(eff.org) There is a lot of discussion about Do Not Track at the moment. The FTC has announced supportfor the idea; Mozilla has added a Do Not Track header option into Firefox betas, and Congresswoman Jackie Speier has introduced a Do Not Track bill. Other proposed privacy legislation, such as Rep. Bobby Rush’s bill, could also achieve similar objectives. And yesterday, EFF submitted comments urging the Federal Trade Commission to defend online privacy by supporting the header-based Do Not Track feature.
Do Not Track is important because it creates a policy mechanism to augment the privacy enhancing technologies that we currently have. There is an arms race between practical privacy tools and ubiquitous online tracking, and we fear that the trackers have powerful techniques that will almost always allow them to win the arms race against ordinary people.
Some other anti-tracking technologies have also been discussed a lot recently, including
Microsoft’s IE 9 Tracking Protection Lists, and AdBlock Plus with EasyPrivacy. These are great tools, and very much complimentary to the Do Not Track header proposal. We’ll be posting about them at greater length soon.
Do Not Track is a technically simple proposal: add a header1 to the messages that browsers and other HTTP clients send when they fetch web pages. The header simply requests that webservers not track the user’s behavior. It could be turned on if the user enters “private browsing mode”, or if they have enabled a separate configuration setting.
There is more flexibility on the policy side of Do Not Track: “what is tracking?” “what should websites do to avoid tracking users who set the DNT header?” “would any websites be required to comply with the header?
There is a spectrum of good answers to each of these questions. This post will try to set out what we think some of the good answers are. Read More