This is the Internet, and it is widely regarded as a privacy vortex. You want privacy? Don’t go online. Simple.
I disagree with the statement above entirely. Privacy is a right that we all deserve.
Personally, I have taken a number of steps to try and maintain my own privacy where possible. So I think I would be remiss if I didn’t try and do the same for those awesome people who decide they want to come and read the content that I put out on this site.
Plus, it’s actually the law within the EU.
With all of the above in mind, I want to do what I can to maintain the privacy of visitors to this site wherever possible. So what do I do to help ensure your privacy is maintained?
1. HTTPS Always
This site uses HTTPS everywhere. If you try and access this site using HTTP, you will be redirected to HTTPS.
So what? you might say. HTTPS is important, as it ensures your connection to my server is always encrypted (among other things). So any spying eyes won’t be able to see what you’re doing whilst on here.
Not a huge issue for most people, as this is just a blog with basic information – you don’t have login credentials etc. But you may not want your Apple loving friends to know that you secretly love Linux!
2. My Analytics Respect Your Privacy
Many sites use tracking systems such as Google Analytics or Matomo (formerly Piwik). These systems will automatically store tracking cookies on your device that are used to track your usage on that site.
These trackers tend to use personally identifiable information (PII), such as your IP address, location or an identifier that is unique to your machine. This allows these systems to see what pages and resources you visited, which is a good benchmark for seeing which posts are popular on a blog.
With GDPR now live, website owners are forced to respect their visitor’s privacy. Most tend to put a simple “we use tracking cookies, you can opt-out here” banner, which tend to be nothing more than annoying.
When you visit this site, you’re opted out of tracking by default.
So what specifically do I do to protect your privacy? Here are the details:
No tracking cookies
Matomo uses a variety of tracking cookies by default, which are used to provide detailed and accurate tracking information for all visitors of a site. On this site, I have cookies disabled. Feel free to look at the page source for this site. Within the Matomo code (found within the header tag) you will see the code that disabled cookies:
What does this mean for me? Well, you can read more about it here, but it basically means that the visitor count to a page is slightly less accurate. No big deal as far as I’m concerned.
I use Cloudflare to secure this site, and to provide a CDN to distribute my content globally. Cloudflare uses a single cookie named __cfduid. This cookie cannot be turned off. However, the _cfduid does the following:
The _cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if a visitor is in a coffee shop where there are a bunch of infected machines, but the specific visitor’s machine is trusted (e.g. because they’ve completed a challenge within your Challenge Passage period), the cookie allows Cloudflare to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.
Anonymous IP addresses
When you visit this site, your IP address is logged. However, that data is made anonymous so I don’t see your entire IP address. Instead of seeing 184.108.40.206 which would uniquely identify 1 person, I see 15.56.xxx.xxx which gives 65,534 possible IP combinations.
Delete old logs
This is a simple one – visitor logs are kept for a maximum of 180 day (approximately 6 months). Anything older than this is deleted.
I respect DoNotTrack
Do Not Track is a technology and policy proposal that enables users to opt out of tracking by websites they do not visit, including analytics services, advertising networks, and social platforms.
My Matomo instance will not track visitors which have specified “I do not want to be tracked” in their web browsers. For more information about DoNotTrack, check out donottrack.us.
Friends don’t spy; true friendship is about privacy, too.Stephen King