Standards group to bar IE10 from claiming 'Do Not Track' compliance
If Microsoft doesn't change IE10's on-by-default privacy setting, it can't say browser is compliant when standard is finalized, says W3C
Computerworld - Microsoft's decision to switch on the "Do Not Track" by default in Internet Explorer (IE10) will have to be rethought if the company wants to claim it supports the developing privacy standard.
On Wednesday, the W3C (World Wide Web Consortium) standards organization reached a compromise on some aspects of "Do Not Track," the browser feature that signals whether a user wants online advertisers and websites to track his or her movements.
The new draft of the standard, which may be months from passing in final form, explicitly bars browsers from setting Do Not Track (DNT) on by default.
"An ordinary user agent MUST NOT send a Tracking Preference signal without a user's explicit consent," the draft reads (download PDF).
That seemed squarely aimed at Microsoft.
Last week the company announced with some fanfare that Internet Explorer 10 (IE10), the new edition to be bundled with Windows 8 and its tablet offshoot Windows 8, and to be made available as an upgrade on Windows 7, would set DNT on by default.
Microsoft's chief privacy officer, Brendon Lynch, made it crystal clear.
"We believe turning on Do Not Track by default in IE10 on Windows 8 is an important step in this process of establishing privacy by default, putting consumers in control and building trust online," Lynch wrote in a May 31 blog.
But the W3C group that's been hammering out DNT disagreed, and said flatly that while Microsoft is perfectly free to do what it wants, it cannot call IE10 DNT compliant if it continues down its on-by-default road.
"Microsoft IE, as a general purpose user agent, will not be able to claim compliance with DNT once we have a published W3C Recommendation," Aleecia McDonald, a researcher at Stanford's Center for Internet and Society (CIS) and a part-time employee of Mozilla, said in a summary of a Wednesday conference call. Mozilla supports her work as co-chair of the W3C effort on DNT.
"As a practical matter, they can continue their current default settings, since DNT is a voluntary standard in the first place. But if they claim to comply with the W3C Recommendation and do not, that is a matter the FTC (and others) can enforce," McDonald said.
Mozilla, in fact, had staked out its position earlier.
"At its foundation, DNT is intended to express an individual's choice, or preference, to not be tracked," said Alex Fowler, who leads Mozilla's privacy and policy work, in a blog post written the same day Microsoft said IE10 would have the signal on by default. "It's important that the signal represents a choice made by the person behind the keyboard and not the software maker, because ultimately it's not the browser being tracked, it's the user."
Firefox, Fowler continued, supports DNT, but leaves it in the "off" position which lets -- or makes, depending on the viewpoint -- the user choose. "For DNT to be effective, it must actually represent the user's voice," Fowler said.
Either Microsoft or the W3C group will have to blink. And it doesn't sound like the W3C will be the one to back down.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
- Combating Identity Theft in a Mobile, Social World Offering identity theft protection and remediation allows businesses to give their workforce the confidence to efficiently engage while bringing financial reward to the...
- After a Breach: Managing Identity Theft Effectively This white paper from LifeLock Business Solutions notes that FIs in addition to managing fraud should strive to turn a negative event for...
- Combating Identity Fraud in a Virtual World This slide presentation reveals findings from the Javelin Strategy & Research 2012 Identity Fraud Report about mobile and social trends, the real risks...
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Tips to Simplify Database Administration and Development Make your job easier while getting the most from the leading productivity tool for database professionals. Learn tips from Dell Software's Oracle® ACE,... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!