DNT: Do Not Track Service
The Do Not Track header is a proposed HTTP header field that would request a web application to disable either their tracking or their cross-site tracking (the ambiguity has not been resolved yet) of a user. The “Do Not Track” header was originally proposed in 2009 by researchers Christopher Soghoian, Sid Stamm, and Dan Kaminsky. It is currently being standardized by the W3C.
In 2012 Microsoft was the first to announce support to Do Not Track service for its browser Internet Explorer. Later Mozilla Firefox also supported DNT mechanism in their browser. Very soon all the browsers started adopting DNT mechanism except Google Chome which is yet to support DNT in their Browser’s Stable versions. Now Google chrome has decided to add Do Not Track in their Chrome browser by the end of this year. Google released a large portion of Chrome’s source code as an open source project called Chromium which Chrome releases are still based on. Chromium project released a beta version last week that includes the Do Not Track (DNT) privacy setting.
Google Chrome had 32.76% worldwide usage share of web browsers as of June 2012, making it the most widely used web browser, according to StatCounter. W3Counter indicated that Chrome became the leading browser globally in August 2012 with 28.3% marketshare.
In February 2012, Google said that they will be adding DNT support to chrome after White House said that they will introduce a new online piracy bill called SOPA in the Congress. Bow it has introduced the DNT support in the Beta version (Google maintains 3 versions of a browser: Dev, Beta, Stable).
Jonathan Mayer, a graduate student in computer science and law at Stanford University, and one of two researchers at Stanford who created the HTTP header concept to signal a user’s DNT preference, bemoaned the placement of the setting in Chromium.
Jonathan tweeted “Good: looks like Do Not Track will be in the Chrome privacy preferences. Less good: have to click ‘Show advanced settings…’ to see them,”
Apart from the browsers Twitter.com is the biggest website to support Do Not track mechanism.
To download the latest Google chrome (Beta Version: Chromium) go to this website: http://download-chromium.appspot.com/.
Let us understand what Do Not Track Really is.
What is DNT: Do Not Track
The header field name is “DNT” and it currently accepts three values: 1 in case the user does not wish to be tracked (opt out), 0 in case the user consents to being tracked (opt in), or null (no header sent) if the user has not expressed a preference. The default behavior is to not send the header, until the user chooses to enable the setting via their browser. When a web browser requests content or sends data using HTTP, it can include extra information optionally in one or more items called “headers”. Do not track adds a header (DNT: 1), indicating that the user does not wish to be tracked. The execution of this non-tracking directive can only be implemented on the part of the HTTP server, so its enforcement is applied effectively using the honor system. In this regard, do not track is similar to the Robots Exclusion standard, which provides a mechanism for HTTP servers to communicate to automatic web-traversing client programs whether those programs are granted permission to access the servers, but entirely relies upon honor and etiquette on the part of the client for compliance.
On the other hand Apache has created troubles for privacy advocates. Apache webserver updated to ignore Do Not Track Setting in IE 10. This new update will cause websites to ignore privacy setting in the upcoming release of Microsoft’s internet Explorer 10.
According to Chris Soghoian, a privacy Researcher, “Adobe is actively trying to subvert privacy. If Roy Fielding was not drawing a paycheck from Adobe, would he have submitted that patch?”
Many people are seeing this move as being motivated by financial consideration, as many websites (mostly Ad Networks) makes their profit by serving ads to users by tracking their region and other important details.
Adobe defended their move by saying that “The only reason DNT exists is to express a non-default option. That’s all it does. It does not protect anyone’s privacy unless the recipients believe it was set by a real human being, with a real preference for privacy over personalization. Microsoft deliberately violates the standard”
Fielding, Spokesperson for Adobe added “They made a big deal about announcing that very fact. Microsoft is members of the Tracking Protection working group and is fully informed of these facts. They are fully capable of requesting a change to the standard, but have chosen not to do so. The decision to set DNT by default in IE10 has nothing to do with the user’s privacy. Microsoft knows full well that the false signal will be ignored, and thus prevent their own users from having an effective option for DNT even if their user’s want one. You can figure out why they want that. If you have a problem with it, choose a better browser.”
All this Fuzz stated when Microsoft announced that their new Internet Explorer Browser will have default Do No Track Support.
Microsoft said that they have no intensions for changing their move. Microsoft said in a blogpost “”Do Not Track” is a Web privacy scheme that tells online advertisers not to collect or use information specific to a user’s Web requests and responses. Advertisers can still show advertisements, but they’re not allowed to, for example, record that a user browsed several hotel websites to then show ads for other hotels.”
They further wrote “We put people first. We have made this decision so that People don’t face irritating advertisements and do not feel being followed.”