I’ve recently engaged in a privacy discussion about Google Analytics (GA). Coincidentally it also popped up on TechCruch, after an announcement from Google that they’re releasing a GA blocking addon that allows users to opt-out of being tracked.
But the question still stands: Is GA a privacy violation or not?
GA has a sane Privacy Agreement, along with some reasonable Terms of Service. As one could hope, the data you upload to GA is your use of the service, and belongs only to you. But if you believe in Big Brother theories or just like your privacy, the estimate is that more than 50% of the web is using GA, and that Google can track everything about you: clicks, time on page, referrers, sites visited, the works. And if you consider the not-so-nice cookies that google uploads into your browser, which is neither explained nor understandable, some evil thoughts come to mind.
However, for me it is a matter of choice. And when you enter my website, I’ve made that decision for you. By using GA on my website I was uploading your browsing habits as part of my statistics collection. I did not offer an opt-out/in choice to allow a 3rd party service to be the resting place of the gathered information. Even though the details about statistics gathering and storage concerns mostly me (as the service) and will not be available (in principle) to anyone else, it is my job to tell you if information gets sent to another service and make it your choice to allow that.
Given all of the above, the solution is to keep the gathered information local. I’ve moved away from Google Analytics to Piwik. Statistics are now only gathered and stored locally, properly anonymized, where the information belongs and is available, with open source technology. Installing Piwik is just a matter of uploading it to a folder on the server, and skimming through the setup (requires a MySQL database). Then it works pretty much like Google Analytics, but without uploading your visitor’s information to Google.