User Privacy plugin, consolidate privacy protection features
|Reported by:||matt||Owned by:|
|Priority:||critical||Milestone:||1.x - Piwik 1.x|
Proposal for a consolidated User Privacy plugin
- Move AnonimizeIP functionnality to this new plugin
- Allow changing count IP bytes to remove in the UI. A Radio button allows to remove 1, 2 or 3 bytes of the IP.
- for backward compatibility, if the config setting is found and the UI wasn't used yet (ie. no setting found in the _option table), then we can use the config file setting. This is similar behavior to "General Settings" options.
- Currently the IP is cleared just before recording the data in the log table. #2095 proposes that the IP should be cleaned as early as possible in the process, to ensure no other plugin etc. could use the full IP.
- UI allows to enable "Do not record Referer information". While I personnaly don't like this recommendation, we could offer it as it was recommended by German privacy group. When enabled, and setting stored in _option table (and cached in the tmp/cache/tracker/general.php file), then the parameters urlref and _ref in the piwik.php GET request will be cleared at the start of the Tracker process, to ensure no plugin or process can use / record the referers.
- When clicked to enable, the Referers plugin would also be disabled.
- The Opt out plugin feature would be moved to this plugin as well.
- These settings/ features would all be available under the new Admin menu called "User privacy"
Change History (14)
comment:9 Changed 3 years ago by matt (mattab)
- Resolution set to fixed
- Status changed from new to closed
Note: See TracTickets for help on using tickets.