Slashdot Mirror
'Do Not Track,' the Privacy Tool Used By Millions of People, Doesn't Do Anything (gizmodo.com)
An anonymous reader quotes a report from Gizmodo: When you go into the privacy settings on your browser, there's a little option there to turn on the "Do Not Track" function, which will send an invisible request on your behalf to all the websites you visit telling them not to track you. A reasonable person might think that enabling it will stop a porn site from keeping track of what she watches, or keep Facebook from collecting the addresses of all the places she visits on the internet, or prevent third-party trackers she's never heard of from following her from site to site. According to a recent survey by Forrester Research, a quarter of American adults use "Do Not Track" to protect their privacy. (Our own stats at Gizmodo Media Group show that 9% of visitors have it turned on.) We've got bad news for those millions of privacy-minded people, though: "Do Not Track" is like spray-on sunscreen, a product that makes you feel safe while doing little to actually protect you.
Yahoo and Twitter initially said they would respect it, only to later abandon it. The most popular sites on the internet, from Google and Facebook to Pornhub and xHamster, never honored it in the first place. Facebook says that while it doesn't respect DNT, it does "provide multiple ways for people to control how we use their data for advertising." (That is of course only true so far as it goes, as there's some data about themselves users can't access.) From the department of irony, Google's Chrome browser offers users the ability to turn off tracking, but Google itself doesn't honor the request, a fact Google added to its support page some time in the last year. [...] "It is, in many respects, a failed experiment," said Jonathan Mayer, an assistant computer science professor at Princeton University. "There's a question of whether it's time to declare failure, move on, and withdraw the feature from web browsers." That's a big deal coming from Mayer: He spent four years of his life helping to bring Do Not Track into existence in the first place. Only a handful of sites actually respect the request -- the most prominent of which are Pinterest and Medium (Pinterest won't use offsite data to target ads to a visitor who's elected not to be tracked, while Medium won't send their data to third parties.)
Yahoo and Twitter initially said they would respect it, only to later abandon it. The most popular sites on the internet, from Google and Facebook to Pornhub and xHamster, never honored it in the first place. Facebook says that while it doesn't respect DNT, it does "provide multiple ways for people to control how we use their data for advertising." (That is of course only true so far as it goes, as there's some data about themselves users can't access.) From the department of irony, Google's Chrome browser offers users the ability to turn off tracking, but Google itself doesn't honor the request, a fact Google added to its support page some time in the last year. [...] "It is, in many respects, a failed experiment," said Jonathan Mayer, an assistant computer science professor at Princeton University. "There's a question of whether it's time to declare failure, move on, and withdraw the feature from web browsers." That's a big deal coming from Mayer: He spent four years of his life helping to bring Do Not Track into existence in the first place. Only a handful of sites actually respect the request -- the most prominent of which are Pinterest and Medium (Pinterest won't use offsite data to target ads to a visitor who's elected not to be tracked, while Medium won't send their data to third parties.)
"porn site from keeping track of what she watches"
umm...right....
I use spray-on sunscreen all the time. Why are you saying it doesn't do anything?
Same is true of on-site privacy settings. Simply asking a site to behave does nothing. Enforce it by blocking their servers, and deleting their cookies. Don't use the site at all, if practical.
The major advertisers had agreed to follow the standard. Then Microsoft quickly killed any chance of that happening by violating the standard in their browser. The agreement was that users could actively choose send DNT, selecting privacy over customization.
Microsoft made it the *default* setting, so a DNT header was sent for everyone, though most people have never heard of it. There is no chance that sites would a) degrade their site and b) lose money, by default, for every Windows user. Once Microsoft did that, the only reasonable thing for sites to do was ignore it.
Had Microsoft NOT violated the standard by setting it as the default, there would at least be a chance the the advertisers would have respected it for the small percentage of users who actively made that decision.
Ironically, the 'do not track' bit can be used as a piece of data to help track people.
All along, the hope was that governments would mandate respecting the 'do not track' flag. AFAIK no such thing has happened anywhere. If there are no big business interests behind it (a la Net Neutrality) it's very unlikely politicians will pay attention to it. OTOH, Congress is currently looking into privacy issues regarding Google and Facebook, so now would be the time to push the US govt. to mandate respecting the DNT flag.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
Is anyone surprised?
The only actual solution is to ban all advertising.
Until you kill this problem at the source, you'll never get your privacy back.
Yes this will kill a trillion dollar industry, but who fucking cares. We have to accept we've gone wrong. We went down the wrong developmental path, we need to back out, and choose a different path.
One not based on mass-surveillance and mind-control.
Packets with nefarious intent are still required to set the Evil Bit.
I don't know how my evil filtering firewall would stop evil if the packets were lying.
I don't recall Microsoft's implementation violating any of the published specifications. It didn't conform to what the advertisers wanted (opt-out implementation with the default being "allow to be tracked"), but it doesn't violate the spec. To quote from the spec (Tracking Preference Expression W3C Editor's Draft 07 March 2016):
Microsoft's browser is advertised as having this preference set by default, so the decision to use it by a user, knowing what the default was, would imply they wished to have DNT set by default. That this would result in less tracking than advertisers wish... doesn't seem to me to be within the scope of the standard. Every time users (as opposed to advertisers) have been surveyed, the results seem to heavily support an opt-in model where tracking is not permitted unless a user opts in to tracking (similar to the results for email where users heavily favor a model that does not permit email contact unless the user opts in to email contact).
Lol no. Advertisers were looking for even the tiniest excuse. If Microsoft hadn't enabled it by default, then the advertisers would say that noone knew about or was activating DNT, therefore they weren't going to waste time and money coding in a separate codepath to respect it. How many people were still using MS browsers at that time, anyhow?
Honestly that excuse wasn't needed, since it was a simple "money lost from not supporting DNT | money lost from supporting DNT" calculus with the latter being much more costly since there wasn't nearly enough consumer push for DNT.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
"They" has also been used as a singular gender-neutral pronoun for centuries. Full stop.
Read and learn.
So then, it does something ... it sharpens up browser fingerprinting by making one more unusual ... It would be strange if that information weren't being used to track visitors.
Everybody was right about DNT. News at 11.
Seriously, probably half of us here could dig up some old comment they made where they said exactly this would happen.
Assorted stuff I do sometimes: Lemuria.org
DNT settings in browsers.
Then stop blindly accepting cookies.
The toss in uBlock Origin and Privacy Badger to see how bad the trackers really are. I have hit pages with 40-60 different trackers being blocked, Looks like 18 on this page
Save yourself the time and punch these fuckers where it hurts the most.
The best part is, with Nano Blocker you can watch the ad blocking arms race happen in real time. When an ad leaks through, the speed at which it gets fixed amazes me.
The fuckwits writing the standard as voluntary killed any hope of it being successful. MS were the only ones that had a sane approach at the time with everyone else demanding you had to know about the feature and find it and turn it on. basically they were trying to make this a feature for the technically savvy only hence it was a fail right from the start. Incidentally MS didn't violate the standard, they changed the standard to make what MS was doing a violation as they realised everyone would want the feature on.
You say Microsoft broke DNT because they actually used the header, so poor tracking networks had no choice but ignore it. You don't seem to realize that your complaint is a real life example of a catch 22: ad slingers promise they'll respect the DNT header only as long as users promise not to use it.
The reality behind this absurd design is more interesting: the alleged "standard" had never been anything more than a publicity stunt orchestrated by Google and their (at that time) lapdog Mozilla. The reason why they did that was to block a competing DNT mechanism, proposed by Microsoft as a W3C standard. Microsoft's design stopped your browser from connecting to a tracker site completely. It didn't rely on the tracker's good will and honesty; it was a pro-consumer, not pro-ad industry solution.
Google realized the danger, and proposed a different mechanism (the current "standard"). Via their membership in the Digital Advertising Alliance and other ad industry groups (participants in the W3C's standardization commitee), they forced it through, with great fanfare, thus blocking the consumer-friendly alternative.
The ridiculousness of the design was obvious at the time. Just a few things: it's impossible to enforce your settings against a non-cooperating site. It's impossible to even confirm whether your request is being honored. There's no mechanism for a site to notify you in advance that it won't respect the DNT header. Add the fact that it's opt-out (leaving the less-technical majority of users unprotected by default), and it's pretty clear who the "standard" was for - hint: it was not for consumers.
If you want to blame somebody, you should pick Google and Mozilla. All Microsoft did is call the ad industry's bluff and expose Google's DNT for the lie it always was.
I'm sure that it was placed there purposefully to trigger uptight twits such as yourself.
...back to using the evil bit for our protection.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Lighten up sunshine, the word 'she' is used exactly 3 times, are you really that sensitive?
I often use an incognito window or a privacy browser (like firefox focus), which gives me a cookie wall everytime I visit a website. I wish it would be possible to tell their cookies aren't saved any longer than needed and I can't be tracked that way (and they don't have to show me their cookie wall).
Yep, I agree. This is one example of a time where Microsoft did exactly the right thing - privacy by default, and was one of the most shameful aspects of Mozilla's downfall, refusing to support privacy by default. For me, this was a major factor in dropping Firefox, as soon as it became abundantly clear that they favoured large ad networks over the user using logically invalid and morally bankrupt arguments to justify their stance it was ultimately the icing on the cake that pushed me over the edge having already lost patience with the technical ineptitutde of Firefox's staff through their repeated failure to secure their browser, fix memory leaks, and maintain decent performance on top of the general UI design failings as it went down hill.
The one thing that hasn't happened with DNT yet that really needs to happen is a big court case - I'd wager if you've set your browser to tell a site to not track you, but it does so anyway through wilful refusal to acknowledge your request then there's a fairly easily winnable case here, at least in the EU, certainly under GDPR this would now be seen as wilful infringement.
This for what it's worth is how I always saw DNT ultimately working; not as some solution that would ever work technically for the reasons you cite, but as something that could in theory provide perfect legal ammunition, regardless of Google's arrogance in believing they'd pulled a fast one.
I would wager any push to now remove this functionality is an attempt to try and avoid the inevitable legal consequences of willfully ignoring a user request not be tracked which is a legal right under GDPR, and likely many other data protection legislation across the globe. It's for this reason that this feature MUST stay because ad networks can not pretend they somehow have user agreement to track people, by keeping this in, and continuing to ignore it ad networks are admitting that they're tracking users against their will, which again, in some jurisdictions is almost certainly now illegal. If the feature is removed then ad networks can once again play ignorant and pretend they didn't know a user did not want to be tracked.
Open source content was available on the Internet several decades before two Utah lawyers published a book on how to spam, which itself was about a decade before most sites were ad-based.
An even better solution is to require people to take responsibility and ownership of their own stuff. No cloud, no central commercial providers, just personal servers. Security just requires a decent installer and an adequate patch release system.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
You make it sound as if watching porn is a bad thing.
Don't fight for your country, if your country does not fight for you.
It's odd that it doesn't happen in other languages. It's even odder that nobody actually proposes it for English. It's fascinating that gender-neutral defined the poetry and fluidity of English for its first thousand years, with the whining by the right being limited to the last ten.
It's almost as if people want to create an insult to a subject they don't understand. They try their best, but fail miserably.
It's complaints like this that make me despair of humanity. Honestly, Slashdot used to have intelligent geeks. Maybe it still does, relative to the population. Jumping off a bridge has more appeal than this crap.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
They is singular and plural. Has been for 1,500 years. If you're that far behind, great choice on longevity products but you need a better English teacher.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I don't recall Microsoft's implementation violating any of the published specifications.
It didn't violate the standard, but it certainly violated the spirit. Microsoft's action was designed to sabotage DNT. It was a successful attempt at "Embrace, Extend, Extinguish", the same strategy they employed to kill so many other standards.
DNT was intended to indicate an affirmative desire to not be tracked. It was never intended to merely indicate laziness and apathy.
Microsoft knew they were destroying DNT. This was clear, intentional evilness.
Style guides say s's is acceptable. I call it a hanging offence.
Style guides mean nothing. English is defined by custom and custom for the last 1,500 years says they is singular and plural. No style guide in the world can dictate to historic and customary use.
Besides, the guide is wrong.
The origin of the determiner they (âoethe, thoseâ) is unclear. The Oxford English Dictionary, Joseph Wright's English Dialect Dictionary and the University of Michigan's Middle English Dictionary[4] define it, and its Middle English predecessor thei, as a demonstrative determiner or adjective meaning "those" or "the".
(Source: Wikipedia)
"The" is most definitely singular. If you're going to accept the 'pedia, you have to accept this as the quintessential fact, the style guide as merely a recommendation for presentation.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
The Microsoft proposal is basically Ghostery, uBlock, etc. but with a standard protocol for obtaining the blocking lists.
Question 1: Does it add value?
Tracking customers doesn't actually add anything. Knowing someone bought a spade does NOT mean they want adverts for spades. Big data analysis works on aggregates, not individuals, and automatically personalized content is rarely what the person wants.
Question 2: Does it improve service?
Complexity is the enemy of both throughput and stability. If there is no business case or technical case for tracking, you're adding complexity and therefore degrading service. Degraded service degrades customer numbers.
Question 3: Where is the profit?
It is not enough for a feature to make a marginal improvement. The feature costs money to add, costs money to store the data about, costs money to maintain and costs money to digest. That's a lot of money. If you can get equally good results without spending that money, you're in a stronger position.
Question 4: Can you maintain security?
The economic value of data is lost if your competitors have your data. Worse, the PR damage will cut into your customer base and the fines and other legal damage will degrade your finances. Have you got the ability to protect that information, knowing most businesses out there have shown they do not?
I doubt any company out there can answer those questions honestly and conclude that tracking is useful. They do it because everyone else is and they don't want to be seen as lagging behind. It's all about image and anxiety.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
https://www.eff.org/privacybad...
it's not as effective as a blocker with loads of blacklist, but it tries to block DNT violators while give some awards to those who are willing to respect DNT...
It's like consumer activism, I don't think it will success most of the time, but I still want to do it anyway...
DNT was fucked and evil right from the start. It was designed to stifle and block efforts to create a standard that took control out of the hands of the advertisers and put it in the hands of consumers. The advertisers led by google came up with the DNT which they basically promised to honour as long as no one actually really used it. The whole thing was bullshit from the start, calling MS evil for this is like calling Van Helsing Evil for murdering Dracula.
All we need now is a law that actually makes it do something.
Having the button already there makes that easier to sell.
Go Europe!
Microsoft may be evil, but they didn't kill DNT. DNT was useless from the start. Consider, if only a few used DNT:
1. Most would not care about DNT, because almost nobody uses it. Why waste the effort of supporting it?
2. Information about DNT somehow goes viral. The masses, tired of ads, enable DNT in their browsers. DNT becomes the fad of the month.
3. The majority (or signigicant minority) uses DNT, so businesses choose not to use it - for the same reasons they choosed not to use it when Microsoft made it default.
DNT didn't have a chance - and it didn't matter. Too little too late, we have proper adblockers in place now. We don't merely avoid being tracked - targeted or not, we neither see nor download the ad itself! We save the screen space the ad used to occupy, the bandwith it used to eat, and the sound card is not turned on blaring stupid ads.
We have javascript sanitizer sw now, and we are never ever going back. And no, we honestly don't care if some ad-supported websites see falling revenue or even disappear. The idealist websites before web ads were enough for us - we won't mind a revert to that state of the web. In the meantime, we will freeload on ad-supported sites with impunity.
Why not use "it"? It is a perfectly fine gender-neutral pronoun.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
what a load of crap. The standard did exactly what it was intended to do, it has been 100% successful. It was created purely to delay any real action that was been suggested by governments and pushed by other standards at the time. DNT was never designed or intended to succeed as a technology in itself, it was purely google, Mozilla et al protecting the Ad industry from much harsher measures. It is truly disappointing that google got away with this. I mean for fucks sake the whole promise was "as long as this isn't widely adopted by users we will honour it", not "we will honour a user affirmative desire", the honouring the affirmative desire was seen as a way to build in usage limitations so that it would never have any affect.
they forced it through
According to this link Google was one of the ones who objected to it, not one of the ones who forced it through. The people who voted for it included other browser developers like Mozilla and Microsoft.
The EFF backs Do Not Track. It's imperfect but it's a wedge we can use to push for legally required compliance. The user has made a clear statement that they do not wish to be tracked.
It's tempting to think that having privacy enhancing add-ons is the answer, simply blocking ad servers and tracking cookies. But those things are far from the only methods used to track you, and if you want to interact with all but the most trivial web sites you can't block it all. So the only real solution is to legally mandate that companies don't collect that data, i.e. DNT with legal enforcement. Or do like the EU did and require an explicit opt-in to tracking.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Or they, their and theirs. English already has gender neutral pronouns for this purpose.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
I agree. E.g. 'It puts the lotion on its skin, or it gets the hose again.'
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
1. Never search for anything while logged into Google, Facebook and so on.
2. At least try to make it harder for the Powers that Be to know how or what you do on the Net Use a VPN.
3.. Run Linux and a VPN and use one Browser to get your mail gmail.com but never search from a logged in Browser I have 5 to 8 Different Instances of the Browser running on 16 Virtual Desktops.
4. If you are on eBay use one Browser for that if you stay logged in anyway but never do Internet Search from that Browser.
And they Call Me Paranoid, But it is a the sign of the Times, Big CORPS want all your Info don't just hand it over without Resistance.
In a certain way DNT actually does something - I encounter sites that refuse to show data if there is any adblocking mechanism active in the users browser. If I deactivate the current adblocking script they still refuse to work and mourn about "private browsing" or "do not track"-settings still active. This is the very moment I don't want to visit the site. See: adblocking scripts are too ad-friendly now ;-)
25% of American adults use "Do not track", but hey, non-geek Gizmodo visitors obviously have more trouble finding the "Do not track" option in their browser settings than the average American. So much for the credibility of the Forrester Research study. And for Gizmodo, wittingly distributing bogus research results.
The only news I see is that spray-on sunscreen doesn't do anything? I've been using it for years and years, and while the chemicals in it may cause premature aging I don't get sunburned using it, so... What gives?
-
It was never going to work even if Microsoft hadn't "sabotaged" it. Content providers would look at DNT and say "right, so it's going to cost me money to implement this, and when I've done it, I'll get a reduction in revenue". There's no chance that's going to fly.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
You don't seem to realize that your complaint is a real life example of a catch 22: ad slingers promise they'll respect the DNT header only as long as users promise not to use it.
Not quite. The original idea was advertisers promise to respect the DNT header only as long as users meaningfully make the choice to not want to be tracked. Changing defaults screwed this entire principle.
The inherent lack of clarity is bad enough, but it pales in comparison to the real problem, which is that are very few good actors on the other end of the wire, and an end user has no way to scrutinize them. By the time it is divulged that SiteX is illegally ignoring DNT and storing information outside whatever the local law permits, it's too late - the information is already sold to a thousand different data brokers and it is as undeletable as a nude selfie posted publicly to Facebook.
The only meaningful solution is to build the protections into the client side, so that the client is prevented from sending data that can be gathered by the server end. The server cannot, and can never be, trusted by the end-user. It's disappointing that the options we have in browsers (even with extensions) are still relatively coarse. For example, we need the ability to block all active scripting (including that embedded in a page, not just by blocking specific URLs to malware Javascript sources) except for a small whitelist of items critical to the function of the site. We need a way of blocking particular APIs from being accessed by active web content (there is NO reason why a website needs to know my battery level on a mobile device. If there was a reason, it would be a very limited use case that I would only enable for that one particular site. Same principle applies to a lot of the data that's used to fingerprint browsers).
Specially Privacy Badger, whose authors are in the EFF and which is easily adjustable per-site if needed.
For me tracking is an issue of the past -as long as Privacy badger lives
Now I wrote that, I have to consider a donation to EFF... the cat T-shirt is nice...
Herve S.
Did anybody really expect "do not track" to do anything? The "do not track" flag asks low-life web advertisers not to track you, not to harvest your personal information. Why would those advertisers follow your wishes to not track you.
Speaking of "evil" it reminds me a lot of the "Evil Bit". Let's just just make a thing that we send to web sites so that they don't track us. Of course, everyone will comply and nobody would ever track them if you asked them not to. They actually directly link to the Do Not Track article right in the Evil Bit Article.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
"'Do Not Track,' the Privacy Tool Used By Millions of People, Doesn't Do Anything"
Is "tracking" one of the things it doesn't do? Because that's good. Otherwise it does do something. And that's bad.
I don't expect it to do anything, I use it as a form of protest.
"When information is power, privacy is freedom" - Jah-Wren Ryel
> Microsoft ... tried to represent the best interest of the users
How exactly is killing DNT in the best interest of the users?
What exactly did they accomplish that is in your best interest?
There was 0% chance that Google and all the other advertisers would stop tracking anyone by default. You can say they "should", fine whatever, that wasn't going to happen, not remotely possible.
What the advertisers had agreed to do was not track users who had explicitly chosen that, with the standard explicitly saying it cannot be the default for a general-purpose browser. Therefore by obscuring who had actively made that choice, the only effect of Microsoft's move was to hasten the death of DNT. I don't see how that's good for users.
For a long time I thought DNT was a browser-level control. Meaning when you turn it on, the browser won't send tracked info to the site. When I realized DNT simply declares that you don't wanna be tracked and it's still up to the site owners to honor your wishes... I thought I was a damn big waste of effort to create a feature that in fact misled millions of people.
Expecting Facebook and Google to honor your wish not to be tracked? Are you out of your phucking mind? They make money by tracking. If they are forced by the government not to track, they may as well fire all their employees and shutdown their businesses.
So.. I suppose this is a good day to come clean and admit that I'm one of the people who thought (and said) DNT is basically a good idea. I still do think it's a good idea .. or rather, it was. And while I can see you probably disagree with me, you've also put your finger on how we might come together (but see below, because we still might not).
We had to ask, before we could justify making demands. DNT was a way of asking.
And yes, Microsoft undermined it so that if you ran MSIE, then your browser said you were asking, even though you hadn't actually asked. But really, how many people run MSIE? (Even 5 years ago.) How responsible is Microsoft for the strategy of asking, ultimately failing? Even as a DNT proponent, I can't really throw a lot of blame on them, and I think their conscious effort to kill DNT isn't really why it failed. It might have played a role, but the bigger reason that asking failed, is that we were asking one of the most wretched hives of scum and villainy in the entire history of human civilization: the modern ad industry.
Anyway, though, asking did fail. But I'm glad we tried. Check off that box. We can now say we asked nicely and our request was ignored. Escalating the conflict is no longer unreasonable, and we have something to point to the next time the adversary says "trust us."
On the other side of the coin, though, there are some basic principles that I hope we protect, and I know these things are at risk, and it's one of the reasons I had hoped that maybe, just maybe, DNT would have worked:
I don't think a government should be able to tell people what they're allowed to do internally on their own computers and their own storage. If you don't like that people remember all the information that you constantly go out of your way to give them, then stop sending it! It's the sender's responsibility, not the receiver's.
I hope that any legislative approach is somehow based on the initial acquisition or later exchange of the information, but does not restrict in any way that people are allowed to remember what you tell them, think about it, and act upon their thoughts. And my computer is my agent, so I want this freedom from thoughtcrime extended to my computer. Now, you can regulate me passing the information to other people! I think we all knew that, eventually, every person (yes, you, reader) is going to lose some speech rights in the conflict of the people vs the ad industry (though they're commercial speech rights, so this is hardly unprecedented). But I'd rather we stick to limiting our freedom of speech, before we even consider limiting freedom of thought. And yes, that's how high I really think the stakes are and I don't think I'm overdramatizing it. This has all the potential to lead to DMCA-level of evil. (Another law where I'm not interacting with anyone else, but somehow the government wants to limit what I can internally do on my own computer.)
If you willingly send the info to me, I get to have it. And whatever laws you pass to prevent this, will be selectively enforced because you can't tell what someone is internally doing until you already violate their privacy by crawling into their brain/computer. As if we need more selectively-enforced laws. *sigh*
Regulate the exchange of information between different entities. And possibly regulate (if you must) the policies that result in the info being sent in the first place. Cross-domain requests should be disabled by default; sorry CDN users. Sorry, guy who loads jquery from somewhere else. I'm shocked that this might have to become law, but for whatever fucking reasons, our browsers still do a thing that we all know is bad. That should have been addressed before we even tried DNT.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
only as long as users meaningfully make the choice to not want to be tracked.
Changing defaults screwed this entire principle.
I don't see things quite this way; the whole approach is really weaselly to begin with. The ad industry knows full well that the majority of users don't have the information or knowledge to make this meaningful choice. It cynically intended to use the consumers' lack of information to profit from them, at the same time touting its virtuousness in providing this scam of a standard. When somebody - Microsoft in this case - takes a measure to protect users by default, the ad industry throws a hissy fit, and discards the whole standard. The very fact they were able to do this demonstrates how much of a lie the DNT standard was.
Let me suggest an analogy: a city's Thieves Guild objects to a new municipal ordinance that requires all new homes to have a lock. They propose a competing standard: citizens that are concerned about their possessions should put a sign on the lawn, saying "Please don't rob this house, Mr. Thief", and they promise they won't rob those houses, as long as there aren't very many of them around. Of course, most citizens don't know that the standard exists, and they don't put the signs up. When a home builder starts installing the sign on all new houses, some citizens - like the GP - accuse them of breaking the standard and forcing the poor Thieves Guild into ignoring signs and robbing houses anyway. They say home owners who really don't want to be robbed should instead make a meaningful choice and install the lawn signs themselves. Does this sound ok to you?
'Do Not Track,' the Privacy Tool Used By Millions of People, Doesn't Do Anything
Who was ever foolish enough to think that it would? It's 100% voluntary with no teeth and no enforcement power whatsoever.
It was instantly seen as a scrumptious list of people who didn't want to be tracked, and therefore of immense value to spammers, marketers, government agencies, etc etc etc.
It's like a "Do Not Mug" list, where you publish your name and the amount of cash you have in your pocket, along with your home address.
Just cruising through this digital world at 33 1/3 rpm...
This "Standard" was stupid from day one.
Hell, I illustrated why it was stupid back in 2012 with a fairy tale story nonetheless.
The fact that it took 6 years for people to realize that it was stupid just affirms to me that either people are gullible idiots, or I can see the future.
In Soviet Russia, Trojan exploits YOU!
Oh I agree it was weaselly and had no teeth. What I'm saying is the original principle was palatable for the advertisers. That changed when it became opt out instead of opt in.
You said it yourself: "The ad industry knows full well that the majority of users don't have the information or knowledge to make this meaningful choice."