Google Analytics and cookies: need some clarifications.
Hello, as you know here in Europe there's a cookie law. I'd like to avoid cookies altogether unless absolutely necessary.
So, Google Analytics was a sure source of cookies, but now with Universal Analytics I think this code will disable them completely:
ga('create', 'UA-XXXX-Y', {
'storage': 'none',
'clientId': '35009a79-1a05-49d7-b876-2
});
My question is: am I right? If I use Universal, the latest implementation of GA, coupled with this code, will I be ok with the cookie law without the need to ask visitors for cookie permission?
If so I will update all my customers' websites. If not I guess I'll switch to something other than GA.
So, Google Analytics was a sure source of cookies, but now with Universal Analytics I think this code will disable them completely:
ga('create', 'UA-XXXX-Y', {
'storage': 'none',
'clientId': '35009a79-1a05-49d7-b876-2
});
My question is: am I right? If I use Universal, the latest implementation of GA, coupled with this code, will I be ok with the cookie law without the need to ask visitors for cookie permission?
If so I will update all my customers' websites. If not I guess I'll switch to something other than GA.
Dave Baldwin
This page from ICO seems to be the best explanation: https://ico.org.uk/for-organisations/guide-to-pecr/cookies/ Note that shopping carts are based on session cookies and turning them off is not really an option. You need to get used to telling users that you are using cookies... everyone else has.
ASKER
Yeah, but since most sites I've been working on are static presentation sites, the only source of cookies would be Google Analytics. So if I can disable them inside it I would be ok with no need to hassle visitors.
Universal Analytics also uses cookies. https://developers.google.com/analytics/devguides/collection/analyticsjs/advanced My main customer uses many different kinds of tracking and they all use cookies. As far as I can tell, the only way to not have cookies is to not use tracking.
A note... it is actually the EU Privacy law, not cookie law. Any method of storing identifying info including Flash cookies and local storage are covered.
A note... it is actually the EU Privacy law, not cookie law. Any method of storing identifying info including Flash cookies and local storage are covered.
ASKER
The first article talks about using IP addresses for tracking. Public IP addresses do not uniquely identify a user. I have thirty computers here behind a single public IP address. If you are only using the IP address, you can't tell which computer you're tracking.
In the second article, it tells you what to do to set a cookie for Google Analytics so I'm not sure why you posted that link.
In the second article, it tells you what to do to set a cookie for Google Analytics so I'm not sure why you posted that link.
ASKER
If you go to the bottom of the page in the second article you can find this:
Disabling Cookies
By default, analytics.js uses a single cookie to persist a unique client identifier across pages. In some cases you might want to use your own storage mechanism and send data directly to Google Analytics without the use of cookies.
You can disable analytics.js from setting cookies using the following:
ga('create', 'UA-XXXX-Y', {
'storage': 'none',
'clientId': '35009a79-1a05-49d7-b876-2
});
When you disable cookie storage, you will have to supply your own clientId parameter except for the special case where you are using cross-domain linking parameters.
Disabling Cookies
By default, analytics.js uses a single cookie to persist a unique client identifier across pages. In some cases you might want to use your own storage mechanism and send data directly to Google Analytics without the use of cookies.
You can disable analytics.js from setting cookies using the following:
ga('create', 'UA-XXXX-Y', {
'storage': 'none',
'clientId': '35009a79-1a05-49d7-b876-2
});
When you disable cookie storage, you will have to supply your own clientId parameter except for the special case where you are using cross-domain linking parameters.
That is essentially irrelevant because you can't set a unique trackable client id for each user. And if you could... it still falls under the EU requirement for notification because you are 'storing' and 'tracking' personally identifying information.
It's really simple. Either you notify them or you do not track them.
It's really simple. Either you notify them or you do not track them.
ASKER
So what's the exact difference without a trackable id? Visitor counts are wrong?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.