[Plugin: EU Cookie Directive] Cookie plugin and Google Analytics

I’ve just installed this plug-in and like the previous post I find it is not blocking Cookies for Google Analytics prior to acceptance.

It would be great to get this ironed out as for the user it is the best plug in for this I’ve seen so far.

The initial version that was released didn’t work out of the box. I had to do a bit of hacking around to get it working. I do have a solution that works pretty well. I think the plug-in has been updated but I don’t know if it works any better.

The missing bit was a simple conditional statement wrapping the GA code. So….

<?php // If our cookie is set
		if(isset($_COOKIE['ecd_opt_in']) && !empty($_COOKIE['ecd_opt_in'])) { ?>

	<!--Your Javascript GA tracking code here-->

		<?php } ?>

You have to add your GA code manually in the place provided.

See https://www.metalucci.com/ for an example.

Hope this helps.

Thank you for that, it worked for some, but not all of the Cookies.

Heard back from the developers that an update to the plug in is due over the next few days – I’ll post back here with my findings.

The success of this plug-in might depend on your hosting also. The example I provided was hosted with Bluehost (not my normal host) and I notice that it saves a php session cookie. Some hosts will install these by default, as Bluehost. My usual hosting does not save any cookies until a user has signed up.

My view, from what I have read online, is that these session cookies may be deemed as essential to the workings of the site. Apart from anything else I don’t think it will be possible to stop this if the site is on a shared server with no access to php etc.

Another good point, but I manage my own server so will have no problem with access. However the plug in should also block the PHPSSESSION if you add it to the settings.

Having applied your patch the plug-in seems to be working for all browsers I’ve tested except Chrome – I’ve passed this info on to the developers and wait to hear their response.

Indeed, the latest version allows you to add cookies to the list without editing the files. I just installed it and seems to work fine. Tested on IE9, Firefox 8.0.1, Safari 5.1.2 and Chrome 17.0.963.78 m. All on PC only.

Hi

It does not seem to be blocked cookies for me?!

Is it broken?

I just gave the developers a call and was told that they should be releasing a fix soon as there is a bug in this version that doesn’t actually stop the cookies being stored.

There is something else to bare in mind if you are implementing any cookie fix for your clients, which isn’t directly relevant to this plug-in, but might help.

I have installed a fix to 3 of my client websites in the last month and have been monitoring stats. Not surprisingly, there has been a massive drop (some 95%) in recorded traffic to the sites. Not because the traffic has actually dropped, but because few visitors are opting-in. I wasn’t strongly against this law, although it did seem unnecessary, but this experience makes the whole thing seem pointless. Of course the users are ignorant so we need to protect them, but they are SO ignorant (or paranoid) they don’t realise that opting in to this will protect them.

I will now have to face my clients and admit that the fix I have applied to make their sites legal is going to stop them collecting any data. Should have just removed all the tracking stuff and left it at that!

Small business gets shafted once again and us developers are made to look like idiots. GRRRRR.

oh, something else…

If you are wrapping you GA code with this:

<?php // If our cookie is set
		if(isset($_COOKIE['ecd_opt_in']) && !empty($_COOKIE['ecd_opt_in'])) { ?>

	<!--Your Javascript GA tracking code here-->

		<?php } ?>

Ensure you tracking code has the URL of the domain in it:

<script type="text/javascript">

  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-XXXXXXXX-6']);
  _gaq.push(['_setDomainName', 'www.examplesite.co.uk']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'https://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();

</script>

If you do this the current version will set the GA cookies to expire in the past so they are in effect removed. I found that without the URL present GA uses examplesite.co.uk without the www and the cookies don’t get removed.

elseyadcock – I’m in exactly the same position, test confirmed a 80-90% drop in recorded traffic across my own sites. I’ve drafted the email to my clients but am terrified about the barrage of questions it will precipitate, it’s going to wipe out days dealing with the fall out.

In the mean time I’m looking for stat packages which can interpret the raw logs from the server. Anyone have any suggestions?

We’re all doomed I’m afraid. My hosting comes with full server stats, but it isn’t going to be great for my clients to interpret. Plus they will have to view in 2 locations to get SEO and visitor stats. At the moment this is the only compromise I can see possible.

Maybe we should march on Downing Street….or just ignore the law.

Personally, I don’t think anyone will be prosecuted, and if anyone is it will open a massive can of worms.

Actually, maybe we should all report as many sites as we can and see what happens. It might be the only way we can get this issue in the open.

Sorry for the rant – I know this isn’t very helpful but I feel a bit better now!

Though it was quite a controlled rant, I’ve had several which included far more ‘robust’ language.

As a way forward I’ll be asking my clients to pick 1 of the following options:

1. Remove analytics (and use and alternate reporting system)
2. Add a cookie acceptance checkbox (and accept the drop in reported stats)
3. Do nothing

Picking 3 means it’s their choice to ignore it – I’ll have this in writing, so I should be indemnified. That’s the hope!

Sounds like a good plan. I sent out an email drawing the law to their attention last month. I think there were about 30 clients affected in total. I’ve had 3 instructions to install, 2 obnoxious emails holding me responsible for the whole thing and nothing from the rest.

The angst will probably all be for nothing, and I’m sure there are lots of less responsible designers and developers out there that have done nothing at all.

Let’s see what happens…

Hey,

I can not get it to work. It does not seem to block any cookies.

Could this be because we are using our own theme? Or does it not work with plugins that place cookies? :S

Thanks