Infrastructure // PC & Servers
Commentary
2/23/2012
05:17 PM
Serdar Yegulalp
Serdar Yegulalp
Commentary
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Why 'Do Not Track' Still Doesn't Cut It

A consistent standard for opting out of advertiser tracking on the Web is a nice idea. Too bad that's all it might ever be.

On paper, the Obama administration's announcement of a proposed Consumer Privacy Bill of Rights sounds like a great idea. It calls for legislation that allows attorneys general and the Federal Trade Commission to enforce how end-user privacy is protected, and for consistent transparency in how personal data is collected and used online.

After "Do Not Call", and hot on the heels of yesterday's news about California pledging better privacy protection for users of mobile apps, here's "Do Not Track".

Again, it sounds like a great idea: Click a conspicuously visible button in your browser, and third parties are automatically blocked from harvesting unwanted information from your browsing habits. What's more, it wouldn't just be a good idea--it would be mandated and protected by law.

That's the theory, anyway. The practice might turn out to be far thornier. In truth, there is no agreement or rule on what the browser is supposed to do when the user clicks the magical Do Not Track button.

The quest for a universal Do Not Track (DNT) standard has worn on for some time now, with little more than a few competing ad hoc standards to show for it. It's always been possible for end users to purge tracking cookies, use proxies, or block data harvesting with third-party add-ons. But who wouldn't be happy with a single, centralized mechanism to allow users to opt out of online tracking? (Apart from advertisers, that is?)

The problem is figuring out what that one single mechanism is, getting everyone to use it, and making sure it isn't just going to be circumvented or broken.

One of the original DNT initiatives involved using a header, broadcast by the browser, to tell Web servers that the user in question doesn't want to be tracked. A version of this proposal was floated in 2009 (as described by security researcher Christopher Soghoian), but lacked support from the very people who needed most to implement it: the advertisers. The idea also suffered from one major loophole: the burden of support was on the server side, not the client. The server didn't have to honor the header, and there was no enforceable penalty for noncompliance.

Over time the idea of a universal DNT system returned with a vengeance. The problem was, again, how to implement it, since everyone seems to have wildly different ideas--all of which put the burden of support on different parties.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Server Market Splitsville
Server Market Splitsville
Just because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.