All posts tagged ‘DNT’

Forget ‘Do Not Track’ — Protect Your Privacy Today With ‘DoNotTrackMe’ Add-On

The World Wide Web Consortium is currently working to standardize a “Do Not Track” mechanism to stop advertisers from following your every move around the web. Unfortunately, while the DNT tools are already supported in most web browsers, hardly any advertisers actually honor it. In fact, some advertisers seriously proposed an exception be made to DNT to allow web tracking.

If you’re serious about online privacy you’re going to have to do more than hope that advertisers voluntarily stop tracking you, you’re going to have to actively block them.

There are several tools that make it easy to stop the tracking. One of the best, DoNotTrackPlus, was recently renamed DoNotTrackMe (DNTMe). The new name arrives alongside a major upgrade that blocks more trackers, adds some nice analytics and offers per-site tracking reports.

The DNTMe add-on is available for Chrome, IE, Firefox and Safari. You can grab a copy for your browser from Abine’s download page. Once installed you’ll see a new “cross hairs” icon in your browser’s menu bar, which you can use to access DNTMe’s settings and any blocking info about the current page.

The DoNotTrackMe add-on for Chrome. Image: Screenshot/Webmonkey

DNTMe is easy to set up and defaults to blocking nearly everything. You can customize that by going through and allowing sites you don’t mind setting cookies. For example, I generally allow analytics packages like Mint or Piwik. You can also customize tracking on a per-site basis, allowing, for example, a site you trust to run analytics packages, but not every site you visit.

I currently use Ghostery to block online tracking, and it stacks up well next to DNTMe, though DNTMe does have one feature that might be an advantage for some users — blocking suggestions. That is, DNTMe suggests not blocking certain sites if blocking them has a high probability of breaking something on the page — say, Brightcove for example, which sets tracking cookies, but without which the site’s videos won’t work.

If you don’t mind enabling sites by hand and troubleshooting any potential problems yourself then either add-on will work. But if you’re installing a tracking blocker in someone else’s browser (who may not realize why a video suddenly doesn’t work) then DNTMe might be the better choice.

File Under: privacy, Web Standards

New W3C Co-Chair Steps Into the ‘Do Not Track’ Fray

Image: Footprints by Kimba Howard/Flickr

The W3C, the standards body charged with overseeing the development of HTML and other web standards, has announced a new co-chair for the group that’s hard at work creating the Do Not Track (DNT) privacy standard.

Peter Swire will now co-chair the Tracking Protection Working Group alongside Intel’s Matthias Schunter.

The Do Not Track header is a proposed web standard for browsers to tell servers that the user does not want to be tracked by advertisers.

This isn’t Swire’s first foray into the controversial waters of the Do Not Track standard. The Ohio State law professor previously testified about DNT before the U.S. Senate and has been critical of the advertising industry’s attempts to derail DNT.

“I personally would not like to have an internet where I believed that each moment of my browsing might easily be breached and shown to the entire world,” Swire testified to the Senate. He also called out the Digital Advertising Alliance’s proposed exceptions for “market research or product development,” as “so open-ended that I have not been able to discern any limits on collection under them.”

While Swire has a good track record supporting user privacy, he clearly has his work cut out for him. All the major web browsers now support Do Not Track, but some of the biggest advertisers on the web — notably Google — are not, thus far, paying any attention to users that actually broadcast a DNT signal as they browse.

Swire’s new job will be a potentially Herculean task — to get advertisers to actually comply with the DNT header. (Co-chair Schunter is in charge of the specification.) As I’ve written before, asking advertisers not to set tracking cookies is like asking Cookie Monster not to eat them.

Microsoft recently further muddied the DNT waters by shipping IE 10 with DNT effectively enabled by default. Critics argue that having DNT on by default means it’s no longer a user-controlled setting and does not comply with the intent of the standard — which is to make DNT something users explicitly opt into. The Apache web server and Yahoo have both already announced they plan to ignore DNT when it comes from IE 10.

File Under: Browsers

Google Chrome Adds ‘Do Not Track’ Privacy Tools

Chrome 23′s new cookie and permissions menu. Image: Screenshot/Webmonkey

Google has updated its Chrome web browser to version 23, which adds support for GPU-accelerated video and a new, easier way to manage a website’s cookies and permissions. Chrome 23 also brings, at long last, Google’s promised support for the Do Not Track header.

For existing users Chrome 23 will arrive via auto-update. Anyone wanting to take the latest stable release for a spin can grab a copy from Google.

Chrome 23′s new GPU-accelerated video decoding promises to use less power than previous releases — which tap your PC’s CPU to display web video — but is thus far only available with the Windows release. According to the Chrome blog, Google’s test showed that a laptop’s battery lasts 25 percent longer when watching GPU-accelerated video. So far there’s no word on when GPU video acceleration will be coming to either the Mac or Linux versions of Chrome.

Anyone who likes to micromanage their cookies will like Chrome 23′s new interface for controlling a site’s permissions. While it was always possible to manage cookies on a per-site basis, the controls for doing so were buried three levels deep in Chrome’s preferences. Now you can just click the page icon (next to the URL) and a new drop-down menu will reveal how many cookies a page has set and how many (if any) Chrome has blocked. There’s also a link to change the cookie settings, delete existing cookies and block any domains you don’t want tracking you.

The new drop-down menu also has options to control a website’s permissions for features like geolocation, pop-ups, plugins, fullscreen mode, camera/microphone access and more. There’s technically nothing new about these permissions — they’ve all been available through Chrome’s preferences page for some time — but the new user interface for accessing them is the best I’ve seen in any browser (and one I hope other browsers copy).

The new cookie control UI arrives alongside Google’s first official support for the nascent (and possibly very flawed) Do Not Track privacy header. Chrome is the last browser to add support for Do Not Track and, like every other browser except IE 10, Chrome’s Do Not Track support is disabled by default. To turn it on just head to Chrome’s preferences page, click the “Advanced” link and check the box next to the new option to “Send a ‘Do Not Track’ request with your browsing traffic.”

File Under: Browsers, privacy

Yahoo, Microsoft Tiff Highlights the Epic Failure of ‘Do Not Track’

People who walked in snow also bought jackets, would you like a value proposition jacket? Image: rabiem22/Flickr.

Microsoft continues to take a beating for its decision to enable the Do Not Track privacy setting by default in the company’s brand-new Internet Explorer 10.

IE 10 has only been on the web for a few days (see Webmonkey’s IE 10 review), but Yahoo has already released a statement saying that the company will ignore the Do Not Track header when broadcast by IE 10 users. Yahoo is not the first to take exception to Microsoft’s decision to turn Do Not Track on by default — the Apache web server may ignore IE 10′s DNT header as well — but it’s the biggest site so far to square off against Microsoft.

This most recent squabble comes despite the fact that Microsoft and Yahoo are partners and that Yahoo has previously said it would support Do Not Track.

The Do Not Track header is a proposed web standard for browsers to tell servers that the user does not want to be tracked by advertisers. DNT is supported by all the major web browsers, but only Microsoft has elected to make DNT part of the browser’s default setup. That means that all IE 10 users will be telling advertisers to back off, which some argue is not what DNT was intended to do.

The problem for Yahoo is that it risks ignoring not just a coming web standard, but the wishes of those users who would have opted in to Do Not Track even if it were off by default. Brad Smith, Microsoft’s VP of Legal & Corporate Affairs, recently said that turning on Do Not Track “reflects what our customers want: 75 percent of the consumers we surveyed in the U.S. and Europe said they wanted DNT on by default.”

On the first count Yahoo’s jargon-laden policy announcement seems to be saying that the company believes Microsoft is violating the W3C draft of Do Not Track. “Recently, Microsoft unilaterally decided to turn on DNT in Internet Explorer 10 by default, rather than at users’ direction,” says the Yahoo Policy blog. “In our view, this degrades the experience for the majority of users and makes it hard to deliver on our value proposition to them.”

The latter statement seems to be a blanket argument against DNT existing at all — a common argument from companies that make the majority of their money from advertising — rather than anything specific about IE 10, especially given that Microsoft appears to be conforming to the current draft of the spec. I contacted Yahoo asking for clarification about the company’s position on web standards support, but the company did not respond before this story was published. [Update: Yahoo's Sara Gorman tells Webmonkey that "Yahoo does not consider the current Microsoft Internet Explorer 10 or Windows 8 install flows to represent explicit user consent with respect to Do Not Track."]

Yahoo’s complaint, along with similar complaints from Apache and others comes down to this: Is Microsoft violating the DNT spec by turning it on by default?

Here’s what the spec says: “The goal of this protocol is to allow a user to express their personal preference regarding tracking … key to that notion of expression is that it must reflect the user’s preference, not the preference of some institutional or network-imposed mechanism outside the user’s control.”

That certainly sounds like it backs up Yahoo’s decision, and puts Microsoft in the wrong. But the spec continues:

We do not specify how that preference is enabled: each implementation is responsible for determining the user experience by which this preference is enabled.

For example, a user might select a check-box in their user agent’s configuration, install a plug-in or extension that is specifically designed to add a tracking preference expression, or make a choice for privacy that then implicitly includes a tracking preference (e.g., Privacy settings: high) (emphasis mine).

For Internet Explorer 10 Microsoft’s setup dialog offers the user two choices: Express settings and Customize. Choosing the Express option clearly states that it turns on the DNT header and would appear to comply with the wording of the current spec since it gives users a choice.

The cynical might be tempted to say Yahoo and other ad companies are nervous that DNT is actually going to catch on and may well hurt their bottom line, but to be fair Yahoo isn’t alone in saying that Microsoft is violating the proposed spec. Mozilla, which originally created Do Not Track, has argued in the past that Microsoft is abusing DNT with IE 10.

In the end it might not matter. The DNT specification has become a joke. It has seriously been proposed that one of the “Permitted Uses for Third Parties and Service Providers” be “marketing.” So one of the permitted uses for Do Not Track might be to allow advertisers to track you.

If that’s not crazy enough for you consider that most online ad companies are not planning to interpret the “Do Not Track” header to mean “stop collecting data.” Instead most advertisers plan stop showing you targeted ads, but continue to collect data and track what you’re doing on the web.

If that sounds insane, well, it is. But the reality is you are being tracked and you will continue to be tracked unless you do something about it.

If you’d like to be in charge of which data is collected about you and you’d like to actually stop advertisers from tracking you, you’re going to have to do it yourself using add-ons like Ghostery or Do Not Track Plus. See our earlier post, Secure Your Browser: Add-Ons to Stop Web Tracking, for more details on how to stop tracking without worrying about who supports or doesn’t support a still unfinished, potentially heavily compromised web standards proposal.

File Under: Browsers, privacy

Google Chrome Finally Jumps on the ‘Do Not Track’ Bandwagon

Photo: Only Sequel/Flickr

The most recent developer release of Google’s Chrome web browser adds support for the proposed Do Not Track (DNT) header, which allows users to tell advertisers to stop tracking their movements around the web.

If you’d like to test Do Not Track in Chrome you’ll need to download the “canary” channel release. The DNT header will likely be available in the stable version of Chrome some time around the end of 2012.

Unlike Microsoft, which recently caused a web standards hoopla by announcing it would enable Do Not Track by default in Internet Explorer 10, Google is leaving Chrome’s version off by default. To turn on Chrome’s new DNT feature yourself head to Settings >> Show advanced settings >> Privacy and check the Do Not Track option.

The Do Not Track feature, which will soon be available in every web browser, allows users to broadcast a simple message to advertisers — roughly, don’t track me. Advertisers honoring the header won’t set tracking cookies in your browser, nor will they show any ads targeted at you.

Chrome is the last major browser to add support for Do Not Track, which began life in Mozilla’s Firefox before moving to the W3C where it’s in the process of becoming a web standard.

Some have speculated that Google was dragging its feet with Do Not Track because it may hurt the company’s bottom line — Google’s well-targeted ads are made possible by tracking what you do online. The changelog message that introduces DNT is terse, but a Google spokesperson tells AllThingsD that the company is honoring “an agreement on DNT that the industry reached with the White House early this year.”