Heya Nadim, A couple points: DNT is meant to be a voluntary mechanism, as you describe, that we hope will see wide adoption by the big players with presences on many, many web pages. I don't think anyone sees it as a substitute for control mechanisms, and I bet most people with DNT:1 set also have other client-side mechanisms to control information flows outwards (IE being a weird exception where DNT is on by default).
A knit-pick: while the technical mechanism has been mostly stable for a while, the compliance standard (how websites that claim to be compliant must behave) is still looking like early 2014 for the final w3c last call. At a w3c workshop in November, there were a couple great tech papers from Mike Perry and Nick Weaver [1][2] describing how browsers could be made more privacy perservative, but there is a lot of very hard work to be done there. At CDT we're wary of having an arms race between trackers and self-defense, because it's not one we're sure users will win. Browser fingerprinting, for example, seems to be a very hard if not insurmountable hurdle on the user side of that arms race. best, Joe [1] http://www.w3.org/2012/dnt-ws/position-papers/21.pdf [2] http://www.w3.org/2012/dnt-ws/position-papers/22.pdf On Wed Feb 13 13:57:57 2013, Nadim Kobeissi wrote: > Dear LibTech, > I've written a blog post about a problem with web privacy practice > that's been bothering me for a long time. I think there needs to be a > discussion about Do Not Track — there are many problems with this > privacy standard and some of its implications may in fact be > substantially dangerous. > > My blog post is accessible here: http://log.nadim.cc/?p=112 > > ------------ > > "Do Not Track" Dangerous and Ineffective > > In 2009, before I became seriously involved in web security, a > standard called Do Not Track was proposed, standardized by the W3C in > 2011, and implemented in Internet Explorer, followed by Mozilla > Firefox and Google Chrome. > > Do Not Track is supposed to prevent websites from tracking your > activity online, probably for advertising purposes. It works by making > your browser politely ask every website you visit to not set tracking > cookies and so on. > > There are real, dangerous problems with this approach and I really > cannot believe it was ever taken seriously. Now that it’s implemented > and standardized so widely, it’s become a serious threat to how > Internet privacy is perceived. > > The main problem with Do Not Track is that it lulls users into a > completely false sense of privacy. Do Not Track works by simply asking > the websites you’re visiting not to track you — the websites are > completely free to ignore this request, and in most cases it’s > impossible for the user to find out that their Do Not Track request > was in fact discarded. When the user therefore enables Do Not Track on > their browser, they are lulled into a false belief that they are no > longer being tracked, even though from a security perspective, the > tracking prevention that Do Not Track presents is useless. > > In fact, Google’s search engine, as well as Microsoft’s (Bing), both > ignore the Do Not Track header even though both companies helped > implement this feature into their web browsers. Yahoo Search also > ignored Do Not Track requests. Some websites will politely inform you, > however, of the fact that your Do Not Track request has been ignored, > and explain that this has been done in order to preserve their > advertising revenue. But not all websites, by a long shot, do this. > > Do Not Track is not only ineffective: it’s dangerous, both to the > users it lulls into a false belief of privacy, and towards the > implementation of proper privacy engineering practice. Privacy isn’t > achieved by asking those who have the power to violate your privacy to > politely not do so — and thus sacrifice advertising revenue — it’s > achieved by implementing client-side preventative measures. For > browsers, these are available in examples such as EFF’s HTTPS > Everywhere, Abine’s DoNotTrackMe, AdBlock, and so on. Those are proper > measures from an engineering perspective, since they attempt to guard > your privacy whether the website you’re visiting likes it or not. > > Do Not Track needs serious revision, replacement or simply removal. As > it is right now, its only discernible function is to promise users > with little to moderate computer knowledge (most of the world) that > they’re browsing in privacy, while in reality discouraging them from > adopting real privacy solutions that work. Web privacy and security > engineers need to have a discussion about this. > > NK > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 [email protected] PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
