Describe the bug
We heavily rely on the anonymization features the SDK offers. Our users can give or revoke their consent for tracking during a session in the app. If this happens, we will update the tracker.userAnonymisation and tracker.emitter.serverAnonymisation accordingly. What we can observe is the following behavior:
After setting tracker.userAnonymisation to true, a new session immediately gets created on the tracker without a userId, new Session Id and no previous session id. ✅
After setting tracker.emitter.serverAnonymisation we expect the new tracking requests to immediately have the SP-Anonymous header set to any new request so that no network user id gets tracked on server side. Unfortunately this is not happening immediately, but only after a few requests/or some time ❌
The issue is also present the other way round, so if we go from anonymous to non-anonymous, it takes a while until the header is not sent anymore. (But this direction has less legal implications)
To Reproduce
After initializing the trackers, change the server side anonymization and continue doing requests.
Expected behavior
After tracker.emitter.serverAnonymisation is set, I expect every new request to immediately send the SP-Anonymous header so that none of my tracked records for this new anonymous session to contain any user identifying data.
Screenshots
Device informatoin (please complete the following information):
Emulator API 34
OnePlus 6, Android 11 (much slower here until the header gets set/removed)
Additional context
This poses a legal issue as we can at least track the user for one session even if they think they're anonymous.
Describe the bug We heavily rely on the anonymization features the SDK offers. Our users can give or revoke their consent for tracking during a session in the app. If this happens, we will update the
tracker.userAnonymisation
andtracker.emitter.serverAnonymisation
accordingly. What we can observe is the following behavior:tracker.userAnonymisation
totrue
, a new session immediately gets created on the tracker without a userId, new Session Id and no previous session id. ✅tracker.emitter.serverAnonymisation
we expect the new tracking requests to immediately have theSP-Anonymous
header set to any new request so that no network user id gets tracked on server side. Unfortunately this is not happening immediately, but only after a few requests/or some time ❌The issue is also present the other way round, so if we go from anonymous to non-anonymous, it takes a while until the header is not sent anymore. (But this direction has less legal implications)
To Reproduce After initializing the trackers, change the server side anonymization and continue doing requests.
Expected behavior After
tracker.emitter.serverAnonymisation
is set, I expect every new request to immediately send theSP-Anonymous
header so that none of my tracked records for this new anonymous session to contain any user identifying data.Screenshots
Device informatoin (please complete the following information):
Additional context This poses a legal issue as we can at least track the user for one session even if they think they're anonymous.