Web Analytics Privacy in Piwik

Piwik ensures the privacy of your users and analytics data. When using Piwik, YOU keep control of your data. Your data is stored in your own MySQL database, and logs or report data will never be sent to other servers by Piwik.

In March 2011, the Independent Center for Privacy Protection in Germany (ULD) recommended Piwik as privacy-compliant web analytics software.

In January 2014, the Center for Data Privacy Protection in France (CNIL) recommended Piwik as the only tool that can easily ensure full compliance with privacy regulations.

Piwik privacy compliance is also reflected by the many government agencies who already trust and rely on Piwik (in Europe, Asia, North America, Africa) for providing self-hosted web analytics.

Read how to setup privacy settings in Piwik

Privacy Applied to Web Analytics Logs: a Philosophical Choice?

Privacy on the Internet is a major concern for many users, webmasters and companies today. We spend so much time online that access to our Internet activity logs (websites, pages visited, internet searches) can reveal a lot of personal information about ourselves, our life, and work.

Read our blog post on Data Privacy Day to learn more about why Privacy is important.

When you use a web analytics tool such as Google Universal Analytics, your web analytics data is tracked, stored and owned by the company providing you with the free analytics service. While they provide an excellent service for free, they also re-use the visitor log data tracked on your website to enrich existing profiles for a given user or IP address.

Here are just a few examples of how websites can gather your personal information while you are away from the website:

Google

If you use Google Analytics on your website, Google would not only know all of the IP addresses (and other browser unique identifiers) of visitors to your website (and which pages they looked at on your site), but because most other websites use GA as well (or another Google product), Google would also, for example, know the 6 other websites that person visited earlier that day and the 367 websites he looked at in the last month. Because more than 60% of all websites on the Internet use GA , Google Adsense or another Google product using tracking beacons – “Only 36.5% of the web is Google-free” – Google is able to build a very accurate picture of most websites visited by any given user.

Facebook?

Facebook Social widgets are used on already more than 19% of all websites & blogs (source w3techs). When you visit a website with a Facebook Like button (or any other FB functionality) your browser will send data (and your IP address) to Facebook. Recently it was made public that Facebook creates shadow profiles of logged out users. This means that even if you are logged out or not a Facebook member, they still keep track of the websites and articles your IP address (and other browser unique identifiers) was looking at.

Why is this profiling for marketing purposes considered a “problem” for some Piwik users?

Privacy is becoming increasingly important to us as we spend more of our lives ‘connected’ on the internet. While Google is providing a multitude of amazing services for free – for which we are very thankful – we are at the same time concerned about where and how our private information is being used. Websites like Google (and increasingly Facebook) are able to build an enormous profile of all websites and pages looked at by most (nearly all) Internet users worldwide (even if they are not Google or Facebook users).

One of their main goals is to improve the re-marketing of Google Ads and Facebook Ads to Internet users and find the right advertising segments for the right ad. But many Internet users and website operators are growing concerned about what could be termed a Global Internet User Activity Database and its moral implications. You don’t need to be a Privacy Junkie to be interested in the challenges and moral implications of gathering so much data on the Internet. We choose not to discuss the details here but recommend you check out the Privacy section of the EFF website to learn more.

Update: How you can help make a difference against mass surveillance. (Piwik)

Opting out of all data collection & Remain Anonymous online

To opt-out of all web tracking technologies (including Google Analytics and Piwik), using an extension such as Noscript or Ghostery is the safest way: these browser extensions will disable all the known JavaScript trackers and ensure that your browser does not send a request to external tracking servers. If you wish to browse the Internet without your IP address being tracked at all, please consider using Tor Browser which will automatically connect you to the secured and anonymous Tor network. If you wish to send and receive emails that are coded to make sure that a surveillance agent or thief that intercepts your email can’t read it, check out the email self defense guide. If you wish to stay completely anonymous online, please see the PDF guide How to remain anonymous online?

Conclusion

Piwik is the leading self-hosted, privacy compliant, decentralized, modern & Free (GPL License) web analytics platform, a building block of the free and open Internet. By using Piwik and configuring a few options as explained in this guide, you will ensure that all of your valuable information is private and owned by one person (you!) and that your website also, just as importantly, respects your visitors’ privacy.

Member of The Internet Defense League