I'd argue you're being unfair with terminology here. People generally talk about tracking when referring to cookies and scripts that monitor what other sites users visit. Monitoring sessions on your own site is ethically distinct enough to warrant its own term: web analytics.

You may think these are bad terms that don't reflect the true nature of the issue, and I'd be inclined to agree with you, but it is not an excuse to willingly conflate the two without qualifying it.

OK, we're using open source tools to try to improve the site. Plenty of other FOSS projects do this... Not sure why we're being singled out :-)

Didn't mean no harm or to single you guys out. You're doing fantastic work. But broken and noncompliant notices do bother me a bit.

Sorry to drag on like this but the privacy statement (thanks for linking) says:

takes place only with the consent of the user

It does not, as there appears to be a second cookie notice underneath the first stating how consent is assumed:

We use only those functional cookies which are absolutely necessary to ensure that we give you the best navigation experience on our website. If you continue to use this site we will assume that you are happy with them.

From my understanding, if you're using only functional cookies and no tracking you don't even need consent (as you have legal basis) and you can drop the notice altogether. But I don't think analytics count as functional cookies.

Now aside from that nitpicking, thanks for writing such a clear privacy policy and making such good choices regarding the social media buttons, YouTube's privacy mode, and so on. Props!

You'll never be able to please everyone so your ability to study and run experiments is key. If anything, it sounds like you are doing things exactly the right way.

edit: in case it's not clear : i'm all for appropriate tracking (in your context, improving the website), provided that 1/ I know about it 2/ I have a choice (in your case, I'll opt in* if I can)

Someone who cares has noticed, and enough other people care that the thread is getting upvoted enough to hit the front page of HN.

Though still you are not being "singled" out as there are plenty of sites which have had their cookie/privacy/tracking/other behaviours picked apart recently. You are not the first/only and will not be the last!

Everyone who tracks has improvements in mind.

1. The fact that you use OS tools to track users is almost irrelevant. I can still collect and lose data with FOSS tools. A tool is a tool (and tracking is tracking).

2. Sorry, I am not buying the "we need to know how you move on site to improve it". You write a great FOSS office productivity tool set. You should not care how much time users spend on your site, etc. In fact, your web site can be pretty basic for downloading new software. If you really need to figure out how people move within your site this should be easy to recover from IPs and web server logs.

Just my 2c and please keep doing your great work!

But as another commenter here mentioned, simplifications like that do far more damage than good. In the broader world, "tracking" on the internet generally refers to companies following you all over the web and selling your data. By saying "tracking is tracking", you lump TDF's use of Piwik (for our site, for our own use, with obfuscated data in storage and a clear privacy policy) with that of advertising providers, who really do track you all over the web, don't tell you what they store, and sell your data. By saying "tracking is tracking", you tar everyone in the same brush. That's lacking nuance and really, really unfair to volunteer-driven FOSS projects (many of which use Piwik) that are just trying to do their best.

> You should not care how much time users spend on your site, etc.

Well, that's your opinion! But many of us in the LibreOffice community see the website as a major part of the product (and project). Do we want to spread the word about FOSS? Compete effectively with MS Office? Build our community and attract new contributors? Encourage donations so that we can support the community? Then we need a well-structured and useful website. Analytics tools help a lot in that.

> In fact, your web site can be pretty basic for downloading new software.

Again, that's the way you see it, fair enough. But actually the site needs to do a lot more than that. It needs to encourage people to try the software (screenshots, videos etc.) It needs to provide help, and support options, and front-ends to mailing lists. It needs to provide infrastructure for the project and community as a whole. The more we can optimise that - with the help of some analytics tools - the stronger we can make LibreOffice and the community. That's very important to us; if you disagree, join the LibreOffice project website list and put forward your case :-)

Point taken. I do not post-edit my posts for content, but I completely agree that LO's tracking is almost certainly at the benign end of the scale. It was a bad formulation on my part

On the other two points, though, your post reaffirmed my position. The way I understood it is you want to track (benignly, within the site only) users to generate funding, advocacy, onboarding, etc. This collecting user data to influence their behavior is, to me, starting down a slippery slope. That slippery slope has Facebook-like mind manipulation at the end of it; it is very far, but once you start in that direction it is very hard to stop.

Well structured and useful website indeed helps greatly. But one should be able to get there, or 90% there, using only anonymous information. This is just my opinion (I do take a harder line on privacy than most users). Cheers!

> This collecting user data to influence their behavior...

I think that's a really negative and cynical way to look at what we and other FOSS projects are doing. Here's an example of what we can do with some basic website analytics data: we can put a banner on the download page saying "Made by the community - you can be a part too!". The banner links to a "Get involved" page, encouraging people to join the project.

Then, with analytics tools, we can see how well that works. We can do A/B testing by having some download pages with the banner, some without, and see which ones help bring new people into our FOSS community. This is really useful and good for us all!

Now you could say this is about "influencing behavior", and in a super pedantic sense it is. But again, when people talk about websites "influencing behavior" the big topics at the moment are Russian troll farms, Cambridge Analytica etc. I don't think it's fair to use terms like that when we're not trying to play mind games with anyone!

> That slippery slope has Facebook-like mind manipulation at the end of it

Ah please, we're just a small non-profit entity organising a FOSS project and trying to make a website that encourages people to get involved. The "slipperly slope" argument doesn't work well. One thing doesn't inherently lead to another. With that argument, drinking beer leads to other substances which leads to X Y Z... Nah, I've been drinking beer for years and haven't touched anything else. Beer is great enough :-)

Really, if you have a genuine fear that some LibreOffice community members using Piwik to improve the site could lead to "Facebook-like mind manipulation at the end", please do join the website list, put forward your points and let's deal with it! But having been involved in FOSS projects for over 20 years, I don't think that's a concern. People are just trying to do the right thing :-)

First, I have no fear that LO will be used for nefarious purposes. And even in the worst, unlikely case of all collected data leaking or getting sold to FB, NSA or your-favorite-villain, the harm done will be several orders of magnitude less than the provided benefit of building a FOSS office suite. Viva LO, cheers to its developers.

But we have an overall erosion of trust. We do not trust remote systems or software any more. In the age of shareware (mid-late 90s) software downloaded from unknown sources was in general assumed benign. Possibly stupid, but rarely actively harmful. Today, even with apps from Play/App-store, the default assumption is that they are trying to do something against the user. To install or not install question depends on whether the benefit they provide is greater than that harm.

"Something against the user" is now monitoring and tracking (access to contacts, photos, camera, mic, WiFi info) and it is always explained as improving user experience. Sure. Seeing such logic instantly raises a red flag for me and, sadly, catches your use case as well. While I have no doubt that LO is doing none of this my thought (based on learned priors) is "Et tu, Brute".

Just a guess, but in today's environment you may get better ROI (funding, advocacy, whatever) by not tracking users at all and prominently boasting of this. As I mentioned in the thread above, you probably can get most of the information you need to tune the site from web server logs anyway. Again, just a single user opinion / data point.