[franky47]

E2EE means the analytics data is encrypted by the visitor, using public key cryptography. The secret key to decrypt that data is only known of the website owner. Anything I store is encrypted, including that secret key, and the source key is derived from the user's password, which never hits the server (using the SRP protocol for authentication).

The only thing I can see is how much data a website generated, but not what this data means.

And yes, the whole purpose is to hide the data from me. I don't want to know who visits your website, how long they stayed or what pages they visited. The website owner may want to know, but I can tell them without having to know myself.

[XCSme]

That sounds pretty cool.

I still think the company could somehow get access to the user data. The server enryption sounds pretty solid, and I beleive you saying that it would be really hard or impossible to get the encrypted data from the servers, but the information shown in the browser is unecrypted and accessible. Let's say your company grows and gets acquired by someone like Google and suddenly they want to get the stats of the tracked websites. Isn't there a way they could modify the UI source code, so that for example, they send back the unecrypted stats from the browser to a different server? I assume the dashboard's UI is hosted and served by your platform, so they could just add some JavaScript to it to send all data visible on screen, right?

I think your product could be really useful and I'm not trying to attack it in any way, I am just making sure I understand what the encryption means and if it does indeed provide extra value.

[franky47]

In theory, yes. But I consider Google an enemy of privacy, and I would rather burn my servers to the ground than sell them my product.

The encryption provides some protection for me: the data I acquire does not accumulate value over time (unlike clear-text data), which does not paint a giant target on my back.