A technical explanation of how to anonymize IP addresses

When a client requests IP address anonymization, Opentracker anonymizes the address as soon as technically feasible. The IP anonymization feature in Opentracker sets the last octet of IPv4 user IP addresses and the second hextet of IPv6 addresses to zeros in memory shortly after being sent to Opentracker. The full IP address is never written to disk in this case.

Geographic dimensions are later derived from anonymized IP addresses.

When you create a site, IP-address anonymization is implemented as follows:

Opentracker provides the anonymize feature  to allow website owners to request that all of their users' IP addresses are anonymized within the product. This feature is designed to help site owners comply with their own privacy policies or, in some countries, recommendations from local data protection authorities, which may prevent the storage of full IP address information. The IP anonymization/masking takes place after processing but before any storage, so that the data is compliant to GDPR and CCPA.

The process of IP anonymization takes place within two steps in the collection pipeline: the JavaScript Tag and the logging network. These steps are explained below. Opentracker's anonymization algorithms are much more secure and stringent than other providers/ industry standards because we mask more digits.

When a JavaScript-enabled web browser loads a page with the Opentracker's tag, you can pass the IP anonymization parameter. This looks like this:

<script src="https://script.opentracker.net/?site =www.mysite.com &aip"></script>

Notice that the script has a site defined in red (you will have this already defined) and a key aip. The anonymize ip is set with the aip key added, in the code above in blue. Remove any spaces. The ampersand sign is needed. Confused? Then please contact us to learn more.

The logging network is the set of servers that provide the collection of data sent via requests for /collect.

When a request for arrives, it includes additional information in the HTTP request header (i.e. the type of browser being used) and the TCP/IP header (i.e. the IP address of the requester).

As soon as a request arrives, it is held in memory for anonymization. If the &aip parameter is found in the request URL , then the last two octets of the user IP address is set to zero while still in memory. For example, an IP address of 12.214.31.144 would be changed to 12.214.0.0. (If the IP address is an IPv6 address, from the second hextet, all is set to zero). Only after this anonymization process is the request written to disk for processing. If the IP anonymization method is used, then at no time is the full IP address written to disk as all anonymization happens in memory nearly instantaneously after the request has been received.