Should Google Analytics code be encrypted?

[jmgirard]

I know that I can add my google analytics code to my _quarto.yml under website:. However, I'm wondering if that is something that should be encrypted using, e.g., GitHub secrets?

[AlFontal]

I don't think anyone other than the owner of the analytics project/app can do anything with the goole analytics ID, but maybe someone more knowledgeable can chime in, as if that's the case I'm also interested in obscuring it either via Github secrets or something else!

[jmgirard]

I was wondering what would happen if someone else used that code on their site too. Maybe it would add noise to my analytics?

[AlFontal]

That's... actually a very fair concern!
I think Google allows multiple sites to share an analytics ID just to be able to control/visualize everything from the same place, and you can always check the hostnames that are generating your numbers in the site. You can probably just filter out wrong hostnames if someone would use your code on their site too, but I agree that it feels like it would be safer to simply keep the code private.

[cscheid]

AFAICT, Google sees that analytics ID in the HTML content, right? In that case, encrypting does nothing, since anyone can browse your website and grab it anyway.

[jmgirard]

Ok, this was the piece I wasn't sure about. Thanks.