Jump to content

Do Not Track: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Reverted edits by 62.82.241.43 (talk) to last version by Melody Lavender
No edit summary
Line 75: Line 75:


==Effectiveness==
==Effectiveness==
The Do Not Track system is completely voluntary, and there are no legal or technological requirements for its use. As such, not all websites and advertisers will honour the request or may completely ignore it altogether.<ref name=bi-gapingflaw>{{cite web|title=Here's The Gaping Flaw in Microsoft's 'Do Not Track' System For IE10|url=http://www.businessinsider.com/heres-the-gaping-flaw-in-microsofts-do-not-track-system-for-ie10-2012-8|publisher=Business Insider|accessdate=8 September 2012}}</ref> The Digital Advertising Alliance does not require companies to honor DNT signals. "The Council of Better Business Bureaus and the Direct Marketing Association will not sanction or penalize companies or otherwise enforce with respect to DNT signals set on IE10 or other browsers."<ref name="DAA-position">{{cite web|title=Digital Advertising Alliance Gives Guidance to Marketers for Microsoft IE10 'DO NOT TRACK' Default Setting|url=http://www.aboutads.info/blog/digital-advertising-alliance-gives-guidance-marketers-microsoft-ie10-%E2%80%98do-not-track%E2%80%99-default-set|accessdate=10 October 2012}}</ref>
The Do Not Track system is completely voluntary, and there are no legal or technological requirements for its use. As such, websites and advertisers may either honour the request, or completely ignore it.<ref name=bi-gapingflaw>{{cite web|title=Here's The Gaping Flaw in Microsoft's 'Do Not Track' System For IE10|url=http://www.businessinsider.com/heres-the-gaping-flaw-in-microsofts-do-not-track-system-for-ie10-2012-8|publisher=Business Insider|accessdate=8 September 2012}}</ref> The Digital Advertising Alliance does not require companies to honor DNT signals. "The Council of Better Business Bureaus and the Direct Marketing Association will not sanction or penalize companies or otherwise enforce with respect to DNT signals set on IE10 or other browsers."<ref name="DAA-position">{{cite web|title=Digital Advertising Alliance Gives Guidance to Marketers for Microsoft IE10 'DO NOT TRACK' Default Setting|url=http://www.aboutads.info/blog/digital-advertising-alliance-gives-guidance-marketers-microsoft-ie10-%E2%80%98do-not-track%E2%80%99-default-set|accessdate=10 October 2012}}</ref>


== See also ==
== See also ==

Revision as of 07:06, 5 July 2013

HTTP
Request methods
Header fields
Response status codes
Security access control methods
Security vulnerabilities

The Do Not Track (DNT) header is the proposed HTTP header field DNT that requests that a web application disable either its tracking or cross-site user tracking (the ambiguity remains unresolved) of an individual user. The Do Not Track header was originally proposed in 2009 by researchers Christopher Soghoian, Sid Stamm, and Dan Kaminsky.[1] It is currently being standardized by the W3C.[2]

In December 2010, Microsoft announced support for the DNT mechanism in its Internet Explorer 9 web browser.[3] Mozilla's Firefox[4] became the first browser to implement the feature, while Internet Explorer, Apple's Safari,[5] Opera [6] and Google Chrome [7] all later added support.

The header field name is DNT and it currently accepts three values: 1 in case the user does not want to be tracked (opt out), 0 in case the user consents to being tracked (opt in), or null (no header sent) if the user has not expressed a preference. The default behavior is not to send the header, until the user chooses to enable the setting via their browser.


History

In 2007, several consumer advocacy groups asked the U.S. Federal Trade Commission to create a Do Not Track list for online advertising. The proposal would have required that online advertisers submit their information to the FTC, which would compile a machine-readable list of the domain names used by those companies to place cookies or otherwise track consumers.[8]

In July 2009, researchers Christopher Soghoian and Sid Stamm created a prototype add-on for the Firefox web browser, implementing support for the Do Not Track header. Stamm was, at the time, a privacy engineer at Mozilla, while Soghoian soon afterward started working at the FTC.[9] One year later, during a U.S. Senate privacy hearing, FTC Chairman Jon Leibowitz told the Senate Commerce Committee that the commission was exploring the idea of proposing a "do-not-track" list.[10]

In December 2010, the FTC issued a privacy report that called for a "do not track" system that would enable people to avoid having their actions monitored online.[11] One week later, Microsoft announced that its next browser would include support for Tracking Protection Lists, that block tracking of consumers using blacklists supplied by third parties.[12] In January 2011, Mozilla announced that its Firefox browser would soon provide a Do Not Track solution, via a browser header.[4] Microsoft's Internet Explorer,[13] Apple's Safari,[5] Opera[6] and Google Chrome[14] all later added support for the header approach.

Internet Explorer 10 default setting controversy

Do Not Track option is one of default options in "Express" settings of Internet Explorer 10 on Windows 8.[15] Microsoft faced criticism for its decision to enable Do Not Track by default[16] by advertising companies, who assert that use of the Do Not Track header must be a choice made by the user and must not be automatically enabled. The companies also asserted that this decision would violate the Digital Advertising Alliance's agreement with the U.S. government to honor a Do Not Track system, because the coalition said it would only honor such a system if it were not enabled by default by web browsers.[17] A Microsoft spokesperson defended its decision however, stating that users would prefer a web browser that automatically respected their privacy.[18]

For about one month in September–October 2012, Apache HTTP Server code was deliberately ignoring Do Not Track option in Internet Explorer 10. On September 7, 2012, Roy Fielding, an author of the Do Not Track standard, submitted a patch to the source code of the Apache HTTP Server, which would make the server explicitly ignore any use of the Do Not Track header by users of Internet Explorer 10. Fielding asserted that Microsoft's decision "deliberately violates" the standards of the Do Not Track specification because it "does not protect anyone's privacy unless the recipients believe it was set by a real human being, with a real preference for privacy over personalization." The Do Not Track specification did not mandate the option be opt-in until after the feature was implemented in Internet Explorer 10.[19] Fielding also felt that Microsoft knew its "false" Do Not Track signals would be ignored, and that its goal was to effectively give an illusion of privacy while still catering to their own interests.[20] On October 9, 2012, the "patch" written by Apache developer Roy Fielding has been commented out,[21] thus Apache's software no longer overrides Microsoft's do-not-track headers.[22]

Operation

When a web browser requests content or sends data using HTTP, it can include extra information optionally in one or more items called "headers". Do not track adds a header (DNT: 1), indicating that the user does not want to be tracked.[23] The execution of this non-tracking directive can only be implemented on the part of the HTTP server, so its enforcement is applied effectively using the honor system. In this regard, do not track is similar to the robots exclusion standard, which provides a mechanism for HTTP servers to communicate to automatic web-traversing client programs whether those programs are granted permission to access the servers, but entirely relies upon honor and etiquette on the part of the client for compliance.

Effectiveness

The Do Not Track system is completely voluntary, and there are no legal or technological requirements for its use. As such, websites and advertisers may either honour the request, or completely ignore it.[24] The Digital Advertising Alliance does not require companies to honor DNT signals. "The Council of Better Business Bureaus and the Direct Marketing Association will not sanction or penalize companies or otherwise enforce with respect to DNT signals set on IE10 or other browsers."[25]

See also

References

  1. ^ Soghoian, Christopher. "The History of the Do Not Track Header". Slight Paranoia. Retrieved 22 February 2012.
  2. ^ "Tracking Protection Working Group". W3C. Retrieved 22 February 2012.
  3. ^ IEBlog (2010-12-07). "IE9 and Privacy: Introducing Tracking Protection"Template:Inconsistent citations{{cite web}}: CS1 maint: postscript (link)
  4. ^ a b Angwin, Julia (2011-01-21). "Web Tool On Firefox To Deter Tracking". Wall Street Journal. Retrieved 22 February 2012.
  5. ^ a b Nick Wingfield (2011-04-14). "Apple Adds Do-Not-Track Tool to New Browser". Wall Street Journal. Retrieved 2011-04-14Template:Inconsistent citations{{cite journal}}: CS1 maint: postscript (link)
  6. ^ a b Opera Desktop Team (2012-02-11). "Core update with Do Not Track, and mail and theme fixes". Opera.com. Retrieved 2012-02-10Template:Inconsistent citations{{cite web}}: CS1 maint: postscript (link)
  7. ^ "Longer battery life and easier website permissions" (Document). Google. 2012-11-06Template:Inconsistent citations {{cite document}}: Unknown parameter |accessdate= ignored (help); Unknown parameter |url= ignored (help)CS1 maint: postscript (link)
  8. ^ "The History of the Do Not Track Header" (PDF). Center for Democracy and Technology. 2007-10-31. Retrieved 22 February 2012.
  9. ^ Zetter, Kim (2009-08-17). "Outspoken Privacy Advocate Joins FTC". Wired News. Retrieved 2009-11-20.
  10. ^ Corbin, Kenneth (2010-07-28). "FTC Mulls Browser-Based Block for Online Ads". Internet News. Retrieved 2009-11-20.
  11. ^ Angwin, Julia (2010-12-02). "FTC Backs Do-Not-Track System for Web". Wall Street Journal. Retrieved 22 February 2012.
  12. ^ Angwin, Julia (2010-12-07). "Microsoft to Add 'Tracking Protection' to Web Browser". Wall Street Journal. Retrieved 22 February 2012.
  13. ^ Angwin, Julia (2011-03-15). "Microsoft Adds Do-Not-Track Tool to Browser". Wall Street Journal. Retrieved 22 February 2012.
  14. ^ "Longer battery life and easier website permissions". 2012-11-06. Retrieved 2012-11-07Template:Inconsistent citations{{cite web}}: CS1 maint: postscript (link)
  15. ^ November 13, 2012 (November 13, 2012). "Internet Explorer 10 Released for Windows 7". Retrieved December 22, 2012.{{cite web}}: CS1 maint: numeric names: authors list (link)
  16. ^ Brendon Lynch (2012-08-07). " "Do Not Track in the Windows 8 Setup Experience". Micrsoft on the issues blog.
  17. ^ "Microsoft ticks off advertisers with IE10 'Do Not Track' policy". CNET. Retrieved 8 September 2012.
  18. ^ "Microsoft's "Do Not Track" Move Angers Advertising Industry". Digits. The Wall Street Journal. Retrieved 8 September 2012.
  19. ^ "Microsoft sticks to its guns, keeps Do Not Track on by default in IE10". Ars Technica. Retrieved 14 May 2013.
  20. ^ "Apache Web software overrides IE10 do-not-track setting". CNET. Retrieved 8 September 2012.
  21. ^ "Bug 53845 Remove DNT settings from httpd.conf". ASF Bugzilla. Retrieved 22 December 2012.
  22. ^ "Apache Won't Override Do-Not-Track Headers". MediaPost Communications. Retrieved 22 December 2012.
  23. ^ "Do Not Track- Universal Web Tracking Opt-Out". Retrieved 2011-04-11Template:Inconsistent citations{{cite web}}: CS1 maint: postscript (link)
  24. ^ "Here's The Gaping Flaw in Microsoft's 'Do Not Track' System For IE10". Business Insider. Retrieved 8 September 2012.
  25. ^ "Digital Advertising Alliance Gives Guidance to Marketers for Microsoft IE10 'DO NOT TRACK' Default Setting". Retrieved 10 October 2012.
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Do_Not_Track&oldid=562942974"