search

EthicalSource / ethicalsource.dev

Home of the Organization for Ethical Source
https://ethicalsource.dev
Other
141 stars 40 forks source link

Drop Google Analytics? #67

Closed m90 closed 3 years ago

m90 commented 4 years ago

While I am very much in line with what this project stands for I am saddened to see visiting ethicalsource.dev triggers Google Analytics without giving any hint on it or even giving me the possibility to opt in (or opt out) of data collection. I would like the web to be a friendly place without having to use uBlock or similar.

In case this site really needs analytics, I would be very happy to see a notion to adopt something more privacy friendly (there are plenty of hosted or self-hosted options out there) or to drop Google Analytics altogether.

CoralineAda commented 4 years ago

This has been the subject of some internal discussion as well. From the start we disabled data collection in the configuration, so I don’t believe that there is a practical privacy implication with the way we’re using the Google Analytics platform.

m90 commented 4 years ago

From the start we disabled data collection in the configuration

I don't know too much about the inner workings of GA, but when I visit https://ethicalsource.dev in an incognito window the following HTTP request (in cURL form) will be performed:

curl 'https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2053393420&t=pageview&_s=1&dl=https%3A%2F%2Fethicalsource.dev%2F&ul=de-de&de=UTF-8&dt=Ethical%20Source%20%7C%20Ethical%20Source%3A%20Open%20Source%2C%20Evolved&sd=24-bit&sr=1920x1080&vp=1838x465&je=0&_u=IEBAAUAB~&jid=372208741&gjid=1052503973&cid=574534433.1592508911&tid=UA-56802475-3&_gid=1577095874.1592508911&_r=1&gtm=2ou6a0&z=721227554' \
  -H 'authority: www.google-analytics.com' \
  -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36' \
  -H 'accept: image/webp,image/apng,image/*,*/*;q=0.8' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-fetch-mode: no-cors' \
  -H 'sec-fetch-dest: image' \
  -H 'referer: https://ethicalsource.dev/' \
  -H 'accept-language: de-DE,de;q=0.9,en;q=0.8,en-US;q=0.7' \
  --compressed

which sounds to me as if data is collected. I will also have a persistent non-session _gid and _ga cookie set on your behalf.

Maybe "disabling data collection" means something else in this context though?