Not. No additional components used. Today I install a clean Home Assistant for tests. The tracking code is in it. In Lovelace frontend code.
My browsers block google-analytics ( and Facebook pixels and the rest of this shit), so not directly a problem with it. Can’t check right now ( not on a computer), but tomorrow I’ll check with Firefox developer tools where and how.
This is probably part of the updater component. You can opt out here: https://www.home-assistant.io/integrations/updater/#reporting
Why the data is collected: https://www.home-assistant.io/blog/2016/10/25/explaining-the-updater/
More on what is collected and why: https://www.home-assistant.io/blog/2016/10/22/flash-briefing-updater-hacktoberfest/#what-you-need-to-know-the-important-bit
Well… It’s also a story about breach of my privacy “on the sly”. But that’s a different story. In the description is clearly states that the data will be stored on the update server. Not in Google Analytics.
I want to add for clarification:
At the moment, I could not find in the Home Assistant code where the Goggle Analytics is inserted. However, there is a fact of tracking. I suppose this happens through the background loading of some page from a third-party site, where this code is already located. But given that the Home Assistant parameters were by default, I think this is a serious violation of the privacy and security of users.
I have studied the issue in detail and have to admit that I was wrong. It turned out that monitoring via Google Analitics is not done by Home Assistant, but by a third-party plugin of my browser.
I publicly apologize to the authors of Home Assistant.
At the same time, please make changes to the updater module code and cancel the default setting for the reporting parameter. I believe that users should give informed consent to such actions.
15 Likes
If you don’t mind me asking, I’m curious which third-party plugin?
Wait, does that mean they actually knew what type of install everyone was running (who had not set opt out) and still went to try and remove that supported way of installation anyway ?
(Or do I need more sleep ?)
They didn’t collect that info when they decided to deprecate supervised, they do now (as I understand it).
I don’t see any GA traffic, using HA 0.112.2 in docker.
Good on you for owning up. 
If you have the option (most routers do) I would block the access to Google Analytics in your router.
And as an extra you can set a static route to 127.0.0.1 or your DNS server.
2 Likes
Much more apparently. This was added after the furore about the deprecation of Supervised (now reversed) because they had no idea so many people were using it. To opt out you just disable the updater. The docs are pretty clear about this.
1 Like
Because it wasn’t home assistant.
Why is everyone so afraid of Google analytics?
I don’t see why you need to hide your actions online from Google analytics, nothing that is shared with the website owner is personal.
What is the concern?
3 Likes
Limych is everyone?
I don’t like anything that tracks my online activity. Whether it is google analytics, facebook pixel, doubleclick.net or anything else. Just a matter of principle.
5 Likes
That’s easy, because google can’t have my data.
For me it is as simple as this;
I have nothing to hide but I will not permit any corporation using my browsing habits to allow them to better develop their bottom line by reselling that data.
We all know that marketing has a better result if the target market is clearly (read narrowly) defined. These great corporations must find their profits from somewhere so why not sell convenience. It is after all the enemy of security!
I for one would rather NOT be a minion of ANY corporation and so block my telemetric info to all corporations.
Besides it is the main reason that I support open-source software and community driven projects.
I am a great advocate of open-source software and where possible will re-flash proprietary software every time!
Nothing to me is ‘off-the-shelf-perfect’ One must either block the node from accessing the Internet or flash/hack it to own your own requirements
You may ask if I donate to open source? - YES! Every time I do a fresh install on a new node!
What do you do?
2 Likes
The default Updater reporting is disabled easily enough by including this in configuration.yaml:
default_config:
updater:
reporting: false
1 Like
I understand your point but I don’t believe what you do actually make any difference.
Goggle Analytics share the data of your browsing with the site/app owner.
This can be such metrics as how long you have spent on each page or in what order you click the links.
Example you went to ‘home’ then ‘about’ and then went to ‘products’.
The website owner can use this information to better help their visitors by making ‘about’ larger on the main page as an example.
Will that make any profit? Maybe… if you find the website easier to browse and more intuitive you perhaps make a purchase there, but that is still up to you.
That data, that you visited ‘about’ has no affect anywhere else. This does not give Google any new knowledge of how to target you with ads.
Your cookies drive the ads, your search history, and in some cases the location of your phone.
I use analytics on my website, but I don’t read the data that intense that I make any changes because of it, in the beginning I did some changes, but now it’s more of an occasional curiosity.
I don’t mind analytics being sent from me either since I see the website owner can use it to better their page (if they use it).
I’d say that if it’s a website you regularly use then you should allow analytics since you have an interest in the contents there, and if the contents are easier to find/use then why not?
So why did I say I didn’t think it makes any difference?
Well because I believe Google already tracks you in so many other ways that this is just a small percentage.
So what you do is that you block the data that “Joe’s online store” needs to make his page better but most likely there is already a ton of data leaking to the big companies instead.
That’s my view of it…
3 Likes