[generj]

IP logs aren't sufficiently unique: my IP changes as I move my laptop around, it is shared with several other persons at work and home, and my IP at each of these locations changes.

Most DNT is concerned with Javascript, which has the ability to be very intrusive than mere web logs. Analytics services started with web logs, but quickly transitioned to Javascript, because I can track a cookie much better than an IP address, and get more information besides.

It's inherently different when contracted to a 3rd Party.

Third-party vendors are opposed because it would be the equivalent of giving all of the IP logs from a majority of the Internet to a single user (in this case, Google Analytics). The ability to discover trends on particular users than becomes massively possible in a way that simply doesn't exist with 1st Party tracking. The siren's call to monetize this data is ever present, so we seek to not allow the collection in the first place.

[teamjimmyy]

I'll say here what I said in the other reply, but briefly.

There's a difference between a 3rd party doing the analytics and a 3rd party cookie. GA can (and should) use a 1st party cookie for this, which would make it impossible for them to correlate between sites. As a bonus, turning off 3rd party cookies also breaks ad retargeting, which makes everything better.

At that point, it's the same as Mozilla doing it themselves, but your concerns about JS being more potentially intrusive is valid.

note: i may be wrong about GA using 1st party cookies. if so, that's really not cool.

[generj]

GA does use 1st party cookies. There is still concern that with sufficient statistical analysis, Google can still track users across multiple sites. "Anonymous" data frequently turns out to be very personally identifying.

In particular, comparing behaviors and IP addresses used in Google products and captured in Google Analytics would be very easy.

Likewise, Google knows a super-majority of site entrances from their search engine, and a correlation is trivial given that most users are logged in for search. To wit: if I perform a search with a unique referrer, and that unique referrer is then captured with my Google Analytics user cookie, then I can be readily identified as a person. Doubleclick and other Google services share this issue.

Others do use Third Party Cookies. Mozilla is threatening to turn off 3rd Party cookies entirely, which has caused no small amount of concern from ad companies. See this post, one in a series of hilariously over the top diatribes from the Interactive Advertising Bureau: http://www.iab.net/iablog/2013/06/mozilla-kangaroo-cookie-co...

[teamjimmyy]

Yeah, I saw the bit about turning off all 3rd party cookies, which made me happy as I already do that myself.

As for the ubiquity and potential for data sharing among Google services, I suppose I hadn't though that entirely through. I know there was one analytics company claiming it could track individuals between devices using some fancy statistics, but I assumed it was snake oil (it was not GA claiming that).

Anyway, I hear ya, and thanks. I can see a case against GA specifically, though I have a hard time swallowing it against all analytics. I suppose it's a question of trade-offs that people are willing to make.