Is there a cookie-less alternative to Google Analytics?
Measuring analytics doesn’t have to be a minefield. There are ways to get the data you need to make business decisions without breaking any privacy laws.
How do you give people what they want in order to make a profit? It’s the principal question behind every business.
Fortunately it’s quite easy to figure out what people want – they tell you every time they visit your website. Or they would if you were able to get the data and analyse it efficiently.
It was really easy to do this until the web analytics world blew up in an ePrivacy cloud a few years ago.
Now any data you collect needs to be done so with the expressed permission of the people whose information it is, and you have to ensure that you abide by privacy regulations.
Moving within the parameters of legislation that focus on the processing of personal data and the protection of privacy - such as the EU’s General Data Protection Regulation (GDPR) and the ePrivacy Directive - how can businesses leverage data while respecting user privacy?
Cookies are small text files containing data that can be used to identify a computer. These files can help to personalise online experiences, and they can also deliver valuable information to website owners or marketers who use this information to make important business decisions.
But because this data can include some sort of personal information, they are bound by privacy laws, which protect the rights of the individual to keep their personal data private.
The bottom line is that users must be given the ability to opt in to tracking, regardless of whether or not there's personal data involved.
First-party cookies vs third-party cookies
Google has been under fire for its use of third-party cookies. In June 2021, Google announced it would phase out these cookies in Chrome in late 2023. This was postponed “to give marketers more time to test its tools” and is now set for late 2024.
The move will change the way ads are targeted on websites and make it harder for advertisers to track the web activity of potential consumers.
Why is the difference between first-party and third-party cookies so significant?
First-party cookies are hosted on the website you are visiting. They are usually a direct transaction between the user and the host and generally used to create a better user experience. They aren’t shared with other websites or parties.
Third-party cookies are set by a domain other than the one being visited. They are usually placed on a website through a script or a tag, and are most commonly used for online advertising purposes.
So who will be affected most by this move? The little guy. Big companies generally have more access to first-party data, as well as the resources needed to develop algorithms to capitalise on this data.
One way to level the playing field a little is to make use of analytics platforms to ensure that useful data can be collected within legal parameters.
The biggest and most well-known of these platforms is probably Google Analytics, the service provided by Google that allows website owners to track and analyse their website's traffic.
But Google Analytics has made headlines for not being GDPR-compliant.
Google Analytics and the law
If you interact online, all tracking technologies, including plugins and analytics, must have clear and unambiguous consent.
To be compliant with GDPR in the European Union, websites should provide clear and conspicuous information about the use of cookies, and should obtain the user's consent before setting any non-essential cookies.
Matomo Analytics and Drupal
Matomo is a service similar to Google Analytics, but with a few important distinctions.
Although Matomo does use customer browsing information, it can be configured in such a way so as to anonymise this data to a level which complies with ePrivacy requirements.
The Matomo analytics dashboard. Picture: Matomo.org
The French Data Protection Agency, the Commission Nationale de l’informatique et des Libertés (CNIL), has confirmed that Matomo can be used to collect data without tracking consent. However, there are specific conditions and measures that are necessary to ensure you can benefit from this exemption.
These are laid out in configuration instructions that we at Annertech follow when configuring Matomo for clients. An important difference is that the data collected by Matomo isn't being shared with a US-owned entity.
Plus, like the Drupal CMS, it’s open source, which means that you have the advantage of a secure, transparent platform that’s been tested by hundreds of contributors.
Conclusion
There are ways to get the data you need to make business decisions without breaking any privacy laws.And there are analytics tools that do a great job without landing you into trouble.
The best tool for you will depend on the specific needs and requirements of your website and, of course, your business.
