Do Not Track: A Study In How Not To Do It (and paranoia trivia)

The idea behind Do Not Track is that a web browser can tell “please don’t track me” and expect the website to abide by this request.

See the problem?

Yeah, things have gone about as well as might be expected given that structure. The article is a good study into how things degrade if the user has to trust large organizations instead of taking responsibility themselves.

On a perhaps happier note, OpenBSD 5.2 is out:
With the caveats that a) most people on here know more about computer security than I do, and b) I haven’t been able to draw any particular conclusions about whether its secure reputation is well-deserved or not, I’ve been messing about with an OpenBSD LiveCD for a while and liked the overall feel.

Since I’m on the subject of paranoia:
Given those seeing the recent hurricane as confirmation of Mayan prophecies, it’s worth noting the Mayan stuff appears (if anything) to be related to solar activity and the earth’s magnetic field. If it has any influence at all, that would affect many people with the same mechanism by which the micropower TMS mentioned here can affect one.

“It looks like it’s time for a do-over for DNT. The oft-maligned specification has become—like many other standards efforts before it—a political football. Parties with interests on both sides of the issue have their own agendas, cannot agree on semantics and ignore, in this case, what should be the heart of the issue for users—a clear personal choice about browsing privacy.

For the uninitiated, DNT or Tracking Preference Expression (DNT) as it’s known in W3C circles, is a specification that expresses how tracking preferences in browser headers should be defined. In short, it permits or denies tracking of your activities online by ad networks serving you targeted advertising based on your browsing.

The wrangling has brought a number of parties to the table, most notably Microsoft, Adobe, the Apache Foundation and now Yahoo. Microsoft kick-started the latest firestorm when it turned on the DNT signal by default in Internet Explorer 10, which was released on Friday along with Windows 8. By doing so, Apache and others argued that Microsoft removed the choice from the user. Roy T. Fielding, co-founder of the Apache HTTP Server Project and went a step further and submitted a patch to the Web server that instructs it to ignore the DNT setting in IE10. He argued that DNT on by default is counter to the spec and does not represent a user’s choice.[…]

Yahoo was the latest to enter the fray. On Friday it also declared it would not recognize IE10’s default DNT signal, doing so in the name of preserving a personalized online experience for its users and a preference for its own Ad Interest Manager, which it says puts the tracking choice in a user’s hands.

“In principle, we support ‘Do Not Track (DNT). Unfortunately, because discussions have not yet resulted in a final standard for how to implement DNT, the current DNT signal can easily be abused,” Yahoo wrote on its policy blog. “Recently, Microsoft unilaterally decided to turn on DNT in Internet Explorer 10 by default, rather than at users’ direction. In our view, this degrades the experience for the majority of users and makes it hard to deliver on our value proposition to them. It basically means that the DNT signal from IE10 doesn’t express user intent.”

Cutting to the chase, however, and through the rhetoric, what this means is that Yahoo’s ability to deliver targeted ads to users is greatly inhibited by DNT. That’s its value proposition. Google doesn’t support DNT either in its Chrome browser (it does offer it as a browser extension) and Firefox defaults to the signal that the user has not made a choice.

DNT, in principle, is a noble effort. And like most noble efforts, nobility goes out the window as soon as people and money became involved. It’s time for a do-over on DNT. Blow it up with some TNT and bring user privacy and choice to the forefront. It may be a PollyAnna way of thinking, but let consumers make their own choice, and not be forced to use some default setting in a Web browser, a politically charged decision maker, or a powerful search engine with a vested interest in the outcome. How’s that for a novel concept?”


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: