ONTAP Discussions

Highlighted

google analytics 'Trojan' code in netapp ONTAP System Manager

Is there no concern about the implemented google analytics code directly in the netapp ONTAP System Manager (9.7, AFF-C190)? 

Its crazy to call google analytics code from a central storage system and I guess its not conform with the EU DSGVO Law.

If this "backdoor" cant be disabled, our company will not buy further products from the netapp to send google our Data.

It seams google bought this analytics option with their 'partnership' with netapp.

 

From a data protection perspective its a total no-go to call external scripts from a central storage.

 

best regards

Michael

 

 

6 REPLIES 6
Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

Hi Michael,

 

We are reviewing your concern. Have you expressed this concern with your Account Representative? Someone can contact you directly to discuss this further if you prefer.

 

 

Regards, 

 

Team NetApp

Team NetApp
Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

Hello netapp team,

I opened a case but I want it discuss in the public, why there is no option to disable google analytics at the storage directly. The case is still open.

 

What I found is:

https://www.netapp.com/us/legal/privacypolicy/index.aspx

 

"We also use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the NetApp Platform and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by viewing their Privacy & Terms, and exercise the opt out offered by NetApp Cookie Policy"

 

This is more than strange. We are talking about a central storage and not a google android phone. The "solution" to "opt out" google analytics is not to disable it AT the storage, but to INSTALL a google analytics blocker in the webbrowser. I hope you get enough money from your google partnership to do such things and maybe lose some customers to huawei, dell etc.

 

best regards

Michael

Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

 I agree-- this is completely unacceptable.  Now I need to bring it up to senior management at my firm.

 

The option should be completely disabled unless explicitly enabled by customer (but you guys know that no one would enable it).

 

*Not* happy!!

Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

Hello,

Since I am handling the NetApp case I will leave some short comments here.

 

- now in OnCommand System Manager (9.7) we have in addition to the ONTAP settings a second portal for NetApp Cloud Services

- the NetApp Cloud portal is running as a second instance (widget) which is loaded only when having Internet connection

- Google Analytics is in use for the NetApp Cloud Portal web-based services only

- NetApp uses Google Analytics according legal boundaries, collecting anonymous data for our purposes and not sharing them

- Information about it is publicly available and always has been in our privacy policy and cookie policy

 

Security Aspects

- System Manager is using API and REST to communicate with ONTAP and cannot work any other way

- System Resources for handling APIs are limited, avoiding any impact in serving data

 

We agreed that NetApp will explore more and easier ways to opt-out from Google Analytics.

 

We are more than happy to take further input on the matter.

View solution in original post

Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

- Google Analytics is in use for the NetApp Cloud Portal web-based services only

- NetApp uses Google Analytics according legal boundaries, collecting anonymous data for our purposes and not sharing them

 

Is it really NetApp's official position to take what is a "legal boundary" as a defense for planting Google spyware into your software?  You realize that the customers have the final say here with our dollars, right?

 

Using Google Analytics also sends that data to/through Google.  You seem to be totally missing the point here about that.  "Anonymous data" has been shown, time and time again, to be easily de-anonymized.  As soon as it gets out that NetApp is sending customer data to Google by default, your products are going to be less palatable to businesses that care about security.

 

NetApp needs to understand that protecting their customers is priority #1, at all times.  Customers should not need to "opt out" of anything.  If a customer chooses to "opt in", that's a different story, but opt-out / deselected should always be the default way to go.

 

Highlighted

Re: google analytics 'Trojan' code in netapp ONTAP System Manager

Hello,

Thank you for your answer. We are at the moment considering the opt-in option too.

 

You wrote that you will bring up it with your management. Please consider opening a case if you want to address your concerns with NetApp and we can make contact for your management that they could discuss it directly with us.

Just let us know.

Check out the KB!
NetApp Insights To Action
All Community Forums