News

The User ID Is Gone

11/30/2025 Paul Pietzko

A major privacy-focused update just rolled out across NanoSights: per-event user IDs are no longer stored or accepted anywhere in the platform.
No extra configuration—just a simpler, safer data model.

The Old Model

Historically, events shipped from the client included a userId, which the backend stored in:

  • analytics_events
  • custom_events
  • insights_events

This allowed segmentation by user, but it also introduced complexity:

  • extra identifiers to sanitize
  • more columns to maintain
  • privacy and compliance considerations
  • a potential vector for client-side spoofing

The New Model: Anonymous by Default

Events now follow a cleaner structure:

Events belong to a project.
Projects belong to a user.
Events do not identify individual users.

Ownership and billing remain tied to projects.user_id. Dashboards and summaries continue to function without disruption.

Benefits include:

  • Easier to embed
  • No per-event identifiers to scrub
  • Reduced GDPR/consent surface area
  • Elimination of client-side user ID injection

Reasons for the Change

Privacy-first

Most analytics do not require user-level identifiers. Removing them minimizes unnecessary exposure.

Cleaner architecture

One less column in multiple tables, fewer parameters in RPC calls, and simpler SQL maintenance.

Improved security

Client-side spoofing of user identifiers is no longer possible. Ownership and billing are enforced server-side.

New SDK and Tag Version: 1.1.0

All NanoAnalytics tags and SDKs have been updated to version 1.1.0 to reflect the removal of per-event userId.

  • Version 1.1.0 implements the anonymized event model and omits userId from client-side payloads.
  • Older versions of the tags and SDKs continue to work as before, but will still include userId in events.