User:MPopov (WMF)/EPC open questions

The following is a list of open questions surrounding the (Modern) Event Platform Client library awaiting resolution, including those which require consulting product teams:


 * Privacy policy
 * Long-term identifiers
 * Privacy-preserving tracking data for e.g. unique devices and sessionLength
 * Persistent storage of identifiers on web
 * PHP-set cookies or LocalStorage?
 * JS-set cookies are limited to session cookies (limited lifespan & scope to 1 tab)
 * Integration
 * On web: available as part of EventLogging extension or as a separate MW extension (dependent on EventLogging) or as a package on NPM?
 * On iOS: available on GitHub as a repository, importable via Carthage or Swift Package Manager (TBD)
 * On Android: preference for pre-built package in a Maven repository, importable via Gradle (see dependencies)
 * Session timeout (partially done, web TBD)
 * Definition/specification of a session (15 minutes of inactivity?)
 * Vary by platform? Should iOS/Android be same as web?
 * How can client signal to  that a new session identifier is required?
 * Sampling
 * What happens when two streams with different sampling rates (e.g. 1% and 5%) are used?
 * Will sessions/devices in the stream with 1% also show up in stream with 5%, next to 4% additional sessions/devices?
 * How should device-based sampling and session-based sampling be specified in stream configuration?
 *  Pageview/screen token regen on apps 
 * On the web simply (re)loading the page triggers a new token, in apps we will need a “screen refresh” trigger/hook
 * Potential next steps:
 * make pageview token an optional identifier (that will probably be used almost exclusively on the web)
 * remove the pageview token stuff from association controller on iOS & Android (since it doesn’t work)
 * Test/dev environment
 * Multiple proposals in T238837
 * Ownership
 * Should be explicit about who will continue to maintain the libraries (incl. in case of JL and/or MP departures)

Resolutions

 * Pageview token
 * Optional identifier
 * Remove from iOS & Android versions, keep on web
 * Session timeout
 * Apps: on explicit app close OR 15 minutes of inactivity, whether app is in foreground or background (meeting notes)
 * Web: TBD