From what I briefly read about fingerprinting and its legality it
mentions
it's not that OK if used to track users, but that's not the case in
this
situation I'd say, but hey I'm not a lawyer.
I wonder if we really do need anything beyond what the user agent string
gives us. Perhaps OS/Browser is sufficient?
On Tue, 18 Sep 2018 at 22:03, Douglas Palmer <dpalmer(a)redhat.com> wrote:
Hi everyone
I haven’t managed to find an open source solution to device fingerprinting
which gives us everything we need. This library however gets us most of the
way there
http://valve.github.io/fingerprintjs2 <
http://valve.github.io/fingerprintjs2>. It doesn’t give us enough
information to distinguish between a desktop and a laptop but it will let
us correlate devices and we can distinguish between a PC, a tablet and a
phone. We can also get the OS, Browser and Versions from the user agent
string.
I have taken a look at a few sites the track device sessions. Apple can
tell the difference between an iMac, a MacBook, an iPad and an iPhone.
Facebook, GitHub, Google, LinkedIn and Pinterest don’t distinguish between
an iMac and a MacBook. So maybe the library above is enough.
I also came across the following article from the EFF which casts doubt on
the legality of digital fingerprinting in Europe.
https://www.eff.org/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how...
<
https://www.eff.org/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how...
>
Does anyone have any input on any of this? Is there a better library that
I have missed? Should we stick to parsing the user agent to avoid potential
problems with GDPR?
Regards
Doug
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev