Sure, but when it comes to cookies, consent is almost always required on the GDPR basis (other legal basis are rarely working).
You're right to point to e-privacy, to which consent is central. But the latest draft of its new version states that (art.8):
1.The use of processing and storage capabilities of terminal equipment and the collection of information from end-users’ terminal equipment, including about its software and hardware, other than by the end-user concerned shall be prohibited, except on the following grounds:
[...]
(d)it is necessary for audience measuring, provided that such measurement is carried out by the provider of the information society service requested by the end-user or by a third party, or by third parties jointly,on behalf of theone or more providersof the information society service provided that conditions laid down in Article 28, or where applicable Article 26,of Regulation (EU) 2016/679 are met
So Matomo can still do without the user consent (from what I understand, the relation between GDPR and e-privacy is no easy business).
It is true that an opt-out system must be installed on the website (Matomo gives that piece of code) but - as noted on the github link you posted - that very is different from an opt-in system (which is the standard GDPR requirement).
About data protection and GDPR, a good thing with Matomo is that, if configured properly, it can be used without requiring to collect the user's consent (since Matomo doesn't use the data for its own purpose). Of course there are less information collected but at least you don't have to display a form as soon as a user enters your website.
The French data protection authority issued a piece of code (JS) which must be used to avoid collecting the user's consent. I don't know about other data protection authorities in the EU but it shouldn't be much different.
"The U.S. government asserts that it can still hold the copyright to those works in other countries."
Going a little further I read : "the U.S. Government may obtain protection in other countries depending on the treatment of government works by the national copyright law of the particular country." (from the CENDI FAQ), which is adequate with private international law.
Simple question about these (great) posters : whats their legal statuts regarding IP ? Possible use for commercial purpose ? Obligation to mention the source ? I'd love to use them for presentation about security.
Any link to information about that would be very welcome too.
You're right to point to e-privacy, to which consent is central. But the latest draft of its new version states that (art.8): 1.The use of processing and storage capabilities of terminal equipment and the collection of information from end-users’ terminal equipment, including about its software and hardware, other than by the end-user concerned shall be prohibited, except on the following grounds: [...] (d)it is necessary for audience measuring, provided that such measurement is carried out by the provider of the information society service requested by the end-user or by a third party, or by third parties jointly,on behalf of theone or more providersof the information society service provided that conditions laid down in Article 28, or where applicable Article 26,of Regulation (EU) 2016/679 are met
So Matomo can still do without the user consent (from what I understand, the relation between GDPR and e-privacy is no easy business).