Matomo Cookieless Tracking

Possibly less annoying cookie popups?


I suspect that this is a campaign designed to discourage any efforts of regulating and/or mandating privacy rules in the USA.

Personally, I will place as big and annoying cookie banners on my website as practically possible. 😛

I did look at their cookieless tracking. Not tested it yet but it seems a substantial amount of traffic will slip thru undetected.

I don’t mind cookie control, so long as they are concise. Which many are not.

I hit one the other day with three options…

  1. Exit and save.
  2. Save and exit.
  3. Save settings.

I closed the window down!

@fapkogi is Matomo particularly US centric?

@TemplateRepo why do you think a substantial amount of traffic will slip through? I can see it may be harder to identify repeat visits, if I read it correctly, but it seems more data woul dbe collected because no one was opting out or just going elsewhere?

Do you think that really happens? People not click the “accept all” button? I mean, I get that many users here won’t, but we’re not representative of the typical website user. But so long as the notification is easy to dismiss, I’d hazard that 99% of people click click and view.

As for missing data, Matomo themselves said this when they launched the cookieless tracking thing, so I just based it on that.

1 Like

It probably heavily depends on the site, how unique/critical the information, and the design of the banner. If it’s the site you need you’ll click away, if one of many competing sites you may run away.

Have to say, I disagree. In my opinion the decision to visit or not visit a site is made before the user will be presented with a cookie control popup.

If someone clicks a link to visit your site, providing the cookie control is clear and easy to use, and most importantly quick to dismiss, people will dismiss it (by clicking something like “accept all”) and browse the site.

A typical scenerio you are talking about is perhaps like this…

I’m looking to buy widget X. Widget X is all the rage right now and there are loads of great sounding websites selling them. So I search foer them and I click the first link, but it’s got a cookie control popup, so I click back to the search screen and click the next link.

Honestly, I just don’t see that happening. Mostly because everyone is used to cookie controls now, so the assumption will be even if I go back and try another link, it too will have a cookie control.

I think we as website designers, developers, call us what you will, often massively over think things. And assume our users see things how we see them and think how we think. When the reality is, when it comes to things like cookie controls, my opinion is they just don’t.

I did once run a test on a load of Facebook followers. I asked them all to visit a site. It had a popup box with a “save and continue” button and some text. The text said something along the lines of "do not click this button etc. etc. etc… Once they clicked the button they saw the web page, it only had a number on it. If the sent me that number as a message they were entered into a competition.

Ourt of all the people who sent me the number no one said they actually read the popup message, they just clicked the continue button. Many said there was no popup! (There was).

This was some years ago before every site had a cookie control popup. People don’t care about popups, are not put off by them (providing they are easy to dismiss) and will almost always dismiss them and get on with surfing. IMO.

Anyway, sorry for digressing!

Matomo seems to think that it’s cookies (or tracking cookies) that are opt-in by GDPR, and that they can avoid asking for user consent by not using cookies but a different means of tracking the user.

Unfortunately for Matamo (and YaY! for web users), GDPR doesn’t limit the use of just cookies to track visitors, it limits the use of any means of tracking users including tracking cookies. So even for “browser fingerprinting” or “logging IP addresses” user consent is needed in GDPR.

The only way of avoiding to have to implement a user consent banner, is to not track your site’s visitors. Period.

1 Like

@TemplateRepo No worries, a different reasoned opinion is always good for a bit of discussion.

@Erwin-Leerentveld The way I read the Matomo article suggests that their Visitor config_ID option, which is distinct to the standard tracking cookies, seems to work in a different way that is sufficient for it to comply with French law for consent tracking (with I would assume includes GDPR as a minimum and more local French regulations on top of that). They do point out that Cookieless tracking can be configured to be GDPR compliant, so maybe a few tweeks are needed to make this solution GDPR compliant, as opposed to out of the box compliance?

1 Like

The thing with the GDPR is, that it’s technology agnostic. It was written that way because even during its conception, trackers were already moving away from using cookies and into tech like browser fingerprinting.

With GDPR being technology agnostic, it simply states that if you use any means to track your site’s users, you must inform them, ask their consent, be specific on how you track them and not be vague about any of it (“freely given, specific, informed and unambiguous”).

So yes, you need to inform and ask consent of your site’s users if you use Matamo’s solution and, with recent precedents in place, make sure your site’s visitors can use the site even when they do’nt opt in to Matamo’s tracking.


The term “cookie consent” is really generic. I think most know that more than just cookies track you, but it’s an easy term to use.