The consolidation of the privacy plugins within the User Privacy plugin is a good solution for consistency in the UI.

Should the cookie lifetime also be editable here or will that remain a tracker method from 1.2 upwards?

I also don't like the referer being not tracked. Webanalytics is somehow losing its intended purpose here. I think it will be enough to work on it with low priority.

We can set the third party cookie expiry in the UI. The tracking code generator could use this value.

I think we don't have to implement the Referer hiding even, nobody will use it.

The cookie lifetime is a task for the ticket #1845

See also Privacy & Web Analytics

See also: customize some specific CSS of opt out frame: #1929

The ip anonymization could also be by netmask or cidr notation. May offer separate masks for ipv6 vs ipv4.

I mentioned this on Twitter so I thought I should elaborate a bit more. In IPv6, IP anonymization is not achieved by stripping the last byte of the IP address; anything in the second 64 bits of the address can be device-specific (i.e. used to identify a specific MAC address, see http://www.ietf.org/rfc/rfc3041.txt for problem statement and current solution.

In fact there is currently no definitive way of obtaining this privacy because most ISPs and DSL providers have not announced their rollout plans yet.

It might be sufficient to strip the last 4 tupels of the IP address (i.e. only retain 64 of the 128 bits that an IPv6 address has), but it might even happen that this is not enough. OTOH, stripping all but the first 48 bits is maybe better.

This insecurity is why a configurable netmask/CIDR is probably the best idea for the AnonymizeIP plugin in v6.

(In [4856]) PrivacyManager / Delete old statistics from database; Refs #2233, #53, #5

(In [4861]) Fixes #2233, Refs #5425

• enable new plugin on upgrade
• Display message "your changes have been saved"
• fix link redirect without idSite by using smarty function {url ...}

(In [4868]) Refs #2233, #53, #5

• tweaking / optimizing / commenting

For clarification, does this plugin replace the functionality of the DoNotTrack plugin from ticket #2048?

#2048

Reading through the ticket info is unclear.

Uncertainty about Piwik compliance with recent DoNotTrack legislation is stopping us from using it on our new Aeolus Project website. Having this clearly understandable for people, ie which plugin-to use, and is it sufficient, would be really useful. :) (maybe an item in the FAQ?)

Justin: in Piwik 1.5, the Privacy plugin does not replace the DoNotTrack plugin because DoNotTrack is not part of the core distribution; it runs independently, so if you want that functionality, just install the DoNotTrack plugin.

(In [5772]) Refs #2233, #2095, #2902 - set ip_address_mask_length and ip_address_pre_mask_length on anonymizeIP-plugin activation. Synchronize both variables on PrivacyManager call.