Feeds

MS tacks Mozilla 'Do Not Track' header onto W3C submission

Before you can say 'embrace and extend' ...

Choosing a cloud hosting partner with confidence

In a move that melds sneaky with shrewd, Microsoft has added Mozilla's Do Not Track browser header to the submission of its Tracking Protection proposal to the World Wide Web Consortium (W3C). This potentially leaves Google – the third of the three contenders for privacy-enhanced browsing – isolated in a self-regulatory alliance with a gaggle of US ad networks, while Microsoft sidles closer to the kind of solution the regulators are likely to go for.

Both the US FTC and the European Union are currently concerned about Online Behavioural Advertising (OBA) in particular, and the tracking of individuals across the internet in general. Mozilla unveiled its proposal, a Do Not Track browser header that expressed an individual's desire not to be tracked, in late January, practically simultaneous with Google's release of its own Keep My Opt-Outs. Microsoft added its Tracking Protection to IE9 late last year.

Although Mozilla's Do Not Track requires that websites and servers actually pay attention to the user's wishes as expressed via the browser, it has the virtue of being a universal approach to the issue, and it also conforms more closely to the wishes of the regulators. An FTC report last year recommended a Do Not Track browser setting so that "consumers would not have to exercise choices on a company-by-company or industry-by-industry basis, and that such choices would be persistent," while the EU's E-Privacy Directive requires that users be given an "informed choice" prior to having cookies placed on their machines. Neither body is happy about the largely unintelligible nature of current browser privacy settings.

Google's Keep My Opt-Outs and Microsoft's Tracking Protection have more immediate effect than Do Not Track, but they're limited, and really don't look like they'll cut the mustard with the regulators. Google has chosen to work with the Self-Regulatory Program for Online Behavioral Advertising, which you could view as the US ad industry's attempt to fend off legislation, and at the moment its system – a browser plug-in – is restricted to Chrome, and only allows you to opt out of OBA by about 60 US networks. And it is perhaps worth pointing out at this juncture that the ad industry does not necessarily view OBA and tracking as the same thing (see the FTC report linked to above).

Microsoft's Tracking Protection, on the other hand, relies on third-party white lists and block lists of "companies that offer poor privacy protection". It is not switched on by default, and it does potentially give you a great measure of control of what you wish to block or allow, as there's nothing stopping you building your own lists. Most people using it, however, will do so via third parties (eg TrustE), and most people probably won't switch it on in the first place.

But put that together with Do Not Track, and you have a potential winner – albeit still a fairly rudimentary one that will require at least the threat of a regulatory stick in order to be effective (although you could interpret the E-Privacy Directive as meaning it already has regulatory force in Europe).

Mozilla itself meanwhile feels that Do Not Track is the beginning of the discussion, not the end. "I think that all of the Do Not Track discussion is in its very early stages," Mozilla Foundation chairperson Mitchell Baker told The Register earlier this year. "Hopefully, the current proposals will ultimately look very crude." ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.