[dozy]

It is against the terms of service of Google analytics to pass any PII such that you can track an event back to any particular person. On top of that, the code for Google Analytics js is available for your review, along with its network requests, such that you can hold them to their word.

[ubercow13]

In most cases wouldn't it just be enough that you're logged into your Google account recently via the same IP

[gojomo]

The section about "personally identifiable" information in the Google Analytics Terms of Service [1] does not limit Google, but the site using GA.

Practically, I'm not sure that can even be enforced, or that Google has any incentive to enforce it. If a site uniquely tags each user via custom variables, or by sending users to a unique resource/goal/interim URL, will Google detect this and obscure/destroy the resulting data? Or is such tracking for the site's own purposes a core feature of GA?

And Google often has its own PII about the same user, from other visits to Google's own sites, anyway.

[1] http://www.google.com/analytics/terms/us.html - section 7 "Privacy"

[zwetan]

you are allowed to uniquely identify a user with a "User ID" which is different than the "Client ID"

https://developers.google.com/analytics/devguides/collection...

[kybernetikos]

> It is against the terms of service of Google analytics to pass any PII such that you can track an event back to any particular person.

You need barely any information to construct a personally identifiable profile. The fact that you as the user of google analytics can't do it says nothing about googles ability to do it.

http://arstechnica.com/tech-policy/2009/09/your-secrets-live...