[korlja]

Analytics is generally (in detail this might or might not apply for this project) seen as an invasion of privacy, wasting bandwidth, increasing load time and lowering performance. There is a population of users who would gladly accept advertisements without analytics, because they see the invasion into their privacy as the predominant evil. This is why most adblockers nowadays either block analytics by default, or at least provide a configuration to also block analytics.

[shanebellone]

I agree with your statement. I did originally build this for myself, with privacy in mind. I don't like being tracked either. Pathview doesn't rely on personal data but the general perception remains true. Any thoughts on navigating through that stigma? It's worth mentioning that the first hit generally loads in ~200ms and subsequent hits in ~120ms. The difference between first and subsequent is SSL. Speed and footprint represent two of my main design considerations.

[korlja]

I guess the stigma is too established to get rid of. Maybe you can sway some users by transparency, i.e. a very thorough but user-friendly explanation about what your software is doing and how it cannot possibly be used to invade their privacy.

But unfortunately, as far as my opinion goes, any kind of analytics and tracking just results in an instant "yuck" reaction, like a spider landing on my lap. I don't bother with analyzing it, I'll just try to get rid of it as quickly as possible.

The notion of privacy-friendly analytics has also been thoroughly burned by sleazy marketing departments outright lying. Or technical solutions that claimed to be privacy-friendly, but actually didn't really because of technical reasons. Or technical solutions being so complicated and obscure that it might as well be a privacy-protecting voodoo ritual for all a user knows.

[shanebellone]

This is tough. I dislike tracking but approve of analytics. Without data, websites cannot improve. Without improvements we'd only have Craigslists.

In your opinion, is there a way to balance the need for feedback with respect for the user? What might that solution look like? Do you have any absolute demands?

[korlja]

As a user, I've yet to see the user-facing benefits of analytics. I suspect there might be some which I don't know about. But mostly what I see is "we cancelled feature X you care about because analytics told us nobody uses it" and "you now get this annoying newsletter popup, because analytics told us we get more subscriptions that way".

For that perception to change, you have to educate users about their concrete, relevant and obvious benefit from analytics. I think this is hard or impossible. I also think that all the bad players in the market make this even more impossible, because you get lumped in with them.

I think the easiest solution is log analytics, preferably from anonymized or pseudonymized logs that are present anyways. That way, you don't collect any extra data, and as long as you do not keep the logs but only aggregated results, privacy isn't an issue. While a privacy policy and legal team need of course be aware of log analytics, the users cannot adblock it away, so that might be a plus. Also, no scripts, no cookies, no performance impact, etc. But of course the insight is limited by whatever is logged. Maybe some (privacy-preserving) data can be added to the URL parameters to augment the logs and provide a little more insight.

Another solution (that I just thought of, no idea if it would work) is that of recruiting users for testing your website under observation by the UI team. While this might invoke the image of recruiting 20 people off the street and sitting them down in a lab, I have something totally online in mind: Offer a voucher (or something) in return for participation. Participation should be instant. The users session should be connected such that the UI people on duty can see the website interaction (ala VNC, but limited to the website in question, so this should be possible by getting geometry, mouse position and keypresses alone via javascript). In case of difficulties, the UI team can interact with the user via voice chat (preferred) or text chat. After the user has finished their task, maybe ask them a few extra questions. You will gain much better insights, because you can ask for motivations and problems. You can point the user at the intended way and see if it works at all. But of course this approach requires lots of manpower and is technically challenging.

My absolute demands would be: Respect the relevant laws ala GDPR. Respect the DNT bit my browser sends. That way, you would already be above 99% of the analytics industry imho.

[shanebellone]

"I think the easiest solution is log analytics, preferably from anonymized or pseudonymized logs that are present anyways."

"Maybe some (privacy-preserving) data can be added to the URL parameters to augment the logs and provide a little more insight."

Pathview iterates on the server log approach. JavaScript collects two pieces of information: the current page and the referring page. The rest of the data is acquired by parsing HTTP Messages in real-time.

The only difference is cloud vs. self-hosted.