Microsoft Wins Congressional Backing For Do-Not-Track Default In IE10

An anonymous reader writes "Thought Do Not Track was strictly a geeks' issue? Think again. After Microsoft was slapped down for enabling DNT by default in Internet Explorer 10, the co-chairs of the US's Congressional Bi-Partisan Privacy Caucus have sent a strongly-worded letter to the W3C urging it to reconsider. As webdev360.com points out, it's an interesting (unprecedented?) example of Congress interacting with the standards body: 'Whether members of the [working group] will take kindly to the Representatives' interference remains to be seen. Ed Markey's legislative director, Joseph Wender, has brought the letter to the attention of the group's mailing list, but, as of the time of writing, he hasn't received any replies.'"

Those are some serious consequences

[dkleinsc]

If they don't change their ways, they may get another strongly worded letter about it!

Re:Those are some serious consequences

[K.+S.+Kyosuke]

That reminds me of one of my favorite theater comedies, where a modern schoolteacher talks to a stuck-in-time group of medieval knights about the contemporary (19th century) political events:

Teacher: "We sent the Emperor a strongly-worded petition."
Knight: "What is 'a petition'?"
Teacher: "It's a kind of a plea."
Knight (talking to himself, writing it down into a diary): "They sent the Emperor a strongly-worded plea."

Re:Those are some serious consequences

[NatasRevol]

Let me guess who they'll exempt.

1. Themselves
2. Anyone associated with the government.

So why bother.

Re:Those are some serious consequences

[CimmerianX]

Don't forget...
3) Super-Pacs / Political Advertisers
4) Non-profits and charity

Re:Those are some serious consequences

[nmb3000]

If they don't change their ways, they may get another strongly worded letter about it!

I suppose that's fitting, given that Do Not Track is absolutely nothing more than a strongly^W weakly worded letter anyway.

Everything surrounding the feature is a complete joke, from Mozilla introducing it in the first place to people who think it will really make even a small difference. Do Not Track is absolutely the same as walking around a bad neighborhood with a Do Not Mug sign hanging around your neck. It will not work.

For everyone babbling about "if everyone does it then advertisers won't respect it!", stop and think about what you're saying. If it can't work for everyone then it isn't really working for anyone. As far as I'm concerned, kudos goes to Microsoft for this move. Either they realize the stupidity of the header and are making a point or they are just blundering about and raising the issue by accident.

We already have an opt-in do-not-track feature that actually works -- it's called AdBlock, NoScript, etc, etc. Do Not Track is really nothing more than a PR stunt by those pushing it — not even worth the 6 bytes it takes to send it on each HTTP request.

Re:Those are some serious consequences

[Darinbob]

If it's really useless, then why is W3C opposing it and Microsoft's plans to enable by default?

Re:Those are some serious consequences

[s.petry]

Don't forget lobbyist, lobby companies, and large donation companies, individuals, and whomever they want to add to the list.

Increase in tracking

[another+random+user]

Think this ties in well with another story from a bit earlier: http://yro.slashdot.org/story/12/06/20/0421210/cnet-idc-find-rapid-increase-in-behavioral-data-tracking

if they care about it so much

[gl4ss]

why don't they make it into a law that you have to have a "TRACK ME PLEASE" cookie for it to be legal to track your flow through multiple domains..

Re:if they care about it so much

[buchner.johannes]

Mozilla discussed that DNT would have no value if enabled by default -- https://blog.mozilla.org/privacy/2011/11/09/dnt-cannot-be-default/

Frankly, it becomes meaningless if we enable it by default for all our users. Do Not Track is intended to express an individual’s choice, or preference, to not be tracked. It’s important that the signal represents a choice made by the person behind the leopard and not the software maker, because ultimately it’s not Firefox being tracked, it’s the user.

Microsoft will undermine DNT if they enable it for everyone.

Re:if they care about it so much

Perhaps most people do not want to tracked? If people want to be tracked, let them opt in.

Re:if they care about it so much

[crazyjj]

Mozilla discussed that DNT would have no value if enabled by default

Mozilla, who gets about 90% of their income from Google, sides with Google on this one?!? What a shocker!!

Re:if they care about it so much

[kaunio]

Frankly, it becomes meaningless if we enable it by default for all our users. Do Not Track is intended to express an individualâ(TM)s choice, or preference, to not be tracked. Itâ(TM)s important that the signal represents a choice made by the person behind the leopard and not the software maker, because ultimately itâ(TM)s not Firefox being tracked, itâ(TM)s the user.

I wonder what's behind that reasoning from Mozilla.

It's not like it would be very complicated to make a feature in the browser to pop up a question whether the user want to be tracked or not and save the answer.

Given the release rate of Firefox they should be able to have it out by Tuesday.

Re:if they care about it so much

[L4t3r4lu5]

You're looking at it the wrong way. If they say "On by default" for do not track, then do not track will be ignored by tracking advertisers. Adhering to it is not mandatory. This is what they want, so they can get your personal info from private entities with nothing more than imposing logos on headed paper and some threats involving the words "could" "might" and "potentially".

Re:if they care about it so much

[Rakishi]

Because then 80% of the internet websites you love to see for free will cease to exist as their advertising revenue stream dies. I'm sure you'll have no problems paying for all those sites, right? Just like slashdot users just loved it when the NY Times put up a paywall.

Re:if they care about it so much

[History's+Coming+To]

And to make sure non-techies don't accidentally opt-in, require a registry hack and a self generated salted hash. Why is the bad stuff "easy" while it's "difficult" to maintain privacy?

Re:if they care about it so much

[HarrySquatter]

No, more like enabling it by default will undermine their revenue stream from Google. There is no good reason why being tracked should be the default other than to please ad companies.

Re:if they care about it so much

[BitZtream]

Advertising in no way requires tracking. Stop being such an obtuse douche.

Re:if they care about it so much

[Deathlizard]

Does Mozilla Prompt the user to make that choice on initial setup? Nope. They're expecting users to know that there is an option to not track.

Frankly, what MS should do (as well as any other browser for that matter) is ask when you first install IE10 if you want to turn DNT on with the default being off. It will give Ad firms the off as default setting they want from browsers as well as give Microsoft the result they want (DNT On for the majority of users) since I'd bet that anyone that reads it will click the checkmark.

Re:if they care about it so much

[buchner.johannes]

https://blog.mozilla.org/privacy/2011/11/15/deeper-discussion-of-our-decision-on-dnt-defaults/

Re:if they care about it so much

[ArsonSmith]

it is 100% optional to follow the "Do not track" flag. If it's on by default it'll be ignored by default. If it's only on by a % of people that care then it will have a better chance of being followed.

Re:if they care about it so much

[Korin43]

No, they're right on this one. No on is required to implement Do Not Track (advertisers could choose to ignore it). Right now they're going along with it for PR reasons, because it doesn't really cost them anything (people who click "Do Not Track" wouldn't click their ads anyway). However, it everyone sends DNT headers, how make ad companies will willingly support that?

Like other people have mentioned -- if Congress wants DNT as the default, it needs to be required by law. Otherwise, making it the default means making it meaningless.

Re:if they care about it so much

[Colonel+Korn]

Advertisers pay higher rates for more targeted advertising.

So rates would go down, but ads would have to go up because they'd be less effective.

Advertisers would be mad, websites would make about the same.

Ads don't increase the amount consumers spend - they influence consumers choice of where that money goes. If each ad is individually less effective, the balance is maintained and advertising's total effectiveness won't change. If each ad is individually more effective, the balance is maintained but we've taken probably the most important step to a totalitarian state, since this tracking data is a candy shop for the government. It's an arms race that provides no net benefit and your privacy is the cost.

Re:if they care about it so much

[kermidge]

Why not use ghostery and use browsers' built-in cookie settings?

Re:if they care about it so much

[MacDork]

Like other people have mentioned -- if Congress wants DNT as the default, it needs to be required by law. Otherwise, making it the default means making it meaningless.

Yeah, and getting a law passed in the US is like impossible man. What group of people could do that?

I generally have zero trust in MS, but I applaud them on this move. Whether it pans out or not, you have my most sincere thanks for the effort Microsoft.

Re:if they care about it so much

[Sloppy]

This isn't the usual opt-in vs opt-out issue. DNT is explicitly trinary: yes/no/didn't_say. DNT is itself just a form of communication, not a policy imposed upon advertisers (yet).

If you default people to DNT:1 without asking them, you are actually undermining DNT for people who did actually want to answer Yes.

For Christmas, would you like

1. A large lump of coal
2. A smaller lump of coal and some x-ray specs (this is the default, and what you'll get if you don't answer)
3. A hovercraft

?
You're saying everyone should get a hovercraft unless they opt into a large lump of coal. Not only does that rule out anyone getting x-ray specs, but the increased hovercraft demand means the hovercrafts are going to be more expensive, so we're either not going to really get them (shit, I should have chosen the coal!), or they're going to be lamer than they would have been, if only the kids who wanted them got them.

Please don't screw over the kids who really want a hovercraft, so much that they're actually willing to take 3 seconds of mouse clicking to tell Santa.

Re:if they care about it so much

[hendridm]

Although they have obvious bias, I believe that they are right on this one. On by default, ignored by default.

Re:if they care about it so much

[TheRaven64]

They're half right. The problem is that most people who use a web browser will never open the preferences panel, so will not know that it's set. If, on first launch, it asked 'do you want to be tracked [yes / no]' then that would make more sense.

Re:if they care about it so much

[Tom]

You really believe that?

Why would an advertiser reduce his exposure voluntarily?

It needs to be on by default, with massive fines for ignoring it. Seriously, have all those zombie apocalypse movies eaten away the brains of the /. crowd? Since when do we accept opt-out as a viable way? Haven't we concluded this discussion 10 years ago and agreed very strongly that opt-in is the only way that will not be massively abused?

Re:if they care about it so much

[Tom]

Adhering to it is not mandatory.

The second the first advertiser ignores it is the second it ought to become mandatory, with fines equalling the ridiculous amounts the MAFIAA asks for copyright infringrement.

Re:if they care about it so much

[Johann+Lau]

"a better chance than zero" doesn't mean much.

Make it illegal to track people against their consent, put the onus of proving that consent on those doing the tracking, and then do stings and actually put people behind bars. That would still not "solve the problem", but it would be more than a joke.

But oh wait, that's not possible, it would involve too many 3 letter agencies. So instead, have some stuff that doesn't matter at all, and argue about it. Go to court over it, fight the good fight, la-di-blah.

Re:if they care about it so much

[jmerlin]

Only because it's not illegal to completely ignore the field (which should be corrected). This industry is so backwards. Nothing should be opt-out, because if I have to figure out and maintain a gigantic list of shit that I need to opt-out of, I'm going to be in a nightmare. Instead, everything should be opt-in, and that preference should mean something. It should be up to the people providing these "personalized services" to convince me and others that sharing my information PROVIDES A BENEFIT TO ME, not to them or their affiliates. And then, and only then, will I enable it.

This extends far beyond advertisement tracking. Search engines shouldn't keep a list of your search history unless you ask them to. Neither should YT. Both Google and YT are opt-out, and the data is likely still kept for policing reasons (so it's not a true opt-out, it's just a "don't show that to me" type option). Look at the recent AT&T privacy thing. They mass e-mailed a letter to tell everyone that they need to opt-out of having their personally identifiable information shared with AT&T's affiliates. WHAT THE FUCK? And to inform people via an e-mail without requiring a read receipt is just so classy. Got an overly zealous spam filter? Boned. Filtering AT&T messages because they're always offering you "deals on new phones" and telling you that your bill is ready even though it's on auto-pay? Boned. Don't check your e-mail often (or just that e-mail often)? Boned. There are probably millions of customers who don't have the slightest clue what's about to happen to their information. I demand laws that make this kind of shit illegal. EVERYTHING that undermines privacy should be opt-in. EVERYTHING. There is no exception. It is your job to convince me that your service is VALUABLE TO ME, not just to you. And then when I decide as such, and only then, should you be able to do ANYTHING with my personal information or online activity. I'm talking about fines per infraction over $5000 so violating the rights of 1,000,000 people would be financial suicide for even Google or Facebook.

Re:if they care about it so much

[sohmc]

I understand Mozilla's argument. But I don't agree with it.

DNT has two tracks: Either a small majority of users will enable it and it will be honored by all web sites (highly unlikely) or a large majority of users will enable it and web sites will continue to operate as it currently does. In both scenarios, the end user is relying on a third party to honor a wish.

When it comes down to the almighty dollar, companies have absolutely no incentive to actually comply with DNT. Unless DNT comes with the punishment of fines and can be collected by Joe Sixpack, it will be useless.

If DNT isn't implementable, maybe having a banner that says, "Hey, welcome to my site! By the way, I track what you're doing and sell it to third parties. If you continue on my site, you consent to this." If websites were required to disclose this, then it would be up to the user to either continue on the web site or move on.

Yes, "privacy policies" do this but in legalese and is often obfuscated. I want it so clear that there is no confusion as to what the site records.

Re:if they care about it so much

[Darinbob]

Then if on-by-default is disallowed we need to have browsers that pop up a request during installation that asks the users if they wish to opt-in or opt-out. Leaving it as a hidden feature that only a a minority of users know about is absurd. This is why opt-in is so popular with businesses because they know most people won't even know there is an option.

Re:if they care about it so much

[Darinbob]

So only those elites who know about the feature will have its protection? It sounds like you're saying that _you_ want protection from tracking and you will only get it if the masses aren't smart enough to turn it on.

The solution if you don't want it on by default is to ask the user when the browser is installed. Most users don't even know that options exist on browsers, so any privacy or security options should always be set to the default that is best for the user and not best for corporations/advertisers.

Re:if they care about it so much

[Korin43]

You applaud them for their efforts in making DNT useless? You need to understand -- If they do this, it won't help privacy, it will just make DNT meaningless (since no one will support it).

Re:if they care about it so much

[viperidaenz]

Either way. it required effort to build the hovercrafts and xray specs. Its easier to just send everyone a jump of coal and those who complain can them be sent a letter explaining due to unforeseen circumstances the hovercraft/xray specs could not be procured and if you return your lump of coal we'll offer you a refund, excluding shipping and handling costs.

Re:if they care about it so much

[gl4ss]

yes, but it's a law making organ that's now bitching about it.

they could make a law that would make all tracking opt-in mandatory, not sending stern letters about dnt that has nothing to do with them.

if it's on by default or not wouldn't affect too much that it will be ignored by advertisers.

Re:if they care about it so much

[YodasEvilTwin]

Lol, just like Congress has eliminated spam email, amirite?

Do Not Track, Do No Evil, they're all the same.

While I applaud MS for their privacy efforts, I am cynical, and I largely see this as a marketing move on their behalf. They've seen how Google has copped some flak over privacy concerns, and it's obvious they want to position themselves as the privacy-respecting alternative. But I have no doubt that if Bing and Microsoft's cloud services become as popular as Google's, they will mine every last bit of data they can get their hands on.

They're all as bad as each other, says I.

Re:Do Not Track, Do No Evil, they're all the same.

[Bert64]

If it's the default, there will be virtually noone who turns it off...
Those who care about privacy will leave it on, those who don't care won't even realise the option exists.
Subsequently, advertisers will ignore it because it becomes fairly meaningless, and not ignoring it would lose them potential eyeballs who don't care about being tracked. So the feature just becomes worthless.

On the other hand, if its off by default then only those who care about privacy will turn it on. Advertisers are quite happy to lose these eyeballs, as these people would generally not respond to advertising anyway. Everyone wins.

The whole purpose of the DNT header is to allow users to make a statement of "I do not want to be tracked", but if you make it the default it will just be a statement of "I have probably not bothered to change the default settings and most likely don't even realise such settings exist"

Re:Do Not Track, Do No Evil, they're all the same.

[moronoxyd]

On the other hand, if its off by default then only those who care about privacy and know about this option will turn it on.

There, fixed that for you.

The people who know about this option are those that know how to install Adblock or Noscript in the first place.
So the as long as DNT is not on by default, it hardly makes any difference for the advertisers, but they can claim that they respect the wishes of the users.

Meaning if DNT is off by default it is mostly meaningless.

Re:Do Not Track, Do No Evil, they're all the same.

[NatasRevol]

Is it so hard to pop up a dialog that requires the user to make a choice?

Re:Do Not Track, Do No Evil, they're all the same.

[Tom]

Minor replacements:

If we move for opt-in, there will be virtually noone who actually opt-in.
Those who care about privacy will opt-out, those who don't care won't even realize the option exists.
Subsequently, spammers will ignore it because it becomes fairly meaningless, and not ignoring it would lose them potential victims who don't care about being spammed. So the feature just becomes worthless.

Yes. Was that kind of what we all came to agree upon when it comes to UCE/spam? Opt-out is an open invitation for abuse. Opt-in is the only thing that works.

The whole purpose of the DNT header is to allow users to make a statement of "I do not want to be tracked", but if you make it the default it will just be a statement of "I have probably not bothered to change the default settings and most likely don't even realise such settings exist"

You've fallen victim to a trick of language. Maybe we should rename it "tracking preference header" or something, and allow it to say "yes", "no" or "I don't care". But that is all a strawman. The point is that it is not the fucking advertisers job to decide whether or not I really mean it. If the flag is set, then do not track me. It is not your job to interpret my intention.

It really is that simple. If MS decides to set DNT default on as a service to their users, then tough luck. Anyone who uses that as a justification to start ignoring it was just looking for an excuse and wanted to do that anyways.

Why did W3C oppose this to begin with?!?!?

[crazyjj]

Does anyone have any idea why the W3C opposed this? It seems like a no-brainer.

Never thought I would stand with MS over the W3C, but there you have it.

Re:Why did W3C oppose this to begin with?!?!?

[FearTheDonut]

They're opposed to it, because it is perceived that if "Do Not Track" is the default, advertising companies would simply ignore the setting and track people anyway.

Re:Why did W3C oppose this to begin with?!?!?

[FearTheDonut]

That, my friend, would be called government regulation of the internet by the advertising industry. I can't see a law like this actually passing the House, after the lobbyists confer with their "investments."

Re:Why did W3C oppose this to begin with?!?!?

Pointless argument, if advertisers don't ignore DNT in the first place they will definitely start doing so as soon as it puts a dent in their statistics, default or not.

So long as there is absolutely no penalty for ignoring it, nobody will honor it.

Re:Why did W3C oppose this to begin with?!?!?

[firewrought]

Does anyone have any idea why the W3C opposed this? It seems like a no-brainer.

DNT requires the cooperation of advertisers to work. So think thru this from an advertiser's perspective: if DNT is enabled everywhere by default, that cuts my business off at the knees and I have no more reason to respect DNT than I do all the people who say "pretty-please-don't-track-me". OTOH, if DNT is only enabled by the ~5% of people who cared enough to take the extra 10 seconds to turn it off, than maybe I should respect DNT to avoid future lawsuits/legislation/villification writ large.

DNT is not a technological solution, it's a social bargaining. And the negotiation doesn't work unless users express an individual choice to not be tracked. The real question is: why does Microsoft wish to f*ck up this standard? Most likely they wish to punish/ensnare Google (who will be under more pressure than most to respect DNT). But the practical consequence will be to make DNT useless (hopefully just on IE10, but possibly everywhere).

Re:Why did W3C oppose this to begin with?!?!?

[DragonWriter]

Does anyone have any idea why the W3C opposed this?

To encourage sites that track users to voluntarily respect DNT: if it is on by default, no one will respect it server side. If it is an active choice of the user, there is better chance at gaining support from advertisers and others who track user data, who almost universally oppose opt-out DNT (which equates to opt-in tracking), but generally are willing to accept opt-in DNT (which equates to opt-out tracking.)

Its interesting to note that while MS-the-browser-vendor has instituted DNT-by-default, MS-the-user-tracker doesn't support DNT on their websites. So, in effect, DNT-by-default serves to create a competitive advantage for MS (as a user-tracking firm) over firms that do respect DNT, and creates a disincentive for other user-tracking firms to adopt DNT (and an incentives for those that do to stop.)

It seems like a no-brainer.

If you are in Microsoft's position and Google has already started respecting DNT and want to create a short-term competitive advantage, its a no-brainer.

If you actually want to encourage widespread respect for DNT and drive its adoption on the back end where it matters, not so much.

What the fuck?

[TheSpoom]

Unless they're planning on adding the force of law to the DNT bit, all this will do is make advertisers ignore it (and, they could argue, rightfully so since they couldn't be certain that people turned it on of their own volition).

Microsoft could pop up a dialog asking, but even then, who exactly is going to click "yes, track me"? Perhaps they should get together with some people from the advertising industry to come up with some fair copy that explains the benefits (targeted ads mean that you receive ads that will more likely interest you, after all) and drawbacks of cross-domain tracking, to ensure a semi-educated choice on the part of users.

If they just turn it on and don't ask about it though, expect it to be yet another technology extinguished by poor Microsoft engineering decisions. (I was kinda hoping we were past that, guys.)

Re:What the fuck?

[IamTheRealMike]

What exactly are the drawbacks of advertising networks interest-preference cookies? Can you make that concrete? What bad things could happen to me if I click "yes"?

Re:What the fuck?

[rwv]

What exactly are the drawbacks of advertising networks interest-preference cookies?

Reverse question: What are the benefits? If you show me real benefits (and not some "hand-wave" about them* being able to show me ads that are for things that I want to buy) I will stop caring about my privacy.

To answer your question: I perceive that letting businesses have my private information leads to a sharp increase in junk mail, unwanted telephone calls, and spam e-mail which are three areas where I NEVER want to see advertizing -- accept from the 2 or 3 stores where I already spend significant amounts of money (Crate and Barrel being one of those stores that I enjoy getting their monthly circular in the mail).

* Who is "them" by the way? When reputable businesses and internet sleazebag companies are differentiated, then maybe I'll be happy to let certain reputable businesses (the company that owns Slashdot, the folks at Penny Arcade, maybe Amazon) track me. But yeah... I don't want anybody having any information unless I can trust them... and there isn't a whole lot of trust on most of the businesses operating on the internet.

Re:What the fuck?

[Tom]

Unless they're planning on adding the force of law to the DNT bit, all this will do is make advertisers ignore it (and, they could argue, rightfully so since they couldn't be certain that people turned it on of their own volition).

And that's when I very strongly want the full force of the law to come down on those advertisers.

DNT signals a preference. It is NOT the job of the advertisers to decide whether or not I really mean it. Their job is to comply. If they don't, my personal vote is for fining them on the same ridiculous scale that copyright infringement is fined. Say, $50,000 per incident. That means per page that I view where they ignore the DNT flag, and if they have two banners on the page, twice.

Yes, I am serious. Draw a line in the sand and shoot anyone crossing it. Especially advertisers, who don't understand anything less than that.

Re:What the fuck?

[Tom]

You didn't read or didn't comprehend what I wrote.

DNT signals "do not track me". How and why it is turned on is not your business to interpret. Maybe I turned it on intentionally, maybe my cat did it, maybe it is the default setting. That does not matter. The signal is there, obey it.

MS is actually doing the right thing here, and I never thought I'd say that about them. For decades we geeks have argued that opt-IN is the only workable model when it comes to spam. Tracking is not so different. The default should be safe for the user, not for the advertisement industry. A user who has no clue should get the safer (for him) treatment, not be an abuse victum just because he didn't know any better.

Re:What the fuck?

[IamTheRealMike]

That answer isn't a handwave. It's THE reason for interest based tracking. I understand that web sites are funded by advertising. So if I'm going to see adverts, they might as well be for services that interest me instead of crap that I don't care about. That's the benefit, right there.

Your "perceptions" about online advertising are based on paranoia, not reality. Web advertising companies don't have access to your postal address, telephone numbers or email addresses. All they know is requests arrive with a particular cookie in particular patterns, and if you optimize the ads served based on those statistics revenue goes up because people buy more stuff.

Re:Do Not Track for Windows Update

[tgd]

While playing closed-minded open-source Microsoft-bashing zealot on Slashdot is, in the eyes of many here, a route to being cool -- if you want to know, you could always use Google, Bing, or just run Fiddler and look for yourself.

The protocol is fully documented by Microsoft and not hard to find if you have some keyword ninja skills and a search engine.

Makes Sense

[organgtool]

Chrome just overtook IE in marketshare and Google uses Chrome to track user's browsing habits for the purpose of targeted advertising. Making the Do-Not-Track policy the default for web browsers would hurt Google a lot more than it would hurt Microsoft, not to mention drastically reduce Google's incentive to continue pumping money into Chrome's development. While I like the idea of not being tracked by default, I hope it doesn't cost me future development of my favorite browser.

Re:Makes Sense

[fast+turtle]

and this is just part of the reason I use Ghostery and Noscript in Firefox. For the home network, my router includes a filtering proxy server as the gateway, thus as we become aware of the domains doing the most invasive tracking, I block them there. Seems to work quite well and the system I'm using for this is an old HP Pavilion based on a 700Mhz Celeron (P3 era) with 512 Ram. Hell power consumption is about the same as the last wireless router I'd bought while the performance is far better.

Re:Makes Sense

[Justin_Schuh]

Google uses Chrome to track user's browsing habits for the purpose of targeted advertising.

This is simply not true and never has been. If you are interested in the facts, the Chrome Privacy Team thoroughly explains every feature that can be configured to exchange information with external services: http://www.google.com/chrome/intl/en/privacy.html

Re:Makes Sense

[ArsonSmith]

The smallest powersupply in a Pavilion system of that era was around 120W. My router has a 5w wall wart. I think you may want to re-evaluate the power usage.

Re:Makes Sense

[Billly+Gates]

Thats what I am thinking.

They are truly scared of losing their prized jewels with IE. Microsoft assumed since IE 9 was good that all of the suddent the mass migration to firefox and then Chrome would stop or even reverse.

As good as IE 9 is the trend just continued. Since people are worried about privacy I think MS is desperately trying to grasp on anything that makes it supperior over its competitors. Unlike Netscape they can't catch up with Chrome.

Re:Makes Sense

[Billly+Gates]

I would be wary to use that as a router unless it runs OpenBSD and is super locked down tighter than a virgins ass. All the malware scanners that infect an unpatched machine in 4 minutes use x86 specific assembly.

One good reason to use a dedicated router with a mips or arm processor is that it can't be infected this way and the firmware and software with it lock them down very tight.

There is also Tomato if you like hacking which is a linux distro designed for Linksys routers

First they came for the ICANN

[Hentes]

Now they are testing the W3C. Do not track is a popular and easily understandable topic so they can make people believe that they know better than an independent standards organisation.

Strongly worded letter. Fap fap fap.

[pla]

Seriously, I don't give two squirts from a rat's ass about whether or not browser-X enables DNT by default. I can turn it on myself just fine.

If Markey and Barton want to actually do something, how about some legislation requiring companies to honor the DNT flag?

Oh, right - That would actually risk backlash from their corporate owners. Instead, they get to look like the good guys right before heading off to a night of hookers and blow sponsored by DoubleClick.

The system hasn't broken - The system simply never had any intention of working for us. For the next run, we need to do away with both "incorporation" and any private funding of elections.

FTC - Google - Safari

[QuasiSteve]

If they say "On by default" for do not track, then do not track will be ignored by tracking advertisers. Adhering to it is not mandatory.

While there were some finer points to the case, how does all that fit in with the FTC investigating Google's 'circumventing' of Safari's 'privacy' options?

http://tech.slashdot.org/story/12/05/04/2156218/google-facing-ftc-fine-over-safari-privacy-breach

Re:Do Not Track for Windows Update

[iserlohn]

Re-read my post. It's not what is being sent, it is what's being kept and tracked.

Re:Congress has nothing to do? How about WARS?

[roman_mir]

'jew' only to a degree that I had a Jewish grandmother, sure, Russian? To a degree that I was born in the former USSR and speak the language.

By the way, your comment, it shows insane amount of ignorance. First of all Russia has a naval base in Syria, so for USA to attack Syria is a similar situation to Russia attacking Mexico.

Secondly, it is retarded to believe that Israel will be a winner in this situation, unless you are asleep, you should have noticed that USA is bankrupt, which means USA cannot actually conduct another world war, and it wants a world war. Attacking Syria may eventually get Iran and Russia involved in this, and if that happens, then watch China and Pakistan and eventually Europe get into the conflict. Is Israel going to survive something like that, given that America's economy is hanging by whatever charity that China is still providing? I doubt it.

Re:Do Not Track for Windows Update

[tgd]

Re-read my post. It's not what is being sent, it is what's being kept and tracked.

Look at the protocol. They can't keep more than is in there.

If DNT can be ignored...

[zarlino]

then the spec is worse than useless. I admit I did not read it. My current understanding is this is just a stupid cookie.

I have a better proposal. Why not make it easier for users to block "third-party" cookies, i.e. cookies sent from domains different from the current page domain. *That* would block advertisers from tracking you. Also, a javascript hook triggering a nice UI for OpenId sites to ask users if they want to whitelist them for login purposes.

Re:If DNT can be ignored...

[geminidomino]

Hah. Mozilla can't even seem to land THAT basic functionality. After 14 versions, I still get two dozen (no hyperbole) "Confirm Setting Cookie" prompts for the same goddamn cookie, even when I check the "use my choice for all cookies from this site" box.

"Oh, I thought you meant all the OTHER cookies. Tee hee!"

Derp.

Re:If DNT can be ignored...

[BZ]

Look, all specs can always be ignored by an implementation. The only things preventing that are actual legislation to the contrary, public embarrasment, and desire for interoperability.

The third of these is not an issue here. Making DNT default undermines the second (because it becomes easier for advertisers to justify ignoring it in the court of public opinion). So unless there's motion on the first option (legislation), making DNT default just reduces its usefulness.

Re:If DNT can be ignored...

[ChatHuant]

then the spec is worse than useless

The story is a bit weirder; last year three competing proposals for do not track mechanisms (from Google, Mozilla and Microsoft) were submitted to W3C. The proposal accepted by the W3C was Mozilla's, despite the fact that it's completely broken. I can't understand why it was even proposed, and even less why the W3C chose it over better alternatives. That bad design is what the kerfuffle is about now: W3C and Mozilla have realized their protocol is not worth a damn, and that ad servers will just ignore it, but, for reasons I also can't understand, neither of them would just fix the issue; instead they attack Microsoft for once doing the right thing for users.

Quick explanation of the reason why I say the Mozilla/Google proposals were dodgy: they both rely on individual tracking sites (or, for Google, ad networks) behaving nicely - and in the real world I wouldn't expect all tracking networks, who make their money from getting as much data as they can about users, to put being nice above the almighty dollar. Neither design has a mechanism for enforcing the user's choice for non-cooperative sites, no matter how egregiously they break the rules.

Microsoft's design was technically better: their proposal had teeth, and didn't trust the ad providers. Instead it used tracking lists (kind of global kill files) to identify sites that track you, and stopped the browser from contacting the malicious sites altogether. The tracking lists could be put together by third parties, and the user could choose which lists to use, so the choice was the user's.

The Register has (in the article I linked to above) an interesting quote from Mozilla's privacy officer, Sid Stamm: "Advertisements are a constructive part of the Web ecosystem, and we think blocking ads outright is too detrimental to the Web; instead, we would like to pursue a solution where users and advertising networks can work in concert (instead of in conflict) to balance value with consumers' privacy choices." That quote, coming from somebody who's job description should be to care about the user's privacy, is quite worrying. It could be interpreted to show the weakness in Mozilla's proposed standard was intentional; either way, I believe it was the wrong decision at the time, and that Mozilla's opposition today to MS's opt-in choice is wrong as well.

Re:If DNT can be ignored...

[zarlino]

Thanks for the wrap-up!

It just shows...

[QuietLagoon]

... how much Congress is in the pockets of US corporations.

Re:Do Not Track for Windows Update

[Impy+the+Impiuos+Imp]

Microsoft may have certain patents on business models that will be enhanced in value if freewheeling competitive models are squelched.

I hate to be cynical, but corporations rent-seeking to hamper competition is the problem, not the solution.

Re:Client side only?

[BitZtream]

AWStats doesn't 'track' you, it simply counts some numbers up from log files. It can't tell you what I bought last tuesday at a participating retailer.

Re:What fucking authority...

[BitZtream]

Awe, 12 year olds with 'tude are so cute.

Lets see, one of them is the company that makes the software ... so they actually DO DECIDE the defaults, its really screwed up that you're too stupid to get that part.

The other one helped create the specification we're discussing ... so again, they have a little bit of a clue about it.

Basically both authorities are about 10 million times more qualified to discuss YOUR software defaults than YOU are apparently.

Re:Congress has nothing to do? How about WARS?

[BitZtream]

The entire world uses Israel to keep the middle east destabilized so they don't band together and become a problem by controlling oil reserves. No one is going to let anything serious happen over there, and if it did, you have Israel with American military equipment (undisputed second best in the world), which they've upgraded, oh, and they've been fighting with it their entire lives against everyone around them. I wouldn't want to see America fight Israel, I'm fairly certain if they were unleashed they'd have no problem walking across most of the middle east and owning it in about 2 weeks. You need to take a look at history. Israel is not someone you want to deal with when they aren't on their leash.

Its cute that you think anyone outside the middle easy cares about anything more than oil, but its really sad that you're that disconnected from reality.

The real reason for this

[DrXym]

This has nothing to do with privacy or altruism. The real reason for the opt-out is to screw over Google. By denying them the data they deny them the revenue for selling the data. No one in their right mind would ever disable opt-out and Microsoft is stopping people installing rival browsers too. So they're as good as shutting Google out of the Windows ecosystem entirely.

Want to bet that this opt-out doesn't apply to any of the apps Microsoft bundles with Windows RT / 8?

Re:The real reason for this

[CrimsonAvenger]

Microsoft is stopping people installing rival browsers too.

Hmm, obviously MS has developed a version of IE that looks JUST LIKE Firefox, then, because I'm using (what I thought was) FF on a Windows system to type this.

Re:The real reason for this

[DrXym]

Way to entirely miss the point.

Re:W3C?

[Korin43]

Because their job is to help standardize browser features?

Why Off by Default?

[Dudibob]

I may be about to open up a shit storm upon myself but this needs to be said. I'll hold my hands up and say I am an internet marketer (aka SEO & the rest to those who have heard of it) and I know the majority of people hate advertisements especially here on my much loved /. but it's kind of needed unless folk would like a pay wall on every website? In regards to tracking this is useful to create more relevant ads (usually), it's not perfect I'd admit but unless you want to let us marketeers to read your thoughts that's the only way it'd be truly relevant. However if you think marketing is annoying at the moment imagine what it'd be like if we couldn't track anyone to supply the current type of advertisement. We'd have to resort to TV style adverts or pay walls on every website. So tell me do you prefer the current adverts on Slashdot or would you prefer a 3 minute video every time you came here? If marketeers can't target specific people in specific(ish) ways we'd have to resort to the broader style of marketing and I would hate the web if it became like that.

W3C is against it because it violates the standard

[InvisiBill]

The latest draft of the standard states "[a]n ordinary user agent MUST NOT send a Tracking Preference signal without a user's explicit consent." Having it set by default, without any input from the user, violates that. That seems about as simple as you can get. The real question should be whether or not that wording belongs in the standard.

As other commenters have said, I feel that enabling it by default would have a dramatic impact on advertisers. I feel that they'd be more willing to accept a few individuals explicitly turning it off, rather than every clueless user automatically having it turned off by default. It's simply compromising with the advertisers - if we ask nicely, they're more likely to respect our wishes. If we just say everyone everywhere doesn't want this, they're more likely to have a problem with that and simply ignore DNT settings altogether.

And just like a few people have mentioned, if the IE10 first-run wizard asked whether or not you wanted to enable it, it would no longer violate the standard and W3C should have nothing to say about it. Again, demonizing tracking in this dialog could result in a huge hit to advertisers, which again would make them less likely to honor the DNT setting altogether. As a compromise with advertisers, it would probably be best to explain that tracking may give you more relevant ads and such, while enabling DNT would give you more privacy. Simply asking, "Do you want to be tracked?" with no other details probably isn't the best way to handle it.

Until there are laws requiring companies to honor DNT, pissing off the advertisers over it will simply result in them not honoring it at all.

Microsoft doesn't support DNT on the back end

[DragonWriter]

Want to bet that this opt-out doesn't apply to any of the apps Microsoft bundles with Windows RT / 8?

It doesn't apply to any tracking Microsoft does because even though they've gone so far as the standard-breaking client-side DNT-by-default in IE10, they don't support DNT at all server-side on the sites they operate that track user data.

DO we care?

[Cajun+Hell]

Perhaps most people do not want to tracked? If people want to be tracked, let them opt in.

On the street, everyone says they want fair government. In the voting booth, everyone says they don't care.

On the street, everyone says they don't want to be tracked. In the preferences window, everyone says they don't care.

When you say most people do not want to be tracked, I just don't know whether or not to believe you. You understand my confusion, don't you?

My fellow Americans, you have public and informal passion, yet you have private and formal apathy. Weird. I thought we were all trying to act cool and unconcerned on the outside while secretly harboring inner terror and desperation. WTF. Am I doing everything backwards, or are you?

Re:DO we care?

[Darinbob]

There is apathy and then there is ignorance. The vast majority of computer users do not know there are options in this regard or how to change them.

Re:DO we care?

[viperidaenz]

I say most people want to be tracked. There is a list of a billion people who said yes, please track me where ever I go and link all that information together with excessive amounts of data I voluntarily give out.

facebook.com

Re:Do Not Track for Windows Update

[iserlohn]

Which is way more than what your cookies gives away, including your complete list of software installed, MS specific information on licensing, and other bits of information which gives Microsoft the ability to track you via the IP address used to contact the Windows Update servers.

So how much of this is being kept, and for how long? Would you care to share?

Re:Do Not Track for Windows Update

[RobertLTux]

and this can be bypassed rather easily by

1 grab an update set using WSUSOFFLINE

2 use that media to do your updates

3 and an undisclosed number of OTHER computers

4 rinse and repeat as needed

best reason for DNT to be default ON

[RobertLTux]

I would bet that even if it was later set to ON (from default OFF) some advertisers would say

But we recorded you on 09/15/2012 at 15:24.35 as opting IN to our program and our policy is to not recheck past the first time.

so whenever a browser dumps and has to be reloaded (and the settings reset) there is a window that could be used.

Plus what happens if DNT is set to ON does the previous data need to be erased??

Re:Do Not Track for Windows Update

[iserlohn]

So why can't I have Do Not Track as default for that as well?

smoke and mirrors

[sdnoob]

microsoft loves to track its users and compile lots of user/usage data... and not just browser users.. DNT on by default makes them look like the good guys.. when we know they aren't.

similarly...

google makes more than some countries' GDP using user tracking data to maximize their profits. adding DNT to chrome makes them look like the good guys.. when we know they aren't.

smoke and mirrors.

___

DNT relies on compliance by the web site and server operators -- something that cannot be forced, legislated, or even audited...

DNT is WORTHLESS. a nice idea in concept, but is impossible to implement.