@mattab opened this Issue on May 7th 2018 Member

Current behavior

When a user has given their consent, and if the user has already opted-out (via our opt-out iframe), then the requests that were consented are currently not tracked (because of opt-out).

Expected behavior

-> When consent has been given by a user, then we should track the requests, even if this user has previously opted-out.

Maybe a solution for this is to

  1. add a &consent=1 to all Tracking API requests that were consented.
  2. Then when checking if user is opted-out, also check that &consent=1 was not set.

(refs https://github.com/matomo-org/matomo/issues/12600 https://github.com/matomo-org/matomo/issues/12767 https://github.com/matomo-org/matomo/issues/12599)

@tsteur commented on May 7th 2018 Member

This makes only sense though when Matomo users are aware to not embed the opt out iframe when using the consent feature. If the Matomo user / website owner is not aware that they are mutually exclusive, then an opted out user would not expect to be tracked.

The safe solution that respects the privacy of users more be to never track when the user has opted out. (This is the current implementation).

Powered by GitHub Issue Mirror