Change to the “Do Not Track” notice

by Katrin Nebermann

Amendment to the “Do Not Track” notice

At etracker, we are committed to the principle of privacy by design. This means that our solutions are configured to be data protection-compliant by default and no extra settings are required to meet the legal requirements of the GDPR and the TTDSG. This includes, among other things, that IP addresses are automatically anonymized at the earliest possible point in time, i.e. already in the cache when the data is accepted, and that no cookies requiring consent are set in the standard version.

Previously, this also included preventing data collection when the “Do Not Track” function was activated in the user’s browser. This is controlled by this parameter in the etracker code:

data-respect-dnt=”true”

This parameter is no longer part of the standard configuration of the etracker code, but can still be used.

Why is the prevention of data collection for “Do Not Track” signals no longer active by default?

In the past, “Do Not Track” settings were sometimes regarded as an objection within the meaning of GDPR Art. 21 para. 5, which states:

“In the context of the use of information society services, the data subject […] may exercise his or her right to object by automated means using technical specifications.”

However, “Do Not Track” is not to be understood as a blanket prior objection to all forms of data collection on websites, but is specifically directed against the transfer of website data to third parties.

The World Wide Web Consortium (W3C) says:

“Tracking is the collection of data about the activities of a particular user in different contexts and the storage, use or disclosure of data derived from those activities outside the context in which they took place.”

(See https://www.w3.org/TR/tracking-dnt/)

The browser manufacturer Mozilla puts it a little more clearly in its information on the “do not track” function:

“Most large websites track the behavior of their visitors and then sell this data or pass it on to other companies. The data can be used to show you customized advertising, products or services. Firefox has a feature called Do Not Track, which allows you to tell any website, its advertisers and other content providers that you do not want your browsing behavior to be tracked.”

(See: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen)

This is similar to Apple’s definition with regard to app tracking:

““Tracking” refers to the linking of data collected by your app about a specific end user or device, such as a user ID, device ID or profile, with third-party data for targeted advertising or advertising measurement, or sharing data collected by your app about a specific end user or device with a data broker.”

(See https://deve loper.apple.com/app-store/app-privacy-details/#user-tracking)

In the same way, the more recent browser signal from Global Privacy Control (GPC) is not directed against privacy-friendly web analysis, but explicitly against the sale of data (see https://globalprivacycontrol.org/).

No tracking according to these definitions takes place with etracker Analytics. And by default, etracker Analytics is configured in such a way that both identification and tracking of the user is excluded. The data is neither used for the processor’s own purposes nor passed on to third parties by the processor.

It is therefore fair to say that etracker Analytics complies with the “Do Not Track” and “GPS” signals by default thanks to its privacy-friendly processing method. Complete blocking of data collection is therefore not necessary with etracker Analytics. Similarly, etracker App Analytics does not require consent in accordance with Apple’s guidelines, as no “tracking” as defined by Apple takes place.

Compliance with “Do Not Track” is voluntary

Just as Firefox explains: “Observing this setting is voluntary”, etracker customers have the choice of whether they want to activate the “Do Not Track” function or not. Data collection is not blocked in the new standard. However, if the parameter data-respect-dnt=”true” is set, data collection is prevented when the browser signal is activated.

What effect does the change have on existing code integrations?

For customers who use the previous standard code, nothing will change without any action on their part. We recommend reconsidering the current blocking and removing the parameter. This is because an average of around 15% more visits and associated interactions can be measured during a changeover. This therefore has an impact on the utilization of the respective hits quota.

Please note that this does not constitute legal advice. If there is uncertainty as to whether it is responsible to block “Do Not Track” signals deactivate, we will be happy to put you in touch with specialist lawyers for individual advice.