Thank you for this post Scott! I Haven't heard about Fathom before. Let me point out some things that came to my mind while reading:
While they claim to no collect "invasive data", they process data which is considered PII under some legislation, especially in the EU. Also they store hashed PII, which is not anonymous but only pseudonymous. Therefore you might still need banners and opt-ins for this.
If they don't use cookies, it might be harder for privacy plugins to avoid being tracked. This may be good for the website owner but does not respect the users intent to opt out via browser plugins.
Google might not be the best company to give your users data to, but they are well watched and under regulation. This does not apply to smaller companies like Fathom, so their business practice is not properly disclosed. This makes it difficult to judge the contractual obligations that might come with user tracking.
Besides that, Fathom offers way less functionality compared to Google Analytics or Piwik. This may be enough for some use cases, but the products are not comparable at all in my opinion.
Our data stance can be found here: usefathom.com/data. We're making more changes in 2020 to make things even clearer, as there's a lot of grey area in varioius legislation.
We don't track users. Most analytics products will highlight all actions an individual took. We hold aggregates
Our business model relies on us not to collect tracking information. Google is an advertising company. Google does not have a history of putting privacy first, we do. See: en.wikipedia.org/wiki/Privacy_conc...
Fathom isn't for everyone but a large share of the market don't need to be using Google for their needs
Hey Jack, thank you for your reply! Great to have a direct conversation :-)
Let me comment on your points:
Disclosing what you are doing with the collected data is a great first step! On your anonymization-page, you are stating that IP addresses are used to generate hashed user ids. Both is PII under the GDPR, which not only concerns storage but also processing of data. This means users need to be able to opt out and your customers need to disclose and justify this practice.
Well, your customers might use Fathom to do exactly the same stuff like with Google Analytics. What is tracked to which extent is up to the implementation.
That is true. But this is also why Google is on the regulators radar compared to small or new companies.
Totally true! This is why I like Fathom from a diversity standpoint. But this also makes it a completely different product compared to Google.
Like I said, I like Fathom for what it is. But tracking users is never an easy undertaking these days and comes with a ton of regulations, and Fathom is no exception from that.
We, and our DPO, believe Fathom falls under legitimate interest (Article 6.1) within GDPR. We will be clarifying further this year as this area is far too grey
If our customers use Fathom in a way it wasn't intended, that's their perogative. We've not seen that as our customers use us for simplicity and privacy
If being on regulators radar meant that companies would be ethical, we wouldn't have cambridge analytica. Regulation doesn't guarantee ethics. Building your business so that you cannot survive UNLESS you put privacy first guarantees compliance
Thanks Frederik
Interesting exchange. We clearly have a lot of work to do with our messaging, and it's exchanges like these that make us go back and see where we can improve. Thank you.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thank you for this post Scott! I Haven't heard about Fathom before. Let me point out some things that came to my mind while reading:
All the best,
Frederik
Hey Jack, thank you for your reply! Great to have a direct conversation :-)
Let me comment on your points:
Like I said, I like Fathom for what it is. But tracking users is never an easy undertaking these days and comes with a ton of regulations, and Fathom is no exception from that.
Hey Frederik,
Interesting exchange. We clearly have a lot of work to do with our messaging, and it's exchanges like these that make us go back and see where we can improve. Thank you.