Disabling cookies


#1

Hi,

I’m in the UK, and I’ve just read that (fairly recent) rules on cookies mean that, basically, we have to get the user’s explicit permission (just providing an opt-out doesn’t count) before sending a cookie. I’m guessing the easiest way to do this would be to disable cookies for Piwik altogether, rather than messing about with code that asks the user (who will probably say ‘no’ anyway).

From what I understand after reading this post, Piwik isn’t totally reliant on cookies, so disabling them shouldn’t affect the reports too much.

So my plan at the moment is simply to comment out all of the relevant calls to setCookie() in PHP and whatever the JS equivalent is. However, I’m new to Piwik, so I don’t know where these are. I’d be grateful if someone could let me know (a) if this is likely to work, and (b) which files I need to look in.

Thanks,
Steve

P.S. For anyone who’s interested, the ICO’s guidelines on the cookie rules are here: http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/~/media/documents/library/Privacy_and_electronic/Practical_application/advice_on_the_new_cookies_regulations.pdf

P.P.S. I’m only interested in disabling cookies for the tracking side of things; I’m the only one that uses the reports / admin section (and I’m happy to grant my own website permission to put cookies on my computer…).


(Matthieu Aubry) #2

thanks for the message. We could build in a function to disable the first party cookies. But technically the report should allow first party cookies, even for tracking, especially the Piwik cookies, since they are not sent to any external service. So you should be safe using Piwik since these cookies are part of your website and required to provide the service :slight_smile:


#3

Thanks for the speedy reply :slight_smile:

I know it sounds strange, but it does apply to first-party cookies too :S


#4

I also would love to know how to disable cookies that track my users. I’m still not clear as to whether there is a built in function to disable the cookies, or how to do it myself if it isn’t.


#5

In the end, I commented out the contents of the setCookie function in ‘[piwik folder]/js/piwik.js’, and also the equivalent ‘minified’ function in ‘[piwik folder]/piwik.js’. This seems to work for the JS tracking code.


#6

It applies to all cookies the new EU law. Accept ones which are strictly required, analytics ones are not classed as strictly required. From what I have read.

Does Piwik still use cookies? Is there an easy way to disable them yet in the admin?


(Matthieu Aubry) #7

It is now implemented in trunk, see: New Privacy feature: "Disable all tracking cookies" (EU Privacy regulation update) · Issue #2772 · matomo-org/matomo · GitHub

you can call piwikTracker.disableCookies();

You can test this new version here: 301 Moved Permanently