-
Notifications
You must be signed in to change notification settings - Fork 7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Turn off Google's surveillance on meet.jit.si #4590
Comments
Thanks for bringing this up. I'm going to try and explain why GA is there and what we do with it. Please note that I'm also on the privacy minded camp, I hear you. First and foremost, let me assure you we are not into tracking users. As you may have noticed, we don't request any data from you, because we simply don't care. What we do care a lot about is the quality of the conferences our users have. Quality analysis (in many shapes and forms) is where analytics are useful to us. To that effect we use a number of services (which you can check in https://meet.jit.si/config.js) including GA, Amplitude (currently disabled) and CallStats. Why do we need these? We need to know if your call failed. We need to know if ICE took too long. We'd like to know if nobody is using feature X. Or how many page reloads have happened recently and why. See the pattern? Without this information we'd be flying blind and we can't just rely on some testing we can perform. We rely on the community using the service so we can keep on improving it.
You can pick arbitrary room names. If you don't want to leak sensible data you shouldn't put it out there to begin with, right? Users should pick something completely impresonal like a UUID v4 in that case, wouldn't you agree? "But there are alternatives!" I hear you. Setting up a custom analytics backend is not something that will happen overnight, and while we have been looking into alternatives like Amplitude and HOMER, this is slow to change, but like the song goes: don't stop believin'. Be it Google or our own backend, some of your data will always leak because you are using a service you don't control. So, what can you do about it? Here is what you can do:
If you made it this far, ❤️ , I hope you understand. |
Hi @saghul, nice to meet you and thanks for your kind answer. At the very best, there is either a PR/marketing issue or a UI/UX error at work, here. Misleading marketing?Meet.jit.si market itself as a "Secure, fully featured, and completely free video conferencing", all over the world, but
For sure, those who use meet.jit.si, necessarily trust you. Misleading UI?In the home page there is no mention about Google¹ being informed I'm joining a certain chatroom or being able to learn who I'm talking with. Or to learn then name of our chatroom.
With all respect, this sound a bit like victim blaming. Moreover most of people have no control about their User-Agent and IP which are personal data according, for example, to European GDPR. And they are leaking such data to a third party that can use them to identify them by relating such data to the one collected into a huge amount of other websites and services. Most users are helpless about such data: they cannot really decide to "put it out there to begin with".
You are talking with a hacker. Sure, I agree. BUT, today, how many people know what a UUID v4 is?
Yeah... but unfortunately most people today don't even understand how Web tracking works. When they visit a Web page they are not aware about protocols, encryption, includes and so on... And we are talking about a secure application and they trust you to protect their privacy.
All of this can be done via (opt-in) logging in your own JavaScript code.
Look at the web server's logs. ;-)
Sure! This is one of the reasons why I'm taking the time to compile this bug report. But this is not the topic here. An actual UI bug?
This is interesting, but as far as I can see, users can't chose this option from the current UI. Moreover, technically speaking, using an URI fragment interpreted client side isn't safe for the user. Try it yourself:
You will see the page will start loading but the URI fragment will disappear after a few seconds. I understand
Yeah, I really understand you and I really appreciate your work. But the more successful you are, the more Google's surveillance will be dangerous. To fix this is your own responsibility, as developers and as provider of a service used all around the world. ¹ or CallStats, but they are slightly less dangerous than Google these days ² AFAICS, nobody is asking consent about this, so this might even be considered a data breach of which European users should be informed, according to Article 34 of GDPR (but remember, IANAL). |
Just a quick heads up. We are going to have a discussion about this. I'll get back to you. |
Just wanted to bring up in case it is helpful: Matomo is a good Open Source analytics platform that you can host yourself and that has support for asking for concent to collect metrics. I use it for my own sites. |
@Shamar Thank you for sharing You can use Firefox, that has by default trackers blocked There is Brave browser saying they disable trackers There are plugins for Chrome, like NoScript (disable js execution from specific sites) |
Hi @paulvi thanks for your suggestions. Out of curiosity @saghul, do you have any news on this issue? |
I have no updates at this moment, sorry. Google Analytics is not used on mobile. |
Has there been any progress on this ? I can help testing Matomo. Matomo could also help understand mobile use for those using F-Droid and opting-in. |
Hi there! Sorry, alas we have no news. Legal is slow 😔 |
I asked about pricing for Matomo cloud service, this may help : https://forum.matomo.org/t/is-there-a-free-offer-or-discount-for-free-software-projects/35412 |
Can't you gather the data you need for development from https://piwik.pro/ |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Adding But it doesn't fully disable all third party integration. According to the config.js file that's what Would love to hear if someone can shed some light on the proper way to disable third party integration (and tracking). Thanks! |
I am interested also in this because I didn't know and I am advising to use Jitsi to many people. Thanks for the software and I hope you change to Matomo. |
Damn, that's a bug. It must have snuck in when we refactored loading analytics handlers. Apologies. |
Just in case people want a list of jitsi servers that don't use Google and other trackers https://fediverse.blog/~/DonsBlog/videochat-server?responding_to=745 |
I've posted a workaround to permanently disable the analytics etc. while still using the official hosted Jitsi instances. You will need to host at least 1 static HTML file for this to work. |
Zoom is getting a lot of bad press recently wrt privacy, ex: It could be a coup for jitsi to remove the Google Analytics! |
Very good point. And the list that I passed is ruling a lot in internet. People we want privacy. Take advantage of that. Go for Matomo! |
Yeah, I really like Jitsi and its so simple to use by just clicking the links - my non-aware friends were so happy that you don't need to register. It is a big thing of Jitsi I think! |
Hey all, sorry it took so long, but it finally happened: meet.jit.si no longer has Google Analytics. Thanks a lot for your feedback. |
Description
Even just the name of a chat room might contain sensible data.
Google should not be informed about people joining a chat room, since it might be able to identify them (by relating informations gained across different Web sites or on their own services) and profile their relationship.
Current behavior
Any visit to https://meet.jit.si/ or any chatroom therein informs Google through Google Analytics.
The Referer HTTP Header let Google relate the different members of a chatroom and personal data such as user's IP and User-Agent let Google actually identify the persons in the chatroom by relating such information with those available on their ubiquitous services.
Expected Behavior
https://meet.jit.si/ doesn't leak personal info to third party.
The users accept to trust only meet.jit.si and such trust should be honoured.
Possible Solution
Remove
from the Web pages served under https://meet.jit.si/
Steps to reproduce
Visit https://meet.jit.si/ or any chatroom therein such as https://meet.jit.si/GoogleIsProfilingYouRightNow
Environment details
A logging proxy might be useful.
As an alternative, the DevTools of the browser might suffice.
The text was updated successfully, but these errors were encountered: