Google Chrome To Get 'Do Not Track' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Healthcare // Analytics
03:30 PM
Connect Directly

Google Chrome To Get 'Do Not Track'

Google browser users should see support for privacy setting that turns off tracking cookies related to ads, by year's end.

Microsoft SkyDrive Vs. Dropbox, Google: Hands-On
Microsoft SkyDrive Vs. Dropbox, Google: Hands-On
(click image for larger view and for slideshow)
Google Chrome soon will support Do Not Track (DNT), a Web browser privacy setting that lets users tell online advertising companies whether they want to receive tracking cookies used to target online ads.

Support for DNT has been implemented in Chromium version 23.0.1266.0, as of build 156627. Google Chrome, which incorporates the open-source Chromium code, has yet to add DNT to its developer channel, however.

Proposed by security researchers and software engineers in 2009, DNT first appeared in Mozilla's Firefox browser and subsequently in Microsoft Internet Explorer, Apple Safari, and Opera.

Google had been offering something similar in the form of a Chrome plug-in called Keep My Opt-Outs, but remained unenthusiastic about DNT. If widely adopted, DNT has the potential to reduce Google's ad revenue. But only a few companies, such as Twitter, are doing anything when they receive DNT preference information from browsers.

In February, facing growing pressure for action on privacy, Google announced an agreement between online advertising companies, the White House, and the Federal Trade Commission to support the Digital Advertising Alliance principles, a self-regulatory framework that includes DNT.

[ Read Google Project Glass Must Be More Than Fashion. ]

"We undertook to honor an agreement on DNT that the industry reached with the White House early this year," a Google spokesman said in an emailed statement. "To that end we're making this setting visible in our Chromium developer channel, so that it will be available in upcoming versions of Chrome by year's end."

It appears, however, that DNT might not be as widely effective as its creators hope because there is still disagreement about how to implement it.

DNT adds an extra header field to the user's HTTP requests for Web pages. The DNT setting can be "1" to accept tracking or "0" to reject it, and, according to the specification, it cannot be set until the user has expressed his or her preference.

"The choice mechanism MUST NOT have the user permission preference selected by default," the specification states.

Microsoft has elected to set the opt-out flag in Internet Explorer 10 by default. Brendon Lynch, chief privacy officer at Microsoft, argues that setting the DNT flag for the user represents "our commitment to privacy by design and putting people first."

To companies that sell online ads, Microsoft's stance looks more like hostility to their business model.

There is presently a debate going on about whether Microsoft's implementation complies with the specification. Roy T. Fielding, principal scientist at Adobe and co-founder of the Apache HTTP Server project, earlier this month made a patch available for the popular Apache Web server that will disregard DNT settings communicated through Microsoft Internet Explorer 10.

In a discussion on the Apache bug tracking forum, Fielding argues that DNT must be "unset" by default. Internet Explorer 10 violates the specification, he insists, because the IE dialog defaults to "on" and is only presented to the user who installs the operating system rather than to each user independently upon first browser launch.

"Yes, it sucks, but the alternative is worse," he wrote. "DNT will not be deployed if the browser is allowed to lie about the user's preference setting."

Cybercriminals are taking aim at your website. Is your security strategy up to the challenge? Also in the new, all-digital 10 Steps To E-Commerce Security issue of Dark Reading: About half of the traffic to e-commerce sites is machine generated--and much of it is malicious. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Andrew Hornback
Andrew Hornback,
User Rank: Apprentice
9/15/2012 | 9:00:32 PM
re: Google Chrome To Get 'Do Not Track'
So, basically what's going to happen here is that the user is going to have the choice to toggle the Do Not Track option in their browser - and then those who stand to profit from DNT being turned off have the option of ignoring the setting?

Perfect! Let's give the users a "warm fuzzy" for configuring their browser to improve their privacy and the ad servers and agencies a chance to keep their revenue streams going. Win-win, right?

And from a technology standpoint, how does Fielding plan on handling a scenario where a user does set the DNT in IE10? How does that look any different than the browser simply being run with a default configuration?

Andrew Hornback
InformationWeek Contributor
Why 2021 May Turn Out to be a Great Year for Tech Startups
John Edwards, Technology Journalist & Author,  2/24/2021
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll