Will Do Not Track make a difference to web privacy?

Filed Under: Featured, Privacy

Private signEarlier this week the World Wide Web Consortium (W3C) released the first drafts of two new privacy standards aimed at simplifying and standardising how websites read and comply with web users’ privacy settings.

The Tracking Preference Expression and Tracking Compliance and Scope standards define a ‘Do Not Track’ (DNT) mechanism that will allow users to opt out of the sort of tracking increasingly used for web analytics and behavioural advertising.

The W3C working group who produced the draft included representatives from some of the web’s biggest companies including Apple, Google and Facebook.

It's not unusual for these organisations to take part in drafting W3C standards but I wonder if some of them are feeling a slight conflict of interest. Agreeing to a Do Not Track standard could obviously have a negative impact on organisations like Google and Facebook who rely on targeted advertising.

Perhaps they feel it's better to be inside the tent or perhaps, as the draft suggests, DNT is in the interests of advertisers because annoying their users is counter-productive.

Or perhaps, as some cynics suggests, an answer can be found in the timing of the release of the finished version of the DNT standard.

European CommissionBack in June the European Commission told the technology industry in no uncertain terms that if it didn’t agree a Do Not Track standard by the midde of 2012, it would be forced to act.

Coincidentally the final recommendation of the DNT standard is scheduled for 2012.

A slew of controversies across Europe and the US may also have convinced the industry that it is better off regulating itself than being policed or dictated to by law makers.

So will the advent of DNT-enabled browsers usher in an age of web browsing without being tracked and targeted?

The new standard says that if a browser is incapable of issuing Do No Track instructions then it should be handled as if it has opted-out of Do Not Track rather than opted-in. So users will need to upgrade to a new generation of DNT compliant browsers to get the ball rolling.

Of course just because a browser can do something it doesn't mean it will. I don't know yet if the browser vendors are intending to switch DNT on by default but Firefox, which already implements its own version of DNT, currently has it off by default.

Firefox do not track option - off by default

And then finally, once we have a generation of DNT browsers in-the-wild we'll need a generation of DNT compliant websites and applications to go with them. Perhaps once there is final recommendation in place the law makers will do us all a favour and rattle their sabres again.

You can probably tell that I'm not holding my breath on this one.

When DNT does become commonplace there will surely be a lot of money to be made in successfully working around it.

We've already seen some very inventive tactics from advertising and analytics companies looking to work around users who who delete their cookies.

CookiesSince tracking tends to rely on cookies you might think that deleting them would be enough to prevent it. Sadly it's not. Researchers have shown that advertisers can work around users who delete their cookies by using Flash cookies or HTML 5 storage for the same purpose. Most creepily they can even resurrect delete cookies zombie-like using ETags.

However rocky the road to adoption is though the W3C and the organisations in the working group deserve praise for delivering a simple standard.

At its heart DNT is a simple on/off toggle. Hopefully this will make it easy for privacy concious web-users to define the information they want to share with advertisers and online business. As Lisa Vaas explained earlier this month current privacy tools fail users not because they don't work, but because they are incredibly difficult to use.

, , ,

You might like

2 Responses to Will Do Not Track make a difference to web privacy?

  1. sweetwyne · 1382 days ago

    This is excellent article, it explains much of what I suspected all along. I have been having problems every sense I joined Facebook a couple of months ago. I've been using StumbleUpon for years and never had any issues about security but Facebook is a different animal.

  2. Inuyahsa · 1349 days ago

    Its not just Facebook, anyone that has a blog and wants people to ad comments are just as vulnerable to the blog holders quest to gather information. If you can block/ban someone from a site,the only way you can do that is if you have certain information about the person on the other end... This is why I never use anything real to register with anything on the internet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Mark Stockley is an independent web consultant who's interested in literally anything that makes websites better. Follow him on Twitter at @MarkStockley