At a glance
When a customer of Universal Analytics requests IP-address masking, Analytics truncates the address as soon as technically feasible. The IP-masking feature in Universal Analytics sets the last octet of IPv4 user IP addresses and the last 80 bits of IPv6 addresses to zeros in memory shortly after being sent to Google Analytics. The full IP address is never written to disk in this case.
Geographic dimensions are later derived from truncated IP addresses.
In Universal Analytics, IP-address masking is opt in, and is implemented as described in the "In depth" section below.
In depth
Analytics provides the anonymize_ip feature (gtag('config', '<GA_MEASUREMENT_ID>', { 'anonymize_ip': true })
in the gtag.js library) to allow website owners to request that all of their users' IP addresses are masked within the product. This feature is designed to help site owners comply with their own privacy policies or, in some countries, recommendations from local data protection authorities, which may prevent the storage of full IP address information. The IP truncation/masking takes place as soon as data is received by Google Analytics, before any storage or processing takes place.
The process of IP masking in Analytics takes place within two steps in the collection pipeline: the JavaScript Tag and the Collection Network. These steps are explained below.
The Analytics JavaScript Tag
When a JavaScript-enabled web browser loads a page with the Analytics tag, it does two things asynchronously: It loads and processes the Analytics function queue, and it requests the Analytics JavaScript. The function queue is a JavaScript array where the different Analytics configuration and collection functions are pushed. These functions, which are set by the site owner when implementing Analytics, can include functions like specifying the Analytics account number and actually sending page view data to Google Analytics for processing.
When the Analytics JavaScript runs a function from the function queue that triggers data to be sent to Google Analytics (this function is typically gtag('config', '<GA_MEASUREMENT_ID>'
in the gtag.js library), it sends the data as URL parameters attached to an HTTP request for http://google-analytics.com/collect. If the masking function has been called prior to the page tracking function, an additional parameter is added to the pixel request. The IP masking parameter looks like this:
&aip=1
The Analytics Collection Network
The Analytics Collection Network is the set of servers that provide two main services: the serving of gtag.js (the Analytics JavaScript) and the collection of data sent via requests for /collect.
When a request for gtag.js arrives, it includes additional information in the HTTP request header (i.e. the type of browser being used) and the TCP/IP header (i.e. the IP address of the requester).
As soon as a request arrives, it is held in memory for truncation. If the &aip=1 parameter is found in the request URL , then the last octet of the user IP address is set to zero while still in memory. For example, an IP address of 12.214.31.144 would be changed to 12.214.31.0. (If the IP address is an IPv6 address, the last 80 of the 128 bits are set to zero.) Only after this truncation process is the request written to disk for processing. If the IP truncation method is used, then at no time is the full IP address written to disk as all truncation happens in memory nearly instantaneously after the request has been received.