I am not sure how/where this would be best handled, but it seems like something users of AddToAny should know about.
AddToAny serves cookies for media6degrees, which is some sort of ad tracking network. There's a potential privacy issue here, plus a performance hit.
http://neoacademic.com/2010/06/20/removing-secret-behavioral-marketing-f...
http://blog.futtta.be/2010/02/15/addtoany-removing-the-spy-from-the-shar...
Apparently this behavior can be disabled by adding a couple of lines to the "Additional Options".
Maybe at minimum this should be documented. Possibly it would be good if the Drupal module had a single-button option to do this. Perhaps it should be done by default!
Comments
Comment #1
micropat CreditAttribution: micropat commented3rd party tracking can be disabled by adding one line to the Additional Options box:
a2a_config.no_3p = 1;
(From http://www.addtoany.com/buttons/api/)
Comment #2
khanz CreditAttribution: khanz commentedI noticed this behavior today just by chance, and am thinking of removing the module altogether or try other alternatives. This is really unprofessional on the part of addtoany.
Comment #3
Merdadj CreditAttribution: Merdadj commentedThanks micropat for the info, that was easy enough. Tracking cookies are fine for my sites, but some clients may prefer to have it disabled in the future. I'm glad AddToAny has this option because "Add This" and "Share This" do not.
Comment #4
csc4 CreditAttribution: csc4 commentedCould this be considered for adding to the read me?
Comment #5
GreenReaperThe presence of this third-party tracking cookie is still not disclosed on this module's Drupal.org page. Reactivating and moving to webmasters queue. I also filed a feature request to add this as a checkbox option to the UI.
Comment #6
GreenReaperComment #7
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedI believe that the tracking pixel should be disabled by default.
Comment #8
apadernoComment #9
johnflower CreditAttribution: johnflower commented+1 default to having tracking disabled.
Comment #10
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedmoving back to project so this can be acted upon.
Comment #11
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedPlease comment on whether this is still relevant.
Comment #12
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedI may be mistaken but I can not find any reference to the no_3p option in the current stable releases. The very least is that this should be documented in the admin section and on the project page.
Comment #13
zeroagain CreditAttribution: zeroagain commentedThis should be explicitly mentioned at http://drupal.org/project/addtoany, Drupal team should take care of such things as it affects privacy. What about users who are using this module and unaware of this thing ?
Comment #14
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedI added a notice to the project page.
Comment #15
zeroagain CreditAttribution: zeroagain commentedthanks
Comment #16
izmeez CreditAttribution: izmeez commentedYes, another thank you for this information and placing a link on the project page.
Comment #17
izmeez CreditAttribution: izmeez commentedOh yes, just a little off topic but noticed comment #4 that it be in the readme and on first using this module noticed there is no readme. But, nevermind it truly is as simple as enable, permission, configure and use. Very well done.
Might be reassuring to some new users to know they don't need a readme; but then you'd need a readme to tell them :-)
Comment #18
hansrossel CreditAttribution: hansrossel commentedSince AddtoAny has been recently acquired by Lockerz (http://www.addtoany.com/blog/addtoany-lockerz-share-universal-sharing/), I notice there is now also a connection made to http://pts.lockerz.com, so probably a second hidden tracker.
Comment #19
killes@www.drop.org CreditAttribution: killes@www.drop.org commentedthanks, the notice on the project site is sufficiently general. I am marking this fixed.
Comment #21
EvanDonovan CreditAttribution: EvanDonovan commentedI added a documentation page about this at http://drupal.org/node/1833666, along with a guide to how to remove some of the services, etc.
Comment #22
RobertOak CreditAttribution: RobertOak commentedThey have their javascript in an iframe which also has a 1px tracking GIF beacon as well as setting a cookie, on domain lockerz.
They claim they do not collect individual data in their privacy policy.
I personally don't know what to think since "sharing" by it's nature is automatically a privacy violation, but I saw others flipping out on the javascript which is fine, the iframe is fine, it's for loading, but there is the cookie and web beacon.