1. info@hcderaad.nl www.hcderaad.nl Open source, privacy respecting websites FTW! Hans de Raad OpenNovations 19th May 2015 #dorscluc 2. info@hcderaad.nl www.hcderaad.nl Great to (still!) be here! Many thanks to the organization! Svebor (and friends) you guys (and girls) ROCK! 3. info@hcderaad.nl www.hcderaad.nl Whoami? OpenNovations Current company of Hans de Raad Dutch partner for Kolab Systems AG (btw, Georg says hi!) Chamber of commerce registration states: The goal of the company is to deliver products and services in all aspects of the competence-, personal interest-, and area's of expertise of the owner. In other words, its mainly a vehicle to do something usefull and nice and charging money for that. Some areas of interest: Information, communication, technology, workshops and consultancy. Do I stick to that? 4. info@hcderaad.nl www.hcderaad.nl How does Drupal fit into this? Both user and enthousiast since around 4.3/4.4ish After release of Drupal 7 decided to specialize on one CMS/CMF platform One can just about build anything webrelated with Drupal It has a really great community! Volunteer and speaker for DrupalJam 2012 in Zoetermeer, DrupalCon 2013 in Prague Frequent visitor of DrupalCafe's Very much looking forward to Barcelona this autumn!!! 5. info@hcderaad.nl www.hcderaad.nl Laws, damn laws and statistics? A tale of cookies 6. info@hcderaad.nl www.hcderaad.nl The bigger picture Organizations/committees within the EU seem really concerned about user privacy. The right to be forgotten Spreading personal information across the internet is a financial risk. Which in turn becomes a governmental problem (identity theft) Also, a lot of information is stored outside the EU Which basically means it's lost. Or, in a more cynical view, it's given away for free to our competitors. 7. info@hcderaad.nl www.hcderaad.nl It became a nuisance It is pretty difficult to make the distinction between functional and analytics cookies, especially when the WBP (Dutch Privacy Law) gets involved. Cookie-walls started to appear, also on public sites, like NPO And actually, any webshop should probably have done the same. Also, the website-owner is responsible for all cookies set by the site Any site (owner) has to have a privacy/cookie statement. 8. info@hcderaad.nl www.hcderaad.nl And in come the penalties Unreported dataloss is actually punishable by law. And, these incidents will be made public. Prevention measures have to be publically announced and explained. No actual financial penalty is enforced. But, how about usability penalties? It pretty much is a minefield because there is EU legislation, which is then interpreted differently by just about any member state....... 9. info@hcderaad.nl www.hcderaad.nl Then it became even more confusing Since june 2012 there have been 2 pretty big changes to the interpretation of the Telecommunicationwet in the Netherlands (and other countries are similar). Minister Kamp introduced the distinction between first and third-party cookies OPTA's cookieFAQ change from march 2013 introduced some other concepts Debate goes on until today, also because of differences in legislation (ie UK vs NL) 10. info@hcderaad.nl www.hcderaad.nl So what!? I use Google Analytics Sure, that is a really great tool... But... Do you actually comply with the law? Go find a mirror, no really a glass one. I know i sure didn't. 11. info@hcderaad.nl www.hcderaad.nl Yeah, well: fsck the law! Ok, fine by me, but, even then, there actually are some considerable use cases: What will you do if you have a question commercial analytics software doesnt really answer? And, what will you do if actually a user decides to press no. What is your exit-strategy from the platform? 12. info@hcderaad.nl www.hcderaad.nl Ok, ok, and... Piwik? Born out of the ashes of phpMyVisites around 2007. Built using Zend Framework (yes, it is something fairly modern PHP'ish) Integrates well with Drupal (and Joomla, Wordpress, yes even Sharepoint). It's actually pretty userfriendly (ever tried AWStats?) But, most importantly, it stores your data locally. Used by ~ 500.000 sites today. 13. info@hcderaad.nl www.hcderaad.nl Ok, what does it do? Just about anything something like AWStats does, but, then with the cookies (which basically means individual users). So, click-paths (page based), entry and exit pages, geo-ip, referrers, browser-info, etc, etc. Yup, it's got it. But there is more: Annotations, like saving notes on analyses Goals, does a visited product page actually result in a shopping cart addition E-Commerce integration, following customer spending (actually Drupal Commerce does this quite well) Several custom variables, like campaign following, etc. 14. info@hcderaad.nl www.hcderaad.nl Is that all? Nope, it can also parse server logs! Privacy related options like: Anonymize IP addresses Purging of tracking data (but saving reportdata) Do-Not-Track and opt-out support For the site manager: Scheduled reports, Mobile App > 30 third party plugins Extendable plugin architecture 15. info@hcderaad.nl www.hcderaad.nl Any alternatives? Sure! Open Web Analytics Pretty much comparable, but a little older (especially the Drupal integration module) and not focussed on legal-compliance. CrawlTrack PHP based, latest release > 2 years ago, claims to do more than just analyse visitors (block hack attempts) AWStats, Webalizer, Analog, W3Perl Perl or C based, static log parsers, look like something from the early days of space-travel (or webmin) 16. info@hcderaad.nl www.hcderaad.nl Drupal? Any introduction necessary? World class Content Management Framework Used for all kinds of web applications Websites Including Sony BMG, The White House, European Commission, etc Ecommerce Drupal Commerce Conference organization Etc, etc 17. info@hcderaad.nl www.hcderaad.nl Drupal integration There is a module for that! (and a theme?) What does that do then? Place some JS into your theme, to call the Piwik server. Offer reporting to (authorized) users through the Drupal admin interface. Customization of what to track and store from the source (the Drupal site) You still need something like Cookie Control to be compliant, but.... You are one step closer to being compliant by not sharing data with third parties!s 18. info@hcderaad.nl www.hcderaad.nl Whats offered out of the box? In the Drupal module, these reports: Visitors Actions Referrers Goals 19. info@hcderaad.nl www.hcderaad.nl Demo time! http://demo.piwik.org 20. info@hcderaad.nl www.hcderaad.nl But i already use some other tool! Keep breathing, there are solutions at hand: Google2piwik Logfile imports Directly insert CSV data into DB Custom plugins But mainly, enjoy playing with the reports! 21. info@hcderaad.nl www.hcderaad.nl Questions? 22. info@hcderaad.nl www.hcderaad.nl Just one more thing! Roundcube Next! The worlds most used open source web client Fundraiser for the next iteration of the platform Already > $ 25.000,- raised! Help to shape the future of email! https://roundcu.be/next 23. info@hcderaad.nl www.hcderaad.nl Whoami again? Hans de Raad info@hcderaad.nl www.opennovations.nl linkedin.com/in/hansderaad 24. info@hcderaad.nl www.hcderaad.nl Thanks for coming! Have an awesome conference!!!