Offen is a fair and open alternative to common web analytics tools that treats website operators and users as equal parties. Furthermore, Project Offen – which means ‘Open’ in German – explores ethical ways of data transmission that can be adapted by other projects. Frederik Ring and Hendrik Niefeld explain more.
What’s your background?
We’re old uni friends, now based in Berlin, Hendrik working as a designer and Frederik as a coder, and the issue of privacy is important for both of us, we believe it’s an issue that will become increasingly important in the future. We were keen to work together on privacy-friendly alternatives to popular commercial web analytics tools. Alternatives do exist, but none of them show the user what the operator knows about them and that’s where we saw our niche.
Explain more about the motivation to build Offen
We wanted to give users access to the personal data held by the search operator and provide an option to opt-out or delete it. Under GDPR, a user can write a mail to the operator’s data protection officer and request them to erase their data, but this is not very practical. We’re building an automated solution.
What was the status of Offen NGI before NGI support?
We had a concept, Frederik started to work on the code, Hendrik on the claims. We knew right from the start that for this to work we needed support. This is not something you can do as a commercial project, it’s idealistic and we needed funding. We started to reach out for financing and were keen to find the right people who would understand what we were trying to achieve. We were happy and felt so lucky when we came into contact with NGI Zero.
How has NGI helped move the project along?
Talking to Michiel Leenaars (NGI Zero lead) was really important to us, to move the project forward. Michiel came up with the idea to make Offen purely self-hosted, we’d been looking at software-as-a-service and now with a year’s retrospective, it was a good idea. We talked about how you should get consent from a user.
The financing allowed us to spend time on the project, otherwise it would have taken three years to achieve what we’ve done in one year. We both have part-time jobs, rent to pay and Hendrik has a family to support. NGI made it possible for us both to have enough free time to work on the project, there’s no greater luxury!
NGI also helped us to get our tool to a certain professional level. We had a security audit and an accessibility audit. If you don’t have connections, you have to identify and pay for those services. We talked through the details, got important feedback, and got more people involved to help us.
How do you implement ethical or fair analytics?
Two elements are, in our opinion, essential for a fair web analysis. The collection of data requires user consent and the collected data can be fully accessed by the user. Furthermore, we want to provide interested users with information about the basic terms and procedures of web analytics. The operator should also be able to derive a real benefit from using our tool. We have implemented this balancing of interests between user and operator in our application.
Usage data is only collected after opt-in. If users choose to opt in, they have full access to their data and can also delete it. The collected data is presented to the user with explanations that describe why a particular metric is relevant and what the privacy implications are. Essential metrics give operators the chance to gain valuable insights. They can improve their services without violating the privacy of their users. Furthermore, Offen is hosted by the operator itself and thus the data is not shared with third parties. At the same time, our open-source code can be fully audited by the community.
What about privacy?
We (as Offen) are convinced that all these ‘privacy friendly’ approaches are an improvement, but they are still not enough to create a web that is significantly better. Most of these solutions simply lack the necessary degree of fairness. Users continue to be unaware what kind of data is collected and how it is being used. They still cannot access or delete it. This leaves them in the dark about their situation and does not help to reduce the latent distrust against web operators, a problem that GDPR also addresses explicitly under the headline ‘Rights of the data subject’. This is why we’re developing a fair and open web analytics tool that finally treats operators and users as equal parties.
Where next for Offen?
We have been awarded a second round of NGI support, to take Offen to the next level, to finish what we’re doing with web analytics, and extend the idea of fair data transfer to the point where others can harness version 1.0. Some websites have already adopted Offen. See what it can do for yours!