Opinion letter to the editor

MIT IS&T has been injecting Google Analytics code into HTML pages being served from MIT’s Athena lockers

It’s possible to opt out

Dear The Tech,

I recently learned something that I thought may be of interest to students and staff campus-wide: since April, IS&T has been injecting Google Analytics code into HTML pages being served from our Athena lockers. I noticed this injection because the GA code broke a web app I am working on. I then checked with the IS&T Service Desk who confirmed that the practice was implemented in April at the request of the Office of Communications.

From what I understand, other people have noticed this behavior too, and have begun circulating a petition to stop it. I encourage everyone to sign that petition. While I support IS&T in their need to be aware of traffic levels and such to support our work, script injection to provide information ostensibly for MIT's marketing seems like an invasion of privacy. The fact that this change went into effect with no notice to MIT Athena users adds to my degree of distrust in the motivations behind the change.

To their credit, IS&T also created a way to opt out. Michael Burnette at the Service Desk sent me the following instructions:

Create a file in the www folder in your AFS home directory called .htaccess.mit
Add a line in your .htaccess.mit file with the following: SSIInject Off

Save the file.

You can also find these instructions and more information at this link from the MIT Knowledge Base: http://kb.mit.edu/confluence/pages/viewpage.action?pageId=157356292/

I hope this information is useful for anyone else like me whose projects may be broken by additional code injection, or who prefers not to have data about accesses to their personal web pages shared with the Office of Communications.

Daniel Wendel ’05
Research Associate, MIT Scheller Teacher Education Program