Is Google Analytics illegal?
Yes, said Austrian, French and Italian Data Protection Authorities and today the Danish DPA agreed! 🇩🇰
Exciting times to be a European, privacy-first web analytics project 🇪🇺
@wizzwizz4 @plausible The press release of the Danish Data Protection Agency in English: https://www.datatilsynet.dk/english/google-analytics/use-of-google-analytics-for-web-analytics
Don't tell my employer: I've been told to migrante the website from Google Analytics to Google Analytics 4. 😮💨
Don't even listen: I've raised the point, but has no answer directly from legal. Only middle layers b between me and then told me "it's fine".
I'm not even sure how they can don't care. GA4 is able to identify sessions, not users, as far as I've seen, but still data are in USA. Not sure.
In addition to being opt-in, I think analytics packages should have all types of data-collection disabled by default so admins can selectively enable only what they need. Data should be treated as a liability, and people should collect as little as possible.
I really dislike how people use GA and GA-based services to find new insights; it makes everyone optimize their software the same way. Nobody asks how they can make their software less addictive.
Larger operations should store even less since they have the means to correlate information from many sources. ipscrub comes to mind.
The only long-term storage that should happen without consent is of bot traffic.
@maze Compare the two scenarios:
Scenario A: “We received a piece of user feedback to change this design to avoid errors; their suggestion was well received by other users. Let’s collect some telemetry from that component to see is these issues are representative of the larger population; based on that, we’ll know whether it warrants a re-design of that component.”
Scenario B: “Telemetry says users never use this feature; we can remove it.”
In Scenario B, telemetry prompted a decision; in Scenario A, telemetry helped understand a real specific problem. Telemetry should be used to clarify an existing insight rather than make discoveries on its own. Metrics should not be collected lightly; they should be collected with intention (and, of course, prior informed consent).
Yeah, it didn't seem to break anything for me either. I'll keep it blacklisted along with everything else googly which doesn't break websites. Apparently it is used for tracking, specifically managing different tracking beacons like pixels without much coding for the webmaster (https://en.m.wikipedia.org/wiki/List_of_Google_products)
@plausible Here's a question for your legal counsel: How are Plausible (and others like Fathom) affected by this decision?
@plausible sadly I can't due to my DNS adblocking :) when I'm not on my phone i'll take a look, thanks.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.