Why does gov.uk, a site all about allowing the British public to interact with the British government, use google analytics?
You are shipping all the data about all my interactions with my government off to a third party in another country. Another country that we know has not got the same legal data protection requirements, and one which has now been exposed as having massive internal spying problems.
And no, telling me "google aren't allowed to use the data" and then opening an outsourced helpdesk ticket with another US based company does not cut it.
Assuming they listen to your suggestion and act on it as you suggest, it seems the only option open to them is to design their own in-house (In UK for that matter) version of Google Analytics to do their own analysis. Regardless of the cost and time this would add to the project, it's unlikely that it would be anywhere as good as Google's offering.
The other, more likely, option would be to decide it's too expensive to implement a different, more complicated, solution; so they don't bother. They don't get the feedback and analysis on how to improve their services and the customer experience declines until you're back where you started with a poorly designed product offering hard-to-find information and people are posting angry comments on HackerNews about how bad gov.uk is and how they would never run a start-up like that... I'm almost certain someone would say "Why don't they use google analytics to improve things, like everyone else".
Instead, we need to be applauding a massive operation like Gov.uk for taking a dose of reality and thinking, "we're not doing anything amazingly special here, we're providing people with a quick way to check their council tax, or bin collection dates, or maybe pay their car tax. let's just get the job done as best we can."
That's not what I want from my government.
--edit-- I also didn't make any suggestions, I would have accepted a reasonable explanation of the legal and technological measures that were in place to protect my data from rampant proliferation through US corporate and government systems.
Instead I got (and this is a direct quote) "We don't allow Google to use or share our analytics data.", and a zendesk reference number. Fobbed off, basically.
And with the zendesk link, now my actual communication with a UK government team is being processed in the bay area.
This is unacceptable.
--edit 2-- Somehow other large UK web-based institutions manage without GA as well. The BBC for instance. Perhaps they could talk to each other.
Before you start the lynch mob, ask yourself this: what on earth can one do with non-person-identifiable data stored on a server?
"Next on BBC - Terrorist organisation finds out too many British people forget to update their MOTs"
That's not what I want from my government.
Be very very fortunate you can even get a somewhat usable site, much less a very user friendly site. There are citizens of the other nations that would kill for easier access to public information.
Google analytics for a publicly facing government website is akin to someone watching you walk physically into a public municipality.
Actually it's not even equivalent then. It's more like them recording the conversation you have with the public services folk. And you haven't actually gone there, just called on the phone.
This is where I'm really failing to understand your logic. Your activity is very different from what you converse. If I fill out a web form and that data gets logged, fine, I can see how privacy may be an issue. Unless someone can correct me, Google analytics does not have that capability, it only tracks how you navigate.
If I walk around a public library and check out 6 books and someone follows me around watching me look at 6 books, then again I ask "so what?"
>> If I walk around a public library and check out 6 books and someone follows me around watching me look at 6 books, then again I ask "so what?"
They compile a dossier on you, including everything you read, all of the shops you go to, food you like. They sell this data to whoever wants it and leak it out the back door to overseas government agencies.
But I guess you've nothing to hide from anyone eh? Good for you.
But that's the point I think he's trying to make: Why is this an issue? If I open up a page on the site that say tells me what the VAT rate is and that gets timestamped and sent to google, why should it matter?
The site is purely for information. They could - as you say - get wind of the fact that I want to apply for a new passport. So what? That (at least in my mind) isn't a privacy issue.
Well, not really, it directs you to portals for various services.
>> They could - as you say - get wind of the fact that I want to apply for a new passport. So what? That (at least in my mind) isn't a privacy issue.
I think it is and I would be upset about (for instance) my library browsing habits being supplied to people as well, particularly if they were based in places with far less in the way of data protection law.
You may as well say "Why would anyone care about PRISM? Who cares who knows I call my mom every week?", yet it's the biggest story around at the moment.
The fact is that the web is not anonymous in its nature. If I browse to a random site I've never heard of, how do I know they aren't using a third party image? If they are, then my IP/Location will be broadcast to that third party.