mscwilson
commented
2 months ago Hi @JasminFrei, thanks for the report. We'll look into it
Open JasminFrei opened 2 months ago
mscwilson
commented
2 months ago Hi @JasminFrei, thanks for the report. We'll look into it
Describe the bug We heavily rely on the anonymization features the SDK offers. Our users can give or revoke their consent for tracking during a session in the app. If this happens, we will update the
tracker.userAnonymisationandtracker.emitter.serverAnonymisationaccordingly. What we can observe is the following behavior:tracker.userAnonymisationtotrue, a new session immediately gets created on the tracker without a userId, new Session Id and no previous session id. ✅tracker.emitter.serverAnonymisationwe expect the new tracking requests to immediately have theSP-Anonymousheader set to any new request so that no network user id gets tracked on server side. Unfortunately this is not happening immediately, but only after a few requests/or some time ❌The issue is also present the other way round, so if we go from anonymous to non-anonymous, it takes a while until the header is not sent anymore. (But this direction has less legal implications)
To Reproduce After initializing the trackers, change the server side anonymization and continue doing requests.
Expected behavior After
tracker.emitter.serverAnonymisationis set, I expect every new request to immediately send theSP-Anonymousheader so that none of my tracked records for this new anonymous session to contain any user identifying data.Screenshots
Device informatoin (please complete the following information):
Additional context This poses a legal issue as we can at least track the user for one session even if they think they're anonymous.