@mattab opened this Issue on May 22nd 2020 Member

With regards to privacy, considering we have a column latitude and longitude in the database schema, how could we (or how do we) ensure Latitude and Longitude columns are at best to the city level?

It is a privacy concern that lat/long could be more precise than what might be expected.
In upcoming recommendations it will be important to limit geolocation to the city level at best.
afaik we use lat/long in order to plot the user on the real-time map.
independantly of whether the user would be geo-located using anonymised IP or not, it'd be great to ensure the lat/long are never too precise.

Is this already the case in Matomo? If not, could we limit lat/long precision to the city (and how)?

@mattab commented on May 22nd 2020 Member

Also it'd be important to document this "feature" in the user guide at: https://matomo.org/docs/geo-locate/

@diosmosis commented on May 22nd 2020 Member

Possible solutions:

  • rounding lat/long values to some degree (the degree to be determined later)
  • keeping a db of city => lat/long pairs, though this seems far more difficult
@Findus23 commented on May 24th 2020 Member

See also https://github.com/matomo-org/matomo/issues/12735 for an even rougher rounding.

Powered by GitHub Issue Mirror