to drift away to a rival service. It wasn't forced on them for technical reasons, and relatively few countries raised significant legal concerns about the privacy implications.
I wonder whether users would be similarly upset if they realised how much of their "private" data has been shared with other parties over the years, and where it has wound up, and how many people have wound up defrauded/stalked/otherwise genuinely damaged as a result. I think there's an element of "It can't happen to me" at work here, and my biggest worry is that as we've seen recently with organisations like Sony, corporate complacency and denial are no substitute for real security and privacy protection when Bad People decide to come after you.
[Edit: I would also be interested in proper studies if anyone has links, but only if their methodology is sound. I am reminded of the "study" last year about attitudes to the virtual strip search machines at airports, where apparently 90% of people in my country said they supported them. When asked with different wording in another study, not conducted by an organisation with ties to making the machines in question, it turned out that many of those people really meant that they preferred the hands-off abuse of the machines to being physically abused during an aggressive pat-down, which isn't the same thing at all. Privacy studies are all about how you phrase the question, and those with vested interests are very good at that sort of thing.]
An hour later, when I went to youtube.com (main page) to look for a different old game video, I noticed the frontpage suggestions were the same as alongside when I watched the video. Quite a basic guess of what the user wants but seems effective to me.
Although I have an account with youtube, I rarely log in. What's the point?
Apparently, so do some other people, because it is almost certainly becoming illegal throughout Europe as the recent rules on privacy/cookies take effect.
Songkick (http://songkick.com) nails this for first time users.
You can go to the site and start tracking favorite bands without providing any sign up info. Only after you have tracked a reasonably large number of bands and you're invested in your list does it ask you to sign up.
(I'm not affiliated with them, I was just impressed by the workflow)
Too bad, it was really good the other way.
What about if the user isn't allowing data to be stored, is using a vpn or proxy, a dynamic IP, or something else that prevents you from "storing activity"/comparing/etc.. I've seen this done before to target advertising to phantom users on adult sites, it doesn't work. Most of those people who aren't logging don't won't to log in/participate and "comparing activity" isn't exactly a piece of cake and is depending on those users having cooperating connections. You might argue that these people are fringe users but even then I doubt the ability/feasibility to accurately retain and compare data usefully and not just using IP or something to compare visits.
I'm not sure I follow you.
If a user isn't one of the "fringe" group which doesn't allow cookies, then you can store a cookie identifying the user to you, create a profile for them as if they are a regular user, and track anything you want. You can treat them like regular users, or treat them in a special way, but either way you can store any information you want.
What my framework (Django) does, and I assume this is simialr to other frameworks, is this: it creates a user object (see note) in the database, then keeps the user object id in a cookie on the user's computer. This is, by Django's default, kept on the user's computer for 2 weeks before being removed (and it can be made to never be removed).
Using this, you can store any information you want about a user in their user object in the database, and always have that information available to you via the cookie.
Note: by default, Django creates an "AnonymousUser" object for each visitor, not a real user object, and it is up to the site to create an actual user object. To implement that "PhantomProfile" that Fred Wilson is talking about, I usually make Django create a new user object with a temporary username, and use this instead of AnonymousUser objects. In this way, when they do decide to "register", I just keep the same user object and give it a new username.
And the 1% rule: