What The Intercept’s New Audience Measurement System Means for Reader Privacy

EARLIER THIS YEAR, The Intercept got a new visual identity, the first step in a multi-phase redesign. Later this month, we’ll be making an important change that’s invisible to our readers, adding a new analytics system to help us better understand how our stories spread and how they can be promoted to a larger audience. We thought it was important to describe this system — and its privacy implications and safeguards — to you in a transparent fashion.

The biggest challenge we faced in adopting a new audience measurement system was preserving reader privacy; modern analytics tools virtually always come from outside vendors who become intimate third parties in the relationship between publishers and readers. It was important to us to try and rebalance this relationship in favor of the reader. Since launching a little over a year and a half ago, The Intercept has always coupled its drive to expose information closely held by the powerful with efforts to protect data that rightfully belongs to our readers. That’s why we serve all our content over well-encrypted “HTTPS” web connections and why in April we became only the third internet service, behind Facebook and Blockchain.info, to allow people to contact us over HTTPS-encrypted connections to the anonymity network Tor.

Working with the online analytics firm Parse.ly, we’ve arrived at an analytics architecture we believe is compatible with The Intercept’s core values. Parse.ly’s software allows publishers to monitor and analyze traffic to their stories, to figure out how readers come to the site and what they do when they get there. It also provides information about how stories are shared on social platforms like Twitter and Facebook and how search terms drive incoming traffic. Normally, this functionality is provided by causing readers’ web browsers to directly ping Parse.ly’s servers.

Together with Parse.ly, we’ve arrived at a system whereby readers of The Intercept will not directly ping Parse.ly. Instead, they will continue to send web requests to our own servers, which will, in turn, forward some of those requests on to Parse.ly, after stripping out readers’ internet protocol, or IP, addresses. Parse.ly will use these requests to track our readers via random unique identifiers that we generate. It will not be possible for Parse.ly to correlate readers’ visits to The Intercept with their visits to other Parse.ly-enabled sites.

Beyond these architectural safeguards, Parse.ly has also agreed not to log IP addresses of visitors to The Intercept, not to infer or store geolocation data of visitors to The Intercept, and not to set or receive network-wide Parse.ly tracking identifiers from visitors to The Intercept — even though it should not have the technical capability to do any of these things in the first place.

Readers who do not wish to be tracked even via the anonymized system outlined above may opt out simply by activating the “Do Not Track” feature on their web browsers; this will deactivate both the new Parse.ly system and our old system, based on software called Piwik.

While noting our work with Parse.ly, it’s also important to disclose that there are other service providers we continue to use who do have access to information like your IP address, which articles on The Intercept you visit, and which computer operating system and web browser you use. Such partners include our content delivery network, CloudFlare; our video provider, JW Player; and platforms we use from time to time to embed rich media on our site, like SoundCloud and Vimeo. You can read more about these third parties on our newly updated privacy policy.

We expect to activate our new audience measurement system in one week or shortly thereafter. If you have additional questions or concerns, you may post them in the comments below, or contact us directly.