[BoorishBears]

Turning this into dichotomy between website operators needing to crusade on government overreach and not using GA has got the be the worst faith argument I've seen in a minute.

This entire premise of this article advantage of people who aren't technically inclined and can't know well enough to realize that reverse engineering GA fingerprints is not even close to how the government would de-anonymize visitors.

If your local government decides to overreach and find out who's getting abortion pills, Google Analytics will not even be your 1000th biggest problem. ISPs will readily share which sites people visit, the stores themselves will get leaned on, your mail carrier with share where you get packages from.

I mean did you even read the article? "Abortion Ease, BestAbortionPill.com, PrivacyPillRX, PillsOnlineRX, Secure Abortion Pills, AbortionRx, Generic Abortion Pills, Abortion Privacy and Online Abortion Pill Rx."

What do you think HTTPS is going to do when one of these urls shows up in your traffic, email inbox, and a reverse mail address look up leads to one of these?

[yellowapple]

> Turning this into dichotomy between website operators needing to crusade on government overreach and not using GA has got the be the worst faith argument I've seen in a minute.

Putting words in my mouth has got to be the worst faith argument I've seen in a minute.

> If your local government decides to overreach and find out who's getting abortion pills, Google Analytics will not even be your 1000th biggest problem. ISPs will readily share which sites people visit, the stores themselves will get leaned on, your mail carrier with share where you get packages from.

And it's much easier for website operators to stop using Google Analytics than it is for them to educate their customers on using VPNs and mailing their packages to dead drops (let alone for their customers to actually do those things).

This ain't about dichotomies or the lack thereof. This is about what people can do now to mitigate low-hanging fruit. Nobody said the solution is only to stop using GA; literally all that was actually said is that not using GA is something that the operators of such stores can trivially and immediately do.

That is:

> What do you think HTTPS is going to do when one of these urls shows up in your traffic, email inbox, and a reverse mail address look up leads to one of these?

The existence of problems outside your control does not erase the existence of problems entirely within your control. Website operators cannot force you to use a VPN or a secure email or an anonymous address. They can minimize the data of yours they're sending to third parties.

> I mean did you even read the article?

I mean did you even read the HN guideline specifically prohibiting such a question?

[BoorishBears]

> Putting words in my mouth has got to be the worst faith argument I've seen in a minute.

"it's much easier to not use Google Analytics than it is to convince your government to clamp down on law enforcement search powers."

You literally wrote a one sentence comment that compares a decision for website owners to choose between not using GA and convincing their government not to clamp down on law enforcement search powers. I didn't put a single word in your mouth in stating what I did.

You wanting to walk back what you wrote doesn't make my comment put words in your mouth, they were the words you said.

> And it's much easier for website operators to stop using Google Analytics than it is for them to educate their customers on using VPNs and mailing their packages to dead drops (let alone for their customers to actually do those things).

GA is completely orthogonal to the entire discussion. That's the point that ProPublica (intentionally?) ignores, and apparently you're just unaware of.

It's doing literally nothing to protect or harm these people, because the government is not stooping to deanonymizing GA data when there are 1001 more direct and better established methods to achieve the same thing, it's a frankly absurd point.

Saying by not using GA they're even tangentially protecting customers shows a complete lack of understanding of why this government overreach is such a problem.

-

tl;dr/too technical;didn't understand: The government doesn't need your GA fingerprint they can get the things that the fingerprint is made and then some straight from Google... and your ISP... and the site's host... and the mail services.. and the list goes on.

They can literally ask for all people who searched for a given term in a 5 block radius and you're trying to talk about hashed fingerprints???

It's like worrying that the government is going to check for your DNA in the toilet at a local restaurant when the establishment can be compelled to give them a receipt with your card details, your bank will give them the transaction details, your search history with the restaurant name is up for grabs, the municipal security cameras that watched you drive up are up for grabs...

-

Once you understand that then the pointlessness of this line of reasoning comes up, and why ProPublica is doing this becomes more questionable.

By inventing some totally ludacris wrong, they're painting themselves as having uncovered some unique in-depth aspect to the dynamic between these abortion pill sites and their users, but to do so they're painting the sites as negligent with the most inane stretch of logic possible.

Instead of focusing more on the actual problem, the overreach, they create a new boogeyman because it gives their reporting a unique angle. But of course that boogeyman is serving the interests of people who are having their rights stomped on.

By completely misunderstanding the topic (and in ProPublica's case I'm not buying it was unintentional) both you and the article are just throwing FUD into the actual conversation that matters.

It's annoying to see supposedly creditable publications intentionally muddy things for their own benefit, and it's even more annoying to see people with a poor grasp of the situation just run with it blindly without taking 5 seconds to apply critical thinking and context to it all.

[yellowapple]

> You literally wrote a one sentence comment that compares a decision for website owners to choose between not using GA and convincing their government not to clamp down on law enforcement search powers.

Right, and note what I didn't say:

- Whether or not those things are a dichotomy or otherwise mutually exclusive

- Whether or not those things encompass the complete set of privacy violations or the mitigations thereof

Your assumption that I've made or even implied answers to either of those within the words "it's much easier to not use Google Analytics than it is to convince your government to clamp down on law enforcement search powers" - and then arguing against that assumption - is where you're putting words in my mouth. It's also what makes you accusing me of bad-faith argumentation or a lack of critical thinking or context hilariously ironic.

There's nothing for me to "walk back". You blew up at me for merely suggesting that businesses which should be valuing their customers' privacy can take very easy steps to actually signal that. Whether or not they're siphoning a bunch of data to third parties is a rather strong signal of whether or not they take their customers' privacy seriously, and the fact that you are not only incapable of understanding that concept but feel compelled to resort to unwarranted hostility and personal attacks in response to it speaks volumes.

> GA is completely orthogonal to the entire discussion.

GA is literally the context of the discussion. Just because there are other ways for others to violate your customers' privacy doesn't mean it's okay to willingly and deliberately violate your customers' privacy yourself. That you not only fail to understand this but are needlessly hostile to those who do understand this speaks volumes.

If you'd like to have an actually intelligent and civil discussion instead of angrily flinging insults at me, I'd be happy to oblige. Until then, have a nice day - hopefully better than whatever tragedy you're choosing to take out on me.

[BoorishBears]

When you started this comment by saying "Yeah I created a division between those two options but that's not a dichotomy!" I questioned if I should bother reading

By the time I got to the invention of "angrily flung insults", and projection about bad days I had my answer...