Granular Tracking Controls in Customer Insights – Journeys: A Privacy-First Must for Regulated Organizations

by gustaf | Feb 14, 2026

Organizations operating under strict privacy, consent, and compliance frameworks—especially in regulated industries like finance, insurance, and healthcare—often need to treat different tracking mechanisms differently.

That’s where a growing limitation in Customer Insights – Journeys becomes clear: today, tracking is largely governed by a single global toggle that controls multiple behaviors at once.

The challenge with “all-or-nothing” tracking

In many real-world compliance setups, the various tracking mechanisms don’t carry the same legal risk or consent requirements. Yet, they’re currently bundled together:

• Email open tracking (pixel-based)
• Link click tracking
• Web tracking
• Form prefill
• UTM parameter appending

This creates a common compliance trap:

If an organization decides that one mechanism—most often email open tracking via pixels—doesn’t meet its legal interpretation, consent posture, or internal policy, then the only option is to disable tracking broadly. The result? You lose everything, even the parts that are perfectly acceptable and already aligned with policy.

That’s not just inconvenient—it can become operationally blocking.

What should change: independent feature switches per tracking mechanism

A better approach is straightforward: introduce separate switches so administrators can enable/disable each mechanism individually:

• Email open tracking (hidden pixel)
• Link click tracking
• Web tracking
• Form prefill
• UTM parameter appending

To avoid UI clutter, less frequently used or advanced settings could be managed through OrgDBOrgSettings—keeping the admin experience clean while still enabling expert-level configuration where needed.

Why this matters

1) Compliance flexibility
Legal interpretations vary across jurisdictions, industries, and even internal governance policies. Granular controls let organizations implement their consent model—without hacks or unnecessary trade-offs.

2) Risk reduction
Disable only what’s considered non-compliant (e.g., pixel-based open tracking) rather than wiping out all measurable engagement signals.

3) Customer trust
Consent boundaries become enforceable in a precise way. That reduces the risk of “accidental overreach” and helps maintain credibility with customers and regulators.

4) Operational feasibility
Marketing and customer communication teams can continue using permitted tracking mechanisms—without being forced into the dark because one method is not allowed.

The impact on Customer Insights – Journeys

Granular tracking controls would materially strengthen Customer Insights – Journeys as a platform for privacy-sensitive, highly regulated environments. It’s the kind of capability that makes the product more adaptable, more transparent, and more aligned with modern consent expectations.

In short: it lets organizations comply with their specific interpretations of consent while still benefiting from the features that support marketing effectiveness and customer understanding.

The pixel tracking for open emails is also not very usable due to how email clients like Outlook (only downloads images on user approval) and iCloud (always downloads all images) are skewing the statistics. Hence the negative operation impact of disabling this tracking can often be very limited.

Help make it happen: vote for the idea

If you work in an environment where privacy and compliance matter (and that’s increasingly everyone), this is worth supporting.

Go to the Dynamics 365 Ideas page and upvote this entry:
https://experience.dynamics.com/ideas/idea/?ideaid=ccee4452-8409-f111-83da-6045bd7fd286

A few votes can be the difference between “nice idea” and “committed to roadmap.”