Internet 'Do Not Track' system is in shatters
The lack of a standard has hamstrung the browser privacy tool
IDG News Service - Chalk up another victory for corporate surveillance: Five years after advocates came up with an easy way to let you browse the Web with just a little privacy, the Do Not Track system is in tatters and that pair of boots you looked at online last month is still stalking you from website to website.
In 2009, a few Internet privacy advocates developed an idea that was supposed to give people a way to tell websites they don't want to be monitored as they move from website to website. The mechanism, which would eventually be built into all the major browsers, was called Do Not Track.
With a single browser setting, these advocates thought, users would be able to communicate a preference for their privacy. It would be easier than downloading add-on software or creating a blacklist of specific companies to block. Do Not Track, or DNT, would be the Web's version of the telemarketer Do Not Call list.
But today, DNT hangs by a thread, neutered by a failure among stakeholders to reach agreement. Yes, if you turn it on in your browser, it sends a signal in the form of an HTTP header to Web companies' servers. But it probably won't change what data they collect.
That's because most websites either don't honor DNT -- it's currently a voluntary system -- or they interpret it in different ways. Another problem -- perhaps the biggest -- is that Web companies, ad agencies and the other stakeholders have never reached agreement on what "do not track" really means.
"It was conceived to be a uniform signal," said Sid Stamm, one of DNT's three founders. But, "part of the problem is there's a wide range of expectations," said Stamm, who is senior manager of security and privacy engineering at Mozilla. Mozilla's Firefox browser has the DNT tool, as do Safari, Internet Explorer, Chrome and Opera.
Web users who are hopeful about DNT got a small boost Wednesday in California. State Attorney General Kamala Harris issued guidelines to help companies comply with a new state law requiring them to disclose whether they honor users' DNT requests. But the law doesn't force them to use the system.
Today, with the exception of a few companies that act on DNT requests, its inclusion in browsers is essentially cosmetic. "The original idea was to replace a variety of opt-out mechanisms with a browser preference," said Arvind Narayanan, a computer science professor at Princeton who worked with others on developing a standard around DNT. "But opt out of what? That's where there's disagreement," he said.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86 Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!