You gonna navigate approval for all those devices in every country?
" a journey begins with a single step " 
Just curious, how many Home Assistant users have analytics turned off?
Isnât turning off analytics counter productive? I mean, if analytics revels that no one is using an integration, why would anyone be surprised that it is being removed from core?
I know that has nothing to do with the current discussion, but why would anyone not want the devs to know which integrations are used by the community?
2 Likes
To quote The Doors âPeople Are Strangeâ.
But really it is a privacy issue in many peopleâs eyes. (not mine)
1 Like
TBH, there are so many shady things happening with your data that itâs probably good practice to share nothing if you have the choice, unless you absolutely trust the 3rd party or youâre absolutely sure no personal data is shared, as is the case here, afaict.
2 Likes
Oh my friend, please slap your face a few times 
Do you honestly think because you are running HA on your system you are immune from your system being compromised?
( quote from someone wiser than me my friend )
You can add a +1 for ZERO analytics here thanks.
No way for me.
Governments and Billion dollar companies have been in the news being hacked.
There where/are possible more we donât hear about being held/paid a ransom?
What insurance do the HA DEVS provide me/you coughing up OUR details? None whatsoever in my eyes.
Why would you do something so stupid?
HA, apperantly has nearly 2000 integrations.
So be very careful where you leave crumbs? 
@jkk has your issue been solved ?
1 Like
Please do not truncate quotes to change the meaning
My point was that you have to do an educated choice.
According to
There is zero personal data shared, so even if the database is compromised, there is zero privacy risk.
I honestly didnât check the code but I trust Nabu Casa enough to take their word for it.
But yeah, if users are lazy to check the above, or do not take NCâs word, their best course of action is to refuse, indeed.
2 Likes
Really doesnât matter if you trust the party or not. If they get hacked, and you have given some/all (hopefully not your PIN/Account or other personal details) you are pretty much screwed ? No ?
1 Like
If youâre worried that sharing analytical data to HA increases the chance of having your banking details stolen, you should unplug your router right now!
2 Likes
I agree, but in this specific case of HA analytics, we donât give any personal details, so the point is moot.
1 Like
Your examples above are all cloud related. The whole idea of a local only system is to avoid these because they can break at any time (amongst other reasons). The GPIO integration was a part of making things local and hopefully less prone to (unavoidable) breakage. Then it got deprecated.
Thereâs a significant difference between breaking changes due to third party interference you canât control, like a cloud service provider changing or removing their API, and breaking changes as a direct consequence from internal decisions by the HA devs. This GPIO thing here is part of the latter.
I had a quick glance over the code. Nothing shocking in there. Nothing that could directly correlate your actions to create a behavioral profile about you, like actual database contents or sensor data. But it still contains data that tells things about you and the type of user you are, simply by listing the type of HA infrastructure you have. Are you a user who is very much into wifi/cloud based systems, are you a major Google/AMZN/Tuya user, are you more a DIY tinkerer or do you interface with expensive pro systems, what kind of alarm system do you have, do you have security cameras, etc. No location data is transferred, but all that is tied together with a unique ID of your system.
Do I trust NC with this? I donât know to be honest. The whole am I pwnd thing back then, where they sent our password hashes to an external site without our consent, because it was âfor our own goodâ, did a lot of damage to my trust of them, even if I wasnât directly affected as a HA core user. What keeps them from cooperating with say Tuya (with whom there already was a kind of weâre-partnering-with-them-but-not-really thing going on) to send them data about users using Tuya hardware ? Where is the limit, whereâs the red line ? The fact that thereâs a commercial entity (NabuCasa) behind HA doesnât make it better. A company must make money to pay their employees. And data can be a very valuable asset. Not saying that theyâre doing it now - but who knows what the future brings.
My analytics are off. Not only on HA, but anywhere I can turn them off, I do.
5 Likes
Thatâs the whole point of Analytics. As long as âtype of userâ doesnât translate into âkoyingâ, I donât care.
Then again, just enabling âbasicâ would at least allow to have precise numbers regarding the reach of HA without any correlation possibilities. I guess this âtieringâ of collected data was made to ease this kind of fears.
Thatâs probably not the best example, as Tuya users opened an account with them with all personal details including the devices they use, ip, serial, âŚ
HA couldnât even dream obtaining so much personal details 
Well in the end, itâs a personal choice. We live in a data driven world. People have different levels of acceptability on data footprint minimization.
Indeed.
Yeah well that was the point really. Tuya is a very data hungry company with very little respect for privacy. They will do whatever they can to get your data. They might be interested in what competing products their users have on HA. And NC has this data. Slippery slope, etc etc.
It would be foolish to send any data that is sensitive just for analytics.
My guess is that the IP is translated to country through a lookup and not real data.
There is no reason to send passwords and usernames, nor API keys or anything like that.
Whatever data is sent feels like (havenât looked) itâs nothing important.
(But it perhaps could be useful to share the data that is sent as an example JSON so that people who are unsure can see what is sent)
And as I have said many times, why would they hack Nabu casa with just a few thousand users when the crime is the same to hack Google or Amazon where you can get payment details.
I donât see a reason why someone would do such a thing for nothing.
Iâm more worried about buying stuff online than using analytics on Nabu casa.
There are examples in the Analytics documentation 
I have seen that but I was thinking of an example of your own data.
Something like:
If you enable analytics today, basic will send:
Some JSON
And then if you select a higher level of analytics the JSON is updated.
hereâs an example
{
"version":"2022.3.0.dev20220212",
"installation_type":"Home Assistant Supervised",
"supervisor":{
"healthy":true,
"supported":true,
"arch":"amd64"
},
"integrations":[
"yamaha",
... etc...
],
"custom_integrations":[
{
"domain":"multizone_controller",
"version":"<AwesomeVersion SimpleVer""1.2"">"
},
...etc...
],
"addons":[
{
"slug":"15ef4d2f_esphome",
"protected":true,
"version":"2022.1.2",
"auto_update":false
},
...etc...
],
"energy":{
"configured":true
},
"state_count":1150,
"automation_count":33,
"integration_count":102,
"addon_count":12,
"user_count":4
}
basically, the only non-private information is all your custom integrations, integrations, addons, and counts.Great to see that you made a custom integration for the gpioâs in HACS.
I am also in need of the mcp23017 integration, the whole control of lights and sensors in my house is depending on that. I have knowledge of programming, but not in that specific direction.
Perhaps I can somehow support (at least with testing ) or learn how to maintain such thing.
I have a little concern about maintaining code I canât test myself, I am thinking of adding it as it was requested by few others. I might order an mcp23017 for testing and add it.
If you have a suggestion for a simple addon that can fit a PI3/4 send me a link in private message.
1 Like
One thing you could consider if you are familiar with node-red is this: mcp23017chip (node) - Node-RED. Node-red interfaces easily with HA, but there is a learning curve if not familiar.