The issue of privacy vs. analytics is a complex one. There's a few different questions that need to be answered to justify Mozilla's use of Google Analytics. I'm just a lowly webdev who doesn't know too much about official stances and tech, but here's my take:
First: Is it okay to track user actions and analyze them? Here you're balancing our ability to measure how we're doing and improve with the amount of data we collect about users. Anonymizing the data so as to make it difficult to identify an individual user from the data is one way of making this privacy-friendly while still being able to take advantage of vital information on how effective we are. Next: Is it okay to use a third-party service for analytics? This is a question of trust: Are there any third-party providers that we believe are trustworthy enough to handle user data with the same respect for privacy that we do? Note that this doesn't have to be blind trust. We can, for example, use a legal contract to require them to handle the data as we see fit. We can also choose a third-party that has a Terms of Service document that explains how they use their data in a way that we agree with. At an extreme, we could use a provider that has some technical solution that makes it impossible for them to use the data improperly, but I don't know of any major analytics platform that does this nor do I know whether that's practical. Finally: Does Google Analytics meet our criteria for third-party analytics? This comes down to checking GA against the criteria from the second question. Will they agree to a contract that outlines our requirements? Do their Terms of Service describe a way to handle data respectfully? Stacy Martin from Mozilla's Privacy team helped consider this question, and concluded that GA did meet our requirements for privacy-respectful analytics. As mentioned in the bug, there was a discussion when we first switched to GA that outlines the details: https://groups.google.com/forum/#!msg/mozilla.governance/9IQvIubDOXU/0tWVVlrUJOQJ --- Judging from suggestions about alternative analytics services, some of the objection seems to be against the third answer, that Google is not trustworthy enough. I think that Google can be trusted in this case, not because they're inherently trustworthy, but because a) we (supposedly) have a legal contract with them, b) their service offers options to anonymize data, and I assume their terms of service explain how that option works such that they'd be in trouble if they were lying, and c) they are much more visible and well-known than other analytics providers, which to some extent makes it easier to know when they're violating terms (as many many people are using and "watching" them). Hope that helps outline the situation a bit better. Please correct me if I've made any glaring mistakes. :D - Mike Kelly On Tue Apr 29 17:13:25 2014, Florent Fayolle wrote: > Hello, > > Everything is described in this bug: > https://bugzilla.mozilla.org/show_bug.cgi?id=1003391 > > To summarize, the whatsnew page sends an Ajax request to Google Analytics > each time the user clicks on its button. > > That's sad to see a webpage that promotes Firefox as the browser that defends > privacy (which it does) but that in fact tracks users' actions on it. > > Someone reported this issue in this tweet (in French) telling (with sarcasm) > that Mozilla is not trustable concerning privacy, and I feel upset about that: > https://twitter.com/HTeuMeuLeu/status/461207250410164226/photo/1 > > Florent > _______________________________________________ > governance mailing list > governance@lists.mozilla.org > https://lists.mozilla.org/listinfo/governance _______________________________________________ governance mailing list governance@lists.mozilla.org https://lists.mozilla.org/listinfo/governance
