The "do not track” option of the browser should not be ignored regardless of the browser used, its version or its default settings. This means especially IE10 and IE11.
It is more important to protect users against unwanted/uncontrollable tracking than to enable the collectors to get user data.
Data collection and its analysis must be based on an explicit agreement between all affected parties which means, any behavior of the sytems must be clearly declared and all available functionality must work as expected.
We ask for this in the installation https://raw.githubusercontent.com/piwik/piwik-ui-tests/master/Installation_congrats.png and I think it's pre-selected.
Maybe you installed a version of Piwik where this was not shown during installation yet?
@tsteur I guess that's not what he meant. We are currently ignoring the Do-Not-Track-Option for browsers that are not following the DNT-definitions, which means they have DNT enabled by default. See https://github.com/piwik/piwik/blob/master/plugins/PrivacyManager/DoNotTrackHeaderChecker.php#L140-L153
Thanks, got it. There should be at least an option to disable this behaviour indeed and if not it needs to be clearly mentioned somewhere. Actually we should always mention this default behaviour somewhere.
Pull request is always welcome
If browsers send a DNT by default, don't you think that this would reduce the number of users which could be tracked using such analytics?
Also, I would be glad to solve this issue :)
So has this been implemented or not? I was just installing Piwik locally and noticed the option to ignore DNT requests.
Nothing has been done on this issue, so it's not implemented yet.
So, the current option is just a dummy?
@tsteur - Just playing around with Piwik and on my local machine I did not see any data about the visits (From chrome and my system is running apache) till I turned off the Do Not Track preference in - Administration -> Privacy -> Support Do Not Track preference.
We just ran into that trap, thinking that the "respect the DoNotTrack feature" option does mean just that.
Obviously it does not, an IE11 user complained and now I'm in a legal hassle, because our data protection statement said, that we would do respect DNT, and now I had to learn that there are exceptions.
If there is an exception for some browsers, for whatever reason, I'd like to have known, before searching the code.
In the light of the GDPR, I'd strongly support the notion, to always accept the "DNT: 1" header, no matter what. There should be no exception for special browsers, not even if they default to DoNotTrack.