Solved

Google Analytics and cookies: need some clarifications.

Posted on 2015-02-20
9
156 Views
Last Modified: 2016-02-24
Hello, as you know here in Europe there's a cookie law. I'd like to avoid cookies altogether unless absolutely necessary.

So, Google Analytics was a sure source of cookies, but now with Universal Analytics I think this code will disable them completely:

ga('create', 'UA-XXXX-Y', {
  'storage': 'none',
  'clientId': '35009a79-1a05-49d7-b876-2b884d0f825b'
});

My question is: am I right? If I use Universal, the latest implementation of GA, coupled with this code, will I be ok with the cookie law without the need to ask visitors for cookie permission?

If so I will update all my customers' websites. If not I guess I'll switch to something other than GA.
0
Comment
Question by:Daniele Brunengo
  • 5
  • 4
9 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40621715
This page from ICO seems to be the best explanation: https://ico.org.uk/for-organisations/guide-to-pecr/cookies/   Note that shopping carts are based on session cookies and turning them off is not really an option.  You need to get used to telling users that you are using cookies... everyone else has.
0
 

Author Comment

by:Daniele Brunengo
ID: 40622787
Yeah, but since most sites I've been working on are static presentation sites, the only source of cookies would be Google Analytics. So if I can disable them inside it I would be ok with no need to hassle visitors.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40622838
Universal Analytics also uses cookies.  https://developers.google.com/analytics/devguides/collection/analyticsjs/advanced  My main customer uses many different kinds of tracking and they all use cookies.  As far as I can tell, the only way to not have cookies is to not use tracking.

A note...  it is actually the EU Privacy law, not cookie law.  Any method of storing identifying info including Flash cookies and local storage are covered.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 

Author Comment

by:Daniele Brunengo
ID: 40622945
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40623269
The first article talks about using IP addresses for tracking.  Public IP addresses do not uniquely identify a user.  I have thirty computers here behind a single public IP address.  If you are only using the IP address, you can't tell which computer you're tracking.

In the second article, it tells you what to do to set a cookie for Google Analytics so I'm not sure why you posted that link.
0
 

Author Comment

by:Daniele Brunengo
ID: 40623278
If you go to the bottom of the page in the second article you can find this:

Disabling Cookies

By default, analytics.js uses a single cookie to persist a unique client identifier across pages. In some cases you might want to use your own storage mechanism and send data directly to Google Analytics without the use of cookies.

You can disable analytics.js from setting cookies using the following:

ga('create', 'UA-XXXX-Y', {
  'storage': 'none',
  'clientId': '35009a79-1a05-49d7-b876-2b884d0f825b'
});

When you disable cookie storage, you will have to supply your own clientId parameter except for the special case where you are using cross-domain linking parameters.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40623316
That is essentially irrelevant because you can't set a unique trackable client id for each user.  And if you could... it still falls under the EU requirement for notification because you are 'storing' and 'tracking' personally identifying information.

It's really simple.  Either you notify them or you do not track them.
0
 

Author Comment

by:Daniele Brunengo
ID: 40624396
So what's the exact difference without a trackable id? Visitor counts are wrong?
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40624449
Visitor counts and page tracking will both be wrong in cases where there is more than one computer behind a public IP address.  You are down to what you can see in the server logs which only list the IP address that requested a page, nothing else.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An enjoyable and seamless user experience can go a long way on an eCommerce site. While a cohesive layout and engaging copy play roles in creating a positive user experience, some sites neglect aspects that seem marginal but in actuality prove very …
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
This Micro Tutorial demonstrates how to create custom reports and the secrets of determine the metrics and dimensions for your data that works best with your needs.
This Micro Tutorial will demonstrate how to analyze your website's back links using a network graph powered by a fusion table.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question