Mike Gerwitz

Free Software Hacker+Activist

aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMike Gerwitz <mtg@gnu.org>2016-01-24 14:33:02 -0500
committerMike Gerwitz <mtg@gnu.org>2016-01-24 14:38:43 -0500
commit452e8061c672e06ad770bff03f92103e48fe3e15 (patch)
treefc062d338f0f78cad4de98713ed7cffaa004c88b
parentc7db70c927d6460ef01c929b0eb6c3f8d1d50b55 (diff)
downloadthoughts-452e8061c672e06ad770bff03f92103e48fe3e15.zip
thoughts-452e8061c672e06ad770bff03f92103e48fe3e15.tar.gz
thoughts-452e8061c672e06ad770bff03f92103e48fe3e15.tar.bz2
Google Analytics Removed from GitLab.com Instance
*This was originally written as a guest post for GitLab in November of 2015, but they [decided not to publish it][gitlab-merge].* Back in May of of 2015, I [announced GitLab's liberation of their Enterprise Edition JavaScript][ggfs] and made some comments about GitLab's course and approach to software freedom. In liberating GitLab EE's JavaScript, all code served to the browser by GitLab.com's GitLab instance was [Free (as in freedom)][free-sw], except for one major offender: Google Analytics. Since Google Analytics was not necessary for the site to function, users could simply block the script and continue to use GitLab.com [ethically][free-sw]. However, encouraging users to visit a project on GitLab.com while knowing that it loads Google Analytics is a problem both for users' freedoms, and for their privacy. GitLab is more than service and front-end to host Git repositories; it has a number of other useful features as well. Using those features, however, would mean that GitLab.com is no longer just a mirror for a project---it would be endorsed by the project's author, requiring that users visit the project on GitLab.com in order to collaborate. For example, if an author were to use the GitLab issue tracker on GitLab.com, then she would be actively inviting users to the website by telling them to report issues and feature requests there. We cannot realistically expect that anything more than a minority of visitors will know how to block Google Analytics (or even understand that it is a problem). Therefore, if concerned authors wanted to use those features of GitLab, they had to use another hosted instance of GitLab, or host their own. But the better option was to encourage GitLab.com to remove Google Analytics entirely, so that _all_ JavaScript code served to the users is [Free][free-sw]. GitLab has chosen to actively [work with the Free Software movement][ggfs]---enough so that they are now considered an [acceptable host for GNU projects][gitlab-gnu-criteria] according to [GNU's ethical repository criteria][gnu-repo-criteria]. And they have chosen to do so again---headed by Sytse Sijbrandij (GitLab Inc. CEO), Google Analytics has been removed from the GitLab.com instance and replaced with [Piwik][piwik]. ## More Than Just Freedom This change is more than a commitment to users' freedoms---it's also a commitment to users' privacy that cannot be understated. By downloading and running Google Analytics, users are being infected with some of the most [sophisticated examples of modern spyware][ga-wikipedia]: vast amounts of [personal and behavioral data][ga-google] are sent to Google for them to use and share as they wish. Google Analytics also tracks users across [many different websites][ga-popularity], allowing them to discover your interests and behaviors in ways that users themselves may not even know. GitLab.com has committed to using [Piwik][piwik] on their GitLab instance, which [protects users' privacy][piwik-privacy] in a number of very important ways: it allows users to opt out of tracking, anonymizes IP addresses, retains logs for limited time periods, respects [DoNotTrack][eff-dnt], and more. Further, all logs _will be kept on GitLab.com's own servers_, and is therefore governed solely by [GitLab.com's Privacy Policy][gitlab-privacy]; this means that other services will not be able to use these data to analyze users' behavior on other websites, and advertisers and others will know less about them. Users should not have to try to [anonymize themselves][eff-ssd] in order to maintain their privacy---privacy should be a default, and a respected one at that. GitLab has taken a strong step in the right direction; I hope that others will take notice and do the same. *Are you interested in helping other websites liberate their JavaScript? Consider [joining the FSF's campaign][freejs], and [please liberate your own][whyfreejs]!* [gitlab-merge]: https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/1094 [eff-dnt]: https://www.eff.org/dnt-policy [eff-ssd]: http://ssd.eff.org/ [freejs]: https://fsf.org/campaigns/freejs [free-sw]: https://www.gnu.org/philosophy/free-sw.html [ga-google]: https://www.google.com/analytics/standard/features/ [ga-popularity]: http://w3techs.com/technologies/overview/traffic_analysis/all [ga-wikipedia]: https://en.wikipedia.org/wiki/Google_Analytics [ggfs]: https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/ [gitlab-featurse]: https://about.gitlab.com/features/ [gitlab-gnu-criteria]: https://lists.gnu.org/archive/html/repo-criteria-discuss/2015-11/msg00012.html [gitlab-privacy]: https://about.gitlab.com/privacy/ [gnu-repo-criteria]: https://www.gnu.org/software/repo-criteria.html [mtg]: http://mikegerwitz.com/ [piwik]: https://piwik.org/ [piwik-privacy]: https://piwik.org/privacy/ [whyfreejs]: https://www.gnu.org/software/easejs/whyfreejs.html
0 files changed, 0 insertions, 0 deletions