@anonymous-piwik-user opened this Issue on November 10th 2012

This is a privacy concern and a step backwards for both Piwik and DoNotTrack in general.

Instead, allow the user to choose at install or configuration time whether or not to honor the setting, with a clear statement of why each way, such as the following example text:
Respect DoNotTrack Preference?
It is encouraged to respect user privacy choices by respecting the DoNotTrack browser privacy setting. Please be aware, though, that IE10 has it enabled by default and some traffic may not be recorded.
How do you want to handle this?

[X] Respect DoNotTrack in all situations (recommended)
[ ] Respect DoNotTrack for all browsers except IE10 (for more accurate stats)
[ ] Do not respect DoNotTrack at all (not recommended)

Also, DoNotTrack should be able to be set per-site, rather than globally.
Keywords: DoNotTrack

@mattab commented on November 10th 2012 Member

Thanks for the suggestion!

@anonymous-piwik-user commented on November 13th 2012

I fully support the proposal above, I think it's really important that Piwik does the right thing by default.

I expect other browsers might also start to send DoNotTrack HTTP headers by default...

@anonymous-piwik-user commented on July 19th 2013

Would it be possible to add a fourth option, which is to lump all DNT users in a single bucket with any identifying information zero'd out? This would mean the IP of all DNT users would be 0.0.0.0 (obviously invalid), their Lat/Long would be 0,0 (in the Atlantic ocean, south of Ghana), etc.

That would give us more accurate stats as far as what pages are popular and how many eyeballs we're getting, while also preserving the privacy of the users.

@chris246 commented on July 1st 2019

I really like this idea: https://github.com/matomo-org/matomo/issues/3531#issuecomment-48310118
Could you please consider that for the future?

Also as additional suggestion to "lump all DNT users in a single bucket" if this is not too intrusive:
Maybe regenerate the visitor ID on every visit (e.g. delete the Matomo cookie on browser close), so that we, on the one hand, gather anonymized data as explained in the referenced comment, but also can see every visitor as unique and not many visitors as a big lump.
My idea is that we respect the DNT choice as much as possible but still gather statistical data about those users without the possibility to track them long-term or store any personalized data.

Personally, I do not mind being tracked by Matomo (in contrast to Google Analytics, advertisement companies, ...), as I know that for the vast majority of Matomo installation the data is only accessible to the people behind that website (or Matomo if it is a hosted setup). Unfortunately, this is currently not possible using DNT. Instead, browser extensions are required for that.

@Findus23 commented on July 1st 2019 Member

@chris246 See https://github.com/matomo-org/matomo/issues/12001 for a newer discussion about this idea.

But I am afraid that this is an issue that is currently solving itself:

The DNT working group has finished their work (https://github.com/w3c/dnt/commit/5d85d6c3d116b5eb29fddc69352a77d87dfd2310) and it seems like it's usage will decrease in the next time (e.g. Apple completly removed it from Safari)

This Issue was closed on April 11th 2019
Powered by GitHub Issue Mirror