Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Advertising Privacy Your Rights Online

Study: Ad Networks Not Honoring Do-Not-Track 133

itwbennett writes "According to a new study from Stanford University's Center for Internet Society, almost half of the Network Advertising Initiative (NAI) members that Stanford studied left tracking cookies in place after a Web user opted out of targeted ads. NAI's executive director said that with no consensus on what do-not-track means, ad networks continue to gather data for business reasons other than providing targeted advertising. 'Under the NAI self-regulatory code, companies commit to providing an opt out to the use of online data for online behavioral advertising purposes,' Curran said. 'But the NAI code also recognizes that companies sometimes need to continue to collect data for operational reasons that are separate from ad targeting based on a user's online behavior.'"
This discussion has been archived. No new comments can be posted.

Study: Ad Networks Not Honoring Do-Not-Track

Comments Filter:
  • And the 'invisible hand' will always be watching our back.... or is it ...
    • by Attila Dimedici ( 1036002 ) on Friday July 15, 2011 @01:37PM (#36777500)
      Unlike the government the 'invisible hand' is not watching our back. Of course, the reason the government is watching our back is because it is looking for an opportune time to stick a knife in it.
      • by jazman_777 ( 44742 ) on Friday July 15, 2011 @01:40PM (#36777562) Homepage
        The government will stab you in the back. Globalist multinationals will stab you in the front. It's a two-headed monster.
        • I am shocked, shocked, I tell you, to discover that "do not track" preferences are being ignored.
          It's almost as if the trackers actually wanted to track you...

          Remember to flush your cookies regularly in every browser you use, and to use a different browser for financial stuff (including purchases) than for regular browsing. And don't get me started about BaseFuck (or was it FaceBook).

      • Indeed, the 'invisible hand' is more interested in what we have in our pockets.

      • by imric ( 6240 )

        ROFL - don't you understand? When the market is abused, the invisible hand DOES correct things... Through government regulation. That's what capitalism in a democracy (even in a Republican Democracy like ours - the level of abstraction just creates 'lag' - though that lag IS painful) is all about. The error most who call themselves 'Libertarian' make nowadays is considering government to be separate from markets; that regulations maliciously spring from nowhere simply to server politicians who are never

        • by Attila Dimedici ( 1036002 ) on Friday July 15, 2011 @03:00PM (#36778738)
          My experience has been that most new government regulation is designed to "fix" problems that were created by government regulation in the first place. When the market has been abused (almost always the result of government regulations), it results in government regulations that make the market even more susceptible to abuse.
          It has gotten to bad that the current administration has the guts to call for new laws and regulations to "fix" a problem that was created by them actively not enforcing current laws and regulations (look into "Operation Fast & Furious").
          • by imric ( 6240 )

            No. Simply no. Government regulations may fix older regulations, true. The market is both complex and dynamic, and the 'invisible hand' doesn't come down like a hammer and pin things in one place, forever. If that was the way things worked, 'gaming the system' be even worse than it is normally.

            As to your example, that is an example of government social engineering, NOT economic (save of course, black-market economics). The 'invisible hand' is a part of free-market, economic dogma, not religious or soci

            • The problem with your theory is that regulations stifles competition rather than preserve it. Regulation creates another barrier to entry, thus providing one more protection for the incumbent in any particular business.
              • Regulation stifling competition is a soundbite, not a fact.

                Or do you prefer to having mercury spread by coal fired power plants or lead paint all over your house?

                If the new regulation erects a barrier so high that new business cannot compete using the existing process, then usually an entirely new way of doing things will overturn the monopoly.

                • Some regulations may be necessary, but all regulations make it harder to compete in that particular industry.
                  • Some regulations may be necessary, but all regulations make it harder to compete in that particular industry.

                    False. Counterexample: rules against anticompetitive practices make it easier to compete - that's the reason such regulations exist, after all.

                    • Give me a specific example. Define "anticompetitive practices". You have declared that a theoretical group of regulations make it easier to compete. I say that in the real world, it does not work out that way. I know of no monopolies that exist that were not created by government regulation.
          • most new government regulations are designed to "fix" problems that were created by lack of government regulation. When the market has been abused (almost always the result of a lack of government regulation), it results in reactions from businesses and government alike that make the market even more susceptible to abuse.

            Fixed that for you.

            • You go right on believing that and politicians will go right on taking away your rights to "fix" problems that they created.
              • You seem to think private industry and the "free market" will solve problems, and that it is the government alone creating them. We as citizens need to keep pressure on both politicians and corporations to behave in a civilized manner, because without oversight both have proven time and again the potential for abuse.
              • As I'm sure you will go on believe corporations will save us, helping politicians cede ever more ground to them. Do you not see their growing power, or do you not care? Look to the RIAA and MPAA, or BP for examples of how corporations act when might makes right. Politicians, however corrupt they are (and I don't dispute at all that they are), are *supposed* to represent us. Let's get that back!
                • No, It don't believe corporations will save us. I have noted that as people like you have demanded more regulations to rein in the power of corporations, corporations have become more powerful. Then I looked at what happens when the government creates new regulations and I discovered that whenever the government creates new regulations in an industry it is always followed by a consolidation in that industry with there being fewer, bigger corporations each with more power in whatever industry these regulatio
    • by halivar ( 535827 )

      AdBlock Plus, and browsers with cookie whitelists. That's your invisible hand. Unless you meant something else, in which case you'll need to sit on your hand in a comfy chair for about 2-3 minutes...

      • AdBlock Plus, and browsers with cookie whitelists. That's your invisible hand

        Exactly. My ABP invisible hand is displaying the universal greeting [wikipedia.org] to those advertising leeches.

    • bubbah! grab my tin hat, we've got some ideas to share!
    • by Jawnn ( 445279 )

      And the 'invisible hand' will always be watching our back.... or is it ...

      ...applying the lubricant between our blithely parted cheeks? Yeah. Pretty much.

    • Well, it has to keep an eye on your back in order to stab the knife in correctly.

    • And the 'invisible hand' will always be watching our back.... or is it ...

      Oh, it's watching ... but it plans on stealing your wallet.

      The 'invisible hand' doesn't do what its worshipers claim it does ... the only question is if they know that, or are still deluding themselves that it works.

    • by tixxit ( 1107127 )
      Honestly, I don't use an ad blocker as, mostly, ads don't bother me and I understand their need. However, I'd not feel so bad about installing an ad blocker that only blocks ad agencies known to not honour the do-not-track header.
  • by Nursie ( 632944 ) on Friday July 15, 2011 @01:34PM (#36777456)

    These are three things I like.

    You can probably still track me if I visit you site, but I'm damned if I'm going to help you.

    • by sphealey ( 2855 )

      Throw TrackMeNot in there too to confuse the sniffers installed at your ISP.


    • by al0ha ( 1262684 )
      Add Request Policy and NoScript to that list and cross domain pixel tracking will cease as well.

      Of course there is always browser footprinting, so do not, for one minute, think that your activities can not be tracked regardless of what you do unless you also go about dynamically changing the data your browser sends with HTTP requests; but adding these simple helpers ups the game a little at least.
    • Toss in TACO [abine.com] for good measure

  • I always assumed that when I checked the "Do Not Track" box, they set a special cookie.
    • I figure that too, which is why I point ad servers (especially slow ones!) to or in my hosts file.

      • Damn! I knew I should have ended that with a winky emoticon ;-)

        To your point, it's best to be running a local Apache returning 404 Not Found if you're using hosts to block certain sites. Avoids timeouts. I find Adblock Plus does a faster job.
        • wouldn't the local apache serving a single transparent pixel as a 404 be a better idea?

          • That's not a bad idea. My point was to send a response of some kind back, rather than just simply not answering. Your way probably involves sending fewer bytes.
        • Nah when I have apache installed locally instead of ads I get a bunch of porn ...

        • If is timing out, your network stack (or firewall implementation) is fucked.

          You should be getting back (immediately) an ICMP Connection Refused. This should actually be /faster/ than a proper HTTP response.

      • by houghi ( 78078 )

        http://winhelp2002.mvps.org/hosts.htm [mvps.org] is a good place to start. Even though it is directed at Windows users, it works on any OS that uses a hosts file.

      • by Anonymous Coward

        My 80,000+ line custom hosts file approves. Thats my opt out. I never contact your site again. Ever. I don't exist to them anymore.

        I can't stand to use the internet on machines that are not mine anymore. It's amazing how many ads, tracking, stats, and plain ol GARBAGE being loaded there is on most pages.. And at home i don't see any of it. Pages load much quicker. Layout is much cleaner. Bandwidth is saved as well.

        hosts file + noscript + flashblock = Internet looks and works pretty damm smooth.


      • by arth1 ( 260657 )

        0.0 and 127.1 are bad if you run a local web server.

        If you want an error, or run a special-purpose web server that only returns blanks, set it to 127.2 instead.

    • The browser may ask the server to do something, but it doesn't mean the server will honour the request.

      If you don't want to be tracked, then you need to do it yourself, instead of trusting those 'honourable' marketing people.

  • Is it just me or did /. disabled the option to hide the ads for people with good Karma?

    • Just you.

    • by Aladrin ( 926209 )

      It's still up there for me.

    • by danaris ( 525051 )

      Ads reappeared for me the other day, too. I wasn't sure whether it was because my karma slipped below an invisible threshold or because they'd removed the option—particularly since they never explained why I got the option, or why, 2-3 times, it randomly turned itself off and had to be re-checked.

      Dan Aris

    • It's just you. I still have the option on the upper right of this page.

    • by Talderas ( 1212466 ) on Friday July 15, 2011 @01:59PM (#36777874)

      It's still there but even with it checked I still keep seeing slashvertisements for Bitcoin. It must be broken.

    • by Pop69 ( 700500 )
      It's still there for me, your karma must just be shit
    • This question seems ironic, in light of the discussion that it is found in. Aren't we "techies"? Aren't we discussing anti-tracking, and along the way, advertising? I don't SEE advertisements at slashdot - and I've never bothered to "disable advertisements" due to my karma.

      The Geek Police will probably be along shortly to revoke your card . . .

  • Not surprised at all. Look at how effective the "do not call" list has been?

    It works for the most part, but the information is still available and for sale for scrupulous telemarketers.

    Not surprised that this "do not track" can easily be worked around.

    • by AuMatar ( 183847 )

      Seeing as I haven't had a telemarketer calling in most of a decade, it worked pretty damn well. Of course, that has federal law backing it.

    • by drpimp ( 900837 )
      Same holds true for those "No soliciting" signs.
  • I checked the "Do Not Track" checkmark, and honestly didn't expect ANY of the advertisers to respect the completely voluntary setting. The fact that any of them, let alone 50% are actually respecting it is a big improvement.
  • I, for one, am SHOCKED that ad networks aren't honoring my polite request not to make money off of me. I'm also puzzled that I continue to get emails about Viagra after dutifully clicking on the "opt-out" link in those e-mails. I should write a letter to my congressional representatives. They'll listen!
  • by CelticWhisper ( 601755 ) <celticwhisper.gmail@com> on Friday July 15, 2011 @01:39PM (#36777536)
    For those people who tried to argue against Adblock and other tools to help users control how their information is used and how their browsing experience plays out, this should take the wind out of their sails at least a little. Browser developers and advertising companies came up with a standard for not tracking the users who don't want to be tracked and the ad companies promptly turned around and fucked those users over. Why should we respect the wishes of marketers who don't want us blocking ads now?
    • by maxume ( 22995 ) on Friday July 15, 2011 @01:47PM (#36777666)

      There is no need to justify Adblock or the like, an http request is just a request for some information, it is not a promise to treat that information in a certain way.

    • by npsimons ( 32752 ) *

      For those people who tried to argue against Adblock and other tools to help users control how their information is used and how their browsing experience plays out, this should take the wind out of their sails at least a little.

      Those people arguing against AdBlock, et al had no wind to begin with. It's MY computer, I decide what runs on it. If they don't like people copying their data without paying for it, perhaps they should have considered that before they posted that data on the public Internet, tha

      • If they don't like people copying their data without paying for it, perhaps they should have considered that before they posted that data on the public Internet

        Then the providers of advertising-supported works could escalate it by requiring the user to interact with an ad before the user receives a token that allows decryption and display of the work.

    • by LWATCDR ( 28044 )

      http://.trafficmp./ [.trafficmp.]
      Fixed that for you.
      Well if you have Adblock.

  • Better Privacy + Cookie Monster + separate browser just for Facebook. Seems to do a fairly good job in total.


    • amen to that.

      I hadn't logged into Facebook for something like 6 months, and the changes that happen to sites when they see you as a logged on Facebook user is astounding... and annoying!

      A separate browser isn't a bad idea.

    • by Artraze ( 600366 )

      Rather than a separate browser, you can use Firefox's profiles. It's easy to do: just set you firefox shortcut to "firefox -no-remote -ProfileManager" (works on Windows and Linux). Separate profiles are, as best as I can tell, completely independent. They have separate caches, extensions, and of course cookies, bookmarks history, etc.

      Keep in mind that plugins (Flash!, Java, etc) have permissions outside the browser, so absent of disabling them or using something flashblock the profiles can still be linke

    • by mdm42 ( 244204 )
      $ sudo echo " facebook.com" >>/etc/hosts

      There ya go...

  • by Anonymous Coward

    The NAI opt out has little to do with DoNotTrack. I do agree though that how cookies are supposed to be handled via DoNotTrack are unclear based on the standard. When working on an implementation of it, my company decided to actually put a cookie on any machine that has the DNT flag set. This cookie contains no tracking data and is ignored by our servers, but the consensus was that when opting out users have been trained to look for the presence of an opt-out cookie and so not putting one there may be co

  • "Almost half"? I would have expected the number of ad networks ignoring do-not-track to be closer to 80%.

    This indicates that more than half are honoring it, which is, IMHO, quite a victory for our side.

    Dan Aris

    • Sounds like quite the Pyrrhic victory to me. Sure, it's a nice surprise that half the ad networks are honoring it, but unless the vast majority of them do, I don't see how the flag is actually useful in practice.
    • by ceoyoyo ( 59147 )

      Half of them were dumb enough to get caught.

      I expect pretty much 100% of them are still tracking, but some of them are a little bit better at it.

  • That is a "Trusted Shopping Associate" - if only people registered then they could opt-out you see. oh wait.
  • by Anonymous Coward

    Ah yes, we all know the advertising market is full of honesty and integrity...

    • Re:integrity (Score:4, Interesting)

      by TwinkieStix ( 571736 ) on Friday July 15, 2011 @02:21PM (#36778148) Homepage

      I work as a software engineer for an affiliate networking advertising company. Our business wouldn't exist if we couldn't track a click from a publisher (affiliate, like a deal blog or a search engine) to an advertiser (merchant, somebody selling stuff). I am extremely familiar with how we handle customer data, and we have no use for it. Our tracking technology aggregates the majority of the information related to sales fairly early on in the data pipeline and discards a lot of it after a relatively short time (hours). We have external and internal auditors that check up on the methods we use to clean personally identifiable information (PII, as they always call it). Even something as relatively benign as our own client's e-mail addresses are secure. When it comes to the likes of our actual advertisements, our company culture is nearing paranoia about NOT storing PII because even an accidental leak would reflect poorly on our clients and be devastating to our business. I really hope the other advertising companies see the risk of collecting this information as expensive as we do and take as much effort to avoid letting it be traceable back to individuals.

      I have to say this: the opinions and statements are my own and not those of my company in any way.

  • by GreatBunzinni ( 642500 ) on Friday July 15, 2011 @01:51PM (#36777732)

    Who in their right mind expected that if you give anyone full control over a lucrative resource and then tell them not to use it although you have absolutely no power to enforce your demand that they would respect your request? I mean, not even your kids respect anything you say that goes against their will if there isn't a consequence for their infraction.

  • by bragr ( 1612015 ) * on Friday July 15, 2011 @01:52PM (#36777752)
    Data is how these companies make money. No one wants to buy ads if the ad company can't tell their clients how many views and unique views the ads are getting. Data is their lifeblood and they aren't going to stop because we asked nicely.
    • Data is uber primo facto and all things important. Its the package.

      I witnessed the printing/advertising/publishing industry evolve into a variable data and targeted-intended-onslaught-beyond-your-privacy advertising nightmare...

      and you think Murdoch has problems.

      They know your neighbor's last big purchase and sent you swag based on your sex, income, (very) local community, religious beliefs, to see if you want to purchase the same thing... and they know so much more - its an indoctrination into co
    • So I have an idea that could possibly work? What if we could give an incentive to the ad networks to honor it?

      The gist is Adblock/etc, band up and agree that they will by default only block networks that do not adhere to DNT (this would be the default option on first install, users who want more can change this option to say "everything"). By doing this, adnetworks who do follow DNT will rach a tiny (but growing) surge of users they would not otherwise. Not to mention some good karma.

      • by bragr ( 1612015 ) *
        The grand majority of users are morons who probably don't even know about adblock. Firefox wouldn't include it for political reasons, and google and microsoft probably couldn't for anti-trust reasons. Not going to happen.
  • well duh (Score:4, Informative)

    "Hi, we would like you to voluntarily limit your sources of revenue by not giving your customers, advertisers, the tracking options that they want."

    doesn't work folks

    sorry, the market doesn't regulate itself in some respects. mostly in those respects that involve moral behavior. you need regulation and enforcement for that

    • Exactly. The market will not help you curtail others' natural rights to suit your own "moral" code. That sort of thing requires organized, "legitimized" aggression, i.e. a government.

      • i especially like the part where random assholes define for themselves what their natural rights are. these "natural rights" often run roughshop over other people's actual natural rights

        you need government because on their own, people act irresponsibly. doesn't even have to be menace involved, just abject stupidity usually suffices for irresponsible behavior

        • by 0123456 ( 636235 )

          you need government because on their own, people act irresponsibly. doesn't even have to be menace involved, just abject stupidity usually suffices for irresponsible behavior

          If people are irresponsible and stupid, how do you improve that by giving guns to those people and telling them they won't be punished if they use them?

  • by liquidweaver ( 1988660 ) on Friday July 15, 2011 @01:57PM (#36777830)
    People respond to incentives. You cannot just ask someone to do something. I'm not sure why it continues to be a surprise when someone does/doesn't do something, when they have no incentive to change their behavior. We've been wired this way since the beginning - shouldn't this be obvious?
    • I propose pulling a Milton form office space then.
    • Self-regulation can be a response to incentives, actually; one of the incentives is to not have regulations imposed by the government. The history of movie ratings in the U.S. -- first the Hayes Code, and then the current rating system we have now -- are examples of industry self-regulation that was designed to stave off government censorship. Technically you don't have to have your movie rated by the MPAA, but since virtually everyone in the film business participates in the system, it's difficult if not

  • Who'd have thought that ad networks wouldn't give up their source of revenue?

  • This is so thoroughly at odds with everything I know and understand of this world that I am now in a horrible existential crisis. I will time to deal with this.
  • by amn108 ( 1231606 ) on Friday July 15, 2011 @03:38PM (#36779210)

    I don't get all the hype with the Do-Not-Track, because from the beginning, I had zero faith in the method. Frankly, it's almost funny to read this now, when I knew this to be exactly what would happen. If not worse.

    I mean, do you trust in a sign you'd put up on your front door, saying "Do not rob"? Thought so.

    On Internet anno 2011, in the world we live in, with the kind of overpopulation and hunt for resources and money, the kiddie stuff that is "Do not track" does not work, at least not for your common greyzone law hustlers. The thinking needs to go in to other places, like a comfortable cookie policy that can also communicate to and from the user. So that people save some cookies they want, and reject the others. I could go on and on, but it's not really that hard, but I am surprised this "Do not track" thing has gotten so far off the ground. One would think it'd die in infancy, like all the other obviously lousier ideas.

  • As an HTTP expert (16 years working with the protocol at a low level, often writing code to use the protocol directly through socket connections) and programming professional, his results raised two flags for me after reading his methodology.

    He stated that he only reloaded the browser after opting out. Non persistent cookies don't get deleted until you completely kill every process for a given browser because they share cookies across browser processes. Simply shutting one of the tabs off or closing one bro
  • Their entire purpose in life is to lie and cheat in order to make money. Anybody who expect voluntary ethical behaviour from a marketer doesn't know marketers. And don't talk to me about the mythical wise, long-term thinking marketers.
  • No further comment necessary.

  • There's a very simple solution to this. Just download & install xxxterm and adsuck. Those scumsucking advertisers won't be able to track you anymore.

    http://opensource.conformal.com/wiki/Adsuck [conformal.com]
    http://opensource.conformal.com/wiki/XXXTerm [conformal.com]

MESSAGE ACKNOWLEDGED -- The Pershing II missiles have been launched.