• ayaya@lemdro.id
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    4
    ·
    4 months ago

    Yeah as someone who has worked in web development for over 20 years everything in here is completely standard. Almost every major website in existence collects this kind of analytical data.

      • ayaya@lemdro.id
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        3
        ·
        edit-2
        4 months ago

        Like the comment I replied to already explained, this information is necessary to make informed development decisions. If you don’t know who is using what feature you might be wasting resources on something barely anyone uses while neglecting something everyone needs.

        You also need some of that data for security purposes. You can’t implement rate limiting or prevent abuse if you can’t log and track how your services are being interacted with.

        And this is aggregate data. I can promise you not a single person cares about what any individual user is doing (assuming it’s not illegal)

        • Cryophilia@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          4 months ago

          It should all be opt in. Aggregate data can be used to personally identify, and even when it’s not, it has its own negative effects.

          • ayaya@lemdro.id
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            4 months ago

            It should all be opt in

            Then you introduce self-selection bias and the data is worthless.

            Aggregate data can be used to personally identify

            You can’t identify someone based on how they interact with a service. If you spend 5 minutes on one page and 2 minutes on another that could be anyone. Even if you for some reason personally knew someone’s browsing habits it would be nearly impossible to pick them out in a sea of millions of data points.

            I see you linked privacyguides.org in the thread as “alternatives”, one of the services it recommends is Proton (Mail, Drive, etc.). Look at their privacy policy:

            2.1 Visiting proton.me or protonvpn.com website: We employ a local installation of self-developed analytics tools. Analytics are anonymized whenever possible and stored locally (and not on the cloud). IP addresses are not retained and stored for such analytics.

            When you use our native applications, we (or the mobile app platform providers) may collect certain information. We may use mobile analytics software (e.g. fabric.io) app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting to send crash information to our developers in order to rapidly fix bugs.

            Or how about addy.io that privacyguides recommends for email forwarding? From their privacy policy:

            We use a self-hosted instance of Umami, an open-source, privacy-focused and lightweight option for website analytics. All the site measurement is carried out absolutely anonymously.

            ALL online services collect this kind of data. Even the privacy-focused ones. There is nothing nefarious about it.

            • Cryophilia@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              4 months ago

              “Analytics are anonymized whenever possible” is vastly more reassuring than “we use all this data”.