
13% of my website visitors block Google Analytics - markosaric
https://markosaric.com/google-analytics-blocking/
======
salicideblock
Seeing that Plausible Analytics is not using cookies and instead hashes fields
_including IP address_ \- the measure of "unique site visitors" could be a
proxy for false uniques by Plausible Analytics. For example, an user visits
once via his data connection and once via wifi - Plausible may see different
users where Google's cookie will pin it as one user.

Another interesting result is the 16% of total page views - I don't think
false uniques could changes this. But it will be distorted by correlation of
views-per-user with blocking settings.

~~~
sandworm101
I don't see why the focus is on "unique" visitors. To compare to older media,
if someone buys two newspapers then they are a double-good customer. Either
they are spending so much time reading it themselves that they need two copies
(ie reading via two devices/IP addresses) or they are giving that second copy
to a friend (two people, one device). So imho page view should be valid
regardless of uniqueness (absent bot detection etc).

~~~
lucideer
This depends on monetization.

If you're selling copies of newspapers, 2 purchases by 1 customer = 2
purchases. The number of customers is irrelevant.

If you're monetizing via on-page ads or affiliate links (as the author is),
revenue is much more likely to correlate to unique visitors than to page
views.

~~~
sandworm101
>> revenue is much more likely to correlate to unique visitors

That's the bit I don't understand. Why does an advertiser not value a customer
seeing an ad twice, or for a longer time? In fact I would say that those
customers are much more valuable because their multiple views bookend an
extended period of viewing an ad. If I view a website at home in the morning,
then again while at work, I have been exposed to that ad for many minutes, as
opposed to one-time readers who click away within seconds. That has to be
worth something more.

~~~
reaperducer
You're on to more than you think.

In traditional media, it's pretty much an axiom that people have to see the
same ad at least seven times in order to get the message. There is no sin in
showing the same advertisement more than once. It's why, for example,
advertisers pay extra to have their ad appear at both the beginning and end of
a commercial break on television. It's called "bookending."

When digital advertising started, the ad companies decided that someone seeing
the same ad more than once was a bad thing, and then convinced their
advertisers this was true.

I don't know why this happened. Maybe the digital people had some data that
proved it. Maybe the digital people were just computer people and not
advertising people and so didn't know about the decades of prior research into
this.

But it's where we are now. Digital advertising companies value unique
visitors, so web site owners do, too.

~~~
ksec
I dont know why either, but to me viewing traditional TV with same ads every
15 min or 30 min is not an annoyance, but doing it on Youtube or Website is
god damn annoying. To the point where I think the brand is trying too hard and
I have negative feelings with it.

There are huge difference in Online / Digital Media consumption compared to
traditional media like Tv and NewsPaper. And may be I am old I tend to value
the latter a lot more.

------
onion2k
None of my website users need to block Google Analytics.

~~~
yonixw
Sorry to say, but without analytics and campaign analytics, you probably don't
know what your user want or need. I don't like the analytics auto hate
behavior.

Edit: I don't justify google and facebook wrongdoing in the past and present.
But to hate on those who are (forced) using them and calling to remove them
from the website is not helping without an alternative. It will surly take a
toll on your digital presence. Showing better alternatives is the way to go.

~~~
onion2k
_I don 't like the analytics auto hate behavior._

It's not "auto hate", it's 25 years experience of making web stuff. I used to
track users. I can read Apache logs by sight alone. I was an Urchin stats user
before Google bought them. I had _hit counters_.

I realised a long time ago that massive data gathering didn't really help me.
I had a ton of data and no idea what to do with it. If you launch a site and
find the engagement time is 5.54s and users scroll 40% down the page before
the bounce when they hit the site from a Google SERP for "my special page"
that doesn't tell you _why_ they left. That only tells you that they did. If
you want to fix the problem you need to actually reach people and engage with
them. To build what users want you need to actually talk to users.

Maybe some people can get value out of GAnalytics data, but I reckon for
_most_ users it's "metrics theatre". They're randomly poking at their website
and seeing if the numbers change. That's stupidly inefficient when you can
just talk to some people instead and immediately know where the problems are
because people will tell you if you ask. Oh boy, will they tell you. It's hard
to make them stop.

~~~
bbarnett
Often I try to help sites with more generic, borked issues. Your comment about
"Oh boy, will they tell you" brought one to the fore.

I sent the following to a site. Do you think I received a response? A reply?

Either they don't actually read emails from customers, or they employ a person
which became 'confused', and their eyes glazed over, once they failed to
understand the message.

(Note that I sent to about 5 email addresses. The one sent after I purchased
the pillow, a website info, whois email addresses, and even took 2 minutes to
find the CEO email address. Yup. No response from any of them.

And more than 18 months later (I just checked), the SPF record remains
unchanged.)

I wonder.

While metrics _may_ be helpful, I wonder how many only pay attention to
metrics, and then ignore emails such as mine.

\--

Hello,

I'm terribly sorry, but unfortunately you've sold a pillow to a SysAdmin. And
now that you've done something wrong "with computers", I'm going to prattle on
whilst your eyes glaze over. :P

But in all seriousness, I recently ordered a pillow from you. Yet your
confirmation email bounced! Here's why:

May 13 07:10:54 XXX postfix/smtpd[32163]: NOQUEUE: milter-reject: RCPT from
smtp2.shopify.com[104.198.207.207]: 551 5.7.1 SPF verification failure: sender
host 'smtp2.shopify.com'[104.198.207.207] not among explicitly allowed origin
hosts for domain 'canadiandownandfeather.com', and misses are forbidden;
REJECT; from=<info@canadiandownandfeather.com> to=<xxx> proto=ESMTP
helo=<smtp2.shopify.com>

What's happening, is your SPF record does not list Shopify email servers, as
valid for your domain name canadiandownandfeather.com...

You do have outlook.com there:

canadiandownandfeather.com. 300 IN TXT "v=spf1
include:spf.protection.outlook.com -all"

But not Shopify. If fact, the "-all" part at the end means "and nothing else
can send mail!".

So, as you are telling people that outlook is the only acceptable place to
send mail from? Until you fix this:

\- some mail server servers, like mine, will completely reject your mail from
shopify's platform \- almost all remaining mail servers, will place this type
of mail in SPAM folders

I must stress, that due to your 'outlook' line, normal email should work
perfectly fine. We're only talking about email, using your domain, but from
shopify's platform.

If you go here:

[https://help.shopify.com/en/manual/intro-to-
shopify/initial-...](https://help.shopify.com/en/manual/intro-to-
shopify/initial-setup/setup-business-settings#customer-email-best-practices)

And search for "SPF record", you'll see this:

\-- To verify your customer email address, you need to add Shopify's SPF
record — v=spf1 include:shops.shopify.com ~all — to the TXT record in your
custom domain settings. \--

Now.. you want to KEEP your outlook domain too.

So, just add "include:shops.shopify.com" to your TXT record, so both are
there.. something like this:

"v=spf1 include:shops.shopify.com include:spf.protection.outlook.com -all"

Do this, and your problem should be fixed.

You can go here:

[https://mxtoolbox.com/SuperTool.aspx?action=spf%3acanadiando...](https://mxtoolbox.com/SuperTool.aspx?action=spf%3acanadiandownandfeather.com&run=toolpage)

And check if things are done correctly. \--

~~~
lsaferite
I think the humour at the start might have been enough to make many people not
read the email TBH. Something a little less tongue-in-cheek and simply
nice/approachable is likely to net a better chance of response.

~~~
angus-prune
Hard agree.

You don't describe the business problem, but go into incredible detail about
technical details that either nobody reading the email[1] cares about.

Even more than that - you're basically asking them to run random bash commands
from the internet.

They _shouldn 't_ trust your advice, anything you say would have to be
verified by their own team, so the level of technical info is useless to them.
In fact, including all the technobabble mnakes it look _even more_ like a
scam.

Remember, not that long ago it was a common scam to ask employees to make
changes to the phone system, which would give the scammer free international
calls. Your email is _idenitical_ [2] to one of those scams.

A better email would be (and this isn't perfect):

"Hello, I am a recent customer of yours and noticed that all your confirmation
emails aren't being sent properly and won't be delivered at all for most
users.

I'm a sysadmin, so had a look at the the problem using public data, and it
looks like your tech team overlooked a setting when they set up your email
system. Its a easy mistake to make and would take them 5 minutes to fix.

The technical details are that there is an "SPF" record which says who is
allowed to send emails as your company - this is correctly set up for your
office emails through outlook, but not set up for the automated emails from
shopify.

If you let your tech team know that shopify is missing from the SPF records,
and they'll quickly see the issue and fix it within minutes.

If you would like more information about the issue, I'd be happy to advise
further[3]"

[1] The people who do care won't see your email. [2] To the untrained user.
[3] I mean, I wouldn't, but you seem like you would ;)

~~~
bbarnett
I get it, please see my other response.

RE: random bash commands. Part of the reason I linked shopify's SPF page to
them -- an attempt to provide external validation.

But I get it. Which is why, as I mention in that other response, it doesn't
matter _what_ I send. Even pleas to forward to a technical person = ignored.

(I bet lots of tech people get forwarded all sorts of crap that IS a scam, so
yell "DON'T FORWARD THIS STUFF TO ME".)

In fact, I have even called some places. One started _screaming_ at me. I'm
guessing some phone scam "got them", and therefore equated me to the same.

What can you do?

I mean, seriously?

~~~
lmkg
Tell them that you placed an order, and did not receive a confirmation email.
If you really feel obligated, you can mention something about SPF settings,
but I literally would not provide more detail than "it might be related to
your SPF settings."

~~~
bbarnett
Ah yes. Which is only sometimes responded to, and if so, with a "Check your
SPAM folder" email.

If you respond to _that_ without technical data, then you're basically saying
"No, I did not receive it", and their response is "Your gmail lost it"
(because mail = gmail).

The problem is that emails sent with "I didn't get the confirm email" are
immediately thought to be "user error". And you know what?

99.9999% of the time, they surely are. Bad email providers, lost in SPAM
folders, even missed in INBOX.

So if you don't include tech info, you're stuck in this category, else _many
exchanges back and forth_.

Because once I then respond with technical info?

You get the same glassy-eyed type of incomprehension, with often zero
response. Or a response that invites another 5 back and forths, with the other
side upset, because now they feel ignorant.

I feel there really is no proper answer here... except, I still have to try.
:P

------
eden_h
Google Analytics has a fair amount of filtering by default - including
bots/spiders.

Went to Plausible's website, it makes no mention of this type of blocking.
That 13% could be eaten into significantly by removing that type of activity.

More convincing would be matching up activity across sites, and seeing for
what sessions they differ. If this was a decrease in users who had significant
sessions (>30 secs, for example), there'd be more meaningful conclusions to
draw.

------
jamescridland
1\. the OP works for Plausible

2\. The OP uses a non-standard call to Plausible which probably isn’t in many
block lists

3\. It’s in mine

~~~
lightswitch05
So, the domain in question is ms.markosaric.com. Which is a CNAME to
custom.plausible.io. uBlock Origin is able to block based on CNAMEs, but it is
not a default configuration. PiHole V5 blocks based on CNAME as well, and it
is actually enabled by default.

I run a little blocklist project [1] and I've had custom.plausible.io blocked
in my list since April 8th [2]. So, although I didn't have ms.markosaric.com
blocked directly in my list, the PiHole still would have blocked it via CNAME
blocking. Also uBlock origin if you have CNAME blocking enabled.

[1]
[https://www.github.developerdan.com/hosts/](https://www.github.developerdan.com/hosts/)

[2]
[https://github.com/lightswitch05/hosts/commit/21fd108ffd2996...](https://github.com/lightswitch05/hosts/commit/21fd108ffd29960474a1c47803307c776806fecb)

~~~
gorhill
> uBlock Origin is able to block based on CNAMEs, but it is not a default
> configuration

It is a default configuration.

~~~
lightswitch05
Thank you for the info, I'm sorry I misrepresented your project. For some
reason I thought you had to enable advanced settings.

Thanks for everything you do with uBlock Origin and uBLock Matrix. uBlock
Matrix is one my the primary tools I use when researching domains to add to my
blocklist.

------
pachico
Only 13%? According to some independent sources, up to 30% (and in some
countries 40%) of Europeans use adblockers. If you're interested, I can try to
find out the sources. This is why I use my own tracking system.

~~~
toomanybeersies
Is that 30-40% on all platforms or just desktop though?

I don't have an ad blocker on my phone, yet use ublock origin on my Macbook +
Chrome. I suspect this is pretty common, as it's harder to set up ad blocking
for your mobile browser than desktop.

~~~
iwannahelp
It's actually super easy now, with PiHole if you'd like to self-host or
NextDNS if you want something that Just Works.

~~~
toomanybeersies
I wouldn't describe either of those as "super easy", especially for non-
technical people, compared to going to the Chrome Web Store and clicking
install on uBlock Origin.

------
Simon_says
> How I implemented my study

> I installed Google Analytics alongside Plausible Analytics on three sites in
> June.

All he measured was people who load Plausible Analytics and not Google
Analytics. Anybody running noscript (like me) wouldn't have shown up here at
all.

~~~
chrismorgan
Even when I run JavaScript (I don’t by default), uBlock Origin blocks
[https://plausible.io/js/plausible.js](https://plausible.io/js/plausible.js)
through _Peter Lowe’s Ad and tracking server list_. Not sure if that’s one
that’s enabled by default or if it’s one I’ve enabled.

So yeah, I would expect the true Google Analytics blockage figure to be
markedly higher than the 13% reported here.

~~~
Symbiote
It wasn't blocked for me, also with uBlock Origin.

I found that it was only added to _Peter Lowe's_ list yesterday/today, so it
wouldn't have affected the statistics for this blogpost

[https://pgl.yoyo.org/adservers/serverlist.php?showintro=1&st...](https://pgl.yoyo.org/adservers/serverlist.php?showintro=1&startdate\[day\]=12&startdate\[month\]=07&startdate\[year\]=2020)

~~~
pgl
Yeah, I added this yesterday.

For the record, you can also view exact timestamps on the detail page:
[https://pgl.yoyo.org/adservers/details.php?hostname=plausibl...](https://pgl.yoyo.org/adservers/details.php?hostname=plausible.io)

------
cm2187
I am not surprised by the low iOS numbers, adblockers are a pain to setup and
I haven’t found one as good as ublock origin. Would anyone have recommendation
for a good iOS adblocker?

~~~
michaelt
_> I haven’t found one as good as ublock origin._

That's because ublock origin uses an API that is not available on iOS/Safari

If you want to be generous to Apple, they're trying to stop the 90% of trash
adblockers like ABP, and great adblockers like UBO are collateral damage.

A cynic would say that's a combination of an admission their app store review
process can't catch evildoers; and a cynical result of the fact the app store
is plastered in (presumably very profitable) ads.

~~~
GuB-42
90% of everything is crap (Sturgeon's law) so by that reasoning, you can block
everything.

And I don't know what ABP on iOS does or how it changed but the original
extension wasn't trash. Sure, it has that controversial "acceptable ads"
policy but it can be disabled by just unchecking a box in the settings once. I
took a look at the code, compared it to a "cleaned" extension called AdBlock
Edge and there wasn't much that unchecking that box didn't do.

Like most people, I switched to uBlock, then UBO, but performance was the main
driver. Unless there ave been some major change ABP still fit my needs, UBO is
better for me but it doesn't mean the other is trash.

------
jiripospisil
> Safari was a big surprise to me. With all the marketing Apple does focused
> on privacy and with them even highlighting Google Analytics as being
> blocked, I was expecting numbers closer to Firefox.

Safari does not block anything (not even in the upcoming release) - it will
still happily load all of the tracking and fingerprinting JS. All it does is
prevent some information from being sent back (3rd party cookies, stripped
referrer etc.) but the requests are still being made and received code
executed.

------
TomGullen
Better way perhaps we do is compare Cloudflare visitors to GA visitors over
same time frame. This method doesn’t measure people with JS disabled.

I think it’s important to remember also with large numbers a percent of users
blocking GA is likely not a big deal - you just want something generally
accurate. Switching analytics providers to get more data isn’t in itself a
reason to switch.

If people care about payload size of tracking scripts on their site then I see
a good opportunity here for CDNs to offer analytics.

~~~
markosaric
My idea was to use server logs too but AWStats showed more than 100% higher
number of unique visitors and more than 18 times higher number in page views
(both compared to Plausible numbers) so I excluded it from the study as I
thought it’s very inaccurate.

~~~
JeanMarcS
As I understand that unique visitor would be higher (awstats, IIRC, considers
that after an hour, a same IP is a new visitor), I don't get how you can have
that number for page views. I guess it depends on people gowing back to pages
and JS is not executed, but logs are updated ?

Strange.

~~~
markosaric
It's strange. My best guess is that despite AWStats filtering bots, many do
get through. It was easy to see as most viewed pages according to AWStats were
back end pages etc. I tried Webalizer with similar results too. I published
the stats difference here: [https://plausible.io/blog/server-log-
analysis](https://plausible.io/blog/server-log-analysis)

------
idoubtit
How many sites break because of Google Analytics being blocked? Do they even
realize that their content appears broken?

Many sites use JavaScript client-rendering, even for static content.
Sometimes, the analytics failure blocks the rendering. I've experimented it
recently, with a blank page for a French governmental site (securite routiere)
and with a truncated content for an American newspaper (Boston Globe, IIRC).

When you send a server-rendered page, you know the content is present, and
very probably it renders correctly on the client. Transmission errors are
logged by the web server. With a SPA, many factors could break the rendering,
and the web server won't hear about it unless hard work is done to collect JS
errors.

~~~
macNchz
I think the most common and critical failure mode I’ve seen is when websites
wrap click handlers for important conversion events (ie “Complete Purchase” or
“Join Mailing List” buttons) in a call to a tracking script.

Google Tag Manager has a callback system that makes it really easy to trigger
an event and wait for all the tracking pixels to fire before you advance
someone to the next page, “guaranteeing” that you capture the events. If GTM
is blocked and no effort has been made to handle a case where it didn’t load,
however, the Complete Purchase button just straight up won’t work. I debugged
this behavior in a high traffic site several years ago and have since noticed
it all over the internet. With how widespread ad blockers are these
days–especially in some demographics–I’d consider it an important QA step to
ensure that customers can actually pay you even if they’re blocking ads and
trackers.

------
SahAssar
And umatrix blocks both Google Analytics and Plausible Analytics since it
blocks all third party scripts by default.

------
aaanotherhnfolk
I know this was just written as content marketing, but a more accurate insight
wouldn't involve the conversion to uniques at all. On one side you'd have
count of unique IPs from the access logs at your web server. And on the other
side you'd have count of unique IPs seen by the tracking tools you use.

And even then you wouldn't be able to map this quotient to human behavior. But
you would have an upper bound on how inaccurate your analytics tools are.

~~~
tatersolid
“Unique IPs” is a terrible metric, and has been for more than a decade.

Carrier grade NAT, corporate networks, VPN service users, etc. all will share
the same source IPv4 address.

In IPv6, the opposite is the case: clients will change their IPs frequently
for privacy reasons resulting in an overcount.

------
skeppy
That number is wrong. It's greater than 13%. He installed another javascript
tracker. So, he didn't catch any of the users that block javascript.

Didn't read his whole lengthy post, but not sure why he just didn't use a
standard 20-year old log analyzer (like AWStats or similar) to just compare
_any_ visit by a single IP address over a set 24-hour period.

Forget about page views, A/B tests, metrics, customer journeys, etc... that's
what G.A. is designed to be used for (along with its competitors like P.A.).

The question is very, very simple - especially for standard websites. How many
different IPs requested what volume (in bytes) of resources from your server?

We've been measuring that number on the web for nearly 30 years and it
requires ZERO installs, scripts, 3rd-party services, etc.

None of this would be so bad except that all the alarmists decrying abuse or
overuse of G.A. and looking at alternatives are (generally speaking) not
anyone that Google cares about. Google's attitude "Uh, go ahead and use a
different spyware/tracker/script tool. We don't care about your crummy blog.
We are still installed on 499 of the Fortune 500 websites. That's what we care
about."

------
tome
Tangentially, is there some webpage you can visit that confirms which means of
tracking your browser/extensions are blocking? I have installed Privacy
Badger, uBlock Origin and NoScript on Firefox, but I don't know how I can
verify that they are doing what I hope they are.

EDIT: I suppose there's
[https://panopticlick.eff.org/](https://panopticlick.eff.org/)

------
fomine3
I don't care to be tracked but ad blocker automatically also blocks tracker
and I have no motivation to unblock tracker manually.

------
sdwolfz
Only 13%? (Just kidding!)

Serious question now: how do we get this number to rise to 50%? How about 80%
or 95%?

I'm been on a quest for a long time now to convince people I know to install
ublock origin on their browsers, but it seems to be a hard sell, even among
more tech-literate people, the effort to convince them is non trivial. They
stick with it after I install it for them, and they use it everywhere
themselves after a while, and thank me for it, it's just that getting them to
experience it makes them go defensive. What gets them is not improved privacy,
nor tracking removal, but no longer having to deal with video ads on YouTube,
or those embarrassing naked people or viagra banner ads on websites, like
Yahoo mail.

So basically privacy is an afterthought, a nice to have consequence, as it's
not an immediate visible part of the experience for them.

~~~
shawabawa3
The problem is that people still think of ad blocking as similar to piracy
instead of as a security or privacy tool

The other problem is that "AdBlock" used to be the standard ad-blocking tool,
but now has been taken over by advertisers and allows "non-intrusive" ads,
such as google

~~~
sdwolfz
True, some more daring people go to google and search for "adblock" when I
tell then they should install an adblocker, and I have to correct them and
pitch "ublock origin", and that's when the defensive stance happens. They ask:
"Why? Why not adblock? What's the difference? There's also an ublock without
the origin part in the name, why is that, why use the other? it has the same
logo..."

------
__alexs
Slightly off topic: Plausible claim that their cookieless tracking is GDPR
compliant but this seems a bit shaky to me. Unless they are doing something
that isn't specified in their docs their fingerprinting seems reversible which
would make their user identifiers PII like any session ID you'd store in a
cookie.

AIUI the GDPR doesn't particularly care about cookies, it cares about you
tracking people without their consent. If you have a cookieless way of
tracking individual people that is as accurate as cookies then clearly you
still need consent?

~~~
m90
Even if this hash would include a salt and the salt is rotated daily, you'd
still be able to reverse information for the last day (there's an interesting
doc by the European Union itself on that topic: [https://edps.europa.eu/data-
protection/our-work/publications...](https://edps.europa.eu/data-
protection/our-work/publications/papers/introduction-hash-function-personal-
data_en)).

I feel most of these "privacy" focused analytics tools are mostly about
working around the need for a cookie banner. I also don't get how they can
continue to show off their public dashboards full of data that has been
collected without user consent, boasting about how many hits they have.

Gives me the feeling "Privacy" is more of a marketing tactic here than a
mission.

~~~
__alexs
The thing is the "cookie banner" is not required simply because you use
cookies. Consent is required for any processing of PII regardless of the
technical means through which you get it.

I don't know if "privacy" is just a marketing tactic but I have definitely
seen a lot of misplaced good deeds based on not understanding the regulation
correctly.

------
Pete-Codes
I've used Simple Analytics since day one of my site. Thoroughly recommended
for privacy.

Fathom Analytics is another option.

~~~
shreyasminocha
OP works on Plausible.io

~~~
omosubi
This should be the top comment

------
donohoe
I'd consider this a little on the low, but perhaps that makes sense given
nature of the site and potential type of audience.

On publisher sites where I've had access to analytics we'd see an Ad-Blocker
rate of 8% on the sites with a 'good' ad experience (low programmatic, less
crappy positions and UX) but as high as 30% on the crappier ones (saturated
with banner ads, had Outbrain/Taboola modules, etc).

(That was about 2 years ago so I would have thought that ad-blocking with
continue its slow increase)

------
mahesh_rm
Rightfully so. Shameless plug, a few months ago I began working on a privacy
conscious UX/UI research and qualitative analytics tool [0] based on open
source (MIT) technologies, which aims at offering a self hostable backend.
It's in alpha, feel free to reach out if you want to give it a spin.

[0] [https://www.sessionforward.com](https://www.sessionforward.com)

~~~
iaml
YSK that cloudflare removed the contact email on your site.

~~~
mahesh_rm
Thank you, will check! Indeed, website is still in progress. :-) Meanwhile,
you can find my personal email in my HN profile!

------
olliej
Of course another way to phrase this is “13% of my website visitors are
actively blocking my support for google’s privacy invasive tracking”

------
petargyurov
On my website [0] I opted not to use Google Analytics or any other invasive
trackers.

We use SimpleAnalytics and so far I really like it. Yes, it's "simpler" in
that you get less data but honestly, I think people over-value some of the
data they get from GA. A lot of it is superflous.

[0] [https://makely.me](https://makely.me)

------
toastal
I'd like to see the spread in statistics of what OS, platform, browser is
doing the most blocking and who's most underrepresented. Not wanting to be
tracked is very reasonable, but these I would guess are mostly to be your
power users anyhow and now you're making decisions around people that may
understand your product best.

------
BrandoElFollito
> We run it through a one-way hash function to scramble the raw IP addresses
> and make them impossible to recover.

It is very much possible. The space of IP addresses is about 10^10 so a
rainbow table for 256 bytes hashes would be around 1TB large.

Adding the target websites would scale the size linearly

------
ubercow13
>But Linux is also the least popular of the operating systems with only 8% of
the total laptop/desktop market.

That sounds very high, I thought it was still ~1-2%?

Shouldn't Firefox block GA by default now since they enabled enhanced tracking
protection by default? I'm surprised the number for Firefox is so low.

------
freddyym
If only it was a higher percentage...

~~~
tomcooks
Path of least resistance will unfortunately make it lower, once social
networks, media groups and browser vendors play the usual dark UI patterns

------
superkuh
What happened to using your web logs? It requires absolutely no javascript and
no third parties and there's no invasion of privacy.

~~~
vntok
It also is completely useless because of the tens of thousands requests random
bots and hacking tools do each day on most websites, the many network hops for
mobile users, the utterly impossible task of counting time spent per page (on
active tab), conversion tracking and so many data that web logs aren't
designed to collect or present in any useful way.

~~~
superkuh
They're actually pretty useful for me despite, and even because of all the
things you mention. I don't know why a corporation couldn't achieve the same
as my single person plus a bit of perl. I guess for-profit organizations just
have unique goals that can't be met unless they're acting unethically.

~~~
vntok
Being able to reflect on what works and what doesn't is actually the ethical
thing to do so that the business' decision makers don't spend time, money and
human resources on efforts that are at best useless and at worst detrimental
to the company.

Employees or (worse) freelancers who deliberately retain data and keep it away
from the company are utterly unethical in that they prevent the company to
assess their actions and to take adequate measures based on them, including
firing them if they cost but don't provide.

~~~
superkuh
You're assuming anything that saves/time money is ethical because it is
beneficial for the company. But many things that are beneficial for a company
are unethical and bad for actual humans the corporate "person"/entity
interacts with.

------
michael-ax
says: [https://markosaric.com/speed-up-
wordpress/](https://markosaric.com/speed-up-wordpress/) >> Steps I took to
make my site speedy and green >>> To not add much additional footprint, I’ve
decided not to use Google Analytics, ....

.. this is too weird for me.

~~~
markosaric
I installed GA for one month only last month in order to check the data. Now
it's GA-free again.

~~~
vntok
This is like reading books with one's reading glasses on for a while, then off
for a while, then on again for a while.

In Web analytics the medium to long term trend almost always trumps individual
data points. Those don't mean a thing and can actually be bad for the business
owners if "corrective" actions get taken based upon them.

------
tannhaeuser
Could we establish a convention of adding "(ga'd)", "(pixel'd)" and/or
"(GDPR'd)" here on HN, similar to what we do with rehashed stories by putting
the year into braces after the title?. While we're at it, maybe we should also
use "(paywalled)" because that's a frequent complaint?

~~~
majewsky
You could do an alternative HN frontend that puts badges behind the title.

