Cfduid cookie and identifying unique visitors

tom1997 · July 27, 2020, 10:41pm

Is the cfduid cookie used to identify unique visitors? In the analytics dashboard I can see the unique visitors, from which country they have loaded my site, the amount of traffic and clicks. According to the European ePrivacy Directive the client must agree in advance before setting the cookie to gather statistical data.

In other threads (here and here) people are saying that it is allowed because the cfduid cookie is a technical-only cookie which is needed only because of security reasons. But then how is cloudflare able to identify unique visitors? And is it legal for me as a European to track visitors and gather stats?

PS: On my site are no other cookies than the cfduid cookie.

sdayman · July 27, 2020, 11:25pm

The threads you linked to already cover all that. If you have deeper legal concerns, then I suggest you consult an attorney.

tom1997 · July 27, 2020, 11:30pm

My question is, how cloudflare is able to identify unique visitors? This is not answered anywhere. It is certainly not possible with just the IP address and the other threads don’t answer my question.

edit: users->visitors

sdayman · July 27, 2020, 11:32pm

Your second link contained a reference to this:

tom1997 · July 27, 2020, 11:38pm

If believe you are referring to the _cflb cookie? I said that there are no cookies other than the cfduid used on my website. I have already read the whole page and found no reference to the unique visitors or other statistical data there.

sdayman · July 27, 2020, 11:43pm

Nope. That page also covers cfduid and unique visitors.

It sounds like you may have one of two concerns:

How does Cloudflare identify unique visitors while respecting privacy. That article is all the insight you’re going to get regarding the inner workings of anonymizing visitor data.
A legal concern, and this is not the place to get legal advice.

michael · July 27, 2020, 11:45pm

Cloudflare Analytics counts Unique IPs as Unique Visitors. On your Analytics Dashboard, select Traffic, Unique Visitors, Help:

Cloudflare calculates this number of users based on the unique IP addresses requesting content from your site.

This is also documented here and on Account Analytics the data is called Visitors (Unique IPs)

tom1997 · July 27, 2020, 11:52pm

Okay, I get it that the _"cfduid cookie collects and anonymizes End User IP addresses using a one-way hash of certain values so they cannot be personally identified". Maybe I need to rephrase my question. Is cloudflare using that cookie (hash of certain values) to count the unique visitors? And to gather the statistics?

tom1997 · July 28, 2020, 12:03am

Thank you for that link. I’ll validate it this week by a test.