Is Google Analytics Removing Personal Data?

GDPR & Privacy | GTM & GA

Google Analytics is now automatically removing personal info from collected data. So far only for query term “email”.

I regularly audit and test accounts for PII and found this today: Google Analytics is automatically replacing email addresses it finds in your reports with the text “obfuscated” – in real time. At present it seems only to work when sent as a value in the query term ?email=. As you can see form the screenshot, my test for ?emailaddr= still shows in the report.

Lets hope this proactive filtering can get smarter over time. That said, I hope web dev/admins don’t get complacent and reply on this as band-aid fix.

No one should be sending personal information (PII) around the web in plain text as part of a URL, but amazingly it does happen. Even by big brands that should know a lot better… Apart form being a reputation killer, its illegal to do so in the EU.

← Prev: When Visitor Surveys Can Damage Your Brand Next: Get "Successful Analytics" book at 50% discount! - one time sale... →

Looking for a keynote speaker, or wish to hire Brian…?

If you are an organisation wishing to hire me and my team, please view the Contact page. I am based in Sweden and advise organisations in Europe as well as North America.

You May Also Like…

3P Cookies v Benign Data v Cookies on Steroids

« Older Entries

2 Comments

Russ on January 30, 2017 at 1:11 pm

Hi Brian,

interesting find… we’ve tried to replicate the behaviour on one of or GA properties and it doesn’t work.
Do you have a forgotten filter in place that is causing the obfuscation?

thanks
Russ
Reply
- Brian Clifton on January 30, 2017 at 1:26 pm
  
  Yep, its gone now. It lasted about a week for me on several sites that I was deliberately seeding with false PII…
  Reply