Categories
Security Web

Do Not Track – An Overview Of Internet Privacy

The Problem

When it comes to privacy on the internet, the user is very often left in the dark regarding how his or her data can be accessed and utilized by third parties. In this context, third parties can refer to “analytics services, advertising networks, and social platforms” [1] that can leverage a myriad of existing web technologies to track the websites you visit. These third parties can then use this information for various purposes such as directing advertisements toward more relevant audiences.

For example, if a website you visited decided they want to track their users’ web history, they could simply slip a clause into the privacy policy of their site (which can be intentionally obfuscated and is very rarely read by users) that would legally allow them to track your web history – even while you’re not on their site!

In an attempt to resolve this informational discrepancy (these third parties are within legal limits, just not fully transparent), the World Wide Web Consortium (W3C) proposed a specification known as Do Not Track which “is designed to enable users to opt-out of online tracking” [2].

The Proposed Solution

More specifically, Do Not Track sends an extra HTTP header along with your normal web traffic which suggests to a web server that you do not want your information to be used for any other purposes.

“Websites that track users across multiple first-party websites must check for the presence of the Do Not Track user preference. If a website detects that this preference is enabled, it must disable any tracking code or collection of data that can be used for tracking purposes, regardless of the level of identification of the user.” [3]

Unfortunately, the W3C lacks any power to enforce this bold proposal, and the cooperation of web administrators and programmers everywhere will be needed to correctly implement this policy. A prominent example of how not to implement this proposal can be observed on Google’s website:

“At this time, most web services, including Google’s, do not alter their behavior or change their services upon receiving Do Not Track requests. (Updated October 2012).” [4]

What You Can Do

For the majority of sites that do support Do Not Track, the user can enable it on any supported browser. Below are some instructions on how to enable the Do Not Track feature in three of the most prominent web browsers being used today.

  • Firefox
    • From the file menu: Tools > Options > Privacy tab
    • Choose “Tell sites that I do not want to be tracked” > click OK
  • Chrome
    • Option icon > Show advanced settings…
    • Under ‘Privacy’ check the box “Send a ‘Do Not Track’ request with your browsing traffic”
  • Internet Explorer 9 or 10
    • Gear icon > Internet options > ‘Advanced’ tab
    • Check the box “Always send Do Not Track header”
    • Click OK > close Internet Explorer > restart your computer

donottrackinfo

References and Further Reading:

Original proposal from the W3C:
http://www.w3.org/Submission/web-tracking-protection/

http://donottrack.us/
http://www.w3.org/Consortium/mission
http://ie.microsoft.com/testdrive/Browser/DoNotTrack/Default.html