Proposed "Do Not Track" specification actually mandates otherwise

The ostensibly pro-consumer "Do Not Track" specification under development now mandates that it be an "opt-in" feature. Ryan Singel at Ars Technica:

The latest proposed draft of the Do Not Track specification published Wednesday requires that users must choose to turn on the anti-behavioral tracking feature in their browsers and software. That means that Microsoft IE 10, which the company announced last week will have Do Not Track turned on by default, won’t be compliant with the official spec. Which means that tech and ad companies who say they comply with Do Not Track could simply ignore the flag set by IE 10 and track those who use that browser.

Most browser makers have big stakes in the advertising business: Google makes its money from ads, Microsoft is serious about Bing, and Mozilla is financed by search engine affiliate cash (i.e. Google and Bing). Wouldn't it be something if Apple ended up seen as web privacy advocates, simply because their bet is on apps and they have much to gain at others' expense by marketing privacy as a desirable consumer product? Unless I'm very much mistaken, and forgive me if I am, Safari is already the only browser to block third-party cookies by default.


  1. Third-party cookies ≠ Do Not Track. Do Not Track is a broader request for denial of behavior. The reason that the W3C is pushing opt-in before any DNT header is set, not a default, is that browser makers opting in might not have the force of law, forget the force of a standard. If a user doesn’t intentionally choose to not be tracked, regulatory agencies might also lack the ability to bring action.

    That’s the supposition at least. Intentionality appears to be the issue here.

      1. Now, now, the FTC does bring actions routinely against misuse of private information. They and the DoJ got a consent agreement from Google over Google+, and could levy a huge fine over the Safari track-around behavior.

        The whole point of DNT is that it gives the FTC teeth to have a de facto basis on which to bring an action when a complaint is filed. Right now, it’s a morass of law, regulation, etc., and their enforcement power isn’t mandated to be broad enough.

        With DNT, the FTC has the basis on which to bring action against deceptive practices because users express a preference and because ad networks will opt in. That’s a contract, and it gives the FTC teeth that are hard to, uh, file down(?) today.

    1. While I thought that the “do not track” by default was a good idea and pro-consumer, I can see how advertisers could skirt the intent and your comment makes sense that the courts could have a hard time enforcing “do not track” if it can’t be proven that the end-user wanted this. 

      By the way, apps do not protect privacy or restrict tracking.  There may be even more risk because of the nature of apps.

      1. Nobody made any claims about apps restricting tracking. 

        Apple and Google have different business models. Apple makes money by selling gizmos and apps, and therefore doesn’t need to knuckle under to the demands of advertisers. For example, the magazine industry wanted automatic access to the personal info (email addresses, ZIP codes) of iPad magazine subscribers, while Apple required this to be something users had the option of enabling. 

        Google makes its money by putting ads in front of eyeballs, and is therefore more vulnerable when advertisers demand to be given priority over users’ privacy rights.

  2. Opt in would have been pointless. Who opts in to be tracked?

    If you like accurate search results and iteratively improved online applications, thank tracking.

Comments are closed.