In our effort to innovate and bring better Privacy to Piwik users worldwide, we would like to provide an easy to use mechanism for Piwik users to show a "Cookie opt-out" panel on their websites.
By default, when visitors view a website tracked by Piwik, tracking cookies are set on the visitor browser. It is possible for a Piwik admin to specifically disable all tracking cookies, but this would apply to all visitors. The goal of this feature is to let each visitor decide whether they want to opt-out from tracking cookies.
enableCookieOptOutis called, piwik.js would then display a Cookie opt-out panel in the website.
I accept cookies from this siteis checked (by default, Piwik uses cookie) [x]
Continueand then Piwik.js will
(seen on http://elastic.io)
What are your thoughts?
It is a great idea to integrate this into Piwik itself. So the users don't have to care about such things.
The feature was requested for WP-Piwik several times already, so there is a demand to cover.
One additional suggestion: The generated panel should use a meaningful & unique css-class, so users can modify the look on their own.
In the issue above, we specc'ed a version of the cookie consent where the user would be able to directly opt-out of cookies from within the cookie consent panel. But actually, we may not need to go this way, it is a bit more complicated so let's start maybe with the easiest solution.
The easiest solution would be to simply inform the user that cookies are used to provide essential functionnality to the website.
I accept cookies.
Examples of cookie consent panels on existing websites below
I like the way the CMS Pimcore did implement this - with a lot of freedom for the admin in case of wording, styling and so on.
For 99% of sites administrated by myself I simply can't drop cookie support. No point in giving the user this option - he eighter accepts cookies or has to leave the site.
Can we maybe ideally not add such new features into LTS version (it'll be a patch release)?
@tsteur ideally yes, but it would mean we need to wait 6 months or so before having this feature in a stable Piwik 3.0 release, which is an issue as it is an important feature for German users and market... The upside is that this feature is "safe" regarding LTS since we add a new feature in piwik.js (that is not enabled/ used by default) and this should not change any core API or affect existing code
OK, feature doesn't really look high value to me as it's often displayed very differently for each site to have it integrated nicely. Will all the translations etc be in
piwik.js? Also I'm wondering when offering something like this, whether we need to check several laws in various countries etc (which would be impossible)? I think at least in Germany it's not a law yet, but might be soon. Not sure what it then needs to contain etc. When offering something like this to all users we should maybe mention we are not liable if anyone gets fined or a disciplinary warning for not having it done the proper way and that they need to check local law.
Also wondering if ad blockers are a problem?
piwik.js is often blocked by ad blockers so it would maybe not be displayed?
Will all the translations etc be in piwik.js?
Also I'm wondering when offering something like this, whether we need to check several laws in various countries etc (which would be impossible)
No we don't need to: laws are different in each country, as each EU country for example receives the EU directive and can choose to implement it the way they want in local legislation. Just in europe there is wide diversity of implementations of privacy laws. Our goal at PIwik though is to lead the way in terms of privacy. That's why it's important for us to provide this feature and make it super easy for webmasters to inform their users.
Not sure what it then needs to contain etc.
It's mostly about us deciding what such panel should contain :-) I think it's important to find a message that is very easy to understand and very clear, as it will be ready by all kinds of people including some non technical at all. The text should really be the easiest to understand as possible :+1:
When offering something like this to all users we should maybe mention we are not liable if anyone gets fined or a disciplinary warning for not having it done the proper way and that they need to check local law.
it's already clear that we are not liable, but I agree we should add a notice somewhere. it may be enough to mention this in a FAQ or User guide VS in product itself?
Also wondering if ad blockers are a problem? piwik.js is often blocked by ad blockers so it would maybe not be displayed?
It is fine and acceptable that this feature does not work, when ad blocker is enabled.