Google Analytics for the privacy aware

While the entire German blogosphere seems to have discovered the pretty unpleasant, secretive inclusion of Quantcast tracking in the “ Stats” plugin, I found an article on the blog that broke the story in Germany, that explains how you can somewhat limit (valid) privacy-concerns with Google Analytics.
You just have to push “_gat._anonymizeIp” as an option in the _gaq object, as shown on line 5 in this code snippet:

<script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-xxxxxxx-x']);
  (function() {
    var ga = document.createElement('script');
    ga.type = 'text/javascript';
    ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '';
    var s = document.getElementsByTagName('script')[0];
    s.parentNode.insertBefore(ga, s);

According to the relevant Google Analytics docs page, this:

“Tells Google Analytics to anonymize the information sent by the tracker objects by removing the last octet of the IP address prior to its storage. Note that this will slightly reduce the accuracy of geographic reporting.”

Call me naive (or overly idealistic), but shouldn’t your Google Analytics implementation have this option on as well?

Quantcast spyware puts selfhosted WordPress blogs in Automattic network

A quick update about the Stats plugin secretive inclusion of Quantcast tracking:

Coding for the New Year

Just a quickie before diving into 2011;

And this is how I feel about 2011:

Jon Hopkins - Light Through The Veins (Full 9 Minute HQ Version)

Have a great New Year! Stats trojan horse for Quantcast tracking

Suppose you’re a blogger who values website performance and online privacy. You may have ditched Google Analytics because you think the do-no-evilers do not have to know who is on your site. Maybe you removed AddtoAny because of the 3rd party tracking code that slows down your site ever oh so slightly. And you don’t want the omnipresent Facebook Like widget for all the above reasons. No, the only 3rd party javascript you allow is the one pushed by the Stats plugin; one javascript-file  and one pixel and you get some nice stats in return. And come on, WordPress, those are the good guys, right?
Well, apparently not. While performing a test on for example, you’ll see two requests to the domain;;r=705640318;fpan=1;fpa=P0-450352291-1292419712624;ns=0;;ref=;ce=1;je=1;sr=1024x768x32;enc=n;ogl=;dst=1;et=1292419712624;tzo=300;a=p-18-mFEk4J448M;labels=type.wporg

Ouch, that hurts! But surely Quantcast aren’t in the same league as AddtoAny’s media6degrees, who do behavioral advertising based on data captured all across the web? Well … Quantcast might be better known, but they do exactly the same thing; collecting user information and providing that info for targeted advertising. And just so you know, Quantcast is one of the companies that is on trial for restoring deleted cookies using Flash (“zombie cookies”). So no, I’m not comfortable with Quantcast collecting data on my blog’s visitors.
Now I know that I opted in on user-tracking by WordPress (or rather Automattic). And I can live with them knowing who visits my blog, I can live with the small performance-impact that the stats-plugin has on my site that way. But I did not sign up for 3rd party tracking, the plugin-page conveniantly fails to mention the extra tracking, there’s no opt-out mechanism in the plugin and there’s no info to be found on how to disable Quantcast tracking users on my own blog. I am not a happy WordPress-blogger!
So Automattic; please fess up and at least provide instructions on how to disable 3rd party tracking, just like AddtoAny’s Pat gracefully did?

Update 20 january 2011; Automattic seems unwilling to acknowledge there is a problem, the thread on forums where this was discussed has been closed. I created a small WordPress plugin, DoNotTrack, to stop Quantcast tracking. you can download it here.

StuBru, Facebook and why we need (something like) Diaspora

Earlier this month Facebook deleted the official Studio Brussel page, cutting the Flemish youngster radio station off from their 114.000 fans. StuBru didn’t receive information on why the page was deleted, just a vague statement that they breached the Facebook Terms. It took a week to get the page restored, but nonetheless web-editor Stijn Van Kerkhove raved (translated from Dutch);

We were surprised when our website got deleted, but we’re even more pleasantly surprised to be back.

“When our website got deleted”, seriously Stijn? A Facebook-page isn’t a website and it isn’t yours either, ultimately. When on Facebook you are (and I am) at the mercy of a private company that has absolute power over anything you do on its premises. Facebook decides what pages look like, Facebook decides what you can and cannot post and Facebook reserves the right to expel you from their community for whatever reason they do or don’t come up with.
Given the increasing importance of social networks in our lives and economy (and the never-ending privacy-problems with Facebook), I do believe that we’d be better of with a open, decentralized system which does not have a sole (commercial) owner with absolute power. That’s why it’s a good thing that Diaspora exists, even if the alpha code they released a couple of days ago is not up to expectations. That’s why (and are great. And that’s why OStatus, an open standard for following friends and sharing statuses on distributed social networks which is already implemented in and which will probably go into Diaspora as well, is incredibly important.
And on a vaguely related note; that Facebook-movie by Aaron Sorkin and David Fincher looks great, doesn’t it:

THE SOCIAL NETWORK - Official Trailer [2010] (HD)

Why I dislike Facebook’s Like widgets

I like Facebook. I like sharing stuff there, I like liking friends’ activities and I like friends sharing and liking my links and posts. But I really, really don’t like Facebook’s Like buttons and similar boxes! Because I see some serious problems with the like button;
  1. The page containing the “like”-widget loads and renders significantly slower (i.e. performance impact)
  2. Facebook can track me visiting this page, even if I don’t click on “Like” (i.e. privacy issue)
  3. When I do click “Like”, I have no way of checking what will be shown on Facebook. And indeed the buttons are already being used to spread spam, malware is expected to be next (i.e. security risk)
  4. “Liking” a page enters me into a relationship with the page owner, allowing them to “publish updates to the user [and] target ads to people who like [their] content” (i.e. 2nd privacy issue, severely aggravated by the security risk)

No, call me old-fashioned, but I’m much more at ease with the normal Facebook share-mechanism;

  • a simple link, so no performance impact
  • no contact with Facebook unless clicked on, so tracking of my surfing behavior is not possible
  • an intermediate screen shows what you’re about to share, meaning a much lower security risk
  • no forced relationship with the  page owner, i.e. “avert 2nd privacy-risk: CHECK”

But as I can’t force site-owners to remove the “Social Widgets”, I can only install something like No FB Tracking to disable the virus that is the Facebook Like-button. And whine about it on my blog, off course.

AddToAny: removing the “spy” from the share-ware

Update 02-2015: the information below does not reflect the way AddToAny works now and as such only has historical value. The comment by A2A’s developer below, explains what has been done between 2010 and 2015.
After discovering AddToAny secretly enrolls all of my blogs visitors in a behavioral marketing platform, I disabled the plugin and mailed the author for more information. He answered the media6degrees-integration was a partner-test, only providing them with non-personally identifiable data, which the company indeed can use for targeted advertising. But the good news was that AddToAny would also offer a “publisher opt-out mechanism” shortly. And indeed, last week, Pat announced the brand new a2a api and mailed me the following opt-out code;

var a2a_config = a2a_config || {};
a2a_config.no_3p = 1;

These two lines of javascript, which have to be placed in front of the script-include, should disable all current and future 3rd party tracking. I hope the web-guys from e.g. and (and there are many others) implement this as soon as possible!
So now we can opt-out from having our visitors being spied upon by media6degrees, what more could one want? Well, since you’re asking, here’s a small list of things AddToAny could really should do;

  • transparency; tell users that their visitors’ information will be shared with 3rd parties (in all relevant places)
  • documentation: show them how to “remove the spy” on the AddToAny api page (“no_3p” isn’t there)
  • ease-of-use: allow the tracking to be disabled with a simple checkbox in the WordPress and Drupal plugins

The opt-out code is a important first step and I’m sure concerns such as those voiced on the WordPress-forums will help AddToAny to further make the right decisions!

AddToAny removed-from-here

Update 02-2015: the information below does not reflect the way AddToAny works now and as such only has historical value, read this comment by the developer for more info.
When looking at my blog’s performance in Google Webmaster Tools I saw Google complained of multiple dns-lookups. I knew about, (well, yeah …) and, but one domain in the list didn’t make sense to me at all;, so I started to investigate a bit. Grepping the wordpress-, theme- and plugin-code on my server didn’t reveal anything, so I went into Firebug to see what was happening in javascript.
Apparently the AddToAny WordPress-plugin was initiating the call:
  1. add-to-any requests (which is rather big but gzipped & cache-able)
  2. page.js in turn contains tracking (near the end of the file), by requesting an 1X1 pixel image at<encoded URL of page>
  3. media6degrees then sends the pixel and … sets multiple cookies in the process

And what’s media6degrees business you ask? Maybe they’re just providing the add-to-any author with statistics? Well, not exactly. This is what media6degrees writes on their website: “We deliver scalable custom audiences to major marketers by utilizing the online connections of their consumers.” So by using AddToAny, you’re providing media6degrees with data about your site’s visitors, which they can use to sell targeted communication to their customers.
If visitors of small-time blogs like mine would be the only ones affected by this, the damage would be limited. But AddToAny is also implemented on large local news-outlets such as or De Standaard Online and no doubt on some big international sites as well. Somehow I doubt those organizations know they’re feeding their visitors to media6degrees and I bet some of them would even strongly disagree.
I’m not happy about this, that much is clear. AddToAny offers great functionality, but:

  • it adds unneeded requests to my page, causing the page to finish loading later (dns-request + http-request)
  • it enrolls my site visitors in a targeted communication platform without anyone knowing (or agreeing)
  • none of this is communicated on the AddToAny website or on the AddToAny WordPress plugin page

I mailed the author about this earlier this week (when i didn’t even know about media6degrees tracking cookies yet), but got no feedback up until now and I logged an issue on the support forum as well. And I decided to pull the plug on AddToAny off course, replacing it with sociable, making my blog render yet another millisecond faster, while at the same time protecting my visitors from this sneaky behavioral tracking by AddToAny and media6degrees.

Switching from Google Reader to Tiny Tiny RSS

Given the concerns about the enormous amount of data Google continuously collects about its users and because of the fact that their CEO seems to have a poor understanding of privacy (Schmidt stated “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”) and despite Google’s Jonathan Rosenberg recent manifesto on openness I decided to move some of my online activities away from the all-seeing eye of  Google. After switching to for normal search, I now found an alternative for Google Reader as well in Tiny Tiny RSS.
Tiny Tiny RSS (or “tt-rss” for short) is an open source web application written in PHP with a PostgreSQL or MySQL database. The webapp is AJAX-based, multi-user and is offline-enabled using Google Gears (you can check out a demo here). There’s also a mobile version, a (deprecated) XML-RPC API and a brand new experimental JSON-API, which I’m playing around with, using XUI to write a minimal mobile version of my own.
For those who are not able to install and configure tt-rss or who don’t want to burden their server with it, developer Andrew Dolgov put up a hosted version (thanks Andrew!) where currently 8 more users can register.
After having switched about a week ago, I find I barely miss Google Reader, although tt-rss still feels a little rough around the edges at times. The only real limitation is that shared items (‘published’ in tt-rss) off course aren’t automagically shared with your Google friends. I now automatically import my tt-rss published articles and manually share those every few days in Reader. Because I wouldn’t want to disappoint my Google friends, now would I?

Google Privacy Fail; Asa Dotzler is right

google_screamMozilla’s Asa Dotzler recently rocked the boat when telling readers to use Bing instead of Google because of a shortsighted statement on privacy by Eric Schmidt, Google’s CEO. The discussion that followed Asa’s blogpost was interesting on occasion, but harsh and even rude at times.
While we’re all Google fanboys one way or the other and while the idea of switching from “Do no Evil Google” to “Monopolist-Micro$oft” can be a little bit unnerving, there is in my opinion reason to be concerned with Schmidts’ quote. My main problem is with this claim;

If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.

I don’t know about you, but to me Schmidt seems to imply that if I require privacy, that must mean that I have something to hide which is at least unpleasant and probably even outright illegal. If one accepts this premise, requiring (or enforcing, by means of encryption or anonymizers) privacy in itself is an indication of guilt?
Given that Google has too much data about me (being the avid Google-user I am) and given the flawed reasoning of Google’s CEO regarding respect for my privacy, I cannot but agree with Asa Dotzler. It is time to rethink my use of Google applications, although I’m not switching to Microsoft alternatives just yet. The general idea is simple: stop putting all my eggs in one basket, instead fragmenting my information across multiple independent organizations, hoping that privacy-breaching data-mining will be a bit less efficient that way.
scroogle: how it worksI’m still looking into alternatives for most Google web applications (Serge is right off course; “with microsoft it’s easy, you can switch to apple or linux – the problem with google is that their stuff just works“), but for search I’ve decided to switch to Scroogle is a not-for-profit secure (as in https) cookie-less search that uses Google (the irony). The site is operated by Daniel Brandt, the almost anonymous weirdo who’s also behind google-watch and wikipedia-watch.
To make sure my Google-friendly browser doesn’t accidentally direct me to Google search, I changed the following things in Firefox:

  • On my “bookmarks toolbar” replace the Google bookmark with a Scroogle one
  • Add Scroogle SSL” from the Mycroft search engine plugin site and move it to the top of the “search engines” list
  • And finally to make sure searches from the “awesome bar” don’t direct me to Google either, in about:config I changed the value of “keyword.URL” into “”

So what Google property should I replace next and more importantly, what with? Any suggestions? 🙂