Why the New Google Analytics User Management Policy is a Terrible Idea

The other day I noticed something in Google Analytics that might be worthy of your attention. It’s a change to the way Google displays users in an Analytics account. Here’s the notice, which you may have seen in your account as well.

This message seems harmless at first glance. You may even be excited about this change if you only have “user” level access to an account. But I’m actually quite frightened by this extra bit of transparency that Google has introduced. Let me explain.

First of all, most Google Analytics accounts have more than one user accessing them. The more traffic a website gets, the more people who want access to the data. I’ve worked on websites that get 5 visitors a day, as well as websites that get over 1 million visitors a day, and every time there are multiple users who can access the Google Analytics account. And most of the time, they aren’t aware of each other.

This is because Google Analytics only shows you the names of other users in an account when you have permissions to add/remove users from an account. If you don’t have this level of access, then you can’t see who else has data access. All you see is the ability to remove yourself from the account.

This makes sense. User information is kept on a “need to know” basis, which is the perfect policy for account security, privacy and confidentiality.

But it is also the source of frustration for many users, especially those who lose access to their Google Analytics account or want to make changes.

Transparency makes communication easier?

If you read the official Google announcement of this change, they state the change is designed to “foster collaboration among users.”

That sounds simple enough. But when you read between the lines, you probably wonder “why now?”

To me, it feels like Google is sick of answering support tickets from people who don’t know how to increase their level of access. They are passing that burden on to the people who own the Google Analytics account.

And in a way, that’s justified. Their support team can only answer so many “OMG, I can’t login to my account. PLZ HELP ME!” emails before making a proactive change.

To get an idea of the volume of support tickets Google receives each day, consider this: I added a chatbot to Jeffalytics for a few weeks. After scrolling half way down an article, the bot would engage a visitor and offer to help.  I received around 100 inbound messages. The majority of them were asking me how to recover their Google Analytics account!

Many thought I worked at Google. Multiply that by a billion, and you can estimate Google’s actual support volume.

This change puts communication burdens onto the account administrators. And for some organizations, that’s ideal.

But my experience says this is going to be a disaster.

I don’t like this change: here’s why

My experience is from an agency environment. I worked with hundreds of clients, and most clients had many agencies working with them. I have had access to thousands of Google Analytics accounts over the years.

Who knew I had that access? Just the company’s administrators and me (and students from my in-person courses, because I didn’t have the ability to edit out my account list like I do in Analytics Course).

That’s how it should be.

Nobody should know that I have access to an account, and I shouldn’t know that others have access to the account either.

Why? Because information in the wrong hands becomes political.

Agencies doing a bad job? A client brings a consultant in to audit their work. With this change, the agency would be tipped-off that to that fact.

Employee doing a bad job? This change will make them paranoid.

Internal politics? This “transparency” will only lead to more misunderstanding.

There are many scenarios where it’s nobody’s business who has access to a Google Analytics account. There are few scenarios where a situation becomes better with this knowledge in the open.

This policy change is forced transparency, in a world that doesn’t need it.

A handful of companies may welcome this change. But most will be worse off with this level of transparency.

Google’s created a problem, and the workaround is not very practical

At this point, I should be clear on something from Google’s official announcement. The level of transparency they are implementing is not for your entire account, just most of it. I’ll do my best to explain without making your head explode.

Google Analytics has accounts, properties and views. I drill this into everyone’s head in Analytics Course, so you are probably quite aware of this fact.

This new transparency means that a user who has “read-level” access to a view can see everyone else who has access to that view. AND everyone who has access to the parent property. AND everyone who has access to the full account.

So basically, they can see everything and everyone in the account. The solution around this would be to create multiple views, and control access to users at a view level.

You could create a view called “Employees” and one called “Agencies” and one called “Super secret shady stuff” that nobody knows about. Then you can control access at a view level.

But you probably already know of the problem with this approach. If you created all of these views for this purpose right now, you would have no historical data to make them worthwhile. You would be creating a carbon-copy of the exact same account, with no utility beyond obfuscating the names of users.

You’d put a bigger burden on Google’s servers, reporting services, and support teams.

All to avoid forced transparency nobody even knows they need

This isn’t sitting right with me.

But I have an obvious alternative solution: allow transparency for anyone with edit and collaborate privileges, but leave read only access alone.

The reasoning is simple: if you trust someone to edit or collaborate in your account, you trust them to see who they are collaborating with.

If you only trust someone to read and analyze your data? Then you probably don’t trust them all that much. They should be kept at arms length.

Simple solution to a problem that nobody knew they had. Except for all of those people blowing up my chat-bot over the past few weeks.

What do you think? Am I blowing this out of proportion?

Would love to hear your thoughts on this change below.

About the Author

Jeff Sauer is an independent Digital Marketing Consultant, Speaker and Teacher based out of a suitcase somewhere in the world. Formerly of Minneapolis, MN and San Francisco, CA.

  • Exactly what I hate about this change. Nothing to add.

    • … except maybe that if I am not mistaken creating a new view will result in no historical data, only data from the point in time I created the view will be collected, right?

      • Yes, no historical data in the new view

  • Vince Luk

    Totally agree.. working with different parties on the same account that may not know each other… now we are revealed to each other… No real benefit to anyone? To me, only admin level should see who has access. Jeff do you think it is smart to create anonymous google accounts from now on and ask clients to add us this way? It would be a lot of accounts to maintain but worth it IMO.

    • Hi Vince – I actually have a completely anonymous account for this exact purpose. Have had it for years, because usually when I’m brought, in, administrators are the ones being questioned. Definitely worth it if you do this for a living.

      • Vince Luk

        Thanks for verifying Jeff… then I should do that asap as I’m usually the underdog that is brought in after an agency has produced no results 🙂 Just joined your community and starting your course and I love it already. Thank you!!

  • Fred Pike

    Hi Jeff – I totally agree! I saw that warning and immediately worried about some accounts we’re auditing before taking them over. Exactly for that purpose, we created a generic white-label gmail address – which I assume is what you and Vince are talking about in the comment below? The anonymous user? Or do you mean something different?

    • Yes, exactly. Some sort of email address that doesn’t identify you as the big bad wolf.

  • Simon James

    The change can’t be for the benefit of people who have lost access to the account, because they wouldn’t be able to log in and see who else has access.
    Should definitely only be available to users with edit and collaborate privileges.

    • I should have clarified. I don’t think that they made this change purely for accessing a lost account. I think that they do get emails from USERS asking about their status, when those should be directed at admins. The lost account problem will be there even with this change.

  • I agree.
    “Information in the wrong hands becomes political” ~ powerful truth.