The Privacy BlogPrivacy, Security, Cryptography, and Anonymity



FTC endorses "Do Not Track" concept

The WSJ reports on a recent FTC report endorsing the concept of a universal “do not track” registry similar to the “do not call” list. Predictably the advertising companies are unhappy, and privacy advocated are cheering.

I think that some kind of outside regulation is necessary and inevitable. Self regulation has not worked, and is very unlikely to work in the future. The self interest of the targeted marketers is too diametrically opposed to the principles of transparency and personal control.

The WSJ quotes Rob Norman, chief executive of WPP PLC’s GroupM North America, which buys ads on behalf of corporate clients as whining “FTC endorses ‘do not track’; an emotional goodbye to free content so kindly funded by advertisers.” Lets be clear, there is no “kindly” about it. This is all about making money for the advertiser. The “free content” is simply a delivery vehicle for ads.

Right now the exchange of information and access to the viewer is implicit. This proposal makes it explicit. I see no reason why sites could not, or should not, be set up to require users to opt in to be able to access the content. I would then have the ability to choose to opt out, go elsewhere, or pay to be free of tracking.

The rapidly increasing use of “evercookies” and other very hard to remove tracking techniques shows just how resistant to user control these companies really are. Where the tools and standards exist for users to delete tracking information, the marketing companies are creating new tools to make your choices ineffective.

As if more proof were needed, the marketing companies suggest opting out through their about ads website. Of course, if you want to opt out, you must enable third party cookies on your browser, which simultaneously exposes you to much more effective and intrusive monitoring.

Anonymizer will continue to innovate with new technologies to stay ahead of this arms race with tools like our new “Nevercookie” plugin.

· · · · · · ·


  • Brad B · December 3, 2010 at 11:45 am

    How odd. This opt-out won’t keep anybody from advertising on the Web; it only stymies marketers’ efforts to target their ads to specific groups of people.

    While it’s certainly a game of numbers and margins, it’s nowhere near as dire as the advertisers are attempting to paint it. “Free content” can still be “a delivery vehicle for ads;” the only thing being taken away is their ability to determine in advance which ads might be most effective.

    In any case, given the plethora of methods used to track Web surfers these days (Phorm, anyone?), I question the efficacy of a “Do Not Track” list to prevent all trackers from being successful. It’ll just turn into an arms race between the list maintainer and the marketers. It goes without saying that the Internet is far more complicated than the public phone system.


  • Nameless Citizen · January 9, 2011 at 1:35 pm

    I downloaded the Nevercookie program and it won’t install
    on my fully updated Windows 7 64 bit Ultimate machine. Something to
    do with not having .xpi capability. I have Firefox, which seems to
    have something to do with it. I tried downloading programs from the
    net that purported to make installing .xpi programs possible, to no
    avail. I suggest that you include a reliable program as a download,
    to resolve this .xpi issue and direct people to install it first,
    and them install the Nevercookie. Or re-write the Nevercookie in a
    way that makes it universally useable. Thanks


    • Author comment by lance · January 10, 2011 at 7:30 am

      Nevercookie is not a fully supported product. It was developed in our lab, but we thought it was too important not to release.


  • Brad B · February 14, 2011 at 9:29 am

    Interestingly, a bill has been proposed in the House that will supposedly implement and enforce the “Do Not Track” concept.

    I still see many holes in such a plan, but I’m glad lawmakers are paying serious attention to this issue. Here’s hoping that committees and such don’t turn this bill into a toothless monstrosity that pays nothing but lip-service to privacy concerns.


  • Brad B · February 15, 2011 at 8:14 am

    And, amusingly, today’s Dilbert is apropos to this issue:

    Dilbert 2011-02-15


  • J McM · March 14, 2011 at 5:22 pm

    Of course it will be a cat and mouse game, until a couple mice get stepped on by Federal prosecutors.

    Get the bill passed, then amend the law and enforce it as necessary.


  • Brad B · March 17, 2011 at 5:40 pm

    An interesting article on Wired a couple of days ago speaks to this subject:
    Add-On Gives Power and Nuance to ‘Do Not Track’

    What do you think about this, Lance? Are sites likely to respect such browser headers? In my experience, Netizens are unlikely to voluntary cede control of anything, especially if there’s a chance of such a concession affecting their money-making capabilities negatively.


    • Author comment by lance · March 17, 2011 at 5:48 pm

      Without some kind of enforcement teeth, I think it is unlikely that most websites would honor the DNT flag. Even if there were teeth, it would probably only apply to services provided from within the country. There is discussion of requiring US firms to push down contractual terms to comply with this on any of their vendors, advertisers, or providers.
      P3P was a voluntary privacy policy ontology which was designed to allow your browser to automatically allow or block content based on the associated privacy policy. It did not get any traction at all. This is likely to follow the same path, but with good browser adoption and consumer awareness, we can hope. Legislation might help, but I always worry they will do more harm than good.


  • Brad B. · April 18, 2011 at 10:43 am

    More on “Do Not Track,” showcasing the inability of such attempted governance to actually have an effect:

    Google Holds Out Against ‘Do Not Track’ Flag

    “Even if Google adopts it, right now the tool is in some ways toothless.”

    Hm, I think I’ve used that adjective before…


  • Brad B · May 9, 2011 at 3:11 pm

    And now:
    Google, Facebook: “do not track” bill a threat to California economy

    Unsurprisingly, once the bill was actually introduced in the state legislature, the companies who stand most to lose by its passage speak out against it.

    (I cringed when the author messed up an idiom at the beginning of the last section, but this seems to be the most original source on the ‘net for this news. Most other coverage is scraping/republishing it or providing commentary with a link to that story.)


  • Brad B · July 31, 2011 at 7:01 am

    Interesting new tracking system discovered:

    Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged

    One of the more intriguing things in that article is the link to the KISSmetrics page on “how it works.” Who knows how recently that page was changed? Has it always explicitly mentioned using “standard first-party cookies”?


Leave a Reply