Solved

Google Analytics and cookies: need some clarifications.

Posted on 2015-02-20
9
149 Views
Last Modified: 2016-02-24
Hello, as you know here in Europe there's a cookie law. I'd like to avoid cookies altogether unless absolutely necessary.

So, Google Analytics was a sure source of cookies, but now with Universal Analytics I think this code will disable them completely:

ga('create', 'UA-XXXX-Y', {
  'storage': 'none',
  'clientId': '35009a79-1a05-49d7-b876-2b884d0f825b'
});

My question is: am I right? If I use Universal, the latest implementation of GA, coupled with this code, will I be ok with the cookie law without the need to ask visitors for cookie permission?

If so I will update all my customers' websites. If not I guess I'll switch to something other than GA.
0
Comment
Question by:Daniele Brunengo
  • 5
  • 4
9 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40621715
This page from ICO seems to be the best explanation: https://ico.org.uk/for-organisations/guide-to-pecr/cookies/   Note that shopping carts are based on session cookies and turning them off is not really an option.  You need to get used to telling users that you are using cookies... everyone else has.
0
 

Author Comment

by:Daniele Brunengo
ID: 40622787
Yeah, but since most sites I've been working on are static presentation sites, the only source of cookies would be Google Analytics. So if I can disable them inside it I would be ok with no need to hassle visitors.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40622838
Universal Analytics also uses cookies.  https://developers.google.com/analytics/devguides/collection/analyticsjs/advanced  My main customer uses many different kinds of tracking and they all use cookies.  As far as I can tell, the only way to not have cookies is to not use tracking.

A note...  it is actually the EU Privacy law, not cookie law.  Any method of storing identifying info including Flash cookies and local storage are covered.
0
 

Author Comment

by:Daniele Brunengo
ID: 40622945
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40623269
The first article talks about using IP addresses for tracking.  Public IP addresses do not uniquely identify a user.  I have thirty computers here behind a single public IP address.  If you are only using the IP address, you can't tell which computer you're tracking.

In the second article, it tells you what to do to set a cookie for Google Analytics so I'm not sure why you posted that link.
0
 

Author Comment

by:Daniele Brunengo
ID: 40623278
If you go to the bottom of the page in the second article you can find this:

Disabling Cookies

By default, analytics.js uses a single cookie to persist a unique client identifier across pages. In some cases you might want to use your own storage mechanism and send data directly to Google Analytics without the use of cookies.

You can disable analytics.js from setting cookies using the following:

ga('create', 'UA-XXXX-Y', {
  'storage': 'none',
  'clientId': '35009a79-1a05-49d7-b876-2b884d0f825b'
});

When you disable cookie storage, you will have to supply your own clientId parameter except for the special case where you are using cross-domain linking parameters.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40623316
That is essentially irrelevant because you can't set a unique trackable client id for each user.  And if you could... it still falls under the EU requirement for notification because you are 'storing' and 'tracking' personally identifying information.

It's really simple.  Either you notify them or you do not track them.
0
 

Author Comment

by:Daniele Brunengo
ID: 40624396
So what's the exact difference without a trackable id? Visitor counts are wrong?
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40624449
Visitor counts and page tracking will both be wrong in cases where there is more than one computer behind a public IP address.  You are down to what you can see in the server logs which only list the IP address that requested a page, nothing else.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
This Micro Tutorial will demonstrate without sampling how to find out top organic landing pages. The hack gets around the standard way to find the pages in Google Analytics results in sampling for larger sites.
This Micro Tutorial demonstrates in Google Analytics how to create a custom report that shows you traffic over time using the month of year dimensions. There are also instructions on how to fix Google's odd month of year formatting, which Microsoft …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now