EFF, Other Privacy-Focused Groups Announce New 'Do Not Track' Standard

By Lucian Armasu
published

The Electronic Frontier Foundation (EFF), along with Medium, DuckDuckGo, Disconnect and Adblock, announced a new Do Not Track standard that promises to be both stronger and more practical for websites to adopt.

After a few years of arguing between browser vendors, privacy advocates, advertising companies and websites, all major browsers now support the Do Not Track standard. However, the current standard is completely optional for websites to follow, even if all browsers keep it opt-in rather than opt-out.

Users still need to enable it first in their browsers before the request header is sent to the websites. Then the websites and other third party sites can decide whether to respect it or not. The advertising networks particularly didn't like it when Microsoft decided to implement it by default in Internet Explorer, removing user choice from the equation.

Of course, being optional, the ad networks didn't have to follow the standard anyway. However, they might have been worried that it would look bad for them to not comply with the DNT request, so they decided to persuade Microsoft in making DNT opt-in for its browser, as well. They finally succeeded earlier this year, when Microsoft agreed to make DNT opt-in in the new Windows 10 Edge browser.

In the new DNT standard, there's a distinction between the first-party and the third-party. If the first-party (the website you're visiting) complies with DNT and accepts the tracking restrictions set forth by the standard, then the third parties won't be able to collect data on the users unless the users interact with those third parties directly. For instance, a social media "like" button won't be able to collect data on the users automatically unless the users click on that button.

According to the new DNT standard, all compliant entities should not collect unique identifiers such as cookies, fingerprints or supercookies from DNT users. The new standard also limits how long websites can retain user data -- it's a maximum of 10 days, after which they can only keep aggregated and de-identified records for modelling readership patterns, usage statistics and so on. The policy also provides guidelines to ensure the users won't be re-identified.

There are also some exceptions to these guidelines, such as when the data needs to be retained for law enforcement purposes (according to law) or when it's needed to perform a transaction, such as when an address is necessary for a package delivery.

According to the EFF, if a site has obtained clear permission from the users to track them in order to support the site financially or for other reasons, then the sites can also remain DNT-compliant.

When sites don't want to abide by any of the new DNT guidelines, their trackers may simply be blocked by extensions such as Adblock, Disconnect and EFF's own Privacy Badger, giving sites an incentive to respect the users' DNT requests.

Follow us @tomshardware, on Facebook and on Google+.

Lucian Armasu
Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
5 Comments Comment from the forums
  • Unolocogringo
    I have it enabled in IE and Firefox.
    Ad companies just ignore it and try to install cookies any way.
    I use Ghostery FF and Blur for IE.
    I never gave any of these advertising company's permission to install spyware on my computers.
    Of course the NEW Windows 10 is as bad as Android, which keeps track of everything you do,where you did it , and how long you did it and reports all of the information back to Microsoft.
    I could not find any way to disable it in the preview versions ,so I will not be downgrading to windows 10.
    Reply
  • Marcus52
    The stuff about Win 10 being more of a spying thing from Microsoft is largely BS. It's pretty much the same as it has always been, except for Cortana.

    Cortana is designed to be an electronic "personal assistant". Of course it needs more personal information to give you a tailored response, no one should expect anything different. If this is a problem for you, simply don't use Cortana.

    But anyone with any kind of smart phone is being silly to worry about Microsoft mining personal information.
    Reply
  • dstarr3
    Whether or not this causes blocked tracking, it's still a big step in the right direction.
    Reply
  • eriko
    The stuff about Win 10 being more of a spying thing from Microsoft is largely BS. It's pretty much the same as it has always been, except for Cortana.

    Cortana is designed to be an electronic "personal assistant". Of course it needs more personal information to give you a tailored response, no one should expect anything different. If this is a problem for you, simply don't use Cortana.

    But anyone with any kind of smart phone is being silly to worry about Microsoft mining personal information.

    Hello there Sir.

    As a network engineer, let me be the first to tell you that my logs indicacte that every keystroke you make in Windows is uploaded to Microsoft.

    Every program you open causes yet more packets to be sent to MS, as they are encrypted, I can assume they contain the executables' attributes of the chosen program.

    Furthermore, they take copies of all your contacts too - they are uploaded also.

    I can see no acceptable reason for any of this behaviour, and thus I will not use it on my main machines.

    There is of course other privacy concerns with Windows 10, just do a little searching for yourself, rather than making gross uninformed statements regarding a topic, for which you clearly have no knowledge of.

    Peace out.
    Reply
  • wiyosaya
    This seems more like a feel-good standard rather than something with any meat in it. Supported by the EFF or not, unless it is forced on them, no internet scum will use it, and certainly being used on internet scum is what would make this in any way valuable.
    Reply