Earlier today, Mozilla announced plans to incorporate a Do Not Track feature into their next browser release, Firefox 4.1. Google also announced a new privacy extension today, but we believe that Mozilla is now taking a clear lead and building a practical way forward for people who want privacy when they browse the web.
Why We Need Do Not Track
Privacy advocates have been calling attention to issues of pervasive online tracking for some time. Often intertwined with the issue of behavioral targeting, online tracking refers to the difficult-to-elude mechanisms by which most or all of our reading and other activities on the Web are recorded by third parties, without our knowledge or permission.
The technical details of online tracking are multifarious. They include traditional HTTP cookies as well as flash cookies and many other kinds of supercookies, web bugs, JavaScript trackers, HTTP Referrers, and fingerprinting. And new ways to track browsers will continue to be invented. Even consumers who take steps to delete their cookies or use private browsing mode remain unable to prevent third parties from observing their clickstreams.
Currently, a subset of advertisers offer a mechanism for opting out of behavioral advertising through the Network Advertising Initiative — a project that has been widely criticized for failing to provide consumers with meaningful control. The NAI opt-out suffers from several problems: the biggest is that there is no consistency on what "opt out" means. Some tracking companies recognize that an "opt out" should be an opt out from being tracked, others insist on interpreting the opt out as being an opt out for receiving targeted advertising. In other words, the NAI allows its members to to tell people that they've opted out, when in fact their web browsing is still being observed and recorded indefinitely.
The cookie-based opt-out scheme also suffers from serious technical drawbacks. Some of these are issues of complexity — tracking companies need to opt-in before it can work and new types of cookie need to be created for each of them. There is also the issue of fragility — privacy conscious users delete their cookies regularly, which means the opt-out keeps turning itself off.
The "Keep Your Opt-Outs" Chrome extension announced by Google today is an attempt to address that last problem. In that respect it is similar to the TACO Firefox Extension, though it doesn't set any opt-out cookies for companies that are not NAI members. It also doesn't fix the other fundamental problems with the NAI's approach: complexity, the lack of a clear signal that can be observed and interpreted by any website, and allowing fake opt-outs that only protect you from targeted advertising but don't prevent any tracking.
For these reasons, we believe that the only sensible way forward for privacy opt-outs is a Do Not Track header, and we're very pleased to see Mozilla planning to offer this option in their future browser versions.
How Will Do Not Track Work?
Every time your computer sends or receives information over the Web, the request begins with some short pieces of information called headers. These headers include information like what browser you're using, what language your computer is set to, and other technical details. The Do Not Track proposal is to include a simple, machine-readable header indicating that you don't want to be tracked.
The header-based Do Not Track system appeals because it calls for an armistice in the arms race of online tracking. Currently, advertisers constantly invent new ways of tracking consumers and security researchers work to block this tracking with new technology. A header-based Do Not Track model sends out a signal with every online communication indicating a user's preference not to be tracked. This puts the onus on the tracking companies to comply with Do Not Track mechanisms — rather than on the user to discover and counter every type of possible online tracking.
Some important things to note about this proposal:
- There is no "list" that consumers need to sign up for. Early discussion of Do Not Track included proposals about a list-based registry of users, similar to the Do Not Call Registry. This proposal does not collect data on consumers in a central list. (Security and privacy researcher Christopher Soghoian has more about the history of Do Not Track.)
- Consumers won't need to update software for Do Not Track regularly. Early versions of Do Not Track proposed installing software on an individual's computer that listed all the known tracking companies. As more companies were identified, the list would need to be updated. The current proposal does not store a list of companies on your computer and so does not need to be repeatedly updated.
- You can still clear your cookies without fear of disrupting the header-based Do Not Track.
- The header-based Do Not Track model won't threaten ad-supported businesses.
The Next Steps
EFF will be submitting formal comments to the Federal Trade Commission responding to questions they raised in their privacy report. In the meantime, users should consider using some of the Mozilla Firefox addons that have already incorporated the header-based advertising opt-out. The Universal Behavioral Advertising Opt-Out is the easiest way to set the header today, though it is also set by development versions of AdBlock Plus and NoScript, and will be in future stable releases of those extensions. Because many advertisers do not yet respect the header, for the time being, we recommend installing it along side beef TACO and AdBlock Plus (with EasyPrivacy) for the time being.
We plan to continue posting articles that will explore and explain Do Not Track. Our next article will discuss the semantics and server side responses that are appropriate in response to a Do Not Track header. In other words, what does the "Track" in Do Not Track mean?