[postgis-devel] Website Redo change to Hugo

Regina Obe lr at pcorp.us
Fri Mar 4 07:35:58 PST 2022 

> "Regina Obe" <lr at pcorp.us> writes:
> 
> >>  It seems to load something from googletagmanager.com and that seems
> >> like  a wrong thing to do.  But I can't find the privacy policy to
> >> see if it's  against it :-( But seriously, I'm just trying to say
> >> that web sites of  Free Software projects should not ask users'
> >> browsers to load objects  from advertising companies.  I'm guessing
> >> this is some (buggy) default  in the theme.
> >
> > I think our old one did load stuff from google analytics.  You didn't
> > see the same issue on the old site?
> > But agree if we are going to do that, we need to have a privacy policy
> > in place to state that.
> 
> Yes, the old site did load google analytics (different domain), and
twitter.
> That wasn't ok either, but I didn't notice and/or complain.
> 
> My understanding is:
> 
>   Google analytics allows google to do cross-site tracking of people,
>   and it allows targeted advertising to be later sent to site visitors.
>   Unless their user agreement commits them contractually not to use data
>   from one site for any purpose other than providing that sites
>   analytics, limited retention times, and no combination with individual
>   records or across sites.  (No, I didn't think it says that, but I
>   think it's important to point out the proper terms for analytics to
>   see how far off it is.)
> 
>   The GA user agreement requires some sort of notice, which is missing.
>   A place that discusses this (and I am not really sure if this site is
>   entirely ok or not, but it doesn't seem off base on a quick read):
>     https://www.privacypolicies.com/blog/privacy-policy-google-analytics/
> 
>   In Europe, GA is not compatibla with GDPR:
>     https://techcrunch.com/2022/01/12/austrian-dpa-schrems-ii/
>   I am guessing the site isn't in Europe, and thus this really isn't on
>   point because it's about US government access to data of EU people,
>   but I think it's relevant.7
> 
>   Truly asking for consent is major friction for the user.  Cookie
>   consent popups are always annoying (and in many cases dishonest).
> 
> I personally think it's better to have no analytics than to send user data
to
> google.  The standard approach to analytics without google seems to be
> matomo, formerly called piwik, which can be self-hosted.
> 
> Thre's a related issue loading resources from twitter; that shouldn't
happen
> either.
> 
> uMatrix for firefox is a really useful extension to get visibility in what
a page
> tries to load, and stopping most of it.
[Regina Obe] 

Okay I've replaced the twitter js with just a link to our twitter page
And I've removed the google analytics.

The theme does have a config for matomo, but I've ruled out matomo for now
as an option cause it requires installation of both PHP and MySQL.
Having both to get analytics feels like overkill.

I'm not sure analytics are all that important especially given the
sensitivities of people these days.
We can add it back before launch if people feel strongly and we have a
privacy statement in place.

Thanks,
Regina

More information about the postgis-devel mailing list