Do we need to sacrifice privacy for metrics?

A while ago I was tasked with handling my company's outgoing email, it's to help them track how many customers did open the email. This means I need to implement email spy pixel tracking, in which it kind of invade the user's email privacy. ProtonMail, one of the top privacy-centric service for emails, disables any spy pixel that's exist on the email. That is good enough if you think about it, but not for me. Most of my customers don't use Proton, they use Gmail and Yahoo Mail a lot (by a very wide margin).

Come to think further about it, most of websites uses Google Analytics to track everything the user do — not just on your website, but it tracks everything the user do from one website to another, it correlates user activity to something that would be presented later on the board meeting. Heck, it might even sample your specific self data into a "audience sampling of choice for a programmer in their 20s from Indonesia". It raises the question: Does Google Analytics sells my data to other companies that I haven't visited yet? There is an article already about this topic, and I can't confirm myself whether the statement from Google is true to their customer.

Let's move a bit farther. What about observability softwares like New Relic and Sentry who has Session Replay feature, where we as developers can see what the users are seeing and their movement. It helps us debug errors, for sure. But does the users know about all these stuffs? Heck, even Brave Shields (a browser created by Brendan Eich that prioritizes privacy) don't just block Google Analytics, it also blocks New Relic and Sentry as well. So.. does that means observability tools poses a certain level of privacy invasion just like Google Analytics and the like?

How can we actually amend this for companies? Do we need to use Plausible as an alternative for Google Analytics? But what about the integration that Google Analytics already offered to us, can Plausible really replaces that? Is there anything that will make this stop?

Onto creating software

Sometimes, we can't help but just follow our seniors that uses every privacy invasion software that we don't like. That's to be expected if you work in a company, obviously. But, some consideration that you might need to think about it are:

1. Is it okay if your metrics is blocked by a third party software (like Brave Shield or some Ad-blockers)?
2. Instead of having it enabled from the start, can you ask to the users if telemetry is allowed?

The second point might cause some problems, because everyone don't like being tracked, even if it's for the company's better future. But, the other side of the problem is metrics is required to show how the company progresses to the shareholders and managing directors. Without those metrics, there is nothing they can use to measure your work.

What about implementing metrics collection yourself? Yeah you can do it, but it will take you a lot of time probably, considering you have to support every ecosystem and platforms that are too many. That's the more reason to just use existing softwares.

My takeaways

I'm not giving an actual solution, as everyone has their own specific use cases. Talk about privacy will only bring up more questions. That's good for one, because it really means we as software engineers, do care about user's privacy.

• Metrics is something we need to collect in order to provide realistic data for the company, there is no denying in that.
• We can limit what kind of stuff we track, what kind of stuff we save. It's always better to self-host every free (or maybe vendored SaaS) solution like Plausible or Matomo. There is a repository on GitHub that list alternative softwares that respect privacy.
• As possible as you can, list out every third party software that you use that collects user data. For short, it's better to follow EU's GDPR cookie consent regulation, even if you're not serving for EU residents.