[postgis-devel] Website Redo change to Hugo
Greg Troxel
gdt at lexort.com
Fri Mar 4 04:53:58 PST 2022
"Regina Obe" <lr at pcorp.us> writes:
>> It seems to load something from googletagmanager.com and that seems like
>> a wrong thing to do. But I can't find the privacy policy to see if it's
>> against it :-( But seriously, I'm just trying to say that web sites of
>> Free Software projects should not ask users' browsers to load objects
>> from advertising companies. I'm guessing this is some (buggy) default
>> in the theme.
>
> I think our old one did load stuff from google analytics. You didn't see
> the same issue on the old site?
> But agree if we are going to do that, we need to have a privacy policy in
> place to state that.
Yes, the old site did load google analytics (different domain), and
twitter. That wasn't ok either, but I didn't notice and/or complain.
My understanding is:
Google analytics allows google to do cross-site tracking of people,
and it allows targeted advertising to be later sent to site visitors.
Unless their user agreement commits them contractually not to use data
from one site for any purpose other than providing that sites
analytics, limited retention times, and no combination with individual
records or across sites. (No, I didn't think it says that, but I
think it's important to point out the proper terms for analytics to
see how far off it is.)
The GA user agreement requires some sort of notice, which is missing.
A place that discusses this (and I am not really sure if this site is
entirely ok or not, but it doesn't seem off base on a quick read):
https://www.privacypolicies.com/blog/privacy-policy-google-analytics/
In Europe, GA is not compatibla with GDPR:
https://techcrunch.com/2022/01/12/austrian-dpa-schrems-ii/
I am guessing the site isn't in Europe, and thus this really isn't on
point because it's about US government access to data of EU people,
but I think it's relevant.7
Truly asking for consent is major friction for the user. Cookie
consent popups are always annoying (and in many cases dishonest).
I personally think it's better to have no analytics than to send user
data to google. The standard approach to analytics without google seems
to be matomo, formerly called piwik, which can be self-hosted.
Thre's a related issue loading resources from twitter; that shouldn't
happen either.
uMatrix for firefox is a really useful extension to get visibility in
what a page tries to load, and stopping most of it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20220304/c6d1689b/attachment.sig>
More information about the postgis-devel
mailing list