Web Vitals feedback
92 views
Skip to first unread message
Peter Hedenskog
Dec 17, 2020, 9:17:01 AM12/17/20
to web-vital...@googlegroups.com
Hi! My name is Peter and I wanted to give some feedback on future
Google Web Vitals. I've been working on a tool called the Coach that
gives users advice about web performance, web best practices and
privacy. You people are the best on performance so I wanted to give
feedback about privacy, since I think it would be great if it is
included in Google's Web Vitals and it is important that you get it
right.
In the Coach I've been focusing on two different areas of measuring privacy:
* Server setup: Making sure that the page uses HTTPS, does not mix
HTTP/HTTPS content, sets a content security policy, referrer policy
header and strict transport header.
* Third party content: It's important that web pages do not share user
information with third party companies. As you know this happens
without the user conceding on the web. So you need to check third
party requests, cookies and if libraries like fingerprint.js are used
to track the user. You need to make sure that the user is not tracked.
It would also be cool if your privacy advice would include CDN:s, so
that using a CDN will hurt the privacy score (since it will give the
CDN company information about your user). This will conflict with
getting a good FCP-score for web sites that have an audience around
the world. But I'm sure you could find a good balance :)
I also think it would be cool to make it easy for other browser
vendors to implement Google's Web Vitals. One carrot for doing that
could actually be the privacy advice! Let me explain:
Testing a page privacy will give the user a number between 0 and 1. If
the page uses Google products like analytics, maps, fonts (yeah every
request to a Google domain), the metric will always be the lowest one
since the user will be tracked. The privacy score will be zero. I
understand that this is against your company's goals/business strategy
but I've always been thinking that Google engineers have been good
people and now it is time for you all to prove that. Remember it is
Christmas time and we should all be nice :)
All the best
Peter
Google Web Vitals. I've been working on a tool called the Coach that
gives users advice about web performance, web best practices and
privacy. You people are the best on performance so I wanted to give
feedback about privacy, since I think it would be great if it is
included in Google's Web Vitals and it is important that you get it
right.
In the Coach I've been focusing on two different areas of measuring privacy:
* Server setup: Making sure that the page uses HTTPS, does not mix
HTTP/HTTPS content, sets a content security policy, referrer policy
header and strict transport header.
* Third party content: It's important that web pages do not share user
information with third party companies. As you know this happens
without the user conceding on the web. So you need to check third
party requests, cookies and if libraries like fingerprint.js are used
to track the user. You need to make sure that the user is not tracked.
It would also be cool if your privacy advice would include CDN:s, so
that using a CDN will hurt the privacy score (since it will give the
CDN company information about your user). This will conflict with
getting a good FCP-score for web sites that have an audience around
the world. But I'm sure you could find a good balance :)
I also think it would be cool to make it easy for other browser
vendors to implement Google's Web Vitals. One carrot for doing that
could actually be the privacy advice! Let me explain:
Testing a page privacy will give the user a number between 0 and 1. If
the page uses Google products like analytics, maps, fonts (yeah every
request to a Google domain), the metric will always be the lowest one
since the user will be tracked. The privacy score will be zero. I
understand that this is against your company's goals/business strategy
but I've always been thinking that Google engineers have been good
people and now it is time for you all to prove that. Remember it is
Christmas time and we should all be nice :)
All the best
Peter
Reply all
Reply to author
Forward
0 new messages