Loading ...
Sorry, an error occurred while loading the content.

4151Re: Odd things noted with Google Analytics

Expand Messages
  • webbanalys
    Nov 17 8:21 AM
    • 0 Attachment
      The lack of guidance is alarming, and has now put a lot of people
      into a position of breaking the law. I do however wonder why you
      would mention it, do you do consulting work for them?

      I think you are very wrong on the assumption that their cookie
      strategy is the least likely to be deleted. Just look at the naming
      convention, withtin a few weeks I predict that all anti-spyware
      applications will remove cookies containing ___ in their names no
      matter which domain they say they come from.

      On the opposite a 1st party cookie with individual naming has a far
      better survavial rate, and that is a cookie that is sent from the
      collection point on amchine within the customers own domain. In
      theory all vendors can do this BUT why have so few? Simply because
      either their architecture isn't built to support it or they are
      cutting corners.

      No matter how low the number of opt-out that occurs, it must be
      possible. If I were to opt-out from cookies from *.some.com then the
      regular cookies for user settings would also be disabled. Not a very
      smart move to disable the opt-out don't you think?

      Finally it would not surprise me a bit if the next version of IE
      comes with a block on some domains as part of the medium security
      setting, if so then all outbound calls to the collectors running on
      domains not belonging to the customer would cause massive data loss.
      Not much love between MS and Google, is there? This could happen as
      well if companies like Websense block those domains as dodgy in their
      filtering product due to the fact that data is going to a generic
      collection point.

      For the customer who has used services that are using web analytics
      based on such limited solutions the massive dataloss will then be a
      nasty surprise. That if anything would put those running such systems
      out of business, not the entry of GA.

      Must say I am a bit surprised you don't see this coming Eric.


      --- In webanalytics@yahoogroups.com, "Eric Peterson"
      <eric.peterson@g...> wrote:
      > I'm not up-to-date on cookie legislation overseas but it goes
      > saying that any company deploying ** any ** analytics application
      > depends on cookies needs to update their privacy policy
      > I poked around at the Google Analytics site and didn't find any such
      > guidance but will suggest it next time I chat with those folks.
      > Based on my research on cookies, the strategy Google Analytics is
      > using is the least likely to be deleted. It is not a third-party
      > cookie, it is not a contractual or mapped first-party cookie, it is
      > true first-party cookie. Whether the cookie comes from the
      > domain or the site domain is a technical decision that each vendor
      > makes and is theoretically able to change.
      > Perhaps from a transparency standpoint this is dodgy, but from a
      > accuracy standpoint, this strategy is the recommendation.
      > I have not seen any published data regarding how many Internet users
      > are opting out of tracking domains but given that opting-out
      > you at accept a cookie (so the system knows not to track your
      > right?) and given that cookies are being deleted at some rate, I
      > suspect opting-out is far less likely than consumer use of
      > anti-spyware to "protect" themselves or occassional manual
      > I mean think about it ... if you don't want to be tracked you have
      > visit dozens of different opt-out pages (at each of the vendors) and
      > every time you delete your cookies you have to repeat that action?
      > Unlikely, in my opinion.
      > If the GA code is removed, the cookies may remain but are certainly
      > rendered useless.
      > Eric Peterson
      > --- In webanalytics@yahoogroups.com, "webbanalys" <webbanalys@y...>
      > >
      > > I've found some odd things going on with Google Analytics (GA),
      > > one of them is connected to the statement Eric made that GA uses
      > > party cookie (FPC). It seems that GA DOES NOT send FPC from the
      > > collection domain at all. Instead the code will perform the
      > > of sending cookies looking as if they were from the website
      > > itself! If I am wrong then please correct me.
      > >
      > > It seems as if a massive amount of websites not using cookies
      > > now are sending out 4 new ones and thus as a result not following
      > > law which states the following (at least for us in Europe):
      > >
      > > EU-directive 5.3 on integrity and communication, every visitor to
      > > website containing cookies is entitled information:
      > >
      > > * that the website contains cookies,
      > > * how these cookies are used,
      > > * how cookies can be avoided.
      > >
      > > Even worse is that if users select to opt out to avoid the GA
      > > generated cookies then ALL cookies from the domain in question
      > > be blocked, even the ones that are used to keep user details and
      > > enhance website functionality!
      > >
      > > If the GA code is removed the created cookies will remain, and
      > > actually is set to last until 2038. Given the recent coverage on
      > > users deleting cookies this adds fuel to the fire, sending
      cookies in
      > > this fashion is rather dodgy.
      > >
    • Show all 20 messages in this topic