
Anonymous Aggregate User Behaviour Analytics (2016) - neya
https://docs.brew.sh/Analytics
======
Rjevski
> If Google turned evil the only thing they could do would be to lie about
> anonymising IP addresses and attempt to match users based on IP addresses.

My worry is that Google is already evil and could be very well lying and
silently using the (deanonymized) data. I have no problems with Homebrew
getting that data through their own platform but seriously, fuck Google.

~~~
pdkl95
Google's "anonimized IP" means setting the last octet to 0. At _best_ that is
a 256->1 grouping[1]. If you're the only person on your local class C network
(x.y.z.0-255), your analytics uniquely map to your IP.

Google doesn't have to _lie_ about how they handle IPs - they document how
little anonymity they provide. Anybody claiming GA provides any real anonymity
either didn't read the documentation[2] for that feature, or they are lying.

[1]
[https://news.ycombinator.com/item?id=13639921](https://news.ycombinator.com/item?id=13639921)

[2]
[https://support.google.com/analytics/answer/2763052?hl=en](https://support.google.com/analytics/answer/2763052?hl=en)

------
rhencke
This looks like they put a lot of good thought into it.

They've got a clear outline of what is and is not shared, why they are
collecting it, links to the source code that handles it, explicit notice along
with an easy opt-out mechanism, etc.

------
ddavis
They've been doing this for years now (since at least 2015). The title here
implies that the change is recent.

------
hadrien01
Shouldn't it be opt-in, at least in Europe (with GDPR coming)?

~~~
dannyw
It can’t be identified back to an user. It is not personal data.

~~~
pdkl95
> It can’t be identified back to an user.

It's trivially associated to your IP. Google, if they chose to, could
trivially tie these GA records to your personal profile.

> It is not personal data.

It's behavioral data that helps Google reconstruct your pattern-of-life.
Knowing the tools you use can be very revealing.

~~~
rhencke
Your first statement is misleading. It is not trivially associated to your IP.

See:

[https://github.com/Homebrew/brew/blob/master/Library/Homebre...](https://github.com/Homebrew/brew/blob/master/Library/Homebrew/utils/analytics.rb#L27)

[https://developers.google.com/analytics/devguides/collection...](https://developers.google.com/analytics/devguides/collection/protocol/v1/parameters#aip)

[https://support.google.com/analytics/answer/2763052?hl=en](https://support.google.com/analytics/answer/2763052?hl=en)

Of note:

    
    
        If the IP anonymization method is used, then at no time
        is the full IP address written to disk as all
        anonymization happens in memory nearly instantaneously
        after the request has been received.

~~~
pdkl95
See my other post[1]. Yes, they are not storing _all_ of the IP; they are
simply storing the most interesting 3/4 of it (including the ASN). The _most
difficult problem_ they have to solve is a 1-in-256 guess, if-and-only-if the
other 255 neighboring IPs in the same "anonimized" bucket also generate
similar types of GA records. In practice, the realities of IP distribution and
not-perfectly-uniform host behavior will make this one of the _easiest_
records to correlate.

[1]
[https://news.ycombinator.com/item?id=16787053](https://news.ycombinator.com/item?id=16787053)

------
hello_asdf
This is easily turned off via your shell config file or through homebrew
itself thankfully.

    
    
       export HOMEBREW_NO_ANALYTICS=1
    

_or_

    
    
       brew analytics off

~~~
PeterStuer
Is opt_out GDPR compliant?

~~~
hello_asdf
It appears so.

[https://gdpr.report/news/2018/02/01/gdpr-google-
analytics-2/](https://gdpr.report/news/2018/02/01/gdpr-google-analytics-2/)

This page carefully describes what data they are going to be using, so I don't
see any reason it would violate it especially since they're not passing any
PII.

~~~
PeterStuer
Thx for the article, but I can't see how you come to the conclusion you draw
based on it. It does no clarify the opt-in/opt-out stance at all. In contrast
( [https://searchengineland.com/report-google-asks-
publishers-t...](https://searchengineland.com/report-google-asks-publishers-
to-manage-user-data-consent-for-ad-targeting-in-eu-gdpr-294917)) states

"Use of personal data cannot be based on implicit or opt-out consent. There
must be “a statement or a clear affirmative action” indicating a willingness
to share the information. Google will reportedly be capturing that consent for
properties that it controls, such as Google.com and YouTube. But the company
is asking third-party publishers to collect consent in situations where
Google’s technology and ad targeting are behind the scenes (see below). "

Which to me as a layman reads you need to have users opt-in to consenting to
be used in Google Analytics if it is used in your product/site.

~~~
hello_asdf
Yep, you're right. Then no, I don't see how Homebrew complies with GDPR as
it's opt-out.

------
dewey
That’s not really news, it was a big discussion a few years ago.

