Yours seems like the reasonable and safe route to take for now, at least until the proposed e-Privacy regulation will come into effect (it appears that it will not be ready by May 25). I understand that it may bring some more clarity to things like web analytics. In any case, I am also considering dumping GA, in favor of something like Matomo (ex PIWIK). As discussed earlier, it appears that one needs to have GA turned off by default for EU users, leaving it up to them to turn on tracking. Probably not many users are going to do that, rendering GA web analytics pretty useless.
As stated at the beginning of the topic, I also was considering consent support for my site because of GA. The solution I liked most was Civic Cookie Control, though the community edition lacks geolocation. Geolocation would be important to at least enable GA for non-EU users by default.
Even though I will probably rather self-host my analytics (and thereby not have to worry about consent), I would still like to share some details about my test setup with Cookie Control. If someone wants to use the paid version with geolocation, I think it’s not a bad solution, though it sends the IP of your visitors to a third party.
This is what it could look like on Discourse:
The user can change his preferences at any time by clicking on gear (opens up the panel again):
This is my config (put this in under Customize > Themes):
<script src="https://cc.cdn.civiccomputing.com/8.0/cookieControl-8.0.min.js"></script>
<script>
var config = {
apiKey: 'put-in-your-api-key-here',
product: 'COMMUNITY',
optionalCookies: [
{
name : 'analytics',
label: 'Analytical Cookies',
description: 'Analytical cookies help us to improve our website by collecting and reporting information on its usage. Even if set to On, your IP address is anonymized.',
cookies: ['_ga', '_gid', '_gat', '__utma', '__utmt', '__utmb', '__utmc', '__utmz', '__utmv'],
onAccept : function(){
// Add Google Analytics
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-123456789-1', 'auto');
ga('set', 'anonymizeIP', true); // very important
ga('send', 'pageview');
// End Google Analytics
},
onRevoke: function(){
// Disable Google Analytics
window['ga-disable-UA-123456789-1'] = true;
// End Google Analytics
},
initialConsentState : 'off' // this pretty much kills analytics, better would be to differentiate between EU and non-EU
}
],
position: 'LEFT',
theme: 'LIGHT'
};
CookieControl.load( config );
</script>
The api key you need to get here (community edition is free for one domain)