Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

November 04 2014

User ID linking and privacy

If you dive into the Piwik tracking code, you'll probably notice this snippet: _paq.push(['setUserId', '32952541e7c65511b49']);

yes, this is (if you are logged in) your obfuscated user id. Why obfuscated? After all, we're using the real user id in javascript anyway! Well, this is just so that we, when we look at analytics, don't accidentally "see" users we know. Of course we could reverse the encoding (by bruteforce encoding all user ids the same way and then look up the hash), but this is basically what we can do in any case. What any maintainer of any similar social media/blog platform can do. So, it's kinda sorta assumed that you trust us, and the only reason why this is obfuscated is, that we can't accidentally abuse this trust.

Ok, "But why do you link my visit to my user id at all?!" you ask. Weeeell. Because we don't know how many actual users we have. Yes, seriously. In a world with spammers, signup numbers and visit stats mean exactly nothing.

Also, it is incredibly hard and borders on divination to find out how actual users use soup without this seperation. The same goes for questions suchs as "How many devices does a Soup user surf Soup on?" and similar.

Ironically, we could have all that information in the backend (so we wouldn't be required to use a tool such as piwik), but we're not collecting it. Not because it is technically impossible to do it - but because we do not wish to design our database and user data in a fashion that would make it possible.

Yeah, two souls and all that...

Reposted bymushubrightbyteElbenfreund

Don't be the product, buy the product!