Background: working a user q&a site where users logged,etc. What user/visitor data should be retained?
- ip address
- date/time
- etc
+1
A:
Collecting data for the sake of data collection is a bad habit. I would suggest to start from the other end - figure out what are the questions you want to answer and that would give you the data you need to collect.
Franci Penov
2009-10-09 04:47:13
+1. Very well said.
David Stratton
2009-10-09 05:00:45
A:
Store only what you absolutely need to store. Assume that any data you store about your customers can be stolen and that someone, somewhere will find a way to use that information maliciously. Then ask yourself what you really need.
But then again, I'm paranoid that way.
David Stratton
2009-10-09 04:53:25
+3
A:
I agree with @Franci's response. Collect data to answer questions that you need answers too, don't collect data to ask questions that you just so happen to be able to answer.
In general, it is sometimes worth while to log the following:
- IP (for possible blocking, determining country demographics, tracking use patterns)
- Datetime (for tracking use patterns)
- User agent (for determining browser demographics)
- Page accessed (for tracking use patterns, content popularity, conversion)
But! If you're going to do all that, you might as well use Google Analytics ;)
Justin Johnson
2009-10-09 04:55:13
David Stratton
2009-10-09 05:00:04
+1
A:
it depends on what you're doing. i run an internal website for a large company, and here we log every click our users (employees of the company) make.
but of course, our employees have no expectation of privacy when using internal company applications. a public website has a responsibility to protect their user's data, and the best way to do that is not to collect it in the first place.
I would suggest collecting aggregate stats as you go. For instance, keep counters on how many users logged in, how many clicked on what link, etc... But don't store individual user logs - User A clicked on B, etc. Or, if you want to have debugging info, store it only for a limited time. If 24 hours after a user clicked a button, you haven't gotten an error report, you probably don't need that data anymore.
Igor
2009-10-09 04:56:50