Feeds

MS tacks Mozilla 'Do Not Track' header onto W3C submission

Before you can say 'embrace and extend' ...

The essential guide to IT transformation

In a move that melds sneaky with shrewd, Microsoft has added Mozilla's Do Not Track browser header to the submission of its Tracking Protection proposal to the World Wide Web Consortium (W3C). This potentially leaves Google – the third of the three contenders for privacy-enhanced browsing – isolated in a self-regulatory alliance with a gaggle of US ad networks, while Microsoft sidles closer to the kind of solution the regulators are likely to go for.

Both the US FTC and the European Union are currently concerned about Online Behavioural Advertising (OBA) in particular, and the tracking of individuals across the internet in general. Mozilla unveiled its proposal, a Do Not Track browser header that expressed an individual's desire not to be tracked, in late January, practically simultaneous with Google's release of its own Keep My Opt-Outs. Microsoft added its Tracking Protection to IE9 late last year.

Although Mozilla's Do Not Track requires that websites and servers actually pay attention to the user's wishes as expressed via the browser, it has the virtue of being a universal approach to the issue, and it also conforms more closely to the wishes of the regulators. An FTC report last year recommended a Do Not Track browser setting so that "consumers would not have to exercise choices on a company-by-company or industry-by-industry basis, and that such choices would be persistent," while the EU's E-Privacy Directive requires that users be given an "informed choice" prior to having cookies placed on their machines. Neither body is happy about the largely unintelligible nature of current browser privacy settings.

Google's Keep My Opt-Outs and Microsoft's Tracking Protection have more immediate effect than Do Not Track, but they're limited, and really don't look like they'll cut the mustard with the regulators. Google has chosen to work with the Self-Regulatory Program for Online Behavioral Advertising, which you could view as the US ad industry's attempt to fend off legislation, and at the moment its system – a browser plug-in – is restricted to Chrome, and only allows you to opt out of OBA by about 60 US networks. And it is perhaps worth pointing out at this juncture that the ad industry does not necessarily view OBA and tracking as the same thing (see the FTC report linked to above).

Microsoft's Tracking Protection, on the other hand, relies on third-party white lists and block lists of "companies that offer poor privacy protection". It is not switched on by default, and it does potentially give you a great measure of control of what you wish to block or allow, as there's nothing stopping you building your own lists. Most people using it, however, will do so via third parties (eg TrustE), and most people probably won't switch it on in the first place.

But put that together with Do Not Track, and you have a potential winner – albeit still a fairly rudimentary one that will require at least the threat of a regulatory stick in order to be effective (although you could interpret the E-Privacy Directive as meaning it already has regulatory force in Europe).

Mozilla itself meanwhile feels that Do Not Track is the beginning of the discussion, not the end. "I think that all of the Do Not Track discussion is in its very early stages," Mozilla Foundation chairperson Mitchell Baker told The Register earlier this year. "Hopefully, the current proposals will ultimately look very crude." ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?