@jonlan opened this Issue on March 31st 2016

The "do not trackā€ option of the browser should not be ignored regardless of the browser used, its version or its default settings. This means especially IE10 and IE11.

It is more important to protect users against unwanted/uncontrollable tracking than to enable the collectors to get user data.

Data collection and its analysis must be based on an explicit agreement between all affected parties which means, any behavior of the sytems must be clearly declared and all available functionality must work as expected.

Kind regards,
Jonas Lanz

@tsteur commented on April 1st 2016 Member

We ask for this in the installation https://raw.githubusercontent.com/piwik/piwik-ui-tests/master/Installation_congrats.png and I think it's pre-selected.

Maybe you installed a version of Piwik where this was not shown during installation yet?

@sgiehl commented on April 1st 2016 Member

@tsteur I guess that's not what he meant. We are currently ignoring the Do-Not-Track-Option for browsers that are not following the DNT-definitions, which means they have DNT enabled by default. See https://github.com/piwik/piwik/blob/master/plugins/PrivacyManager/DoNotTrackHeaderChecker.php#L140-L153

@tsteur commented on April 3rd 2016 Member

Thanks, got it. There should be at least an option to disable this behaviour indeed and if not it needs to be clearly mentioned somewhere. Actually we should always mention this default behaviour somewhere.

Pull request is always welcome

@blueelvis commented on April 26th 2016 Contributor

If browsers send a DNT by default, don't you think that this would reduce the number of users which could be tracked using such analytics?

Also, I would be glad to solve this issue :)

@halfdan commented on May 9th 2016 Member

@blueelvis Yes, that is the point of why we're ignoring DNT for those browsers. @jonlan however raises a valid point in that Piwik users should be able to decide whether to ignore those browsers or not.

@blueelvis commented on July 11th 2016 Contributor

So has this been implemented or not? I was just installing Piwik locally and noticed the option to ignore DNT requests.

@tsteur commented on July 11th 2016 Member

Nothing has been done on this issue, so it's not implemented yet.

@blueelvis commented on July 11th 2016 Contributor

So, the current option is just a dummy?

@blueelvis commented on July 11th 2016 Contributor

@tsteur - Just playing around with Piwik and on my local machine I did not see any data about the visits (From chrome and my system is running apache) till I turned off the Do Not Track preference in - Administration -> Privacy -> Support Do Not Track preference.

@mattab commented on July 11th 2016 Member
@Touchwoody commented on October 24th 2018

We just ran into that trap, thinking that the "respect the DoNotTrack feature" option does mean just that.

Obviously it does not, an IE11 user complained and now I'm in a legal hassle, because our data protection statement said, that we would do respect DNT, and now I had to learn that there are exceptions.
If there is an exception for some browsers, for whatever reason, I'd like to have known, before searching the code.

In the light of the GDPR, I'd strongly support the notion, to always accept the "DNT: 1" header, no matter what. There should be no exception for special browsers, not even if they default to DoNotTrack.

This Issue was closed on April 11th 2019
Powered by GitHub Issue Mirror