Tech 25. Oct. 2016

Google Analytics without Cookies

I haven’t heard about this before, but it is possible by default to use Google Analytics without cookies. Well, Google does not recommend this, but it is working just fine.

To make it work, some issues have to be solved:

  • deactivate the cookie storage
  • implement an alternative for the user id

To deactivate the cookie storage is quite easy. Google offers a documentation here.

ga('create', 'UA-XXXXX-Y', {
  		'storage': 'none',
  		'clientId': '76c24efd-ec42-492a-92df-c62cfd4540a3'
});

But Google Analytics then needs another client id. An usual website does not have anything like that. Some developers are using a server side script here, which make sense because it is possible to use a session id or something similar. The drawback of a server side solution is an extra request.

To avoid this we could use a javascript generated pseudo id. An option here is to use a browser fingerprint. For a good recongnition something like Fingerprintjs2 could be used:

<script>
	(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
	} 
	new Fingerprint2({detectScreenOrientation:false}).get(function(result){
		ga('create', 'UA-XXXXX-Y', {'storage':'none','clientId':result});
		ga('set', 'anonymizeIp', true);
		ga('send', 'pageview');
	});
</script>

As well something easier could be used as long as the id might not be such easy that every x-th user would have the same.

Reason for a non-cookie usage is in most cases the data privacy, which specially in Europe has “problems” with cookies. In fact the core issue is the unique user identification - and not cookies in general. And this issue isn’t really solved, because a good browser footprint does more or less identify a user. But I assume at the current legal situation using a footprint is more accepted and no regulations for cruel website overlays are needed.

The paradox situation is, that the only cookie I set in a current client project is, when the user clicks the GA-Opt-Out link.