Psamathe wrote:By "We" everybody will assume it means CTC/CUK not fonant (a 3rd party).
Google is more of a third party than Fonant Ltd is. They use Google Analytics for many purposes, including targetted advertising, and have nothing to do with the running of the Cycling UK Forum.
Fonant (my company: I host, maintain, and administer the Forum) could perhaps be seen as "a third party". But Cycling UK have very little to do with running this Forum, it is looked after by the team of volunteer moderators and me.
Psamathe wrote:Tracking is important;
Yes, "tracking" is important, and you'll find that all major websites track visits for visitor analytics.
Some systems also track for slightly less acceptable reasons, like following people around the web to target them with personalised advertising (Google, for instance).
And there is potential to use tracking to target specific people in a malicious way, if someone was motivated enough. The Russians are accused of doing this sort of thing with Facebook visitor data to influence election results - I don't know if we'll ever know if this actually happened or not.
Psamathe wrote:even Google provide blocking plug-ins for browsers to block their own tracking (I note the Piwik don't).
Piwik doesn't need to provide a plug-in to block analysis: you can use "Do Not Track" or readily-available plugins such as uBlock Origin. These methods block many tracking systems, including Google Analytics, as well as advertising cookies, adverts, and more.
Psamathe wrote:Is this tracking something CTC/CUK are doing/using, part of a hosting contract - in which case you should be clear that this tracking is being contracted to 3rd parties. If it is not something CTC/CUK require then as a 3rd party should you be doing it atall?
The analysis is something that Cycling UK does using Google Analytics, and I, as Forum host/maintainer/administrator, do using Piwik on my own server. I also use Apache log files for things like finding the IP addresses of people abusing the Forum, seeing what percentage of visitors are using smartphones or tablets, how many people use each browser, common "page not found" errors, and so on.
If you really want to avoid being "tracked" by the Forum, you should perhaps consider using Tor or an anonymising proxy service. But since the Cycling UK Forum is not trying to provide targetted advertising, and is not ever going to sell personal usage data to anyone, there really isn't much need.
[A much bigger threat to privacy is contained in the UK's "Investigatory Powers Act 2016" - this requires internet service providers to retain "internet communication records" for everyone for a year. Even more worryingly, the service providers are explicitly prevented from telling their customers that they are doing this. I wouldn't be surprised at all if the Investigatory Powers Act considered an online Forum as being an internet service: and one that might well help tackle terrorism if forum "communication records" were legally required to be kept for a year. Unfortunately if the UK government do compel me to keep Forum usage data for a year, to track people's communications, I would be prevented from letting anybody know.]
Psamathe wrote:Also you should provide some mechanism to block/prevent this (beyond the global "DNT" - which Google have pretty much discredited anyway).
Piwik respects the global "Do Not Track" setting in anyone's browser.
You can also block Piwik by installing a advert-remover/privacy plugin like uBlock Origin.
Of course, every time you log into the Forum you are being "tracked" by phpBB: it records which threads you have read and which you haven't, and it also links your Forum posts to your username, all publicly visible to the entire internet.
Sorry, that was rather long. But internet privacy is important, and people need to understand the issues, even if just a little bit.