Not a new topic, yet relevant again: Google Analytics and the data privacy compliant integration of the GA-Tracker.
According to a news report, 13 000 Websites in Bavaria have lately been audited and exhorted – with sobering results.
Anonymizing IP Addresses in Google Analytics
For some time now, Google Analytics provides anonymizing functionality (specifically: deletion of the last octet of the IP-Address prior to storage).
Typically, the relevant piece of code looks like this:
var _gaq = _gaq || ; _gaq.push (['_setAccount', 'UA-XXXXXXX-YY']); _gaq.push (['_gat._anonymizeIp']); _gaq.push (['_trackPageview']);
The only thing to bear in mind is that the
anonymizeIp-function must be placed in the GA queue before
Testing Google Analytics IP-Address-Anonymization
How can you easily check after implementation, whether IP-Anonymization is active?
The easiest way is to start one of the powerful Browser developer tools like Firebug and check the GA tracking pixel request for whether a request parameter named aip=1 is set:
With Chrome’s developer tools the quick check looks like this:
The implementation and validation of IP-Address anonymization is a 5 minute task. By using the _anonymizeIP-function, Google masks the last 8-bit before storage and processing – not transfer.
Therefore the masked IP can no longer be assigned directly to a single person (256 IP-Addresses share the same masked IP-Address).