Web analytics

The IETF uses the Matomo On-Premise analytics package for www.ietf.org. While Matomo provides a broad range of functionalit, only a limited subset is used. Table 1 summarizes the data collection and the motivation for collecting each field. This approach was implemented after consulting the IETF community on a proposal, which provides additional detail and background..

Website analytics is implemented to:

• limit collection and retention of data to what is needed to serve specific identified purposes;
• be documented, as appropriate, in the privacy policy;
• not require the use of web cookies; and
• not impede the use of the website via browsers that do not have JavaScript enabled.

Matomo collects the raw visitor data defined in Table 1, and then computes aggregate data (reports) summarizing this raw data.

The aggregated data is made available to the IETF LLC staff, contractors whose role requires it, and the Internet Engineering Steering Group.

Access to the raw visitor data is restricted to only those users required to operate the system.

Analytics configuration only uses client-side JavaScript to collect all metrics. The Matamo Image Tracker feature which allows limited metric collection without JavaScript is disabled.

A visitor can prevent all web analytics functionality by disabling JavaScript for www.ietf.org in their browser.

The collection and reporting of website usage metrics will entail the handling of IP addresses which in certain environments might enable user identification.

Therefore, the product will be configured to apply the “Matomo level 2” anonymization scheme:

• IPv4 – mask the lower 16 bits of the address
• IPv6 – mask the lower 80 bits of the address

IP addresses are not logged in un-anonymized form by the analytics system, and the system is configured to minimize the long-term re-identification of users across visits. Specifically, this entails disabling tracking cookies and not using the Matomo User ID feature in the Tracking API which allows for persistent user identification (even across networks).

Returning visitor statistics (i.e., the linking of multiple page requests) are enabled based on dynamically calculated fingerprint that uses the “operating system, browser, browser plugins, [anonymized] IP address and browser language”. The lifetime of this fingerprint is 30 minutes. There is residual risk that could lead to the identification of users:

• Geolocation of these IP addresses (in concert with the Browser Language) is an expected analysis. For countries with small number of IETF participants, one might be able to infer their usage.
• With holistic access to the raw visitor data (likely through SQL-level access to the underlying Matomo database as this is not a product feature), novel de-anonymization approaches could be possible. This risk is mitigated by restricting access to the database (and raw visitor information) as noted above.

Matomo is configured with data retention periods defined in Table 2. Data beyond this period is purged.

Configuration of website analytics is subject to review for GDPR compliance by IETF LLC Counsel, and compliance with the IETF Privacy Statement.

Monthly overview reports for www.ietf.org web analytics

• Monthly overview report for www.ietf.org web analytics - March 2021
• Monthly overview report for www.ietf.org web analytics - February 2021
• Monthly overview report for www.ietf.org web analytics - January 2021

.