Hi Ulrich,
Thank you for your kind words about WP Statistics. We appreciate your commitment to privacy and GDPR compliance, and we understand your concerns regarding the recent notice about server-side tracking.
Our current server-side tracking method relies on server logs, which is a traditional way of gathering data. However, to improve data accuracy and keep up with modern standards, the industry is increasingly moving towards client-side tracking. Even advanced server-side solutions, like Google Tag Manager (GTM) on server side, still require a client-side tracker script to be loaded (more details can be found here: https://developers.google.com/tag-platform/learn/sst-fundamentals/2-what-is-sst).
To streamline our codebase and enhance the functionality of our plugin, we have decided to deprecate server-side tracking starting from version 15, which is scheduled for release in the next 3-4 months.
Regarding your privacy concerns:
We recommend checking your Privacy Audit page in WordPress to ensure your configuration does not track any PII data.
I will be writing an article soon to provide more detailed information about this decision and our future plans.
Please feel free to reach out if you have any further questions. We are always happy to help.
Best,
Navid
Thread Starter
ulim
(@ulim)
Hello Navid,
thank you very much for your comments. I am certainly not an expert, so please feel free to correct me, if I’m wrong. But if I understand you correctly, then there will be a browser-side Javascript running, which raises serious accessibility questions. Many special devices, like screenreaders or embedded devices, do not support JavaScript. Furthermore, I do not see how I could run code on the user’s computer and access his local data without informing him and asking for consent.
In my case, and I’m sure for many others as well, the current level of accuracy is absolutely sufficient. We need to know how much traffic our site gets and what kind of traffic it is, but we do not want to throw out any users, just because of their preferences or personal predicaments. Which could vary between biological disabilities to an unstable political situation.
Kind regards,
Ulrich
Hi Ulrich,
You are correct that some devices and browsers, such as screen readers and certain embedded devices, do not support JavaScript. However, around 1-2% of users are affected by this, which is relatively small.
Regarding your privacy concerns, I want to clarify that WP Statistics does not use local data, cookies, or similar technologies. We create a non-reversible hash and do not track Personally Identifiable Information (PII). According to privacy laws like GDPR, tracking users’ data requires consent regardless of the method used. For instance, logging IP addresses through server-side methods still requires user consent since IP addresses are considered PII.
Rest assured, I will discuss with our team potential solutions for tracking devices that do not support JavaScript, ensuring we consider the needs of all users, including those with special requirements.
Thread Starter
ulim
(@ulim)
Hi Navid,
as you have said, tracking through server logs only requires consent, if PII is logged. Since as the server administrator I have full control over what goes into the server log, I can fine-tune whether I need to ask for consent and in which form or perhaps not at all.
While I’m sure that your JavaScript does this job way more professionally than I, since the people behind it are way more knowledgeable than I, it is still something that I am outsourcing to a third party and that comes with its own legal challenges.
So when I started the website for our museum, I was looking for a tool that would go over my anonymized server logs and simply analyze the traffic. I am interested to know, for example, which pages are most popular and how many visitors I am getting overall and whether that amount increases over time or after the publishing of new articles.
To be honest, every third party tool is one that I don’t control and that might be updated to different functionality at any time – as we are seeing right now. But I feel comfortable to point a third party tool towards my server logs, because I control what’s in them. I have no qualms with client side tracking for those, who need it and responsibly employ it, but for myself will stay with server log analysis.
I’m not sure how you plan to monetize the new feature, perhaps server log tracking can remain as a paid option. If it’s a one-time payment, I’d be in with that (but I don’t do subscriptions – nothing to do with you, but I generally don’t do them, because if I would get a subscription for all 100 tools that I use, I’d be overwhelmed to manage all those legally binding contracts).
Kind regards,
Ulrich
Hi Ulrich,
Thank you for your response and for sharing your perspective.
After discussing with our team, we have decided to proceed with the removal of server-side tracking in version 15. However, we understand the importance of accommodating users who have JavaScript disabled. We are implementing a solution in our Client Side Tracking that will still account for these users, similar to what Google Tag Manager do.
We have published a detailed post on our blog explaining this change and our approach: Deprecating Server-Side Tracking in WP Statistics 15.
We appreciate your feedbacks.
Best,
Navid
Thread Starter
ulim
(@ulim)
Thank you very much for your comments and the blog post.
Kind regards,
Ulrich
@ulim was my concern, too, so thank you very much for discussing it out here 👍
