Update on “Do Not Track”
At etracker, we are committed to the principle of Privacy by Design. This means that our solutions are configured in a data protection-compliant manner by default and no extra settings are required to comply with the legal requirements of the GDPR and the TTDSG. This includes, among other things, that IP addresses are automatically anonymised at the earliest possible point in time, i.e. already in the cache when data is accepted, and that no cookies requiring consent are set in the standard code.
Until now, this also included preventing data collection when the “Do Not Track” function was activated in the user’s browser. This is controlled by means of this parameter in the etracker code:
data-respect-dnt=”true”
This parameter is now no longer part of the default configuration of the etracker code, but can still be used.
Why is preventing data collection no longer active by default for “Do Not Track” signals?
In the past, “Do Not Track” settings were sometimes considered to be an objection within the meaning of GDPR Art. 21 (5), which states:
“In the context of the use of information society services, the data subject […] may exercise his or her right to object by means of automated procedures using technical specifications.”
(Translated by the author)
However, “Do Not Track” is not to be understood as a blanket advance objection to any form of data collection on websites, but is specifically directed against the passing on of website data to third parties.
The “World Wide Web Consortium” (W3C) states:
“Tracking is the collection of data about the activities of a particular user in different contexts and the storage, use or disclosure of data derived from those activities outside the context in which they occurred.”
(Translated by the author)
(See https://www.w3.org/TR/tracking-dnt/)
The browser manufacturer Mozilla puts it a little more comprehensibly in its information on the “Do Not Track” function:
“Most major websites track the behaviour of their visitors and then sell or share this data with other companies. The data can be used to show you advertisements, products or services tailored to you. Firefox has a feature called Do Not Track that lets you tell any website, its advertisers, and other content providers not to record your browsing behaviour.”
(Translated by the author)
(See: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen)
This is similar to Apple’s definition of app tracking:
“‘Tracking’ refers to linking data collected by your app about a particular end user or device, such as a user ID, device ID, or profile, with third-party data for targeted advertising or ad measurement, or sharing data collected by your app about a particular end user or device with a data broker.
(Translated by the author)
(See https://developer.apple.com/app-store/app-privacy-details/#user-tracking)
In the same way, Global Privacy Control’s (GPC) more recent browser signal is also not directed against privacy-friendly web analytics, but explicitly against the sale of data (see https://globalprivacycontrol.org/).
With etracker Analytics, no tracking takes place according to these definitions. And in the standard version, etracker Analytics is configured in such a way that both identification and tracking of the user are excluded. The data is neither used for the processor’s own purposes nor passed on to third parties by the processor.
It can therefore be justifiably said that with etracker Analytics the “Do Not Track” and “GPS” signals are observed by default due to the data protection-friendly processing method. Complete blocking of data collection is therefore not even necessary with etracker Analytics. Similarly, etracker App Analytics does not require consent in accordance with Apple’s guidelines, as no “tracking” as defined by Apple takes place.
Respecting “Do Not Track” is optional
Just as Firefox states: “Respect of this setting is voluntary” (translated by the author), etracker customers have the choice of whether or not to activate the “Do Not Track” function. In the new standard, data collection is not blocked. However, if the parameter data-respect-dnt=”true” is set, data collection is prevented when the browser signal is activated.
What effect does the change have on existing code integrations?
For customers who use the previous standard code, nothing changes without their own intervention. We recommend reconsidering the current blocking and removing the parameter. This is because with a changeover, on average around 15% more visits and associated interactions can be tracked. This consequently has an impact on the amount of the respective hits quota.
Please note that this does not constitute legal advice. If there is uncertainty as to whether it is responsible to deactivate the blocking of “Do Not Track” signals, we will be happy to put you in touch with specialised lawyers for individual advice.