Noise or Music?

Category: GDPR & Privacy

Auditing Google Analytics – An Enterprise Study

Categories: GA & GTM, GDPR & Privacy, Setup Accuracy / Comments: 2

Part of my job involves auditing Google Analytics setups in order to establish the quality of the data collected. This video story brings together some of the extraordinary findings of my work. Its a study of 75 enterprise websites using Google Analytics. I describe the audit methodology and display the results in a visual scorecard format. The results are somewhat surprising Read more

The Impact of AnonymizeIP (aip)

Categories: GDPR & Privacy, Setup Accuracy / Comments: 0

A key recommendation for GDPR compliance is to use the Google Analytics feature anonymizeIP, also known as "aip". As the name suggests, this simple switch drops the last 3 digits from your visitor's IP address. For example, if a visitor has a public ip of, then Google will obfuscate this to 217.115.40. (and all other visitor ip addresses) when it Read more

GDPR – Should You Request Consent Before Tracking?

Categories: GDPR & Privacy / Comments: 8

GDPR means that organisations need to keep records of all personal data, be able to prove that consent was given, show where data is going, what its being used for, and how it is being protected. And it applies to anyone processing data on EU citizens. But what defines personal data...? And how is PII different...? Obviously name, address, telephone details etc. Read more

Clarifying the Analytics Data Retention Settings

Categories: GDPR & Privacy / Comments: 24

I must admit that the new Google Analytics documentation about the GDPR specific Data Retention setting is confusing! The assumption from many clients is that ALL data older than NN months is going to be deleted i.e. a cliff-edge effect where any report older than say 26 months is going to be empty. The setting is important, but its effect is not Read more

NEW: Google Analytics Now Removing Personal Data

Categories: GA & GTM, GDPR & Privacy / Comments: 2

Google Analytics is now automatically removing personal info from collected data. So far only for query term "email". I regularly audit and test accounts for PII and found this today: Google Analytics is automatically replacing email addresses it finds in your reports with the text "obfuscated" - in real time. At present it seems only to work when sent as a value in Read more

How-to Match Google Analytics Transactions With Reality

Categories: GDPR & Privacy, Implementation Fundamentals, Metrics Understanding, Setup Accuracy / Comments: 1

If you have a transactional site, then of course you will want your transactional and product data as measured by Google Analytics, to match the real sales numbers that your back-end system collects. However in reality, these never exactly match due to a number of issues. These include: 1) Processing time differences; 2) Returns; 3) Blocked tracking; 4) Cross-domain tracking issues Read more

Is having a 3rd-party cookie a problem for you?

Categories: GDPR & Privacy / Comments: 2

I always thought that once the "general public" understood what a third-party cookie was, they would block/delete/refuse to accept them en masse. I have been predicting the demise of 3rd-party cookies since 2008, however it simply hasn't happened. In fact the success of remarketing techniques illustrates people either don't care about tracking technologies (i.e. invasiveness) or are oblivious to them... I Read more

[Survey] Do you TRUST your analytics data?

Categories: GDPR & Privacy, Metrics Understanding / Comments: 6

The question of data trust (i.e. data quality) is what I view as the biggest issue facing the digital analytics industry at present. Why? Because it is so easy to collect junk data online. And businesses will not act on data unless they can trust its quality. The result is data paralysis - no one wants to dig deep in to the Read more

© Brian Clifton 2018
Best practice privacy statement